last executing test programs:

28m15.77385011s ago: executing program 32 (id=56):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, &(0x7f0000000040))
socket$phonet_pipe(0x23, 0x5, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x9}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000000))
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x15)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r4, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001280), 0x4)

22m27.927591471s ago: executing program 33 (id=1107):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000008000000e27f000001"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.avg_queue_size\x00', 0x26e1, 0x0)

21m13.463399776s ago: executing program 34 (id=1291):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
setpriority(0x2, 0x0, 0xffffffffffffffcd)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2e0, 0x120, 0x130, 0x26010000, 0x0, 0x130, 0x210, 0x220, 0x220, 0x210, 0x220, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback, [0x0, 0xff, 0xff, 0xffffff00], [0xffffffff, 0xffffffff, 0xff000000], 'ip6_vti0\x00', 'vxcan1\x00', {}, {0x589b843e1c2c028}, 0x2e, 0xd4, 0x6, 0xa}, 0x0, 0xf8, 0x120, 0x0, {0x0, 0x25e}, [@inet=@rpfilter={{0x28}, {0xa}}, @common=@unspec=@state={{0x28}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4, 0x2}}}, {{@ipv6={@dev, @mcast1, [], [], 'bridge_slave_0\x00', 'dummy0\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x340)
setrlimit(0xc, &(0x7f00000001c0)={0xd})
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r7=>0x0})
sendto$packet(r6, &(0x7f00000002c0)="05031600d3fc140000004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x86dd, r7, 0x1, 0x0, 0x6, @multicast}, 0x14)
sendmmsg$inet6(r5, &(0x7f0000019680)=[{{&(0x7f0000000100)={0xa, 0x0, 0x0, @loopback={0x0, 0xac141414}}, 0x1c, 0x0}}], 0x1, 0x20004855)
r8 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
getsockopt$PNPIPE_IFINDEX(r8, 0x113, 0x2, &(0x7f0000000100), &(0x7f0000000240)=0x4)
r9 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$P9_RVERSION(r9, &(0x7f0000000c40)=ANY=[], 0x13)
setsockopt$inet6_tcp_int(r5, 0x6, 0x4, &(0x7f0000000000)=0x7f, 0x4)
setsockopt$sock_int(r5, 0x1, 0x9, &(0x7f0000000480)=0x7, 0x4)

21m10.125194636s ago: executing program 35 (id=1301):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x20502, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', 0xffffffffffffffff, 0x0, 0x401}, 0x11)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x6)
setsockopt(r5, 0x10e, 0xb, &(0x7f0000000100)='\x00\x00', 0x2)
sendmsg$nl_xfrm(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=@flushsa={0x58, 0x1c, 0x905, 0x0, 0x0, {}, [@tmpl={0x44, 0x5, [{{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x0, @in6=@remote}]}]}, 0x58}}, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000340)={0xa, 0x5, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000480)=@gcm_256={{0x303}, "000200", "e123c5876ff425b1ebe250a8486be34705f4f827ae60ecb65e528248d5552bff", "7e25837b", "15d0db2c77179e1a"}, 0x38)
write$binfmt_script(r4, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd87}, &(0x7f0000000240)=0x40)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
close_range(0xffffffffffffffff, r4, 0x0)
io_setup(0x8, &(0x7f0000004200))

18m34.335522796s ago: executing program 6 (id=1588):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000003c0)="93378e66cf9b48cb59638401fcd1730172853a9fa89527996042ab60ae29f9c1", 0x4e)
accept4(r0, 0x0, 0x0, 0x800)
r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000440)={0x0, 0x79a8, 0x8, 0x5, 0x29a}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

18m33.947985198s ago: executing program 6 (id=1593):
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, 0x0)
chdir(0x0)
syz_open_dev$loop(&(0x7f0000000180), 0x3, 0x2)
socket$inet(0x2, 0x4000000000000001, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/timer\x00', 0x0, 0x0)
syz_emit_ethernet(0x15, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaac56816cdbbbbbbbbbbbb810018003be60312cc8bcd7297f25d4e4fabc6cf80003be28cb3a44d15d7539b5a4fd59423a0e97e8dc6deb264fce4fb9452f4894084573ce6527d8e6214145d2550767289881f8e0efb8ae17ad57c02c688cc029c45"], 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x400}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x8001, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffbfef}]})
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x101c02, 0x0)
poll(&(0x7f0000000180)=[{0xffffffffffffffff, 0x201}], 0x1, 0x10000)
ioctl$DMA_BUF_IOCTL_SYNC(0xffffffffffffffff, 0x40086200, &(0x7f0000000040)=0x1)
ioctl$SW_SYNC_IOC_INC(r1, 0x40045701, &(0x7f0000000080)=0xf58)

18m31.823597342s ago: executing program 6 (id=1599):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sm3\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000004200)=[{0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000000)="c52d8baf02", 0x5}, {&(0x7f0000000080)="59819e738eea5e1a825cd2a7cbd3c0e0987d33385933f2506cfe3637c79644da84f7e2fa4fd5", 0x26}, {0x0}], 0x3, 0x0, 0x0, 0x88042}], 0x1, 0x40010)

18m31.68402439s ago: executing program 6 (id=1602):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000005480)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x4}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000940)=""/218, 0xda}, {&(0x7f0000001bc0)=""/4096, 0x1000}], 0x2}}], 0x2, 0x10002, 0x0)

18m31.588298914s ago: executing program 6 (id=1605):
getsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, &(0x7f0000000100))
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r3, &(0x7f0000001a00)={0x24, @none={0x0, 0x2}}, 0x14)

18m30.422326789s ago: executing program 6 (id=1608):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'pimreg\x00', 0x5005})
ioctl$TUNGETVNETLE(r0, 0x800454dd, &(0x7f0000000100))

18m15.192308249s ago: executing program 36 (id=1608):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'pimreg\x00', 0x5005})
ioctl$TUNGETVNETLE(r0, 0x800454dd, &(0x7f0000000100))

7m28.41822497s ago: executing program 7 (id=2911):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x0, 0x0}, 0x10)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x8}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x208, 0x1ffe0000000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r3 = accept$ax25(0xffffffffffffffff, &(0x7f0000000040)={{}, [@netrom, @null, @rose, @bcast, @rose, @remote, @null]}, &(0x7f00000000c0)=0x48)
setsockopt$ax25_SO_BINDTODEVICE(r3, 0x101, 0x19, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000ec0)=[{{&(0x7f0000000080)={0x2, 0x4e25, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044)

7m26.539964677s ago: executing program 7 (id=2915):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000000000008900000008000300", @ANYRES32=r3, @ANYBLOB="10001d810c00000006000500"], 0x2c}}, 0x0)

7m25.920787945s ago: executing program 2 (id=2917):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ptrace$pokeuser(0x6, r2, 0x358, 0x800000000000)
sched_setaffinity(r2, 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r3, 0x3)
accept4$bt_l2cap(r3, &(0x7f0000000200), 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e130100c900", @ANYBLOB=' '], 0x16)
setsockopt$MRT_DONE(0xffffffffffffffff, 0x0, 0xc9, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
syz_emit_ethernet(0x45, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @multicast1}, @time_exceeded={0x21, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x24, 0x64, 0x0, 0x0, 0x0, 0x0, @multicast2, @rand_addr=0xe0000000}, "e9c9cee4837ae0"}}}}}, 0x0)

7m25.811345885s ago: executing program 7 (id=2918):
socket$inet6(0xa, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r1 = socket$inet6(0xa, 0x80003, 0xb)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
r2 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', 0x0})
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0xff, 0x0, 0x0, 0x0, 0x3}})
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x100})
syz_usb_connect(0x0, 0x2d, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000091c2f20c81403006c050102030109021b00010000000009040000018ea44300090585da20"], 0x0)

7m24.830328884s ago: executing program 2 (id=2920):
r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x200000001003, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_STREAMON(r0, 0x40045612, &(0x7f0000000080)=0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x3, [@func_proto]}, {0x0, [0x5f]}}, 0x0, 0x27}, 0x28)
ioctl$TIOCGPKT(0xffffffffffffffff, 0x40045431, &(0x7f0000000140))

7m24.31936801s ago: executing program 2 (id=2921):
syz_emit_ethernet(0x64e, &(0x7f0000000100)={@random="f11e0814e096", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x618, 0x3a, 0xff, @dev={0xfe, 0x80, '\x00', 0x18}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x11, 0x11, 0xc18, 0xa000000, [{0x3, 0x14, "e71f377553ec8e70c28e2bc69e8ebe36aca03a343cbfbd82c7b4788d9f5e26ff1ff40a4572988b545c2c7f46e027f5f058d3a20bd75b518999f69f73fd43b26b59422724c3d26b021d0f215b77f276fd8c09b9a8f636fc53b62f654bd7ea12660d45d8af19e9cc6eb5a024f086e9c8dfef81a25cc6361c3f1ff0e6738d612ce2fcfc864eb187d7f93a550397138b8b35aa4ff465f56ff147340b0dc170df"}, {0x19, 0x13, "c5af417b80835fbcc25455b7e13aad37405651c6bc79fd506803586fdfaa7747c039c5f8471e3deb6f39743e6b08724cad55b642e6024a4ed07ac03bcaba137d397beca669c6d7d4bfe5ed62c49c92d41259b28d0bef013c2fbf0c26bca3404ffdc21f8bfa5706dbaf65c0de91bddd85a60cc0bd9b7145c12eaae3e1731ec2994d77412405d8f8c6157663aa5b2e2d45f3e3561a70d1ee9a708073"}, {0x2, 0x99, "ec0cf65406d655d9136e2bc478e94a04ccd1ba082b3f580f6f71bc0de9647358ca36c79879ea0e3680dd1df4578048053be5c66d4a76e00d449a4c6f1c1cda2bf64912581454501f001596c8cd6f03f08dd22a3c5df0092afc2c0723ae593789333f710f5d7036871b05a6462fccae790475c31fcc2ffff95c2211332d51ba4abea15c61f0328fcf3a852e6b6275d9e9cfbba7f3b8e9b48bf2c4f7ecc6b38b64e3106481eb8ac2d469a591ab2259fa9d70f04092f7379963eaac8cf183d33e744d8def4cc872c9f0a84dac84e2a360430707922486ab63072eaca10686ae355949189719ecfadeb8cd1de02426891bdb749b04f770db15d637d2db9dd12bb94ead8c4d506d24a5c9d5cc4be6d77b78d2739b26df21758cf5fe03f5148c58d8cba72897f1256b5e49f6e3ff1e39cc6070df18e74e707324633917f1a97f8c2b97faa0da365f91abec1b060b2c8452872e2e5cf78871a06c21503cde0e97ad6c8615e307aa49a3faecd1b4c2cba297ebf95173b96ad7d11490e55707024c3152232d7e3c33b1b8e308b69235de82a1684083dacc13c0b20ef4110765cb2f647e10b98c13138b832d34e1fb0d3ba23ab76665d363c33538a5992adbf01beabd1eaadfeb71c3f2b3faedb8a28dc69ebb1495c6134a684919dacd49172c56fc2a639909004fb062711b9c7c6c17a978d35c8b0f8bff9a633acb597808e89b38a3c396c81b05cbce459bfbc49997772fa53e12013a973c52a95465d6fb89ef2726793af1ff967de5fc24f2b6dc95b3f112ffe58c64c30836e69a092cd7561de0d219d7b1041dc04737889bc7e4731fd6c47f0fee1411ac25f9012c6017cb209711ed733b24b1fd5fc77980907b0157f7e1b13857d0ec33eaa2b26a5e8ec1ab3016f0b52f180c3255e607946e034b5e8395378e08f4ec86aa92c628a3030251fb5dcc5e899633e06710d10e0aa8cf323a32540ce2e4c8710395ad2961e81fbc94dac4eba5d7e2c1346bc0c09fd0211fe79936231fa20b3df3f1ad5610cad5bb185906d23622753b9bd9e9145277838fccd5133355b0f4079a16fc0d617459de5c0437409b730dea24250f34fe0ab40af43341338708adfd0367a885a7508b1b4b6e1a8ba0f08660ae1b9afdb282806c93886a814283231d294904529e58e21c61276b48fe247eaf03159e68270dfc7ca7fcae8d73b6fb8e9b5c0ebf6ea381444a90132d9c3b647ed1cac3d7f8acfea29c10e3610f6103d272ebbd778485908dafd0ad5860efc1119e49eba94d5dadfb779187cfce17677da5794a41ac5faccaebaf2c312fe32a4b18567ee12eae3087a4838bfbbb801fa581d432224be8b667dfa6b96af0ea8e1114fe817fde23b4c2537fd3155e5e41b99248fca517a6d36e503abc64a25bd6bdf5d7f964e946a8585c809989ac033535eda9cefa1bb842b3f34ae6cdbf69c37f8bc74bdd086eaffb19146a9d13ff374323c9bf3910ee259fc812dd201ff8cca0b1fd55602734162ad65f03e09feb59d07989e9e314dfd87c96f62274819134868e44e581bfb5025befbdb37bd4fdbfe1eacf6e16710fa934206a9377a97982c9d33657d259051ab0ea89a314673478b728252f99d2819b26c9154bd560a6dee9cf97dd7354193882a0afb53abc24f8f8f739521781a37b8dce916939d4ecd7aeb42e1512251f7f838f6bbf1b4540904f451a82dff8facfc79892f7c61f6d7e7e6cfb55c29e"}]}}}}}}, 0x0)

7m24.247880896s ago: executing program 2 (id=2922):
syz_usb_connect(0x5, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201100125029408b10e07700902010203010902120001b20000000904fd02"], 0x0)

7m22.847776704s ago: executing program 2 (id=2926):
mkdir(0x0, 0x80)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000440)='./bus\x00')
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000003bc0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
write$P9_RVERSION(r0, &(0x7f0000000c40)=ANY=[], 0x13)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x5], 0x0, 0x0, 0x1, 0x1}}, 0x40)

7m20.312545814s ago: executing program 2 (id=2931):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0xfffffffffffffdbc, 0x2, {{0x1, 0xd, 0x0, 0x9, 0x8}, 0x6, 0x1, 0x1, 0x4, 0x8, 0xe, 0x7, 0x1d, 0x3, 0x9, {0xa2d6, 0x200, 0xb, 0x40, 0x2, 0x1ff}}}}]}, 0x78}}, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r7, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @local}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r8)
socket(0x2, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r9 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmmsg$inet(r4, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x27, 0x0)

7m11.878085828s ago: executing program 7 (id=2951):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000100)={0x0, 0x0}, 0x10)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x8}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x208, 0x1ffe0000000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000ec0)=[{{&(0x7f0000000080)={0x2, 0x4e25, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044)

7m9.198784456s ago: executing program 7 (id=2958):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000000000008900000008000300", @ANYBLOB="10001d810c00000006000500c2"], 0x2c}}, 0x0)

7m7.808502779s ago: executing program 7 (id=2960):
socket$inet6(0xa, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r1 = socket$inet6(0xa, 0x80003, 0xb)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
r2 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', 0x0})
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0xff, 0x0, 0x0, 0x0, 0x3}})
dup(r1)
syz_usb_connect(0x0, 0x2d, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000091c2f20c81403006c050102030109021b00010000000009040000018ea44300090585da20"], 0x0)

7m5.113880786s ago: executing program 37 (id=2931):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0xfffffffffffffdbc, 0x2, {{0x1, 0xd, 0x0, 0x9, 0x8}, 0x6, 0x1, 0x1, 0x4, 0x8, 0xe, 0x7, 0x1d, 0x3, 0x9, {0xa2d6, 0x200, 0xb, 0x40, 0x2, 0x1ff}}}}]}, 0x78}}, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r7, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_IPV4_DST={0x8, 0x1d, @local}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r8)
socket(0x2, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r9 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmmsg$inet(r4, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x27, 0x0)

7m1.913107329s ago: executing program 9 (id=2973):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0x3c, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x6, &(0x7f0000000000)=0x9, 0x4)
getsockopt$inet6_tcp_int(r1, 0x6, 0x17, 0x0, &(0x7f00000001c0))
sched_setscheduler(0x0, 0x6, &(0x7f00000000c0)=0x2)
r2 = syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000a00300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f0b2ad1eb9769d74e4f1feff374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724190000006f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0ed9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab778c50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b28448692686ac80d81a89f9c29e276800"/2574], &(0x7f0000000140)='GPL\x00'}, 0x48)
r3 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r3, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
r4 = socket$kcm(0x29, 0x2, 0x0)
r5 = socket$kcm(0x2, 0x1, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000040)={r5})
close(r4)
syz_pidfd_open(r2, 0x0)
r6 = fsopen(&(0x7f0000000300)='tracefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r7, &(0x7f0000001fc0)={0x42, 0x3, 0x0, {0x0, 0x21, 0x0, '/proc/sys/net/ipv4/vs/secure_tcp\x00'}}, 0x42)

7m0.698561548s ago: executing program 9 (id=2974):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$TIOCGPKT(r0, 0x40045431, &(0x7f0000000140))

7m0.630490557s ago: executing program 9 (id=2975):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
eventfd2(0x10000, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
io_submit(0x0, 0x0, &(0x7f0000004200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semctl$IPC_RMID(0x0, 0x0, 0x0)
r4 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r4, 0xc0045627, &(0x7f00000000c0)=0x3)
mmap(&(0x7f00005b3000/0x4000)=nil, 0x4000, 0x2000000, 0x810, r4, 0xe1306000)
sendmsg$nl_xfrm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000001400110200000000fedbdf25ffffffff000000000000000000000000fc0000000000000000000000000000010000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="c06b6e000000000008001f00000000000c001500"], 0x64}}, 0x0)

6m59.622909201s ago: executing program 9 (id=2976):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=""/19, 0x13}, 0x2}], 0x1, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000100)=0x5, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

6m59.523639285s ago: executing program 9 (id=2977):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r1, 0x3)
accept4$bt_l2cap(r1, &(0x7f0000000200), 0x0, 0x800)

6m58.348827246s ago: executing program 9 (id=2980):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r3 = gettid()
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
userfaultfd(0x1)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000001880)={'wg0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000280)={0x40, r7, 0xa29, 0x0, 0x0, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r6}, @WGDEVICE_A_PRIVATE_KEY={0x24}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d784308000100", @ANYRES32=r6], 0x40}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0)

6m52.462708535s ago: executing program 38 (id=2960):
socket$inet6(0xa, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r1 = socket$inet6(0xa, 0x80003, 0xb)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
r2 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', 0x0})
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0xff, 0x0, 0x0, 0x0, 0x3}})
dup(r1)
syz_usb_connect(0x0, 0x2d, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000091c2f20c81403006c050102030109021b00010000000009040000018ea44300090585da20"], 0x0)

6m42.881411145s ago: executing program 39 (id=2980):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r3 = gettid()
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
userfaultfd(0x1)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000001880)={'wg0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000fc0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000280)={0x40, r7, 0xa29, 0x0, 0x0, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r6}, @WGDEVICE_A_PRIVATE_KEY={0x24}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d784308000100", @ANYRES32=r6], 0x40}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0)

5m29.295586471s ago: executing program 0 (id=3094):
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380))
chdir(&(0x7f0000000440)='./bus\x00')
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000003bc0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
write$P9_RVERSION(r0, &(0x7f0000000c40)=ANY=[], 0x13)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x5], 0x0, 0x0, 0x1, 0x1}}, 0x40)

5m28.745885021s ago: executing program 0 (id=3095):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x4011)
io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0x4480, 0x8, 0xe1})
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
preadv(r0, &(0x7f00000005c0)=[{&(0x7f0000000280)=""/196, 0xc4}], 0x1, 0x8, 0xffffffff)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
mkdir(0x0, 0x2)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], 0x0, 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000007c0)=ANY=[@ANYRES32=r5, @ANYRES32, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r5}, &(0x7f0000000000), &(0x7f00000002c0)=r2}, 0x20)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)
recvmsg$unix(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/243, 0xfffffed7}], 0x1}, 0x1200)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000100)={0x1, 0x1, 0x0, &(0x7f0000000700)=""/100, 0x0, 0xd000})

5m25.688650904s ago: executing program 0 (id=3096):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0x19, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000feffffff000000000400000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000b7080000000000007b8af8ff00000000b7080000080000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x0, 0xe, 0x0, &(0x7f00000000c0)="87fc5d85da21530562070095c108", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x40}, 0x4c)

5m25.586657008s ago: executing program 0 (id=3097):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002140)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x804)

5m25.578253551s ago: executing program 0 (id=3098):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = timerfd_create(0x0, 0x0)
read(r2, &(0x7f0000000240)=""/123, 0x7b)

5m24.675467824s ago: executing program 0 (id=3099):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x163242, 0x110)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x4092, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

5m9.470772178s ago: executing program 40 (id=3099):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x163242, 0x110)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x4092, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

17.096667021s ago: executing program 3 (id=3583):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ptrace$pokeuser(0x6, r2, 0x358, 0x800000000000)
sched_setaffinity(r2, 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r3, 0x3)
accept4$bt_l2cap(r3, &(0x7f0000000200), 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e130100c900", @ANYBLOB=' '], 0x16)
setsockopt$MRT_DONE(0xffffffffffffffff, 0x0, 0xc9, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
syz_emit_ethernet(0x45, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @multicast1}, @time_exceeded={0x21, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x24, 0x64, 0x0, 0x0, 0x0, 0x0, @multicast2, @rand_addr=0xe0000000}, "e9c9cee4837ae0"}}}}}, 0x0)

16.025545545s ago: executing program 3 (id=3588):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000c4b20710200e01015a000000000109021b"], 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(generic-gcm-aesni)\x00'}, 0x58)
r1 = socket(0x200000000000011, 0x2, 0xd)
bind$packet(r1, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0xfdef, &(0x7f0000002100)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0xfffe, 0x0, 0xfd, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x2, 0x0, 0x3}}}}}}, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/mcfilter6\x00')
unshare(0x28000600)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r2, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x20040001)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000033c0)={0x53, 0x0, 0x6, 0x6b, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000000)="1c3513000000", &(0x7f0000002240)=""/4103, 0x0, 0x30520cf7f25f0c64, 0x0, 0x0})
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)

12.88460029s ago: executing program 3 (id=3595):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)
recvmmsg(r1, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/33, 0xa}, 0x1}], 0x40000000000018e, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)

11.838319087s ago: executing program 1 (id=3601):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x3, 0x80}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r0}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

11.622436429s ago: executing program 3 (id=3602):
r0 = fanotify_init(0x0, 0x0)
dup(r0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x240000c1)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89d, 0xc000, 0xa, 0x28002f4})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

11.531952208s ago: executing program 5 (id=3603):
epoll_create1(0x0)
socket$kcm(0x2, 0x200000000000001, 0x106)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0)
socket$kcm(0x2, 0x5, 0x84)
unshare(0x400)
socket(0x40000000015, 0x5, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd, 0x400000, 0x0, 0xffffffffffffff1b, 0x7b}, 0x0, &(0x7f0000000280)={0x3fc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

11.44812282s ago: executing program 1 (id=3604):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, 0x0, 0x0)
r2 = timerfd_create(0x0, 0x0)
read(r2, &(0x7f0000000240)=""/123, 0x7b)

11.313781044s ago: executing program 3 (id=3605):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000c4b20710200e01015a000000000109021b"], 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(generic-gcm-aesni)\x00'}, 0x58)
r1 = socket(0x200000000000011, 0x2, 0xd)
bind$packet(r1, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0xfdef, &(0x7f0000002100)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0xfffe, 0x0, 0xfd, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x2, 0x0, 0x3}}}}}}, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/mcfilter6\x00')
unshare(0x28000600)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r2, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x20040001)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000033c0)={0x53, 0x0, 0x6, 0x6b, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000000)="1c3513000000", &(0x7f0000002240)=""/4103, 0x0, 0x30520cf7f25f0c64, 0x0, 0x0})
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)

10.434123257s ago: executing program 5 (id=3606):
r0 = getpgrp(0xffffffffffffffff)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r3 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
fchdir(r4)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)

10.416527802s ago: executing program 1 (id=3607):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)

9.702231106s ago: executing program 5 (id=3608):
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents(r0, &(0x7f0000000040)=""/115, 0x73)

9.654262771s ago: executing program 3 (id=3609):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x90, 0x1, 0x2, 0xd59f80, 0x19ef, 0x6, 0x19ef, 0x3, 0x6, 0x27ff, 0x2800, 0x2, 0xbb6, 0x0, 0x8, {0x8, 0xffffffff}, 0xd0, 0x9}})

9.355083834s ago: executing program 5 (id=3610):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
read(r0, &(0x7f0000000080)=""/1, 0x1)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r2, 0x0, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r4, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0)
connect$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
close(r2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = fsmount(r1, 0x1, 0x0)
r6 = openat$cgroup_subtree(r5, &(0x7f0000000100), 0x2, 0x0)
io_submit(0x0, 0x0, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
close(0x3)
r7 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r7, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)
r8 = socket$inet(0x2, 0x2, 0x1)
r9 = socket(0x2, 0x2, 0x1)
bind$unix(r9, &(0x7f0000000000)=@abs, 0x6e)
bind$inet(r8, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)

8.846542173s ago: executing program 5 (id=3611):
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0x36b78000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)

7.630447324s ago: executing program 4 (id=3613):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ptrace$pokeuser(0x6, r2, 0x358, 0x800000000000)
sched_setaffinity(r2, 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r3, 0x3)
accept4$bt_l2cap(r3, &(0x7f0000000200), 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e130100c900", @ANYBLOB=' '], 0x16)
setsockopt$MRT_DONE(0xffffffffffffffff, 0x0, 0xc9, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
syz_emit_ethernet(0x45, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @multicast1}, @time_exceeded={0x21, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x24, 0x64, 0x0, 0x0, 0x0, 0x0, @multicast2, @rand_addr=0xe0000000}, "e9c9cee4837ae0"}}}}}, 0x0)

7.044569166s ago: executing program 8 (id=3614):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x3, 0x80}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r0}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

6.882833301s ago: executing program 8 (id=3615):
r0 = fanotify_init(0x0, 0x0)
dup(r0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x240000c1)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89d, 0xc000, 0xa, 0x28002f4})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

6.607164348s ago: executing program 8 (id=3616):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff4000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000001c0)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x12000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x34, r4, 0x303, 0x0, 0x25dfdbfd, {0x3d}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x880}, 0x4000000)

6.574399203s ago: executing program 4 (id=3617):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, 0x0, 0x0)
r2 = timerfd_create(0x0, 0x0)
read(r2, &(0x7f0000000240)=""/123, 0x7b)

5.761819349s ago: executing program 1 (id=3618):
r0 = getpgrp(0xffffffffffffffff)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
fchdir(r4)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)

5.593739774s ago: executing program 8 (id=3619):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000c4b20710200e01015a000000000109021b"], 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(generic-gcm-aesni)\x00'}, 0x58)
r1 = socket(0x200000000000011, 0x2, 0xd)
bind$packet(r1, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
syz_emit_ethernet(0xfdef, &(0x7f0000002100)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0xfffe, 0x0, 0xfd, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x2, 0x0, 0x3}}}}}}, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/mcfilter6\x00')
unshare(0x28000600)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r2, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x20040001)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000033c0)={0x53, 0x0, 0x6, 0x6b, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000000)="1c3513000000", &(0x7f0000002240)=""/4103, 0x0, 0x30520cf7f25f0c64, 0x0, 0x0})
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)

5.401737566s ago: executing program 4 (id=3620):
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x20000140)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000000000000000000000008500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
r0 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
io_setup(0x9, &(0x7f0000000b80)=<r1=>0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc95a, 0xfffffff3, 0x9, 0x7f, 0x2, 0x1, 0x7f, 0x6, 0xfffffff9, 0xfffffff2, 0x5f, 0xa, 0x3, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x9, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0xfffffffd, 0x3, 0x5, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x8, 0x12f, 0x8000, 0x10, 0x8, 0x129432e2, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x9, 0xfffffffe, 0x7, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0xa, 0x4, 0x4000, 0x8000, 0x9, 0x400, 0x1, 0x6, 0xfffffffd, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x5, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x5, 0x10003, 0x4, 0x1, 0x7, 0xb, 0x9, 0x48c93690, 0x3, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x1, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x10000009, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0x54fe12d6, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x6, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x6, 0x9, 0x4, 0x3], [0x9, 0xbb2f, 0x3, 0x7, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x6, 0x8ad, 0x5, 0x3, 0x101, 0x10000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x5, 0xffffffff, 0x7ffffffe, 0x5, 0x8, 0xc8, 0x3, 0x3, 0xffff, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
io_submit(r1, 0x1, &(0x7f00000002c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}])
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x918)

4.13674168s ago: executing program 1 (id=3621):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0)
read(r0, &(0x7f0000000080)=""/1, 0x1)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r2, 0x0, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r4, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0)
connect$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
close(r2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = fsmount(r1, 0x1, 0x0)
r6 = openat$cgroup_subtree(r5, &(0x7f0000000100), 0x2, 0x0)
io_submit(0x0, 0x0, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
close(0x3)
r7 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r7, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)
r8 = socket$inet(0x2, 0x2, 0x1)
r9 = socket(0x2, 0x2, 0x1)
bind$unix(r9, &(0x7f0000000000)=@abs, 0x6e)
bind$inet(r8, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)

3.939544422s ago: executing program 4 (id=3622):
openat$null(0xffffffffffffff9c, &(0x7f0000000180), 0xa0001, 0x0)
syz_open_dev$evdev(&(0x7f0000000140), 0x7a82, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r3 = io_uring_setup(0x5ae5, &(0x7f0000000240)={0x0, 0x204a, 0x4000, 0x1, 0x197})
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000180)=0x6f)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
add_key(&(0x7f0000000040)='pkcs7_test\x00', 0x0, &(0x7f0000000240)="100c060863e57fb9b242fa", 0xb, 0xfffffffffffffffe)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0xb, 0x6, 0xff}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x10007f, 0x20000006, 0x4d, 0x6, 0x3, 0x9, 0x2, 0xffff2d34, 0xffffff01, 0x5, 0x3, 0xfffffffc, 0x5, 0x4, 0x2, 0x7, 0x3c5b, 0x80000001, 0x24, 0x45, 0x0, 0x10000, 0xffffffff, 0xe661, 0x6, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x0, 0x3, 0xd, 0x8, 0x8000806e, 0x7, 0x17, 0x1, 0x7, 0x200, 0x3e, 0x8c, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x400, 0x80, 0x1, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x1000000a, 0x1, 0x4, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x8, 0x6c7, 0x9, 0x6cca, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x104e1, 0x2, 0x4, 0x9, 0x1, 0x9, 0x8, 0x0, 0x6, 0x47, 0x8020, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x7, 0x3, 0x3, 0xbc45, 0x48c93690, 0x43, 0x103], [0x7, 0xa, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xf, 0x4, 0x6, 0x1000005, 0x0, 0x6, 0x800005, 0x1, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x2, 0x6d03, 0x6, 0x38, 0x3ff, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xc2, 0x6, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x1000000a, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x80000000, 0x10b, 0x5, 0x93a, 0x6, 0x1000006, 0x0, 0xb5, 0xce7, 0x1ff, 0x2, 0x57, 0x4, 0x3, 0x101, 0x6, 0x4, 0x7fff, 0x10000, 0x8000007f, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x96, 0xffffffff, 0x80000000, 0x0, 0x4, 0xc8, 0x1, 0xfffff000, 0x10080, 0x3, 0x7e, 0x100, 0x1000, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x1, 0x30b1d693, 0xa1f, 0xf3f, 0x7, 0x1, 0x6c1b, 0x0, 0x8, 0x5, 0xb1c, 0xd7, 0x200, 0x200, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
read$dsp(r4, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(0xffffffffffffffff, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000140)={'syztnl2\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x28}, @local, 0x80, 0x0, 0x0, 0x20000000}})
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
setresuid(0xee00, 0xee01, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000280)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010000081000418e00000004fcff", 0x58}], 0x1)

575.004325ms ago: executing program 4 (id=3623):
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0x36b78000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r2, 0x4b52, &(0x7f0000000000))

331.664271ms ago: executing program 4 (id=3624):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)
recvmmsg(r1, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=""/33, 0xa}, 0x1}], 0x40000000000018e, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)

210.298936ms ago: executing program 8 (id=3625):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x3, 0x80}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r0}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

168.229267ms ago: executing program 1 (id=3626):
r0 = fanotify_init(0x0, 0x0)
dup(r0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x240000c1)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89d, 0xc000, 0xa, 0x28002f4})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

58.581989ms ago: executing program 8 (id=3627):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ptrace$pokeuser(0x6, r2, 0x358, 0x800000000000)
sched_setaffinity(r2, 0x0, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r3, 0x3)
accept4$bt_l2cap(r3, &(0x7f0000000200), 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e130100c900", @ANYBLOB=' '], 0x16)
setsockopt$MRT_DONE(0xffffffffffffffff, 0x0, 0xc9, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
syz_emit_ethernet(0x45, &(0x7f0000000000)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x37, 0x0, 0x0, 0x0, 0x67, 0x0, @rand_addr, @multicast1}, @time_exceeded={0x21, 0x0, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x24, 0x64, 0x0, 0x0, 0x0, 0x0, @multicast2, @rand_addr=0xe0000000}, "e9c9cee4837ae0"}}}}}, 0x0)

0s ago: executing program 5 (id=3628):
socket$kcm(0x2b, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pipe2$watch_queue(&(0x7f0000001100), 0x80)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0xa4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb5}, 0x48)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r2, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48)
listen(r1, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x84)
pipe2$9p(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@version_9p2000}]}})

kernel console output (not intermixed with test programs):

22] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1368.693991][ T8122] veth1_macvtap: left promiscuous mode
[ 1368.694094][ T8122] veth0_macvtap: left promiscuous mode
[ 1368.694346][ T8122] veth1_vlan: left promiscuous mode
[ 1368.694516][ T8122] veth0_vlan: left promiscuous mode
[ 1369.374939][T16473] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1369.374952][T16473] PKCS7: Only support pkcs7_signedData type
[ 1369.736694][T16482] overlayfs: failed to resolve './file0': -2
[ 1374.097187][T16521] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1374.097205][T16521] PKCS7: Only support pkcs7_signedData type
[ 1374.169511][ T5962] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[ 1374.283508][T16524] netlink: 32 bytes leftover after parsing attributes in process `syz.9.2916'.
[ 1374.329383][ T5962] usb 3-1: Using ep0 maxpacket: 8
[ 1374.331866][ T5962] usb 3-1: config 178 has an invalid interface number: 253 but max is 0
[ 1374.331893][ T5962] usb 3-1: config 178 has no interface number 0
[ 1374.331926][ T5962] usb 3-1: config 178 interface 253 has no altsetting 0
[ 1374.334417][ T5962] usb 3-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.09
[ 1374.334444][ T5962] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1374.334463][ T5962] usb 3-1: Product: syz
[ 1374.334478][ T5962] usb 3-1: Manufacturer: syz
[ 1374.334493][ T5962] usb 3-1: SerialNumber: syz
[ 1374.660132][ T5962] usb 3-1: USB disconnect, device number 80
[ 1375.335935][T16532] overlayfs: failed to resolve './file0': -2
[ 1377.453472][T10130] Bluetooth: hci5: Ignoring HCI_Connection_Complete for existing connection
[ 1377.896099][T16543] binfmt_misc: register: failed to install interpreter file ./file0
[ 1378.344014][ T8122] team0 (unregistering): Port device team_slave_1 removed
[ 1378.499658][T16565] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2933'.
[ 1379.498016][T16574] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1379.498037][T16574] PKCS7: Only support pkcs7_signedData type
[ 1379.540209][ T8122] team0 (unregistering): Port device team_slave_0 removed
[ 1380.632312][ T5895] usb 1-1: new high-speed USB device number 76 using dummy_hcd
[ 1380.810571][ T5895] usb 1-1: Using ep0 maxpacket: 8
[ 1380.918407][ T5895] usb 1-1: config 178 has an invalid interface number: 253 but max is 0
[ 1380.918468][ T5895] usb 1-1: config 178 has no interface number 0
[ 1380.918573][ T5895] usb 1-1: config 178 interface 253 has no altsetting 0
[ 1381.190674][ T5895] usb 1-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.09
[ 1381.190716][ T5895] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1381.190736][ T5895] usb 1-1: Product: syz
[ 1381.190751][ T5895] usb 1-1: Manufacturer: syz
[ 1381.190765][ T5895] usb 1-1: SerialNumber: syz
[ 1381.671973][T14721] usb 1-1: USB disconnect, device number 76
[ 1384.203181][T16612] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1384.203201][T16612] PKCS7: Only support pkcs7_signedData type
[ 1386.013166][T16239] team0: Port device team_slave_1 added
[ 1386.044621][T16551] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2931'.
[ 1387.229578][T16559] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[ 1388.250147][T16645] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2956'.
[ 1392.002285][T14667] usb 10-1: new full-speed USB device number 21 using dummy_hcd
[ 1392.189125][T14667] usb 10-1: config index 0 descriptor too short (expected 61256, got 72)
[ 1392.189193][T14667] usb 10-1: config 1 has an invalid interface number: 0 but max is -1
[ 1392.189243][T14667] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1392.220422][T14667] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 0
[ 1392.220593][T14667] usb 10-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[ 1392.641480][T14667] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1392.641519][T14667] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1392.641708][T14667] usb 10-1: SerialNumber: syz
[ 1392.792472][T14667] cdc_acm 10-1:1.0: Control and data interfaces are not separated!
[ 1392.792495][T14667] cdc_acm 10-1:1.0: This needs exactly 3 endpoints
[ 1392.792530][T14667] cdc_acm 10-1:1.0: probe with driver cdc_acm failed with error -22
[ 1393.026408][T14667] usb 10-1: USB disconnect, device number 21
[ 1393.458122][T16677] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2966'.
[ 1394.090840][T15652] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1394.135512][T15652] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1394.161040][T15652] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1394.162259][T15652] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1394.163610][T15652] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1394.856416][T15652] Bluetooth: hci5: unexpected event for opcode 0x2012
[ 1395.920344][ T6417] usb 1-1: new full-speed USB device number 77 using dummy_hcd
[ 1396.091640][ T6417] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1396.091667][ T6417] usb 1-1: config 0 has no interfaces?
[ 1396.094198][ T6417] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1396.094226][ T6417] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1396.094245][ T6417] usb 1-1: Product: syz
[ 1396.094260][ T6417] usb 1-1: Manufacturer: syz
[ 1396.094275][ T6417] usb 1-1: SerialNumber: syz
[ 1396.156203][ T6417] usb 1-1: config 0 descriptor??
[ 1396.220460][T15652] Bluetooth: hci4: command tx timeout
[ 1397.726084][T16712] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2975'.
[ 1398.299543][T15652] Bluetooth: hci4: command tx timeout
[ 1398.584829][T10046] usb 1-1: USB disconnect, device number 77
[ 1400.641838][T15652] Bluetooth: hci4: command tx timeout
[ 1402.701700][T15652] Bluetooth: hci4: command tx timeout
[ 1406.841124][T10130] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1406.846964][T10130] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1406.865291][T10130] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1406.867270][T10130] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1406.868656][T10130] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1406.956023][T15652] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1406.979229][T15652] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1406.988462][T15652] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1406.990540][T15652] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1406.996084][T15652] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1407.082472][T16752] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2984'.
[ 1408.059598][ T5895] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[ 1408.231218][ T5895] usb 1-1: Using ep0 maxpacket: 32
[ 1408.232990][ T5895] usb 1-1: config 2 has an invalid interface number: 66 but max is 0
[ 1408.233015][ T5895] usb 1-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[ 1408.233034][ T5895] usb 1-1: config 2 has no interface number 0
[ 1408.233068][ T5895] usb 1-1: config 2 interface 66 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1408.235236][ T5895] usb 1-1: New USB device found, idVendor=046d, idProduct=08c6, bcdDevice= b.5d
[ 1408.235260][ T5895] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1408.235271][ T5895] usb 1-1: Product: syz
[ 1408.235279][ T5895] usb 1-1: Manufacturer: syz
[ 1408.235286][ T5895] usb 1-1: SerialNumber: syz
[ 1408.361630][ T5895] uvcvideo 1-1:2.66: Found UVC 0.00 device syz (046d:08c6)
[ 1408.361663][ T5895] uvcvideo 1-1:2.66: No valid video chain found.
[ 1408.565925][T16735] usb 1-1: USB disconnect, device number 78
[ 1408.942571][T10130] Bluetooth: hci6: command tx timeout
[ 1409.345116][T15652] Bluetooth: hci7: command tx timeout
[ 1409.520871][T16761] ptrace attach of "./syz-executor exec"[16763] was attempted by "./syz-executor exec"[16761]
[ 1411.029773][T15652] Bluetooth: hci6: command tx timeout
[ 1411.486209][T15652] Bluetooth: hci7: command tx timeout
[ 1412.917890][T16780] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2992'.
[ 1413.448947][T15652] Bluetooth: hci6: command tx timeout
[ 1413.499403][T15652] Bluetooth: hci7: command tx timeout
[ 1415.499661][T15652] Bluetooth: hci6: command tx timeout
[ 1415.608415][T15652] Bluetooth: hci7: command tx timeout
[ 1416.262218][T10130] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1416.290273][T10130] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1416.311258][T10130] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1416.333357][T10130] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1416.359851][T10130] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1418.542360][T10130] Bluetooth: hci8: command tx timeout
[ 1420.341776][T16809] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3000'.
[ 1420.619955][T10130] Bluetooth: hci8: command tx timeout
[ 1422.699465][T10130] Bluetooth: hci8: command tx timeout
[ 1423.061156][T16818] ptrace attach of ""[16820] was attempted by "./syz-executor exec"[16818]
[ 1424.702551][T16835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3007'.
[ 1424.779918][T10130] Bluetooth: hci8: command tx timeout
[ 1426.316751][T16839] could not allocate digest TFM handle blake2b-384-generic
[ 1427.669679][T16848] ptrace attach of "./syz-executor exec"[16850] was attempted by "./syz-executor exec"[16848]
[ 1428.167258][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1428.167328][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1429.942067][T16863] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3014'.
[ 1432.180224][T14757] usb 1-1: new full-speed USB device number 79 using dummy_hcd
[ 1432.353420][T14757] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1432.356192][T14757] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1432.356209][T14757] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1432.356220][T14757] usb 1-1: Product: syz
[ 1432.356227][T14757] usb 1-1: Manufacturer: syz
[ 1432.356236][T14757] usb 1-1: SerialNumber: syz
[ 1432.430897][T14757] usb 1-1: config 0 descriptor??
[ 1435.025275][T14721] usb 1-1: USB disconnect, device number 79
[ 1435.466191][T16908] ptrace attach of "./syz-executor exec"[16907] was attempted by "./syz-executor exec"[16908]
[ 1436.825884][T16745] chnl_net:caif_netlink_parms(): no params data found
[ 1437.982001][T16676] chnl_net:caif_netlink_parms(): no params data found
[ 1438.005051][T16792] chnl_net:caif_netlink_parms(): no params data found
[ 1438.989214][T16952] ptrace attach of "./syz-executor exec"[16953] was attempted by "./syz-executor exec"[16952]
[ 1439.251130][T16748] chnl_net:caif_netlink_parms(): no params data found
[ 1440.462721][ T8122] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1440.728227][T16745] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1440.728364][T16745] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1440.728743][T16745] bridge_slave_0: entered allmulticast mode
[ 1440.731274][T16745] bridge_slave_0: entered promiscuous mode
[ 1440.906086][ T8122] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1441.057072][T16745] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1441.057191][T16745] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1441.057326][T16745] bridge_slave_1: entered allmulticast mode
[ 1441.058878][T16745] bridge_slave_1: entered promiscuous mode
[ 1441.160374][T16965] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1441.160576][T16965] block device autoloading is deprecated and will be removed.
[ 1441.431807][ T8122] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1441.751253][T16676] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1441.751456][T16676] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1441.751646][T16676] bridge_slave_0: entered allmulticast mode
[ 1441.753314][T16676] bridge_slave_0: entered promiscuous mode
[ 1441.759575][T16745] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1442.013592][ T8122] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1442.050576][T16792] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1442.050681][T16792] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1442.050867][T16792] bridge_slave_0: entered allmulticast mode
[ 1442.052828][T16792] bridge_slave_0: entered promiscuous mode
[ 1442.057094][T16676] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1442.057192][T16676] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1442.057360][T16676] bridge_slave_1: entered allmulticast mode
[ 1442.106984][T16676] bridge_slave_1: entered promiscuous mode
[ 1442.111196][T16745] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1442.192024][T16792] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1442.192122][T16792] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1442.192274][T16792] bridge_slave_1: entered allmulticast mode
[ 1442.193663][T16792] bridge_slave_1: entered promiscuous mode
[ 1444.835014][T16748] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1444.837395][T16748] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1444.838868][T16748] bridge_slave_0: entered allmulticast mode
[ 1444.855325][T16748] bridge_slave_0: entered promiscuous mode
[ 1446.191003][T16748] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1446.191089][T16748] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1446.191219][T16748] bridge_slave_1: entered allmulticast mode
[ 1446.192603][T16748] bridge_slave_1: entered promiscuous mode
[ 1446.467607][T16676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1446.584302][T16745] team0: Port device team_slave_0 added
[ 1446.728023][T16792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1447.493049][T16676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1447.530133][T16745] team0: Port device team_slave_1 added
[ 1447.676739][T16792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1449.478130][T16748] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1449.592307][T17016] ptrace attach of "./syz-executor exec"[17018] was attempted by "./syz-executor exec"[17016]
[ 1450.439832][T16748] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1451.288778][T16676] team0: Port device team_slave_0 added
[ 1451.473008][T16745] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1451.473252][T16745] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1451.473281][T16745] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1451.478391][T16792] team0: Port device team_slave_0 added
[ 1451.482852][T16676] team0: Port device team_slave_1 added
[ 1451.595148][T16745] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1451.595166][T16745] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1451.595193][T16745] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1451.788130][T16792] team0: Port device team_slave_1 added
[ 1451.793807][T16748] team0: Port device team_slave_0 added
[ 1452.075896][T16748] team0: Port device team_slave_1 added
[ 1452.142397][T16676] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1452.142415][T16676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1452.142443][T16676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1452.423882][T16676] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1452.423900][T16676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1452.423928][T16676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1452.430875][T16792] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1452.430892][T16792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1452.430919][T16792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1453.019116][T16792] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1453.019132][T16792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1453.019155][T16792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1453.158501][T16748] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1453.158521][T16748] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1453.158549][T16748] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1453.228055][T16745] hsr_slave_0: entered promiscuous mode
[ 1453.240172][T16745] hsr_slave_1: entered promiscuous mode
[ 1453.242387][T16748] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1453.242400][T16748] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1453.242427][T16748] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1453.386452][T17053] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1453.398236][T17053] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1453.410360][T17053] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1453.414434][T17053] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1453.415224][T17053] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1454.038611][ T8122] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1454.379683][T15652] Bluetooth: hci8: command 0x0405 tx timeout
[ 1455.397461][T17063] ptrace attach of ""[17062] was attempted by "./syz-executor exec"[17063]
[ 1455.499436][T15652] Bluetooth: hci1: command tx timeout
[ 1456.269510][T14721] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[ 1456.419537][T14721] usb 1-1: Using ep0 maxpacket: 32
[ 1456.421533][T14721] usb 1-1: config 2 has an invalid interface number: 66 but max is 0
[ 1456.421557][T14721] usb 1-1: config 2 has no interface number 0
[ 1456.421597][T14721] usb 1-1: config 2 interface 66 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[ 1456.423691][T14721] usb 1-1: New USB device found, idVendor=046d, idProduct=08c6, bcdDevice= b.5d
[ 1456.423715][T14721] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1456.423730][T14721] usb 1-1: Product: syz
[ 1456.423738][T14721] usb 1-1: Manufacturer: syz
[ 1456.423745][T14721] usb 1-1: SerialNumber: syz
[ 1456.496066][T14721] uvcvideo 1-1:2.66: Found UVC 0.00 device syz (046d:08c6)
[ 1456.496087][T14721] uvcvideo 1-1:2.66: No valid video chain found.
[ 1456.610327][ T8122] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1456.638989][   T10] usb 1-1: USB disconnect, device number 80
[ 1456.660518][T16792] hsr_slave_0: entered promiscuous mode
[ 1456.661849][T16792] hsr_slave_1: entered promiscuous mode
[ 1456.662875][T16792] debugfs: 'hsr0' already exists in 'hsr'
[ 1456.662900][T16792] Cannot create hsr debugfs directory
[ 1456.825588][T16748] hsr_slave_0: entered promiscuous mode
[ 1456.826399][T16748] hsr_slave_1: entered promiscuous mode
[ 1456.826972][T16748] debugfs: 'hsr0' already exists in 'hsr'
[ 1456.826988][T16748] Cannot create hsr debugfs directory
[ 1456.972533][ T8122] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1457.328311][ T8122] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1457.580037][T15652] Bluetooth: hci1: command tx timeout
[ 1458.241918][T16745] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1458.525161][T16745] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1458.794588][ T8122] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1459.067932][T16745] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1459.660388][T15652] Bluetooth: hci1: command tx timeout
[ 1460.546447][ T8122] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1460.966829][T17085] ptrace attach of ""[17087] was attempted by "./syz-executor exec"[17085]
[ 1461.691790][T16745] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1461.739546][T15652] Bluetooth: hci1: command tx timeout
[ 1461.893553][ T8122] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1461.941886][T17049] chnl_net:caif_netlink_parms(): no params data found
[ 1462.235902][ T8122] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1462.910456][T17049] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1462.910612][T17049] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1462.910851][T17049] bridge_slave_0: entered allmulticast mode
[ 1462.913030][T17049] bridge_slave_0: entered promiscuous mode
[ 1462.918297][T17049] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1462.918519][T17049] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1462.918741][T17049] bridge_slave_1: entered allmulticast mode
[ 1462.927736][T17049] bridge_slave_1: entered promiscuous mode
[ 1463.366603][T17049] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1463.398654][T17049] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1466.056452][T17049] team0: Port device team_slave_0 added
[ 1466.069970][T17049] team0: Port device team_slave_1 added
[ 1466.230510][ T8122] bridge_slave_1: left allmulticast mode
[ 1466.230537][ T8122] bridge_slave_1: left promiscuous mode
[ 1466.230748][ T8122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1466.301036][ T8122] bridge_slave_0: left allmulticast mode
[ 1466.301064][ T8122] bridge_slave_0: left promiscuous mode
[ 1466.301279][ T8122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1466.362039][ T8122] bridge_slave_1: left allmulticast mode
[ 1466.362060][ T8122] bridge_slave_1: left promiscuous mode
[ 1466.362210][ T8122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1466.430206][ T8122] bridge_slave_0: left allmulticast mode
[ 1466.430228][ T8122] bridge_slave_0: left promiscuous mode
[ 1466.430396][ T8122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1466.492141][ T8122] bridge_slave_1: left allmulticast mode
[ 1466.492163][ T8122] bridge_slave_1: left promiscuous mode
[ 1466.492311][ T8122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1466.580370][ T8122] bridge_slave_0: left allmulticast mode
[ 1466.580390][ T8122] bridge_slave_0: left promiscuous mode
[ 1466.580562][ T8122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1466.653481][ T8122] bridge_slave_1: left allmulticast mode
[ 1466.653502][ T8122] bridge_slave_1: left promiscuous mode
[ 1466.653650][ T8122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1466.720437][ T8122] bridge_slave_0: left allmulticast mode
[ 1466.720458][ T8122] bridge_slave_0: left promiscuous mode
[ 1466.720621][ T8122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1467.460199][ T8122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1467.540600][ T8122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1467.612356][ T8122] bond0 (unregistering): Released all slaves
[ 1468.542903][T17053] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1468.570786][T17053] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1468.572943][T17053] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1468.585639][T17053] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1468.592228][T17053] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1468.718030][T10130] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1468.739104][T10130] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1468.741993][T10130] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1468.744865][ T5820] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1468.746701][ T5820] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1470.475713][T17134] overlayfs: missing 'lowerdir'
[ 1470.649358][ T5820] Bluetooth: hci2: command tx timeout
[ 1470.750224][ T8122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1470.830360][ T8122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1470.852707][ T8122] bond0 (unregistering): Released all slaves
[ 1470.859597][ T5820] Bluetooth: hci3: command tx timeout
[ 1472.699733][ T5820] Bluetooth: hci2: command tx timeout
[ 1472.941998][ T5820] Bluetooth: hci3: command tx timeout
[ 1474.779475][ T5820] Bluetooth: hci2: command tx timeout
[ 1475.019623][ T5820] Bluetooth: hci3: command tx timeout
[ 1475.309549][   T56] usb 1-1: new full-speed USB device number 81 using dummy_hcd
[ 1475.350759][ T8122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1475.430236][ T8122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1475.461349][   T56] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[ 1475.461375][   T56] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid maxpacket 42769, setting to 64
[ 1475.461389][   T56] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1475.463476][   T56] usb 1-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[ 1475.463497][   T56] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1475.463508][   T56] usb 1-1: Product: syz
[ 1475.463516][   T56] usb 1-1: Manufacturer: syz
[ 1475.463523][   T56] usb 1-1: SerialNumber: syz
[ 1475.467081][   T56] usb 1-1: config 0 descriptor??
[ 1475.538386][   T56] snd_usb_toneport 1-1:0.0: Line 6 TonePort UX2 found
[ 1475.564561][ T8122] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 1475.606600][ T8122] bond0 (unregistering): Released all slaves
[ 1475.688160][   T56] snd_usb_toneport 1-1:0.0: set_interface failed
[ 1475.689044][   T56] snd_usb_toneport 1-1:0.0: Line 6 TonePort UX2 now disconnected
[ 1475.689508][   T56] snd_usb_toneport 1-1:0.0: probe with driver snd_usb_toneport failed with error -71
[ 1475.727057][   T56] usb 1-1: USB disconnect, device number 81
[ 1475.738331][T17053] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1475.764537][T17053] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1475.767793][T17053] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1475.769177][T17053] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1475.823862][T17053] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1476.859377][T17053] Bluetooth: hci2: command tx timeout
[ 1477.101131][T17053] Bluetooth: hci3: command tx timeout
[ 1477.196137][T17161] overlayfs: missing 'lowerdir'
[ 1477.990829][T17053] Bluetooth: hci4: command tx timeout
[ 1478.311869][ T8122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1478.775841][ T8122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1478.911256][ T8122] bond0 (unregistering): Released all slaves
[ 1478.960758][T17049] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1478.960775][T17049] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1478.960800][T17049] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1479.345012][T17049] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1479.345024][T17049] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1479.345039][T17049] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1479.584459][ T8122] tipc: Left network mode
[ 1479.799418][T17049] hsr_slave_0: entered promiscuous mode
[ 1479.800625][T17049] hsr_slave_1: entered promiscuous mode
[ 1479.801346][T17049] debugfs: 'hsr0' already exists in 'hsr'
[ 1479.801366][T17049] Cannot create hsr debugfs directory
[ 1479.823960][ T8122] IPVS: stopping master sync thread 16046 ...
[ 1480.059382][T17053] Bluetooth: hci4: command tx timeout
[ 1481.225878][T17183] overlayfs: missing 'lowerdir'
[ 1482.139435][T17053] Bluetooth: hci4: command tx timeout
[ 1484.219505][T17053] Bluetooth: hci4: command tx timeout
[ 1484.996650][T17204] overlayfs: missing 'lowerdir'
[ 1486.955023][T17117] chnl_net:caif_netlink_parms(): no params data found
[ 1486.980150][T17119] chnl_net:caif_netlink_parms(): no params data found
[ 1487.270625][T17153] chnl_net:caif_netlink_parms(): no params data found
[ 1488.009503][ T8122] hsr_slave_0: left promiscuous mode
[ 1488.049395][ T8122] hsr_slave_1: left promiscuous mode
[ 1488.050205][ T8122] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1488.050222][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1488.071021][ T8122] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1488.071051][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1488.233976][ T8122] hsr_slave_0: left promiscuous mode
[ 1488.249698][ T8122] hsr_slave_1: left promiscuous mode
[ 1488.250516][ T8122] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1488.250533][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1488.290462][ T8122] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1488.290490][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1488.440843][ T8122] hsr_slave_0: left promiscuous mode
[ 1488.460941][ T8122] hsr_slave_1: left promiscuous mode
[ 1488.461908][ T8122] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1488.461925][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1488.530478][ T8122] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1488.530507][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1488.719720][ T8122] veth1_macvtap: left promiscuous mode
[ 1488.719827][ T8122] veth0_macvtap: left promiscuous mode
[ 1488.720081][ T8122] veth1_vlan: left promiscuous mode
[ 1488.720250][ T8122] veth0_vlan: left promiscuous mode
[ 1488.763520][T17231] overlayfs: missing 'lowerdir'
[ 1488.880376][ T8122] veth1_macvtap: left promiscuous mode
[ 1488.880480][ T8122] veth0_macvtap: left promiscuous mode
[ 1488.880734][ T8122] veth1_vlan: left promiscuous mode
[ 1488.880902][ T8122] veth0_vlan: left promiscuous mode
[ 1488.979636][ T8122] veth1_macvtap: left promiscuous mode
[ 1488.979695][ T8122] veth0_macvtap: left promiscuous mode
[ 1488.979828][ T8122] veth1_vlan: left promiscuous mode
[ 1488.979920][ T8122] veth0_vlan: left promiscuous mode
[ 1489.591355][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1489.591523][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1492.550531][ T8122] team0 (unregistering): Port device team_slave_1 removed
[ 1492.700921][ T8122] team0 (unregistering): Port device team_slave_0 removed
[ 1495.600092][ T8122] team0 (unregistering): Port device team_slave_1 removed
[ 1495.850088][ T8122] team0 (unregistering): Port device team_slave_0 removed
[ 1501.310629][ T8122] team0 (unregistering): Port device team_slave_1 removed
[ 1501.591602][ T8122] team0 (unregistering): Port device team_slave_0 removed
[ 1507.030013][ T8122] team0 (unregistering): Port device team_slave_1 removed
[ 1507.340491][ T8122] team0 (unregistering): Port device team_slave_0 removed
[ 1508.822381][ T5820] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1508.831202][ T5820] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1508.858432][ T5820] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1508.861353][ T5820] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1508.862809][ T5820] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1511.029710][ T5820] Bluetooth: hci5: command tx timeout
[ 1511.890013][T17117] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1511.890133][T17117] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1511.890319][T17117] bridge_slave_0: entered allmulticast mode
[ 1511.891754][T17117] bridge_slave_0: entered promiscuous mode
[ 1511.893869][T17119] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1511.893981][T17119] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1511.894163][T17119] bridge_slave_0: entered allmulticast mode
[ 1511.895808][T17119] bridge_slave_0: entered promiscuous mode
[ 1511.940232][T17117] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1511.940355][T17117] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1511.940605][T17117] bridge_slave_1: entered allmulticast mode
[ 1511.943082][T17117] bridge_slave_1: entered promiscuous mode
[ 1511.944573][T17119] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1511.944968][T17119] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1511.945140][T17119] bridge_slave_1: entered allmulticast mode
[ 1511.947516][T17119] bridge_slave_1: entered promiscuous mode
[ 1512.820272][T17153] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1512.820456][T17153] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1512.820655][T17153] bridge_slave_0: entered allmulticast mode
[ 1512.822283][T17153] bridge_slave_0: entered promiscuous mode
[ 1512.827218][T17117] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1512.871195][T17119] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1512.871416][T17153] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1512.871547][T17153] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1512.871728][T17153] bridge_slave_1: entered allmulticast mode
[ 1512.874158][T17153] bridge_slave_1: entered promiscuous mode
[ 1512.877765][T17117] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1512.890027][T17119] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1513.099658][ T5820] Bluetooth: hci5: command tx timeout
[ 1513.550265][T17153] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1513.572047][T17117] team0: Port device team_slave_0 added
[ 1513.587033][T17153] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1513.590241][T17119] team0: Port device team_slave_0 added
[ 1513.597970][T17117] team0: Port device team_slave_1 added
[ 1513.721269][T17119] team0: Port device team_slave_1 added
[ 1513.852879][T17053] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1513.873729][T17053] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1513.875135][T17053] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1513.876615][T17053] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1513.877313][T17053] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1514.182443][T17153] team0: Port device team_slave_0 added
[ 1514.307993][T17117] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1514.308010][T17117] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1514.308043][T17117] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1514.359142][T17153] team0: Port device team_slave_1 added
[ 1514.360737][T17119] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1514.360752][T17119] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1514.360786][T17119] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1514.533892][T17117] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1514.533909][T17117] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1514.533935][T17117] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1514.552499][T17119] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1514.552516][T17119] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1514.552543][T17119] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1514.774313][T17153] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1514.774325][T17153] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1514.774339][T17153] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1514.882216][T17153] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1514.882229][T17153] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1514.882243][T17153] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1515.179543][ T5820] Bluetooth: hci5: command tx timeout
[ 1515.359156][T17117] hsr_slave_0: entered promiscuous mode
[ 1515.361420][T17117] hsr_slave_1: entered promiscuous mode
[ 1515.362367][T17117] debugfs: 'hsr0' already exists in 'hsr'
[ 1515.362390][T17117] Cannot create hsr debugfs directory
[ 1515.377358][T17119] hsr_slave_0: entered promiscuous mode
[ 1515.378670][T17119] hsr_slave_1: entered promiscuous mode
[ 1515.381608][T17119] debugfs: 'hsr0' already exists in 'hsr'
[ 1515.381631][T17119] Cannot create hsr debugfs directory
[ 1515.982300][ T5820] Bluetooth: hci0: command tx timeout
[ 1516.223093][T17153] hsr_slave_0: entered promiscuous mode
[ 1516.223940][T17153] hsr_slave_1: entered promiscuous mode
[ 1516.224491][T17153] debugfs: 'hsr0' already exists in 'hsr'
[ 1516.224507][T17153] Cannot create hsr debugfs directory
[ 1516.705733][T17246] chnl_net:caif_netlink_parms(): no params data found
[ 1517.259720][ T5820] Bluetooth: hci5: command tx timeout
[ 1517.678998][ T8122] IPVS: stop unused estimator thread 0...
[ 1517.807298][T17246] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1517.810881][T17246] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1517.811147][T17246] bridge_slave_0: entered allmulticast mode
[ 1517.813724][T17246] bridge_slave_0: entered promiscuous mode
[ 1517.865385][T17246] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1517.865530][T17246] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1517.865726][T17246] bridge_slave_1: entered allmulticast mode
[ 1517.868708][T17246] bridge_slave_1: entered promiscuous mode
[ 1518.059470][ T5820] Bluetooth: hci0: command tx timeout
[ 1518.247963][T17246] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1518.261967][T17256] chnl_net:caif_netlink_parms(): no params data found
[ 1518.268463][T17246] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1518.742461][T17246] team0: Port device team_slave_0 added
[ 1518.831405][T17246] team0: Port device team_slave_1 added
[ 1519.358669][T17246] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1519.358688][T17246] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1519.358717][T17246] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1519.553821][T17246] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1519.553837][T17246] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1519.553859][T17246] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1519.554538][T17256] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1519.555340][T17256] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1519.555513][T17256] bridge_slave_0: entered allmulticast mode
[ 1519.557858][T17256] bridge_slave_0: entered promiscuous mode
[ 1519.574944][T17256] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1519.575061][T17256] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1519.575240][T17256] bridge_slave_1: entered allmulticast mode
[ 1519.577584][T17256] bridge_slave_1: entered promiscuous mode
[ 1519.903470][T17256] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1519.984918][T17256] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1520.055101][T17246] hsr_slave_0: entered promiscuous mode
[ 1520.055959][T17246] hsr_slave_1: entered promiscuous mode
[ 1520.056527][T17246] debugfs: 'hsr0' already exists in 'hsr'
[ 1520.056542][T17246] Cannot create hsr debugfs directory
[ 1520.139628][ T5820] Bluetooth: hci0: command tx timeout
[ 1520.422003][T17256] team0: Port device team_slave_0 added
[ 1520.440804][T17256] team0: Port device team_slave_1 added
[ 1520.690784][T17153] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1520.745646][T17256] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1520.745663][T17256] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1520.745683][T17256] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1520.747102][T17153] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1520.806459][T17256] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1520.806470][T17256] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1520.806486][T17256] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1520.807900][T17153] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1520.957548][T17153] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1521.326188][T17256] hsr_slave_0: entered promiscuous mode
[ 1521.327000][T17256] hsr_slave_1: entered promiscuous mode
[ 1521.327598][T17256] debugfs: 'hsr0' already exists in 'hsr'
[ 1521.327614][T17256] Cannot create hsr debugfs directory
[ 1521.412666][T17117] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1521.506433][ T8122] bridge_slave_1: left allmulticast mode
[ 1521.506461][ T8122] bridge_slave_1: left promiscuous mode
[ 1521.506716][ T8122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1521.581002][ T8122] bridge_slave_0: left allmulticast mode
[ 1521.581022][ T8122] bridge_slave_0: left promiscuous mode
[ 1521.581205][ T8122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1521.642848][ T8122] bridge_slave_1: left allmulticast mode
[ 1521.642869][ T8122] bridge_slave_1: left promiscuous mode
[ 1521.643010][ T8122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1521.700449][ T8122] bridge_slave_0: left allmulticast mode
[ 1521.700468][ T8122] bridge_slave_0: left promiscuous mode
[ 1521.700632][ T8122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1521.772348][ T8122] bridge_slave_1: left allmulticast mode
[ 1521.772369][ T8122] bridge_slave_1: left promiscuous mode
[ 1521.772512][ T8122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1521.830712][ T8122] bridge_slave_0: left allmulticast mode
[ 1521.830734][ T8122] bridge_slave_0: left promiscuous mode
[ 1521.830905][ T8122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1521.903604][ T8122] bridge_slave_1: left allmulticast mode
[ 1521.903633][ T8122] bridge_slave_1: left promiscuous mode
[ 1521.903880][ T8122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1521.970812][ T8122] bridge_slave_0: left allmulticast mode
[ 1521.970844][ T8122] bridge_slave_0: left promiscuous mode
[ 1521.971088][ T8122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1522.033512][ T8122] bridge_slave_1: left allmulticast mode
[ 1522.033533][ T8122] bridge_slave_1: left promiscuous mode
[ 1522.033681][ T8122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1522.100381][ T8122] bridge_slave_0: left allmulticast mode
[ 1522.100402][ T8122] bridge_slave_0: left promiscuous mode
[ 1522.100563][ T8122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1522.250203][ T5820] Bluetooth: hci0: command tx timeout
[ 1522.370675][ T8122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1522.470211][ T8122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1522.532446][ T8122] bond0 (unregistering): Released all slaves
[ 1522.730404][ T8122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1522.820027][ T8122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1522.902879][ T8122] bond0 (unregistering): Released all slaves
[ 1523.090642][ T8122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1523.170217][ T8122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1523.244250][ T8122] bond0 (unregistering): Released all slaves
[ 1523.440545][ T8122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1523.530435][ T8122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1523.611495][ T8122] bond0 (unregistering): Released all slaves
[ 1523.811255][ T8122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1523.903818][ T8122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1523.961473][ T8122] bond0 (unregistering): Released all slaves
[ 1523.980774][T17117] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1524.087167][T17117] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1524.291104][T17117] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1524.742294][T17119] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1524.818881][T17119] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1525.326855][T17119] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1525.401863][T17119] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1525.791072][ T8122] hsr_slave_0: left promiscuous mode
[ 1525.809615][ T8122] hsr_slave_1: left promiscuous mode
[ 1525.810481][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1525.850726][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1525.989734][ T8122] hsr_slave_0: left promiscuous mode
[ 1526.011086][ T8122] hsr_slave_1: left promiscuous mode
[ 1526.012278][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1526.050310][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1526.189753][ T8122] hsr_slave_0: left promiscuous mode
[ 1526.209573][ T8122] hsr_slave_1: left promiscuous mode
[ 1526.211306][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1526.250165][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1526.392664][ T8122] hsr_slave_0: left promiscuous mode
[ 1526.409600][ T8122] hsr_slave_1: left promiscuous mode
[ 1526.410239][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1526.452120][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1526.470108][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1526.510048][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1527.240197][ T8122] team0 (unregistering): Port device team_slave_1 removed
[ 1527.400127][ T8122] team0 (unregistering): Port device team_slave_0 removed
[ 1528.550119][ T8122] team0 (unregistering): Port device team_slave_1 removed
[ 1528.702793][ T8122] team0 (unregistering): Port device team_slave_0 removed
[ 1529.382174][T17053] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1529.395817][T17053] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1529.398089][T17053] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1529.403852][T17053] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1529.404569][T17053] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1529.500616][ T5820] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1529.506285][ T5820] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1529.507553][ T5820] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1529.509003][ T5820] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1529.544330][ T5820] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1530.160588][ T8122] team0 (unregistering): Port device team_slave_1 removed
[ 1530.310017][ T8122] team0 (unregistering): Port device team_slave_0 removed
[ 1531.504343][ T5820] Bluetooth: hci1: command tx timeout
[ 1531.522599][ T8122] team0 (unregistering): Port device team_slave_1 removed
[ 1531.579510][ T5820] Bluetooth: hci6: command tx timeout
[ 1531.680382][ T8122] team0 (unregistering): Port device team_slave_0 removed
[ 1532.419901][ T8122] team0 (unregistering): Port device team_slave_1 removed
[ 1532.620075][ T8122] team0 (unregistering): Port device team_slave_0 removed
[ 1533.589912][ T5820] Bluetooth: hci1: command tx timeout
[ 1533.659735][ T5820] Bluetooth: hci6: command tx timeout
[ 1534.613605][T17153] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1534.929091][T17153] 8021q: adding VLAN 0 to HW filter on device team0
[ 1534.964819][ T2845] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1534.967992][ T2845] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1535.193799][ T2845] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1535.193924][ T2845] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1535.472133][T17312] chnl_net:caif_netlink_parms(): no params data found
[ 1535.708926][T17315] chnl_net:caif_netlink_parms(): no params data found
[ 1535.714827][T17053] Bluetooth: hci1: command tx timeout
[ 1535.765074][ T5820] Bluetooth: hci6: command tx timeout
[ 1535.943251][T17053] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1535.948849][T17053] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1535.951539][T17053] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1536.018554][T17053] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1536.021925][T17053] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1537.010522][T17312] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1537.010928][T17312] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1537.011137][T17312] bridge_slave_0: entered allmulticast mode
[ 1537.013659][T17312] bridge_slave_0: entered promiscuous mode
[ 1537.140877][T17312] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1537.141022][T17312] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1537.141210][T17312] bridge_slave_1: entered allmulticast mode
[ 1537.142850][T17312] bridge_slave_1: entered promiscuous mode
[ 1537.144528][T17315] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1537.144627][T17315] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1537.144796][T17315] bridge_slave_0: entered allmulticast mode
[ 1537.204572][T17315] bridge_slave_0: entered promiscuous mode
[ 1537.380534][T17315] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1537.380642][T17315] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1537.380786][T17315] bridge_slave_1: entered allmulticast mode
[ 1537.382159][T17315] bridge_slave_1: entered promiscuous mode
[ 1537.597966][T17312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1537.722250][T17312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1537.727198][T17315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1537.739461][ T5820] Bluetooth: hci1: command tx timeout
[ 1537.797149][T17315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1537.819536][ T5820] Bluetooth: hci6: command tx timeout
[ 1538.029130][T17246] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1538.139801][ T5820] Bluetooth: hci2: command tx timeout
[ 1538.220889][T17246] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1538.397468][T17312] team0: Port device team_slave_0 added
[ 1538.425721][T17246] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1538.454770][T17315] team0: Port device team_slave_0 added
[ 1538.471633][T17312] team0: Port device team_slave_1 added
[ 1538.506590][T17246] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1538.528191][T17315] team0: Port device team_slave_1 added
[ 1539.022948][T17312] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1539.022961][T17312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1539.022975][T17312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1539.152930][T17315] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1539.152942][T17315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1539.152957][T17315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1539.210385][T17312] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1539.210400][T17312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1539.210421][T17312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1539.218488][T17315] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1539.218499][T17315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1539.218513][T17315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1539.405906][T17256] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1539.456028][T17256] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1539.650347][T17256] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1539.861969][T17256] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1539.888919][T17312] hsr_slave_0: entered promiscuous mode
[ 1539.891488][T17312] hsr_slave_1: entered promiscuous mode
[ 1539.934425][T17315] hsr_slave_0: entered promiscuous mode
[ 1539.935274][T17315] hsr_slave_1: entered promiscuous mode
[ 1539.935810][T17315] debugfs: 'hsr0' already exists in 'hsr'
[ 1539.935826][T17315] Cannot create hsr debugfs directory
[ 1540.219598][ T5820] Bluetooth: hci2: command tx timeout
[ 1540.434112][T17327] chnl_net:caif_netlink_parms(): no params data found
[ 1541.403669][T17327] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1541.403782][T17327] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1541.403913][T17327] bridge_slave_0: entered allmulticast mode
[ 1541.405302][T17327] bridge_slave_0: entered promiscuous mode
[ 1541.632237][T17327] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1541.632345][T17327] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1541.632703][T17327] bridge_slave_1: entered allmulticast mode
[ 1541.634122][T17327] bridge_slave_1: entered promiscuous mode
[ 1542.158582][T17327] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1542.299660][ T5820] Bluetooth: hci2: command tx timeout
[ 1542.365234][T17327] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1543.049043][T17327] team0: Port device team_slave_0 added
[ 1543.066017][T17327] team0: Port device team_slave_1 added
[ 1543.433012][T17327] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1543.433030][T17327] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1543.433064][T17327] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1543.463465][T17327] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1543.463483][T17327] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1543.463509][T17327] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1543.633865][T17246] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1543.883477][T17327] hsr_slave_0: entered promiscuous mode
[ 1543.884313][T17327] hsr_slave_1: entered promiscuous mode
[ 1543.884877][T17327] debugfs: 'hsr0' already exists in 'hsr'
[ 1543.884892][T17327] Cannot create hsr debugfs directory
[ 1544.379529][ T5820] Bluetooth: hci2: command tx timeout
[ 1544.515233][T17256] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1544.731703][T17246] 8021q: adding VLAN 0 to HW filter on device team0
[ 1544.766685][ T3446] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1544.766935][ T3446] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1545.071441][T17256] 8021q: adding VLAN 0 to HW filter on device team0
[ 1545.085343][ T3853] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1545.085832][ T3853] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1545.129999][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1545.130130][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1545.141333][ T3853] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1545.143836][ T3853] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1545.744016][ T8122] bridge_slave_1: left allmulticast mode
[ 1545.744047][ T8122] bridge_slave_1: left promiscuous mode
[ 1545.744299][ T8122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1545.830256][ T8122] bridge_slave_0: left allmulticast mode
[ 1545.830276][ T8122] bridge_slave_0: left promiscuous mode
[ 1545.830426][ T8122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1545.931703][ T8122] bridge_slave_1: left allmulticast mode
[ 1545.931723][ T8122] bridge_slave_1: left promiscuous mode
[ 1545.931864][ T8122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1545.981213][ T8122] bridge_slave_0: left allmulticast mode
[ 1545.981232][ T8122] bridge_slave_0: left promiscuous mode
[ 1545.981376][ T8122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1546.041813][ T8122] bridge_slave_1: left allmulticast mode
[ 1546.041833][ T8122] bridge_slave_1: left promiscuous mode
[ 1546.041988][ T8122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1546.110734][ T8122] bridge_slave_0: left allmulticast mode
[ 1546.110752][ T8122] bridge_slave_0: left promiscuous mode
[ 1546.110896][ T8122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1548.020030][ T8122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1548.082836][ T8122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1548.121996][ T8122] bond0 (unregistering): Released all slaves
[ 1548.470019][ T8122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1548.550092][ T8122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1548.611197][ T8122] bond0 (unregistering): Released all slaves
[ 1548.849971][ T8122] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1548.930017][ T8122] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1548.992829][ T8122] bond0 (unregistering): Released all slaves
[ 1549.277659][T17246] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1549.289025][T17256] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1549.892417][ T8122] hsr_slave_0: left promiscuous mode
[ 1549.929468][ T8122] hsr_slave_1: left promiscuous mode
[ 1549.930723][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1549.960335][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1550.120225][ T8122] hsr_slave_0: left promiscuous mode
[ 1550.149489][ T8122] hsr_slave_1: left promiscuous mode
[ 1550.150208][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1550.200128][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1550.340148][ T8122] hsr_slave_0: left promiscuous mode
[ 1550.359594][ T8122] hsr_slave_1: left promiscuous mode
[ 1550.360217][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1550.400030][ T8122] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1551.028940][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1551.028985][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1551.120173][ T8122] team0 (unregistering): Port device team_slave_1 removed
[ 1551.279953][ T8122] team0 (unregistering): Port device team_slave_0 removed
[ 1554.320067][ T8122] team0 (unregistering): Port device team_slave_1 removed
[ 1554.481349][ T8122] team0 (unregistering): Port device team_slave_0 removed
[ 1555.670002][ T8122] team0 (unregistering): Port device team_slave_1 removed
[ 1555.829962][ T8122] team0 (unregistering): Port device team_slave_0 removed
[ 1556.461079][T17246] veth0_vlan: entered promiscuous mode
[ 1556.490022][T17246] veth1_vlan: entered promiscuous mode
[ 1556.537749][T17256] veth0_vlan: entered promiscuous mode
[ 1556.595913][T17256] veth1_vlan: entered promiscuous mode
[ 1556.676882][T17246] veth0_macvtap: entered promiscuous mode
[ 1556.714984][T17246] veth1_macvtap: entered promiscuous mode
[ 1556.841571][T17256] veth0_macvtap: entered promiscuous mode
[ 1556.898020][T17246] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1556.912338][T17256] veth1_macvtap: entered promiscuous mode
[ 1556.914922][T17315] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1556.959763][T17315] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1557.165641][T17246] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1557.166333][T17315] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1557.218315][T17315] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1557.270185][ T3995] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1557.376884][ T3995] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1557.425319][ T3995] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1557.428929][ T3995] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1557.524851][T17256] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1557.654482][T17256] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1557.858364][ T3853] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1557.870137][ T3853] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1557.876022][ T3853] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1557.878416][ T3853] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1558.030509][ T3995] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1558.030530][ T3995] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1558.349749][ T1113] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1558.349769][ T1113] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1558.477902][T17315] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1558.714585][T17315] 8021q: adding VLAN 0 to HW filter on device team0
[ 1558.726121][ T3446] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1558.726140][ T3446] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1558.729984][T13520] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1558.730173][T13520] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1558.943635][T11047] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1558.943801][T11047] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1559.013184][ T3853] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1559.013204][ T3853] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1559.087077][T17312] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1559.106136][T17384] overlayfs: missing 'workdir'
[ 1559.144788][T17312] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1559.193356][T17312] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1559.498154][T17312] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1559.606625][T17394] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1559.606744][T17394] PKCS7: Only support pkcs7_signedData type
[ 1560.905621][T17327] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1562.697512][T17327] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1562.949418][T17327] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1563.032690][T17327] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1563.598344][T17312] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1563.683519][T17315] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1563.726380][T17312] 8021q: adding VLAN 0 to HW filter on device team0
[ 1563.747446][T13520] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1563.748179][T13520] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1563.784797][ T3853] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1563.785000][ T3853] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1563.821461][T17327] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1564.141622][T17327] 8021q: adding VLAN 0 to HW filter on device team0
[ 1564.188570][ T3995] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1564.188771][ T3995] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1564.241270][ T1113] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1564.241438][ T1113] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1564.340042][T14721] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[ 1564.494750][T14721] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[ 1564.494787][T14721] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid maxpacket 42769, setting to 64
[ 1564.494812][T14721] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1564.549666][T14721] usb 4-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[ 1564.549700][T14721] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1564.549727][T14721] usb 4-1: Product: syz
[ 1564.549741][T14721] usb 4-1: Manufacturer: syz
[ 1564.549755][T14721] usb 4-1: SerialNumber: syz
[ 1564.602405][T14721] usb 4-1: config 0 descriptor??
[ 1564.623779][T14721] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 found
[ 1564.832125][T14721] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 now disconnected
[ 1564.834567][T14721] snd_usb_toneport 4-1:0.0: probe with driver snd_usb_toneport failed with error -22
[ 1564.962460][T17466] comedi comedi3: comedi_test: 10 microvolt, 2046 microsecond waveform attached
[ 1564.965562][T17315] veth0_vlan: entered promiscuous mode
[ 1565.030655][T17315] veth1_vlan: entered promiscuous mode
[ 1565.033589][T14661] usb 4-1: USB disconnect, device number 16
[ 1565.153829][T17312] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1565.262226][T17327] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1565.282002][T17474] overlayfs: missing 'workdir'
[ 1565.333576][T17315] veth0_macvtap: entered promiscuous mode
[ 1565.352858][T17315] veth1_macvtap: entered promiscuous mode
[ 1565.465103][T17315] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1565.491262][T17315] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1565.515029][   T12] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1565.543588][   T12] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1565.544249][   T12] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1565.577615][   T12] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1567.325682][T17516] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1567.325700][T17516] PKCS7: Only support pkcs7_signedData type
[ 1568.515764][T11047] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1568.515786][T11047] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1568.712622][T17312] veth0_vlan: entered promiscuous mode
[ 1568.774578][ T3995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1568.774600][ T3995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1568.801508][T17312] veth1_vlan: entered promiscuous mode
[ 1569.017722][T17327] veth0_vlan: entered promiscuous mode
[ 1569.048523][T17312] veth0_macvtap: entered promiscuous mode
[ 1569.087369][T17312] veth1_macvtap: entered promiscuous mode
[ 1569.108792][T17327] veth1_vlan: entered promiscuous mode
[ 1569.194694][T17312] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1569.238437][T17312] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1569.456097][ T5820] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci6/hci6:201'
[ 1569.456141][ T5820] CPU: 0 UID: 0 PID: 5820 Comm: kworker/u9:8 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1569.456170][ T5820] Tainted: [L]=SOFTLOCKUP
[ 1569.456178][ T5820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1569.456192][ T5820] Workqueue: hci6 hci_rx_work
[ 1569.456222][ T5820] Call Trace:
[ 1569.456230][ T5820]  <TASK>
[ 1569.456240][ T5820]  dump_stack_lvl+0xe8/0x150
[ 1569.456273][ T5820]  sysfs_create_dir_ns+0x259/0x280
[ 1569.456303][ T5820]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1569.456330][ T5820]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1569.456360][ T5820]  ? rt_spin_unlock+0x161/0x200
[ 1569.456392][ T5820]  kobject_add_internal+0x6b1/0xcd0
[ 1569.456426][ T5820]  kobject_add+0x155/0x220
[ 1569.456453][ T5820]  ? __pfx_kobject_add+0x10/0x10
[ 1569.456491][ T5820]  ? get_device_parent+0x370/0x3a0
[ 1569.456520][ T5820]  device_add+0x408/0xb80
[ 1569.456544][ T5820]  hci_conn_add_sysfs+0xd5/0x210
[ 1569.456574][ T5820]  le_conn_complete_evt+0xf1d/0x1420
[ 1569.456604][ T5820]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1569.456627][ T5820]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1569.456648][ T5820]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1569.456669][ T5820]  ? skb_pull_data+0xfb/0x200
[ 1569.456704][ T5820]  hci_le_conn_complete_evt+0x187/0x480
[ 1569.456736][ T5820]  hci_event_packet+0x78f/0x1260
[ 1569.456771][ T5820]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1569.456798][ T5820]  ? __pfx_hci_event_packet+0x10/0x10
[ 1569.456828][ T5820]  ? rt_spin_unlock+0x150/0x200
[ 1569.456864][ T5820]  ? hci_send_to_monitor+0xe2/0x590
[ 1569.456893][ T5820]  hci_rx_work+0x3ee/0x1060
[ 1569.456921][ T5820]  ? process_scheduled_works+0x9ef/0x1770
[ 1569.456948][ T5820]  process_scheduled_works+0xad1/0x1770
[ 1569.457000][ T5820]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1569.457021][ T5820]  ? do_raw_spin_lock+0x121/0x290
[ 1569.457060][ T5820]  worker_thread+0x8a0/0xda0
[ 1569.457105][ T5820]  kthread+0x711/0x8a0
[ 1569.457134][ T5820]  ? __pfx_worker_thread+0x10/0x10
[ 1569.457156][ T5820]  ? __pfx_kthread+0x10/0x10
[ 1569.457177][ T5820]  ? rt_spin_unlock+0x150/0x200
[ 1569.457207][ T5820]  ? rt_spin_unlock+0x161/0x200
[ 1569.457229][ T5820]  ? __pfx_kthread+0x10/0x10
[ 1569.457256][ T5820]  ret_from_fork+0x510/0xa50
[ 1569.457282][ T5820]  ? __pfx_ret_from_fork+0x10/0x10
[ 1569.457301][ T5820]  ? __switch_to+0xc9e/0x1480
[ 1569.457334][ T5820]  ? __pfx_kthread+0x10/0x10
[ 1569.457362][ T5820]  ret_from_fork_asm+0x1a/0x30
[ 1569.457408][ T5820]  </TASK>
[ 1569.492081][ T5820] kobject: kobject_add_internal failed for hci6:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1569.492176][ T5820] Bluetooth: hci6: failed to register connection device
[ 1569.923241][T13520] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1569.941932][T13520] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1569.945815][T17327] veth0_macvtap: entered promiscuous mode
[ 1569.973765][T13520] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1569.977599][T13520] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1570.005133][T17327] veth1_macvtap: entered promiscuous mode
[ 1572.632207][T17327] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1573.386703][T17327] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1573.387728][ T1009] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1573.387751][ T1009] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1573.625968][ T1009] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1573.648207][ T1009] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1573.677838][ T1009] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1573.693684][ T1009] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1575.527371][ T3542] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1575.527392][ T3542] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1575.819332][ T5820] Bluetooth: hci6: command 0x0406 tx timeout
[ 1577.035564][T17600] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1577.035624][T17600] PKCS7: Only support pkcs7_signedData type
[ 1581.573149][T13520] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1581.573172][T13520] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1583.019561][T14810] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1583.097782][ T2300] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1583.097803][ T2300] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1583.174687][T14810] usb 9-1: Using ep0 maxpacket: 8
[ 1583.193027][T14810] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1583.193068][T14810] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1583.193092][T14810] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1583.193116][T14810] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1583.193157][T14810] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1583.193180][T14810] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1583.523953][T14810] usb 9-1: GET_CAPABILITIES returned 0
[ 1583.524000][T14810] usbtmc 9-1:16.0: can't read capabilities
[ 1583.754685][T14810] usb 9-1: USB disconnect, device number 2
[ 1583.848099][T17642] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1583.848117][T17642] PKCS7: Only support pkcs7_signedData type
[ 1586.496437][T17684] ptrace attach of "./syz-executor exec"[17686] was attempted by "./syz-executor exec"[17684]
[ 1588.380708][T14688] usb 4-1: new full-speed USB device number 17 using dummy_hcd
[ 1588.482742][ T7630] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1588.529328][T14688] usb 4-1: device descriptor read/64, error -71
[ 1588.739342][ T7630] usb 9-1: Using ep0 maxpacket: 8
[ 1589.558806][T14688] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[ 1590.295986][T17715] ptrace attach of ""[17716] was attempted by "./syz-executor exec"[17715]
[ 1590.623166][ T7630] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1590.623195][ T7630] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1590.623208][ T7630] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1590.623220][ T7630] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1590.623242][ T7630] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1590.623254][ T7630] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1590.679969][T14688] usb 4-1: device descriptor read/64, error -71
[ 1590.789856][T14688] usb usb4-port1: attempt power cycle
[ 1590.923822][ T7630] usb 9-1: GET_CAPABILITIES returned 0
[ 1590.923869][ T7630] usbtmc 9-1:16.0: can't read capabilities
[ 1591.131895][T14688] usb 4-1: new full-speed USB device number 19 using dummy_hcd
[ 1591.188115][T16735] usb 9-1: USB disconnect, device number 3
[ 1591.454357][T17730] ptrace attach of "./syz-executor exec"[17732] was attempted by "./syz-executor exec"[17730]
[ 1592.183511][T14688] usb 4-1: device descriptor read/8, error -71
[ 1592.820414][T17719] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1592.969513][T17719] usb 6-1: Using ep0 maxpacket: 16
[ 1592.974601][T17719] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00
[ 1592.974631][T17719] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1592.974650][T17719] usb 6-1: Product: syz
[ 1592.974664][T17719] usb 6-1: Manufacturer: syz
[ 1592.974678][T17719] usb 6-1: SerialNumber: syz
[ 1593.065288][T17719] usb 6-1: config 0 descriptor??
[ 1593.078990][T17719] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[ 1593.094559][T17719] usb 6-1: Detected FT-X
[ 1593.329507][T17719] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 1593.738284][T17719] ftdi_sio 6-1:0.0: GPIO initialisation failed: -5
[ 1593.853223][T17767] ptrace attach of "./syz-executor exec"[17770] was attempted by "./syz-executor exec"[17767]
[ 1593.882122][T16735] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[ 1594.099520][T16735] usb 5-1: device descriptor read/64, error -71
[ 1594.355076][T17719] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1594.409777][T17719] usb 6-1: USB disconnect, device number 7
[ 1594.425609][T16735] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[ 1594.434530][T17719] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1594.435864][T17719] ftdi_sio 6-1:0.0: device disconnected
[ 1594.549338][T16735] usb 5-1: device descriptor read/64, error -71
[ 1594.624019][T17774] ptrace attach of "./syz-executor exec"[17779] was attempted by "./syz-executor exec"[17774]
[ 1594.674476][T16735] usb usb5-port1: attempt power cycle
[ 1595.019359][T17719] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1595.069425][ T5962] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 1595.188705][T17719] usb 9-1: Using ep0 maxpacket: 8
[ 1595.197064][T17719] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1595.197098][T17719] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1595.197124][T17719] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1595.197148][T17719] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1595.197190][T17719] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1595.197214][T17719] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1595.229697][T16735] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[ 1595.273929][ T5962] usb 2-1: Using ep0 maxpacket: 16
[ 1595.282590][T16735] usb 5-1: device descriptor read/8, error -71
[ 1595.296609][ T5962] usb 2-1: config 0 has an invalid interface number: 69 but max is 0
[ 1595.296637][ T5962] usb 2-1: config 0 has no interface number 0
[ 1595.310430][ T5962] usb 2-1: New USB device found, idVendor=05ac, idProduct=0274, bcdDevice=f9.c2
[ 1595.310459][ T5962] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1595.310478][ T5962] usb 2-1: Product: syz
[ 1595.310493][ T5962] usb 2-1: Manufacturer: syz
[ 1595.310506][ T5962] usb 2-1: SerialNumber: syz
[ 1595.357992][ T5962] usb 2-1: config 0 descriptor??
[ 1595.376218][ T5962] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.69/input/input41
[ 1595.438879][T17719] usb 9-1: GET_CAPABILITIES returned 0
[ 1595.438979][T17719] usbtmc 9-1:16.0: can't read capabilities
[ 1595.539329][T16735] usb 5-1: new full-speed USB device number 17 using dummy_hcd
[ 1595.570093][T16735] usb 5-1: device descriptor read/8, error -71
[ 1595.607575][ T5157] bcm5974 2-1:0.69: could not read from device
[ 1595.657544][T17719] usb 9-1: USB disconnect, device number 4
[ 1595.681003][T16735] usb usb5-port1: unable to enumerate USB device
[ 1595.734835][ T5157] bcm5974 2-1:0.69: could not read from device
[ 1595.758928][ T5962] usb 2-1: USB disconnect, device number 2
[ 1596.746899][T17818] ptrace attach of "./syz-executor exec"[17819] was attempted by "./syz-executor exec"[17818]
[ 1597.440074][T17838] netlink: 84 bytes leftover after parsing attributes in process `syz.5.3190'.
[ 1599.059317][T14688] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[ 1599.089591][T16735] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[ 1599.230667][T17858] ptrace attach of ""[17860] was attempted by "./syz-executor exec"[17858]
[ 1599.369928][T14688] usb 2-1: Using ep0 maxpacket: 8
[ 1599.372247][T14688] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1599.372280][T14688] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1599.372304][T14688] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1599.372327][T14688] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1599.372367][T14688] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1599.372388][T14688] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1600.083306][T16735] usb 6-1: device descriptor read/64, error -71
[ 1600.422520][T16735] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[ 1600.459886][T14688] usb 2-1: usb_control_msg returned -71
[ 1600.459937][T14688] usbtmc 2-1:16.0: can't read capabilities
[ 1600.559332][T16735] usb 6-1: device descriptor read/64, error -71
[ 1600.685036][T16735] usb usb6-port1: attempt power cycle
[ 1600.711207][T14688] usb 2-1: USB disconnect, device number 3
[ 1602.143215][T17889] netlink: 84 bytes leftover after parsing attributes in process `syz.3.3207'.
[ 1605.519650][   T56] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[ 1605.629518][T16735] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[ 1605.669295][   T56] usb 2-1: Using ep0 maxpacket: 8
[ 1605.787303][T17928] netlink: 84 bytes leftover after parsing attributes in process `syz.8.3221'.
[ 1606.558099][T16735] usb 6-1: device descriptor read/64, error -71
[ 1606.710658][   T56] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1606.710691][   T56] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1606.710711][   T56] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1606.710730][   T56] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1606.710764][   T56] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1606.710783][   T56] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1606.771410][T17932] program syz.8.3223 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1606.830855][T16735] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[ 1608.210219][   T56] usb 2-1: usb_control_msg returned -71
[ 1608.210259][   T56] usbtmc 2-1:16.0: can't read capabilities
[ 1608.248761][   T56] usb 2-1: USB disconnect, device number 4
[ 1608.270454][T16735] usb 6-1: device descriptor read/64, error -71
[ 1608.383194][T16735] usb usb6-port1: attempt power cycle
[ 1610.774714][T17966] netlink: 84 bytes leftover after parsing attributes in process `syz.4.3233'.
[ 1611.699738][ T7630] usb 6-1: new full-speed USB device number 14 using dummy_hcd
[ 1611.829563][T14810] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[ 1611.860236][ T7630] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1611.860253][ T7630] usb 6-1: config 0 has no interfaces?
[ 1611.860271][ T7630] usb 6-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1611.860283][ T7630] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1611.870502][ T7630] usb 6-1: config 0 descriptor??
[ 1611.989367][T14810] usb 5-1: device descriptor read/64, error -71
[ 1612.843576][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1612.843836][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1612.986891][T14810] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[ 1613.130022][T14810] usb 5-1: device descriptor read/64, error -71
[ 1613.239768][T14810] usb usb5-port1: attempt power cycle
[ 1613.312245][T16260] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1613.489360][T16260] usb 2-1: Using ep0 maxpacket: 8
[ 1613.506212][T16260] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1613.506254][T16260] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1613.506317][T16260] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1613.506338][T16260] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1613.506372][T16260] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1613.506393][T16260] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1614.039481][T14810] usb 5-1: new full-speed USB device number 20 using dummy_hcd
[ 1614.100936][T14810] usb 5-1: device descriptor read/8, error -71
[ 1614.369327][T14810] usb 5-1: new full-speed USB device number 21 using dummy_hcd
[ 1614.389162][T16260] usb 2-1: usb_control_msg returned -71
[ 1614.389354][T16260] usbtmc 2-1:16.0: can't read capabilities
[ 1614.441809][T14810] usb 5-1: device descriptor read/8, error -71
[ 1614.496845][T16260] usb 2-1: USB disconnect, device number 5
[ 1614.549916][T14810] usb usb5-port1: unable to enumerate USB device
[ 1614.557104][T14810] usb 6-1: USB disconnect, device number 14
[ 1614.748096][T17999] futex_wake_op: syz.5.3240 tries to shift op by -1; fix this program
[ 1617.628674][T18041] Bluetooth: MGMT ver 1.23
[ 1617.741744][T16320] usb 4-1: new full-speed USB device number 21 using dummy_hcd
[ 1617.879507][T14721] usb 9-1: new full-speed USB device number 5 using dummy_hcd
[ 1618.149696][T16320] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1618.149723][T16320] usb 4-1: config 0 has no interfaces?
[ 1618.149752][T16320] usb 4-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1618.149775][T16320] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1618.182491][T14721] usb 9-1: device descriptor read/64, error -71
[ 1618.692342][T16320] usb 4-1: config 0 descriptor??
[ 1618.809431][T14721] usb 9-1: new full-speed USB device number 6 using dummy_hcd
[ 1618.959411][T14721] usb 9-1: device descriptor read/64, error -71
[ 1619.072107][T14721] usb usb9-port1: attempt power cycle
[ 1619.534172][T14721] usb 9-1: new full-speed USB device number 7 using dummy_hcd
[ 1619.550046][T14721] usb 9-1: device descriptor read/8, error -71
[ 1619.614208][   T56] usb 4-1: USB disconnect, device number 21
[ 1619.868320][T14721] usb 9-1: new full-speed USB device number 8 using dummy_hcd
[ 1620.065029][T14721] usb 9-1: device descriptor read/8, error -71
[ 1620.428608][T14721] usb usb9-port1: unable to enumerate USB device
[ 1623.189328][T10046] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[ 1623.353900][T10046] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1623.353968][T10046] usb 2-1: config 0 has no interfaces?
[ 1623.354026][T10046] usb 2-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1623.354077][T10046] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1623.717890][T10046] usb 2-1: config 0 descriptor??
[ 1626.832572][T10046] usb 2-1: USB disconnect, device number 6
[ 1630.979350][T16320] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[ 1631.144388][T16320] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1631.144417][T16320] usb 5-1: config 0 has no interfaces?
[ 1631.144444][T16320] usb 5-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1631.144466][T16320] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1631.157173][T16320] usb 5-1: config 0 descriptor??
[ 1634.520079][T16735] usb 5-1: USB disconnect, device number 22
[ 1635.690330][T17125] Bluetooth: hci5: command 0x0406 tx timeout
[ 1636.498560][T18236] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1636.498834][T18236] PKCS7: Only support pkcs7_signedData type
[ 1640.452451][ T5820] Bluetooth: hci0: command 0x0406 tx timeout
[ 1640.776846][T18249] netlink: 'syz.1.3305': attribute type 2 has an invalid length.
[ 1640.879379][T16320] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[ 1641.999377][T16320] usb 5-1: unable to read config index 0 descriptor/all
[ 1641.999422][T16320] usb 5-1: can't read configurations, error -71
[ 1644.374647][T17719] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[ 1644.650176][T18289] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1644.650284][T18289] PKCS7: Only support pkcs7_signedData type
[ 1645.170383][T17719] usb 2-1: config 0 has an invalid interface number: 187 but max is 0
[ 1645.170412][T17719] usb 2-1: config 0 has no interface number 0
[ 1645.660160][ T6417] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[ 1646.175143][ T6417] usb 6-1: Using ep0 maxpacket: 16
[ 1646.236777][ T6417] usb 6-1: config 0 has an invalid interface number: 69 but max is 0
[ 1646.236973][ T6417] usb 6-1: config 0 has no interface number 0
[ 1646.321984][ T6417] usb 6-1: New USB device found, idVendor=05ac, idProduct=0274, bcdDevice=f9.c2
[ 1646.322370][ T6417] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1646.323143][ T6417] usb 6-1: Product: syz
[ 1646.323413][ T6417] usb 6-1: Manufacturer: syz
[ 1646.323814][ T6417] usb 6-1: SerialNumber: syz
[ 1646.648460][T17719] usb 2-1: string descriptor 0 read error: -71
[ 1646.648757][T17719] usb 2-1: New USB device found, idVendor=05ac, idProduct=0225, bcdDevice=f7.32
[ 1646.648826][T17719] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1646.886226][T17719] usb 2-1: config 0 descriptor??
[ 1647.106660][ T6417] usb 6-1: config 0 descriptor??
[ 1647.115635][T17719] usb 2-1: can't set config #0, error -71
[ 1647.161118][T17719] usb 2-1: USB disconnect, device number 7
[ 1647.201075][ T6417] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.69/input/input42
[ 1647.436367][ T5157] bcm5974 6-1:0.69: could not read from device
[ 1647.570216][ T5157] bcm5974 6-1:0.69: could not read from device
[ 1647.579063][ T6417] usb 6-1: USB disconnect, device number 15
[ 1648.144619][T18316] overlayfs: overlapping lowerdir path
[ 1648.310312][T14756] usb 9-1: new full-speed USB device number 9 using dummy_hcd
[ 1648.470839][T14756] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1648.470855][T14756] usb 9-1: config 0 has no interfaces?
[ 1648.470873][T14756] usb 9-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1648.470884][T14756] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1648.473860][T14756] usb 9-1: config 0 descriptor??
[ 1648.839352][ T6417] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[ 1649.233542][ T6417] usb 6-1: Using ep0 maxpacket: 32
[ 1649.251350][ T6417] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1649.251380][ T6417] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1649.251444][ T6417] usb 6-1: Product: syz
[ 1649.251459][ T6417] usb 6-1: Manufacturer: syz
[ 1649.251473][ T6417] usb 6-1: SerialNumber: syz
[ 1649.286099][T18342] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1649.286208][T18342] PKCS7: Only support pkcs7_signedData type
[ 1649.556684][ T6417] usb 6-1: config 0 descriptor??
[ 1649.618670][ T6417] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 1650.486812][ T6417] gspca_ov534_9: reg_w failed -71
[ 1650.769750][ T6417] gspca_ov534_9: Unknown sensor 0000
[ 1650.770608][ T6417] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22
[ 1650.841951][ T6417] usb 6-1: USB disconnect, device number 16
[ 1652.224338][T14756] usb 9-1: USB disconnect, device number 9
[ 1653.897348][ T6417] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1654.049268][ T6417] usb 5-1: Using ep0 maxpacket: 8
[ 1654.053457][ T6417] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1654.053493][ T6417] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1654.053518][ T6417] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1654.053542][ T6417] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1654.053583][ T6417] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1654.053605][ T6417] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1654.873675][ T6417] usb 5-1: GET_CAPABILITIES returned 0
[ 1654.873726][ T6417] usbtmc 5-1:16.0: can't read capabilities
[ 1655.089341][    C1] usbtmc 5-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[ 1655.094208][ T6417] usb 5-1: USB disconnect, device number 25
[ 1655.259372][T16260] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[ 1655.591850][T16260] usb 6-1: Using ep0 maxpacket: 32
[ 1656.097472][T16260] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1656.097503][T16260] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1656.097523][T16260] usb 6-1: Product: syz
[ 1656.097538][T16260] usb 6-1: Manufacturer: syz
[ 1656.097552][T16260] usb 6-1: SerialNumber: syz
[ 1656.178357][T16260] usb 6-1: config 0 descriptor??
[ 1656.208672][T16260] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 1656.249959][ T5820] Bluetooth: hci6: command 0x0406 tx timeout
[ 1656.250000][ T5820] Bluetooth: hci1: command 0x0406 tx timeout
[ 1656.590670][T16260] gspca_ov534_9: reg_w failed -71
[ 1656.778433][ T5815] usb 9-1: new full-speed USB device number 10 using dummy_hcd
[ 1656.888188][T18401] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1656.888248][T18401] PKCS7: Only support pkcs7_signedData type
[ 1657.052979][ T5815] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1657.053005][ T5815] usb 9-1: config 0 has no interfaces?
[ 1657.053080][ T5815] usb 9-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1657.053103][ T5815] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1657.629430][T16260] gspca_ov534_9: Unknown sensor 0000
[ 1657.629676][T16260] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22
[ 1657.661432][T16260] usb 6-1: USB disconnect, device number 17
[ 1657.892357][ T5815] usb 9-1: config 0 descriptor??
[ 1661.446467][T18245] usb 9-1: USB disconnect, device number 10
[ 1663.040254][T10130] Bluetooth: hci2: command 0x0406 tx timeout
[ 1663.855402][T18456] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1663.855507][T18456] PKCS7: Only support pkcs7_signedData type
[ 1668.838264][   T37] audit: type=1804 audit(1766424760.772:46): pid=18475 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.4.3367" name="bus" dev="ramfs" ino=61337 res=1 errno=0
[ 1668.899315][T14688] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[ 1669.059276][T14688] usb 2-1: Using ep0 maxpacket: 32
[ 1669.067841][T14688] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1669.067871][T14688] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1669.067890][T14688] usb 2-1: Product: syz
[ 1669.067904][T14688] usb 2-1: Manufacturer: syz
[ 1669.067917][T14688] usb 2-1: SerialNumber: syz
[ 1669.130983][T14688] usb 2-1: config 0 descriptor??
[ 1669.148545][T14688] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 1669.864761][T18486] ufs: You didn't specify the type of your ufs filesystem
[ 1669.864761][T18486] 
[ 1669.864761][T18486] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[ 1669.864761][T18486] 
[ 1669.864761][T18486] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[ 1669.864873][T18486] ufs: ufstype=old is supported read-only
[ 1670.674858][T14688] gspca_ov534_9: reg_w failed -110
[ 1672.169305][ T5815] usb 6-1: new full-speed USB device number 18 using dummy_hcd
[ 1672.399283][T14688] gspca_ov534_9: Unknown sensor 0000
[ 1672.399379][T14688] ov534_9 2-1:0.0: probe with driver ov534_9 failed with error -22
[ 1672.402437][T14688] usb 2-1: USB disconnect, device number 8
[ 1672.509342][ T5815] usb 6-1: device not accepting address 18, error -71
[ 1672.879321][ T5815] usb 6-1: new full-speed USB device number 19 using dummy_hcd
[ 1673.033929][ T5815] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1673.033986][ T5815] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[ 1673.034014][ T5815] usb 6-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1673.034040][ T5815] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1673.036462][ T5815] usb 6-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[ 1673.036489][ T5815] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1673.036509][ T5815] usb 6-1: Product: syz
[ 1673.036523][ T5815] usb 6-1: Manufacturer: syz
[ 1673.036537][ T5815] usb 6-1: SerialNumber: syz
[ 1673.061265][ T5815] usb 6-1: config 0 descriptor??
[ 1673.135740][ T5815] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 found
[ 1673.322650][ T5815] snd_usb_toneport 6-1:0.0: cannot get proper max packet size
[ 1673.363176][ T5815] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 now disconnected
[ 1673.365638][ T5815] snd_usb_toneport 6-1:0.0: probe with driver snd_usb_toneport failed with error -22
[ 1673.935271][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1673.935448][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1674.949359][ T5815] usb 6-1: USB disconnect, device number 19
[ 1678.467953][   T37] audit: type=1804 audit(1766424770.442:47): pid=18530 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.5.3379" name="bus" dev="ramfs" ino=61396 res=1 errno=0
[ 1680.404348][T14810] usb 4-1: new full-speed USB device number 22 using dummy_hcd
[ 1680.571580][T14810] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1680.571607][T14810] usb 4-1: config 0 has no interfaces?
[ 1680.571636][T14810] usb 4-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1680.571657][T14810] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1680.590762][T14810] usb 4-1: config 0 descriptor??
[ 1682.515722][T18572] ufs: You didn't specify the type of your ufs filesystem
[ 1682.515722][T18572] 
[ 1682.515722][T18572] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[ 1682.515722][T18572] 
[ 1682.515722][T18572] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[ 1682.515786][T18572] ufs: ufstype=old is supported read-only
[ 1683.425442][ T8175] usb 4-1: USB disconnect, device number 22
[ 1687.761749][T18613] ufs: You didn't specify the type of your ufs filesystem
[ 1687.761749][T18613] 
[ 1687.761749][T18613] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[ 1687.761749][T18613] 
[ 1687.761749][T18613] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[ 1687.762122][T18613] ufs: ufstype=old is supported read-only
[ 1688.720250][T18616] comedi comedi3: pcl816: I/O port conflict (0x101,16)
[ 1697.379358][T14721] usb 9-1: new full-speed USB device number 11 using dummy_hcd
[ 1697.601316][T14721] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1697.601344][T14721] usb 9-1: config 0 has no interfaces?
[ 1697.601374][T14721] usb 9-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1697.601397][T14721] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1697.620680][T14721] usb 9-1: config 0 descriptor??
[ 1697.702406][T18676] PKCS7: Unknown OID: [4] 2.19.13055.940354.15722
[ 1697.702425][T18676] PKCS7: Only support pkcs7_signedData type
[ 1700.191952][T14688] usb 9-1: USB disconnect, device number 11
[ 1702.379476][T18245] usb 5-1: new low-speed USB device number 26 using dummy_hcd
[ 1702.598265][T18245] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1702.598294][T18245] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1702.598545][T18245] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1702.598612][T18245] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1702.700524][T18245] usb 5-1: config 0 descriptor??
[ 1704.518410][T14810] usb 5-1: USB disconnect, device number 26
[ 1709.659370][  T992] usb 6-1: new full-speed USB device number 20 using dummy_hcd
[ 1709.811328][  T992] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1709.811355][  T992] usb 6-1: config 0 has no interfaces?
[ 1709.811384][  T992] usb 6-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1709.811406][  T992] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1709.816158][  T992] usb 6-1: config 0 descriptor??
[ 1714.839906][  T992] usb 6-1: USB disconnect, device number 20
[ 1716.429268][T18466] usb 6-1: new full-speed USB device number 21 using dummy_hcd
[ 1718.706865][T18466] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[ 1718.706900][T18466] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1718.706924][T18466] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1718.706946][T18466] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1718.754717][T18466] usb 6-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[ 1718.754749][T18466] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1718.754769][T18466] usb 6-1: Product: syz
[ 1718.754783][T18466] usb 6-1: Manufacturer: syz
[ 1718.754796][T18466] usb 6-1: SerialNumber: syz
[ 1718.798845][T18466] usb 6-1: config 0 descriptor??
[ 1718.825101][T18466] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 found
[ 1720.281456][T18466] snd_usb_toneport 6-1:0.0: set_interface failed
[ 1720.281734][T18466] snd_usb_toneport 6-1:0.0: Line 6 TonePort UX2 now disconnected
[ 1720.281935][T18466] snd_usb_toneport 6-1:0.0: probe with driver snd_usb_toneport failed with error -71
[ 1720.341813][T18466] usb 6-1: USB disconnect, device number 21
[ 1724.579943][T18245] usb 4-1: new full-speed USB device number 23 using dummy_hcd
[ 1724.831471][T18245] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1724.831501][T18245] usb 4-1: config 0 has no interfaces?
[ 1724.831531][T18245] usb 4-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1724.831554][T18245] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1724.875323][T18245] usb 4-1: config 0 descriptor??
[ 1728.874618][ T5815] usb 4-1: USB disconnect, device number 23
[ 1734.659948][T14688] usb 6-1: new full-speed USB device number 22 using dummy_hcd
[ 1734.871539][T14688] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[ 1734.871574][T14688] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1734.871600][T14688] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1734.871622][T14688] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1736.513749][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1736.513886][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1739.137626][T14688] usb 6-1: string descriptor 0 read error: -71
[ 1739.137774][T14688] usb 6-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[ 1739.137797][T14688] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1739.176136][T14688] usb 6-1: config 0 descriptor??
[ 1739.184672][T14688] usb 6-1: can't set config #0, error -71
[ 1739.211764][T14688] usb 6-1: USB disconnect, device number 22
[ 1739.499400][ T6268] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[ 1739.651929][ T6268] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1739.651955][ T6268] usb 2-1: config 0 has no interfaces?
[ 1739.651984][ T6268] usb 2-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1739.652007][ T6268] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1740.616007][ T6268] usb 2-1: config 0 descriptor??
[ 1741.506254][ T8175] usb 2-1: USB disconnect, device number 9
[ 1743.554908][T17053] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201'
[ 1743.554928][T17053] CPU: 0 UID: 0 PID: 17053 Comm: kworker/u9:2 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1743.554945][T17053] Tainted: [L]=SOFTLOCKUP
[ 1743.554950][T17053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1743.554958][T17053] Workqueue: hci5 hci_rx_work
[ 1743.554978][T17053] Call Trace:
[ 1743.554983][T17053]  <TASK>
[ 1743.554989][T17053]  dump_stack_lvl+0xe8/0x150
[ 1743.555009][T17053]  sysfs_create_dir_ns+0x259/0x280
[ 1743.555027][T17053]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1743.555045][T17053]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1743.555061][T17053]  ? rt_spin_unlock+0x161/0x200
[ 1743.555076][T17053]  kobject_add_internal+0x6b1/0xcd0
[ 1743.555094][T17053]  kobject_add+0x155/0x220
[ 1743.555108][T17053]  ? __pfx_kobject_add+0x10/0x10
[ 1743.555123][T17053]  ? get_device_parent+0x370/0x3a0
[ 1743.555139][T17053]  device_add+0x408/0xb80
[ 1743.555151][T17053]  hci_conn_add_sysfs+0xd5/0x210
[ 1743.555169][T17053]  le_conn_complete_evt+0xf1d/0x1420
[ 1743.555187][T17053]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1743.555199][T17053]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1743.555210][T17053]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1743.555222][T17053]  ? skb_pull_data+0xfb/0x200
[ 1743.555240][T17053]  hci_le_conn_complete_evt+0x187/0x480
[ 1743.555256][T17053]  hci_event_packet+0x78f/0x1260
[ 1743.555274][T17053]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1743.555287][T17053]  ? __pfx_hci_event_packet+0x10/0x10
[ 1743.555302][T17053]  ? rt_spin_unlock+0x150/0x200
[ 1743.555319][T17053]  ? hci_send_to_monitor+0xe2/0x590
[ 1743.555334][T17053]  hci_rx_work+0x3ee/0x1060
[ 1743.555348][T17053]  ? process_scheduled_works+0x9ef/0x1770
[ 1743.555362][T17053]  process_scheduled_works+0xad1/0x1770
[ 1743.555388][T17053]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1743.555399][T17053]  ? do_raw_spin_lock+0x121/0x290
[ 1743.555419][T17053]  worker_thread+0x8a0/0xda0
[ 1743.555438][T17053]  ? __kthread_parkme+0x7b/0x200
[ 1743.555455][T17053]  kthread+0x711/0x8a0
[ 1743.555471][T17053]  ? __pfx_worker_thread+0x10/0x10
[ 1743.555482][T17053]  ? __pfx_kthread+0x10/0x10
[ 1743.555494][T17053]  ? rt_spin_unlock+0x150/0x200
[ 1743.555510][T17053]  ? rt_spin_unlock+0x161/0x200
[ 1743.555521][T17053]  ? __pfx_kthread+0x10/0x10
[ 1743.555536][T17053]  ret_from_fork+0x510/0xa50
[ 1743.555550][T17053]  ? __pfx_ret_from_fork+0x10/0x10
[ 1743.555560][T17053]  ? __switch_to+0xc9e/0x1480
[ 1743.555582][T17053]  ? __pfx_kthread+0x10/0x10
[ 1743.555596][T17053]  ret_from_fork_asm+0x1a/0x30
[ 1743.555620][T17053]  </TASK>
[ 1743.555638][T17053] kobject: kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1743.555667][T17053] Bluetooth: hci5: failed to register connection device
[ 1749.819498][T10130] Bluetooth: hci5: command 0x0406 tx timeout
[ 1752.689338][   T56] usb 9-1: new full-speed USB device number 12 using dummy_hcd
[ 1752.842146][   T56] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1752.842173][   T56] usb 9-1: config 0 has no interfaces?
[ 1752.842205][   T56] usb 9-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1752.842230][   T56] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1752.892996][   T56] usb 9-1: config 0 descriptor??
[ 1754.076713][T17053] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 1754.076745][T17053] CPU: 1 UID: 0 PID: 17053 Comm: kworker/u9:2 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1754.076783][T17053] Tainted: [L]=SOFTLOCKUP
[ 1754.076792][T17053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1754.076806][T17053] Workqueue: hci0 hci_rx_work
[ 1754.076832][T17053] Call Trace:
[ 1754.076841][T17053]  <TASK>
[ 1754.076851][T17053]  dump_stack_lvl+0xe8/0x150
[ 1754.076884][T17053]  sysfs_create_dir_ns+0x259/0x280
[ 1754.076914][T17053]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1754.076944][T17053]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1754.076977][T17053]  ? rt_spin_unlock+0x161/0x200
[ 1754.077007][T17053]  kobject_add_internal+0x6b1/0xcd0
[ 1754.077039][T17053]  kobject_add+0x155/0x220
[ 1754.077067][T17053]  ? __pfx_kobject_add+0x10/0x10
[ 1754.077097][T17053]  ? get_device_parent+0x370/0x3a0
[ 1754.077124][T17053]  device_add+0x408/0xb80
[ 1754.077150][T17053]  hci_conn_add_sysfs+0xd5/0x210
[ 1754.077183][T17053]  le_conn_complete_evt+0xf1d/0x1420
[ 1754.077218][T17053]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1754.077244][T17053]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1754.077265][T17053]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1754.077287][T17053]  ? skb_pull_data+0xfb/0x200
[ 1754.077321][T17053]  hci_le_conn_complete_evt+0x187/0x480
[ 1754.077353][T17053]  hci_event_packet+0x78f/0x1260
[ 1754.077387][T17053]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1754.077414][T17053]  ? __pfx_hci_event_packet+0x10/0x10
[ 1754.077444][T17053]  ? rt_spin_unlock+0x150/0x200
[ 1754.077480][T17053]  ? hci_send_to_monitor+0xe2/0x590
[ 1754.077509][T17053]  hci_rx_work+0x3ee/0x1060
[ 1754.077536][T17053]  ? process_scheduled_works+0x9ef/0x1770
[ 1754.077562][T17053]  process_scheduled_works+0xad1/0x1770
[ 1754.077614][T17053]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1754.077635][T17053]  ? do_raw_spin_lock+0x121/0x290
[ 1754.077676][T17053]  worker_thread+0x8a0/0xda0
[ 1754.077713][T17053]  ? __kthread_parkme+0x7b/0x200
[ 1754.077748][T17053]  kthread+0x711/0x8a0
[ 1754.077784][T17053]  ? __pfx_worker_thread+0x10/0x10
[ 1754.077808][T17053]  ? __pfx_kthread+0x10/0x10
[ 1754.077842][T17053]  ? rt_spin_unlock+0x150/0x200
[ 1754.077873][T17053]  ? rt_spin_unlock+0x161/0x200
[ 1754.077898][T17053]  ? __pfx_kthread+0x10/0x10
[ 1754.077927][T17053]  ret_from_fork+0x510/0xa50
[ 1754.077953][T17053]  ? __pfx_ret_from_fork+0x10/0x10
[ 1754.077974][T17053]  ? __switch_to+0xc9e/0x1480
[ 1754.078009][T17053]  ? __pfx_kthread+0x10/0x10
[ 1754.078037][T17053]  ret_from_fork_asm+0x1a/0x30
[ 1754.078084][T17053]  </TASK>
[ 1754.078112][T17053] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1754.078149][T17053] Bluetooth: hci0: failed to register connection device
[ 1755.049889][  T992] usb 9-1: USB disconnect, device number 12
[ 1764.321280][T10130] Bluetooth: hci0: command 0x0406 tx timeout
[ 1766.380902][T18245] usb 5-1: new full-speed USB device number 27 using dummy_hcd
[ 1766.551733][T18245] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1766.551762][T18245] usb 5-1: config 0 has no interfaces?
[ 1766.551792][T18245] usb 5-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1766.551816][T18245] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1766.565878][T18245] usb 5-1: config 0 descriptor??
[ 1772.578669][T19131] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3516'.
[ 1773.138291][ T8175] usb 5-1: USB disconnect, device number 27
[ 1773.348939][T19136] NILFS (nullb0): couldn't find nilfs on the device
[ 1774.862673][T19155] fuse: Bad value for 'fd'
[ 1776.766807][T17053] Bluetooth: hci5: Ignoring HCI_Connection_Complete for existing connection
[ 1779.315649][T14810] usb 6-1: new full-speed USB device number 23 using dummy_hcd
[ 1780.296622][T14810] usb 6-1: device descriptor read/all, error -71
[ 1780.544631][T19202] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3536'.
[ 1780.983662][T19204] NILFS (nullb0): couldn't find nilfs on the device
[ 1784.613991][T17053] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[ 1784.929286][   T10] usb 6-1: new full-speed USB device number 25 using dummy_hcd
[ 1785.082589][   T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1785.082616][   T10] usb 6-1: config 0 has no interfaces?
[ 1785.082645][   T10] usb 6-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1785.082668][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1785.166366][   T10] usb 6-1: config 0 descriptor??
[ 1788.700287][T19270] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3550'.
[ 1790.043310][T19274] NILFS (nullb0): couldn't find nilfs on the device
[ 1790.297294][   T10] usb 6-1: USB disconnect, device number 25
[ 1792.333814][T19296] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3558'.
[ 1795.099285][   T10] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[ 1795.249232][   T10] usb 9-1: Using ep0 maxpacket: 8
[ 1795.253010][   T10] usb 9-1: config 0 has an invalid interface number: 24 but max is 0
[ 1795.253037][   T10] usb 9-1: config 0 has no interface number 0
[ 1795.291463][   T10] usb 9-1: New USB device found, idVendor=050d, idProduct=0122, bcdDevice=5b.65
[ 1795.291493][   T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1795.291513][   T10] usb 9-1: Product: syz
[ 1795.291527][   T10] usb 9-1: Manufacturer: syz
[ 1795.291541][   T10] usb 9-1: SerialNumber: syz
[ 1795.297182][   T10] usb 9-1: config 0 descriptor??
[ 1795.351541][T14661] usb 4-1: new full-speed USB device number 24 using dummy_hcd
[ 1795.741862][T14661] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1795.741891][T14661] usb 4-1: config 0 has no interfaces?
[ 1795.741920][T14661] usb 4-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1795.741943][T14661] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1796.392586][   T10] pegasus 9-1:0.24: probe with driver pegasus failed with error -32
[ 1796.550054][T14661] usb 4-1: config 0 descriptor??
[ 1796.765360][T10130] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[ 1796.765390][T10130] CPU: 0 UID: 0 PID: 10130 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1796.765419][T10130] Tainted: [L]=SOFTLOCKUP
[ 1796.765426][T10130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1796.765439][T10130] Workqueue: hci2 hci_rx_work
[ 1796.765467][T10130] Call Trace:
[ 1796.765475][T10130]  <TASK>
[ 1796.765485][T10130]  dump_stack_lvl+0xe8/0x150
[ 1796.765515][T10130]  sysfs_create_dir_ns+0x259/0x280
[ 1796.765543][T10130]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1796.765572][T10130]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1796.765602][T10130]  ? rt_spin_unlock+0x161/0x200
[ 1796.765628][T10130]  kobject_add_internal+0x6b1/0xcd0
[ 1796.765661][T10130]  kobject_add+0x155/0x220
[ 1796.765688][T10130]  ? __pfx_kobject_add+0x10/0x10
[ 1796.765719][T10130]  ? get_device_parent+0x370/0x3a0
[ 1796.765745][T10130]  device_add+0x408/0xb80
[ 1796.765769][T10130]  hci_conn_add_sysfs+0xd5/0x210
[ 1796.765803][T10130]  le_conn_complete_evt+0xf1d/0x1420
[ 1796.765837][T10130]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1796.765858][T10130]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1796.765874][T10130]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1796.765895][T10130]  ? skb_pull_data+0xfb/0x200
[ 1796.765929][T10130]  hci_le_conn_complete_evt+0x187/0x480
[ 1796.765959][T10130]  hci_event_packet+0x78f/0x1260
[ 1796.765992][T10130]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1796.766014][T10130]  ? __pfx_hci_event_packet+0x10/0x10
[ 1796.766039][T10130]  ? rt_spin_unlock+0x150/0x200
[ 1796.766073][T10130]  ? hci_send_to_monitor+0xe2/0x590
[ 1796.766101][T10130]  hci_rx_work+0x3ee/0x1060
[ 1796.766120][T10130]  ? preempt_schedule_thunk+0x16/0x30
[ 1796.766147][T10130]  ? process_scheduled_works+0x9ef/0x1770
[ 1796.766174][T10130]  process_scheduled_works+0xad1/0x1770
[ 1796.766226][T10130]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1796.766247][T10130]  ? do_raw_spin_lock+0x121/0x290
[ 1796.766287][T10130]  worker_thread+0x8a0/0xda0
[ 1796.766335][T10130]  kthread+0x711/0x8a0
[ 1796.766375][T10130]  ? __pfx_worker_thread+0x10/0x10
[ 1796.766398][T10130]  ? __pfx_kthread+0x10/0x10
[ 1796.766421][T10130]  ? rt_spin_unlock+0x150/0x200
[ 1796.766453][T10130]  ? rt_spin_unlock+0x161/0x200
[ 1796.766475][T10130]  ? __pfx_kthread+0x10/0x10
[ 1796.766502][T10130]  ret_from_fork+0x510/0xa50
[ 1796.766526][T10130]  ? __pfx_ret_from_fork+0x10/0x10
[ 1796.766546][T10130]  ? __switch_to+0xc9e/0x1480
[ 1796.766579][T10130]  ? __pfx_kthread+0x10/0x10
[ 1796.766606][T10130]  ret_from_fork_asm+0x1a/0x30
[ 1796.766650][T10130]  </TASK>
[ 1796.799231][T10130] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1796.799280][T10130] Bluetooth: hci2: failed to register connection device
[ 1796.810160][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1796.810228][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1797.000255][   T10] usb 9-1: USB disconnect, device number 13
[ 1799.509020][T10046] usb 4-1: USB disconnect, device number 24
[ 1801.140006][T10130] Bluetooth: hci5: Ignoring HCI_Connection_Complete for existing connection
[ 1803.021919][T17053] Bluetooth: hci2: command 0x0406 tx timeout
[ 1803.150188][ T5895] usb 4-1: new full-speed USB device number 25 using dummy_hcd
[ 1803.372874][ T5895] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1803.372955][ T5895] usb 4-1: config 0 has no interfaces?
[ 1803.372985][ T5895] usb 4-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1803.373062][ T5895] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1803.707888][ T5895] usb 4-1: config 0 descriptor??
[ 1805.100236][T10046] usb 4-1: USB disconnect, device number 25
[ 1805.169546][T19429] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3594'.
[ 1805.725463][T10130] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[ 1806.201064][T19434] syz.3.3595 (19434) used greatest stack depth: 16312 bytes left
[ 1807.069503][T19409] usb 4-1: new full-speed USB device number 26 using dummy_hcd
[ 1807.265369][T19409] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1807.265396][T19409] usb 4-1: config 0 has no interfaces?
[ 1807.265426][T19409] usb 4-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1807.265448][T19409] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1807.294708][T19409] usb 4-1: config 0 descriptor??
[ 1808.305887][ T5895] usb 4-1: USB disconnect, device number 26
[ 1810.718664][T10130] Bluetooth: hci6: Ignoring HCI_Connection_Complete for existing connection
[ 1813.759233][T14810] usb 9-1: new full-speed USB device number 14 using dummy_hcd
[ 1813.911483][T14810] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1813.911511][T14810] usb 9-1: config 0 has no interfaces?
[ 1813.911541][T14810] usb 9-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1813.911563][T14810] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1813.916490][T14810] usb 9-1: config 0 descriptor??
[ 1817.700215][T16320] usb 9-1: USB disconnect, device number 14
[ 1818.391472][T10130] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[ 1818.391538][T10130] CPU: 1 UID: 0 PID: 10130 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1818.391569][T10130] Tainted: [L]=SOFTLOCKUP
[ 1818.391576][T10130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1818.391590][T10130] Workqueue: hci1 hci_rx_work
[ 1818.391614][T10130] Call Trace:
[ 1818.391620][T10130]  <TASK>
[ 1818.391625][T10130]  dump_stack_lvl+0xe8/0x150
[ 1818.391643][T10130]  sysfs_create_dir_ns+0x259/0x280
[ 1818.391661][T10130]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1818.391677][T10130]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1818.391694][T10130]  ? rt_spin_unlock+0x161/0x200
[ 1818.391708][T10130]  kobject_add_internal+0x6b1/0xcd0
[ 1818.391726][T10130]  kobject_add+0x155/0x220
[ 1818.391740][T10130]  ? __pfx_kobject_add+0x10/0x10
[ 1818.391756][T10130]  ? get_device_parent+0x370/0x3a0
[ 1818.391770][T10130]  device_add+0x408/0xb80
[ 1818.391783][T10130]  hci_conn_add_sysfs+0xd5/0x210
[ 1818.391801][T10130]  le_conn_complete_evt+0xf1d/0x1420
[ 1818.391819][T10130]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1818.391836][T10130]  ? skb_pull_data+0xfb/0x200
[ 1818.391854][T10130]  hci_le_conn_complete_evt+0x187/0x480
[ 1818.391870][T10130]  hci_event_packet+0x78f/0x1260
[ 1818.391887][T10130]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1818.391901][T10130]  ? __pfx_hci_event_packet+0x10/0x10
[ 1818.391928][T10130]  ? hci_send_to_monitor+0xe2/0x590
[ 1818.391943][T10130]  hci_rx_work+0x3ee/0x1060
[ 1818.391955][T10130]  ? preempt_schedule_thunk+0x16/0x30
[ 1818.391969][T10130]  ? process_scheduled_works+0x9ef/0x1770
[ 1818.391983][T10130]  process_scheduled_works+0xad1/0x1770
[ 1818.392010][T10130]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1818.392021][T10130]  ? do_raw_spin_lock+0x121/0x290
[ 1818.392041][T10130]  worker_thread+0x8a0/0xda0
[ 1818.392068][T10130]  kthread+0x711/0x8a0
[ 1818.392083][T10130]  ? __pfx_worker_thread+0x10/0x10
[ 1818.392095][T10130]  ? __pfx_kthread+0x10/0x10
[ 1818.392107][T10130]  ? rt_spin_unlock+0x150/0x200
[ 1818.392122][T10130]  ? rt_spin_unlock+0x161/0x200
[ 1818.392134][T10130]  ? __pfx_kthread+0x10/0x10
[ 1818.392148][T10130]  ret_from_fork+0x510/0xa50
[ 1818.392161][T10130]  ? __pfx_ret_from_fork+0x10/0x10
[ 1818.392172][T10130]  ? __switch_to+0xc9e/0x1480
[ 1818.392192][T10130]  ? __pfx_kthread+0x10/0x10
[ 1818.392206][T10130]  ret_from_fork_asm+0x1a/0x30
[ 1818.392230][T10130]  </TASK>
[ 1818.451396][T10130] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1818.451533][T10130] Bluetooth: hci1: failed to register connection device
[ 1818.913944][T10130] ==================================================================
[ 1818.913965][T10130] BUG: KASAN: slab-use-after-free in l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1818.914077][T10130] Read of size 8 at addr ffff888039c737b0 by task kworker/u9:1/10130
[ 1818.914095][T10130] 
[ 1818.914111][T10130] CPU: 1 UID: 0 PID: 10130 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1818.914140][T10130] Tainted: [L]=SOFTLOCKUP
[ 1818.914148][T10130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1818.914163][T10130] Workqueue: hci1 hci_rx_work
[ 1818.914184][T10130] Call Trace:
[ 1818.914192][T10130]  <TASK>
[ 1818.914202][T10130]  dump_stack_lvl+0xe8/0x150
[ 1818.914231][T10130]  print_report+0xca/0x240
[ 1818.914271][T10130]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1818.914301][T10130]  kasan_report+0x118/0x150
[ 1818.914346][T10130]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1818.914380][T10130]  l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1818.914412][T10130]  l2cap_connect_cfm+0x367/0x10e0
[ 1818.914443][T10130]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1818.914470][T10130]  ? _raw_spin_unlock_irqrestore+0x74/0x80
[ 1818.914491][T10130]  ? mutex_lock_nested+0x154/0x1d0
[ 1818.914515][T10130]  ? hci_connect_cfm+0x2c/0x140
[ 1818.914537][T10130]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1818.914563][T10130]  hci_connect_cfm+0x95/0x140
[ 1818.914587][T10130]  le_conn_complete_evt+0xf65/0x1420
[ 1818.914616][T10130]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1818.914643][T10130]  ? skb_pull_data+0xfb/0x200
[ 1818.914673][T10130]  hci_le_conn_complete_evt+0x187/0x480
[ 1818.914700][T10130]  hci_event_packet+0x78f/0x1260
[ 1818.914732][T10130]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1818.914755][T10130]  ? __pfx_hci_event_packet+0x10/0x10
[ 1818.914788][T10130]  ? hci_send_to_monitor+0xe2/0x590
[ 1818.914816][T10130]  hci_rx_work+0x3ee/0x1060
[ 1818.914835][T10130]  ? preempt_schedule_thunk+0x16/0x30
[ 1818.914857][T10130]  ? process_scheduled_works+0x9ef/0x1770
[ 1818.914890][T10130]  process_scheduled_works+0xad1/0x1770
[ 1818.914926][T10130]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1818.914947][T10130]  ? do_raw_spin_lock+0x121/0x290
[ 1818.914978][T10130]  worker_thread+0x8a0/0xda0
[ 1818.915013][T10130]  kthread+0x711/0x8a0
[ 1818.915041][T10130]  ? __pfx_worker_thread+0x10/0x10
[ 1818.915063][T10130]  ? __pfx_kthread+0x10/0x10
[ 1818.915087][T10130]  ? rt_spin_unlock+0x150/0x200
[ 1818.915115][T10130]  ? rt_spin_unlock+0x161/0x200
[ 1818.915139][T10130]  ? __pfx_kthread+0x10/0x10
[ 1818.915165][T10130]  ret_from_fork+0x510/0xa50
[ 1818.915187][T10130]  ? __pfx_ret_from_fork+0x10/0x10
[ 1818.915207][T10130]  ? __switch_to+0xc9e/0x1480
[ 1818.915238][T10130]  ? __pfx_kthread+0x10/0x10
[ 1818.915264][T10130]  ret_from_fork_asm+0x1a/0x30
[ 1818.915300][T10130]  </TASK>
[ 1818.915308][T10130] 
[ 1818.915313][T10130] Allocated by task 10130:
[ 1818.915323][T10130]  kasan_save_track+0x3e/0x80
[ 1818.915348][T10130]  __kasan_kmalloc+0x93/0xb0
[ 1818.915373][T10130]  __kmalloc_noprof+0x23e/0x7e0
[ 1818.915416][T10130]  sk_prot_alloc+0xe7/0x220
[ 1818.915477][T10130]  sk_alloc+0x3a/0x390
[ 1818.915495][T10130]  bt_sock_alloc+0x3b/0x310
[ 1818.915545][T10130]  l2cap_sock_new_connection_cb+0xe2/0x2e0
[ 1818.915573][T10130]  l2cap_connect_cfm+0x367/0x10e0
[ 1818.915597][T10130]  hci_connect_cfm+0x95/0x140
[ 1818.915616][T10130]  le_conn_complete_evt+0xf65/0x1420
[ 1818.915637][T10130]  hci_le_conn_complete_evt+0x187/0x480
[ 1818.915656][T10130]  hci_event_packet+0x78f/0x1260
[ 1818.915683][T10130]  hci_rx_work+0x3ee/0x1060
[ 1818.915698][T10130]  process_scheduled_works+0xad1/0x1770
[ 1818.915717][T10130]  worker_thread+0x8a0/0xda0
[ 1818.915736][T10130]  kthread+0x711/0x8a0
[ 1818.915759][T10130]  ret_from_fork+0x510/0xa50
[ 1818.915777][T10130]  ret_from_fork_asm+0x1a/0x30
[ 1818.915802][T10130] 
[ 1818.915808][T10130] Freed by task 19568:
[ 1818.915818][T10130]  kasan_save_track+0x3e/0x80
[ 1818.915841][T10130]  kasan_save_free_info+0x46/0x50
[ 1818.915861][T10130]  __kasan_slab_free+0x5c/0x80
[ 1818.915894][T10130]  kfree+0x1bd/0x900
[ 1818.915916][T10130]  __sk_destruct+0x626/0x880
[ 1818.915937][T10130]  l2cap_sock_cleanup_listen+0xe0/0x450
[ 1818.915963][T10130]  l2cap_sock_release+0x6e/0x270
[ 1818.915987][T10130]  sock_close+0xc3/0x240
[ 1818.916046][T10130]  __fput+0x45b/0xa80
[ 1818.916070][T10130]  task_work_run+0x1d4/0x260
[ 1818.916096][T10130]  get_signal+0x11c4/0x1310
[ 1818.916114][T10130]  arch_do_signal_or_restart+0x9a/0x7a0
[ 1818.916140][T10130]  exit_to_user_mode_loop+0x87/0x4e0
[ 1818.916179][T10130]  do_syscall_64+0x2b7/0xf80
[ 1818.916226][T10130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1818.916259][T10130] 
[ 1818.916265][T10130] The buggy address belongs to the object at ffff888039c73000
[ 1818.916265][T10130]  which belongs to the cache kmalloc-2k of size 2048
[ 1818.916283][T10130] The buggy address is located 1968 bytes inside of
[ 1818.916283][T10130]  freed 2048-byte region [ffff888039c73000, ffff888039c73800)
[ 1818.916305][T10130] 
[ 1818.916310][T10130] The buggy address belongs to the physical page:
[ 1818.916329][T10130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x39c70
[ 1818.916348][T10130] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1818.916365][T10130] flags: 0x80000000000040(head|node=0|zone=1)
[ 1818.916387][T10130] page_type: f5(slab)
[ 1818.916406][T10130] raw: 0080000000000040 ffff88813ff27000 dead000000000100 dead000000000122
[ 1818.916424][T10130] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 1818.916443][T10130] head: 0080000000000040 ffff88813ff27000 dead000000000100 dead000000000122
[ 1818.916461][T10130] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000
[ 1818.916479][T10130] head: 0080000000000003 ffffea0000e71c01 00000000ffffffff 00000000ffffffff
[ 1818.916496][T10130] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008
[ 1818.916507][T10130] page dumped because: kasan: bad access detected
[ 1818.916518][T10130] page_owner tracks the page as allocated
[ 1818.916526][T10130] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 31, tgid 31 (kworker/1:0), ts 500460313954, free_ts 500440213194
[ 1818.916562][T10130]  post_alloc_hook+0x234/0x290
[ 1818.916588][T10130]  get_page_from_freelist+0x28c0/0x2960
[ 1818.916606][T10130]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1818.916624][T10130]  alloc_pages_mpol+0xd1/0x380
[ 1818.916640][T10130]  allocate_slab+0x86/0x3b0
[ 1818.916660][T10130]  ___slab_alloc+0xb10/0x13e0
[ 1818.916678][T10130]  __slab_alloc+0xc6/0x1f0
[ 1818.916693][T10130]  __kmalloc_node_track_caller_noprof+0x2bf/0x810
[ 1818.916716][T10130]  kmalloc_reserve+0x136/0x290
[ 1818.916733][T10130]  __alloc_skb+0x204/0x3a0
[ 1818.916748][T10130]  mld_newpack+0x13c/0xc40
[ 1818.916849][T10130]  add_grhead+0x5a/0x2a0
[ 1818.916863][T10130]  add_grec+0x1452/0x1740
[ 1818.916896][T10130]  mld_send_initial_cr+0x288/0x550
[ 1818.916921][T10130]  mld_dad_work+0x46/0x490
[ 1818.916946][T10130]  process_scheduled_works+0xad1/0x1770
[ 1818.916966][T10130] page last free pid 5994 tgid 5994 stack trace:
[ 1818.916979][T10130]  __free_frozen_pages+0xfe1/0x1170
[ 1818.917004][T10130]  __put_partials+0x149/0x170
[ 1818.917023][T10130]  __slab_free+0x2af/0x330
[ 1818.917043][T10130]  qlist_free_all+0x97/0x100
[ 1818.917065][T10130]  kasan_quarantine_reduce+0x148/0x160
[ 1818.917089][T10130]  __kasan_slab_alloc+0x22/0x80
[ 1818.917114][T10130]  __kmalloc_cache_noprof+0x18d/0x6d0
[ 1818.917138][T10130]  nsim_fib_event+0xc88/0x8960
[ 1818.917207][T10130]  nsim_fib_event_work+0x26b/0x3e0
[ 1818.917258][T10130]  process_scheduled_works+0xad1/0x1770
[ 1818.917278][T10130]  worker_thread+0x8a0/0xda0
[ 1818.917297][T10130]  kthread+0x711/0x8a0
[ 1818.917319][T10130]  ret_from_fork+0x510/0xa50
[ 1818.917334][T10130]  ret_from_fork_asm+0x1a/0x30
[ 1818.917356][T10130] 
[ 1818.917361][T10130] Memory state around the buggy address:
[ 1818.917370][T10130]  ffff888039c73680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1818.917382][T10130]  ffff888039c73700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1818.917394][T10130] >ffff888039c73780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1818.917404][T10130]                                      ^
[ 1818.917414][T10130]  ffff888039c73800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1818.917426][T10130]  ffff888039c73880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1818.917436][T10130] ==================================================================
[ 1818.917962][T10130] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1818.917986][T10130] CPU: 0 UID: 0 PID: 10130 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1818.918015][T10130] Tainted: [L]=SOFTLOCKUP
[ 1818.918022][T10130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1818.918035][T10130] Workqueue: hci1 hci_rx_work
[ 1818.918056][T10130] Call Trace:
[ 1818.918064][T10130]  <TASK>
[ 1818.918073][T10130]  vpanic+0x1e0/0x670
[ 1818.918101][T10130]  panic+0xb9/0xc0
[ 1818.918131][T10130]  ? __pfx_panic+0x10/0x10
[ 1818.918157][T10130]  ? preempt_schedule_thunk+0x16/0x30
[ 1818.918178][T10130]  ? preempt_schedule_thunk+0x16/0x30
[ 1818.918197][T10130]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1818.918225][T10130]  check_panic_on_warn+0x89/0xb0
[ 1818.918266][T10130]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1818.918293][T10130]  end_report+0x6f/0x140
[ 1818.918317][T10130]  kasan_report+0x129/0x150
[ 1818.918347][T10130]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1818.918380][T10130]  l2cap_sock_new_connection_cb+0x1f9/0x2e0
[ 1818.918409][T10130]  l2cap_connect_cfm+0x367/0x10e0
[ 1818.918437][T10130]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1818.918462][T10130]  ? _raw_spin_unlock_irqrestore+0x74/0x80
[ 1818.918482][T10130]  ? mutex_lock_nested+0x154/0x1d0
[ 1818.918501][T10130]  ? hci_connect_cfm+0x2c/0x140
[ 1818.918513][T10130]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1818.918527][T10130]  hci_connect_cfm+0x95/0x140
[ 1818.918539][T10130]  le_conn_complete_evt+0xf65/0x1420
[ 1818.918555][T10130]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1818.918568][T10130]  ? skb_pull_data+0xfb/0x200
[ 1818.918584][T10130]  hci_le_conn_complete_evt+0x187/0x480
[ 1818.918597][T10130]  hci_event_packet+0x78f/0x1260
[ 1818.918613][T10130]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1818.918624][T10130]  ? __pfx_hci_event_packet+0x10/0x10
[ 1818.918641][T10130]  ? hci_send_to_monitor+0xe2/0x590
[ 1818.918655][T10130]  hci_rx_work+0x3ee/0x1060
[ 1818.918671][T10130]  ? preempt_schedule_thunk+0x16/0x30
[ 1818.918688][T10130]  ? process_scheduled_works+0x9ef/0x1770
[ 1818.918706][T10130]  process_scheduled_works+0xad1/0x1770
[ 1818.918728][T10130]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1818.918740][T10130]  ? do_raw_spin_lock+0x121/0x290
[ 1818.918758][T10130]  worker_thread+0x8a0/0xda0
[ 1818.918777][T10130]  kthread+0x711/0x8a0
[ 1818.918795][T10130]  ? __pfx_worker_thread+0x10/0x10
[ 1818.918809][T10130]  ? __pfx_kthread+0x10/0x10
[ 1818.918825][T10130]  ? rt_spin_unlock+0x150/0x200
[ 1818.918841][T10130]  ? rt_spin_unlock+0x161/0x200
[ 1818.918854][T10130]  ? __pfx_kthread+0x10/0x10
[ 1818.918873][T10130]  ret_from_fork+0x510/0xa50
[ 1818.918888][T10130]  ? __pfx_ret_from_fork+0x10/0x10
[ 1818.918901][T10130]  ? __switch_to+0xc9e/0x1480
[ 1818.918917][T10130]  ? __pfx_kthread+0x10/0x10
[ 1818.918933][T10130]  ret_from_fork_asm+0x1a/0x30
[ 1818.918954][T10130]  </TASK>
[ 1818.919301][T10130] Kernel Offset: disabled