last executing test programs:

5.561682535s ago: executing program 3 (id=4):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ipvlan0\x00', <r1=>0x0})
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet_sctp(r3, &(0x7f0000002a00)=[{&(0x7f0000000100)=@in={0x2, 0x0, @private=0xa010100}, 0x10, &(0x7f0000000440)=[{&(0x7f0000000140)="dc", 0x1}], 0x1, &(0x7f0000000580)=ANY=[@ANYBLOB="30000000000000008400000001000000000000af7a00020000000000000000000400"/44, @ANYRES32=0x0, @ANYBLOB="1800000000000000840000000500"], 0x48}], 0x1, 0x40)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x1, 0x0, 0x0, 0x0, {0xa, 0xfffe, 0x0, @local}}}, 0x32)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_pressure(r5, &(0x7f0000000040)='io.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r6, &(0x7f0000000340)={'some', 0x20, 0x6, 0x20, 0x101}, 0x2f)
r7 = openat$cgroup_pressure(r5, &(0x7f00000000c0)='io.pressure\x00', 0x2, 0x0)
ppoll(&(0x7f0000000180)=[{r6}], 0x1, 0x0, 0x0, 0x0)
r8 = socket$inet6_udplite(0xa, 0x2, 0x88)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r9, 0x0)
sendmmsg$inet(r8, &(0x7f0000001580)=[{{&(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x28}, @initdev={0xac, 0x1e, 0x1, 0x0}}}}], 0x20}}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000280)='A', 0x1}, {&(0x7f0000002700)='^', 0x1}], 0x2}}], 0x2, 0x48040)
write$cgroup_pressure(r7, &(0x7f0000000340)={'some', 0x20, 0x4, 0x20, 0xffffa}, 0x2f)
close(r6)
close(r7)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f00000001c0)=@pppol2tpin6={0x18, 0x1, {0x0, r10, 0x4, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x32)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1e000000000000000c0000000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000052b4092dfbb12199b20b3484c44712fb1268c9aedb6890fc6fcabea6e9cb6bfcd3760ea02af1d230328a97a5d4a88467e2df6be349081e7055694fb46aff8a3ae4c2a89a8a4cd88e3a2c3c9d0316a8929819bfbce3857cec3c1e747a095e4377b3a009c1e5bdc7abd4e9047c301dabe1534a732de4fb00"], 0x31)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r11, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r12 = gettid()
r13 = socket(0x10, 0x803, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
sendmsg$nl_route(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010000304f9ffbffffedbdf2500007400", @ANYRES32=r1, @ANYBLOB="049c01000750050008001300", @ANYRES32=r12, @ANYRES64=r0], 0x3c}, 0x1, 0x0, 0x0, 0x4802}, 0x0)

5.466839772s ago: executing program 1 (id=2):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720a20fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407030000060000001d440000000000006b0a20fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6"], 0x0}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000001100"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xf}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)

5.183288644s ago: executing program 1 (id=6):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071108700000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b46"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0xb, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$vbi(0x0, 0x2, 0x2)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
mount(&(0x7f0000000000)=@nullb, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='cramfs\x00', 0x800, 0x0)
ioctl$UFFDIO_MOVE(r2, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000fee000/0xf000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0xf000, 0x2})
ioctl$VIDIOC_QUERY_EXT_CTRL(r1, 0xc0e85667, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="504a000090780000"], 0x0)
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0)
set_mempolicy(0x3, &(0x7f00000000c0)=0x3, 0x5)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_tcp_int(r5, 0x6, 0x24, &(0x7f0000000000)=0x4, 0x4)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x44090}, 0x0)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)

4.040439529s ago: executing program 3 (id=7):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000a00)=ANY=[@ANYBLOB="120100000c9768405e0483020b9901e402010902"], 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r6 = socket$inet(0x2, 0x801, 0x0)
bind$inet(r6, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
setsockopt$packet_drop_memb(r2, 0x107, 0x2, &(0x7f0000000280)={0x0, 0x1, 0x6, @remote}, 0x10)
sendto$inet(r6, &(0x7f00000000c0)="e1", 0x1, 0x810, 0x0, 0x0)
pipe2(&(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
splice(r6, 0x0, r7, 0x0, 0x7ffff000, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @empty}, 0x10)

3.828071175s ago: executing program 1 (id=8):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000380)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2c2b01, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x8000000, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x9, 0xa6a, 0x6361, 0x805, 0x9, 0x9}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20008050}, 0x10)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newqdisc={0x32, 0x24, 0x4ee4e6a52ff56441, 0x70bd29, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0x11}, {0xffe6, 0xb}, {0xb, 0x4}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x34, 0x2, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xa47c}, @TCA_FQ_PIE_BYTEMODE={0x8, 0xb, 0x1}, @TCA_FQ_PIE_QUANTUM={0x8, 0x7, 0x9}, @TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x2}, @TCA_FQ_PIE_LIMIT={0x8, 0x1, 0x1}, @TCA_FQ_PIE_ECN_PROB={0x8, 0x9, 0x5f}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x30004061}, 0x4000000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="12000000050000000800000009"], 0x50)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x1c, 0x20000000000000bb, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r8, 0x1, 0x32, &(0x7f0000000040)=r9, 0x4)
sendmsg$nl_xfrm(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="00010000160001"], 0x100}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x8, 0x7fe2, 0x1}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004000000040040"], 0x48)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x40, 0x3, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x2c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}]}, 0x40}}, 0x8000)

3.579598143s ago: executing program 0 (id=1):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet_sctp(r0, &(0x7f0000002a00)=[{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000140)="dc", 0x1}], 0x1, &(0x7f0000000580)=ANY=[@ANYBLOB="30000000000000008400000001000000000000af7a00", @ANYRES32=0x0, @ANYBLOB="18000000000000008400000005"], 0x48}], 0x1, 0x40)

3.415345879s ago: executing program 0 (id=9):
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f0000000240)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xffffffffffffff6b, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)

1.592635011s ago: executing program 0 (id=10):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x15)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0}, 0x18)
listen(0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000000000000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0x98, &(0x7f0000000000)=""/152}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.198370727s ago: executing program 2 (id=3):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f00)={'ip6_vti0\x00', &(0x7f0000000040)=@ethtool_perm_addr={0x4b, 0xb, "2604ca6f7821b51c1801c6"}})

0s ago: executing program 0 (id=11):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0xc0145b0e, &(0x7f0000000040))

kernel console output (not intermixed with test programs):

[   86.887818][  T993] cfg80211: failed to load regulatory.db
Warning: Permanently added '10.128.0.81' (ED25519) to the list of known hosts.
[   91.127394][ T5788] cgroup: Unknown subsys name 'net'
[   91.419464][ T5788] cgroup: Unknown subsys name 'cpuset'
[   91.484094][ T5788] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   93.387924][ T5788] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   97.798949][ T5811] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   97.802161][ T5811] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   97.822767][ T5811] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   97.830864][ T5811] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   97.833975][ T5811] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   97.834900][ T5811] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   97.851472][ T5814] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   97.863845][ T5814] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   97.865228][ T5814] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   97.867425][ T5814] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   97.868992][ T5814] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   97.958116][ T5814] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   97.966604][ T5814] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   97.983787][ T5814] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   97.993165][ T5814] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   98.009292][ T5821] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   98.016600][ T5816] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   98.025539][ T5816] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   98.030167][ T5821] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   98.037505][ T5823] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   98.042166][ T5823] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   98.042740][ T5823] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   98.044793][ T5823] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   98.045810][ T5823] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   98.078528][ T5119] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   98.936512][ T5807] chnl_net:caif_netlink_parms(): no params data found
[   99.042759][ T5805] chnl_net:caif_netlink_parms(): no params data found
[   99.185029][ T5806] chnl_net:caif_netlink_parms(): no params data found
[   99.357686][ T5808] chnl_net:caif_netlink_parms(): no params data found
[   99.387934][ T5812] chnl_net:caif_netlink_parms(): no params data found
[   99.845211][ T5823] Bluetooth: hci0: command tx timeout
[   99.916373][ T5807] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.917046][ T5807] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.917511][ T5807] bridge_slave_0: entered allmulticast mode
[   99.919584][ T5807] bridge_slave_0: entered promiscuous mode
[   99.923555][ T5823] Bluetooth: hci2: command tx timeout
[  100.025525][ T5807] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.025667][ T5807] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.025934][ T5807] bridge_slave_1: entered allmulticast mode
[  100.028588][ T5807] bridge_slave_1: entered promiscuous mode
[  100.083701][ T5823] Bluetooth: hci1: command tx timeout
[  100.144510][ T5805] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.144639][ T5805] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.144771][ T5805] bridge_slave_0: entered allmulticast mode
[  100.146675][ T5805] bridge_slave_0: entered promiscuous mode
[  100.163611][ T5818] Bluetooth: hci3: command tx timeout
[  100.163908][ T5823] Bluetooth: hci4: command tx timeout
[  100.294751][ T5805] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.294962][ T5805] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.295150][ T5805] bridge_slave_1: entered allmulticast mode
[  100.297232][ T5805] bridge_slave_1: entered promiscuous mode
[  100.444621][ T5806] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.444728][ T5806] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.444858][ T5806] bridge_slave_0: entered allmulticast mode
[  100.446684][ T5806] bridge_slave_0: entered promiscuous mode
[  100.568166][ T5807] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.644708][ T5806] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.644863][ T5806] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.645047][ T5806] bridge_slave_1: entered allmulticast mode
[  100.647205][ T5806] bridge_slave_1: entered promiscuous mode
[  100.768608][ T5807] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.768872][ T5808] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.768998][ T5808] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.769128][ T5808] bridge_slave_0: entered allmulticast mode
[  100.771005][ T5808] bridge_slave_0: entered promiscuous mode
[  100.847598][ T5805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.848391][ T5812] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.848560][ T5812] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.848719][ T5812] bridge_slave_0: entered allmulticast mode
[  100.850938][ T5812] bridge_slave_0: entered promiscuous mode
[  100.934619][ T5808] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.934735][ T5808] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.934880][ T5808] bridge_slave_1: entered allmulticast mode
[  100.936735][ T5808] bridge_slave_1: entered promiscuous mode
[  100.998781][ T5805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.999038][ T5812] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.999146][ T5812] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.999274][ T5812] bridge_slave_1: entered allmulticast mode
[  101.001177][ T5812] bridge_slave_1: entered promiscuous mode
[  101.318799][ T5806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  101.446658][ T5807] team0: Port device team_slave_0 added
[  101.528238][ T5806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  101.687086][ T5807] team0: Port device team_slave_1 added
[  101.691359][ T5808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  101.786240][ T5805] team0: Port device team_slave_0 added
[  101.790021][ T5812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  101.867110][ T5808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  101.923623][ T5823] Bluetooth: hci0: command tx timeout
[  101.947081][ T5805] team0: Port device team_slave_1 added
[  101.950108][ T5812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.006537][ T5823] Bluetooth: hci2: command tx timeout
[  102.127217][ T5806] team0: Port device team_slave_0 added
[  102.163722][ T5823] Bluetooth: hci1: command tx timeout
[  102.243779][ T5818] Bluetooth: hci3: command tx timeout
[  102.243882][ T5823] Bluetooth: hci4: command tx timeout
[  102.266190][ T5807] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.266204][ T5807] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.266223][ T5807] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.346540][ T5806] team0: Port device team_slave_1 added
[  102.675303][ T5807] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.675321][ T5807] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.675350][ T5807] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.755831][ T5808] team0: Port device team_slave_0 added
[  102.758153][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.758164][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.758183][ T5805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.760677][ T5812] team0: Port device team_slave_0 added
[  102.846192][ T5808] team0: Port device team_slave_1 added
[  102.847249][ T5805] batman_adv: batadv0: Adding interface: batadv_slave_1
[  102.847274][ T5805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.847293][ T5805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  102.850686][ T5812] team0: Port device team_slave_1 added
[  102.854443][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.854460][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  102.854491][ T5806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  103.016182][ T5806] batman_adv: batadv0: Adding interface: batadv_slave_1
[  103.016195][ T5806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  103.016215][ T5806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  103.322293][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_0
[  103.322311][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  103.322330][ T5808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  103.326831][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_0
[  103.326848][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  103.326881][ T5812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  103.417102][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_1
[  103.417119][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  103.417140][ T5808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  103.495746][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_1
[  103.495764][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  103.495792][ T5812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  103.549368][ T5807] hsr_slave_0: entered promiscuous mode
[  103.550550][ T5807] hsr_slave_1: entered promiscuous mode
[  103.722039][ T5805] hsr_slave_0: entered promiscuous mode
[  103.723066][ T5805] hsr_slave_1: entered promiscuous mode
[  103.725038][ T5805] debugfs: 'hsr0' already exists in 'hsr'
[  103.725174][ T5805] Cannot create hsr debugfs directory
[  103.871649][ T5806] hsr_slave_0: entered promiscuous mode
[  103.872690][ T5806] hsr_slave_1: entered promiscuous mode
[  103.875191][ T5806] debugfs: 'hsr0' already exists in 'hsr'
[  103.875219][ T5806] Cannot create hsr debugfs directory
[  104.013615][ T5823] Bluetooth: hci0: command tx timeout
[  104.083641][ T5823] Bluetooth: hci2: command tx timeout
[  104.243611][ T5823] Bluetooth: hci1: command tx timeout
[  104.323612][ T5818] Bluetooth: hci3: command tx timeout
[  104.323786][ T5823] Bluetooth: hci4: command tx timeout
[  104.348207][ T5808] hsr_slave_0: entered promiscuous mode
[  104.349150][ T5808] hsr_slave_1: entered promiscuous mode
[  104.349884][ T5808] debugfs: 'hsr0' already exists in 'hsr'
[  104.349909][ T5808] Cannot create hsr debugfs directory
[  104.360589][ T5812] hsr_slave_0: entered promiscuous mode
[  104.362186][ T5812] hsr_slave_1: entered promiscuous mode
[  104.365681][ T5812] debugfs: 'hsr0' already exists in 'hsr'
[  104.365710][ T5812] Cannot create hsr debugfs directory
[  105.934727][ T5807] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  105.970637][ T5807] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  106.010585][ T5807] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  106.061998][ T5807] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  106.083559][ T5823] Bluetooth: hci0: command tx timeout
[  106.162397][ T5805] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  106.163619][ T5823] Bluetooth: hci2: command tx timeout
[  106.208329][ T5805] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  106.248076][ T5805] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  106.306706][ T5805] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  106.323695][ T5823] Bluetooth: hci1: command tx timeout
[  106.403779][ T5818] Bluetooth: hci3: command tx timeout
[  106.403839][ T5823] Bluetooth: hci4: command tx timeout
[  106.445140][ T5806] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  106.480573][ T5806] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  106.510976][ T5806] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  106.558151][ T5806] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  106.698622][ T5808] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  106.733559][ T5808] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  106.768678][ T5808] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  106.817315][ T5808] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  106.946637][ T5812] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  106.993567][ T5807] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.998879][ T5812] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  107.042337][ T5812] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  107.072433][ T5812] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  107.151383][ T5807] 8021q: adding VLAN 0 to HW filter on device team0
[  107.171450][ T5805] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.190139][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.190355][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.235676][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.236145][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.284370][ T5805] 8021q: adding VLAN 0 to HW filter on device team0
[  107.320885][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.321462][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.353241][ T5806] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.372004][ T3564] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.372151][ T3564] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.459629][ T5806] 8021q: adding VLAN 0 to HW filter on device team0
[  107.481229][ T5808] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.509379][   T69] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.509544][   T69] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.570299][   T69] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.570540][   T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.622284][ T5808] 8021q: adding VLAN 0 to HW filter on device team0
[  107.636709][ T5812] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.671823][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.671997][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.737240][   T69] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.743653][   T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.792337][ T5812] 8021q: adding VLAN 0 to HW filter on device team0
[  107.822993][ T1222] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.823141][ T1222] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.896707][ T4224] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.896853][ T4224] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.068133][ T5807] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.188486][ T5805] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.360025][ T5807] veth0_vlan: entered promiscuous mode
[  108.432560][ T5807] veth1_vlan: entered promiscuous mode
[  108.493014][ T5806] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.499146][ T5805] veth0_vlan: entered promiscuous mode
[  108.578033][ T5805] veth1_vlan: entered promiscuous mode
[  108.605574][ T5808] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.673150][ T5807] veth0_macvtap: entered promiscuous mode
[  108.693142][ T5807] veth1_macvtap: entered promiscuous mode
[  108.717987][ T5812] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.785437][ T5805] veth0_macvtap: entered promiscuous mode
[  108.809221][ T5807] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.826054][ T5805] veth1_macvtap: entered promiscuous mode
[  108.843009][ T5807] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.906779][ T5808] veth0_vlan: entered promiscuous mode
[  108.911427][ T3564] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.939043][ T3564] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.954477][ T3564] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.978132][   T43] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.006168][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.040007][ T5808] veth1_vlan: entered promiscuous mode
[  109.086394][ T5805] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.146626][ T5812] veth0_vlan: entered promiscuous mode
[  109.217356][ T1222] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.227856][ T1222] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.234244][ T1222] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.242475][ T1222] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.250100][ T5812] veth1_vlan: entered promiscuous mode
[  109.448918][ T5808] veth0_macvtap: entered promiscuous mode
[  109.475607][   T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.475626][   T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.480962][ T5806] veth0_vlan: entered promiscuous mode
[  109.510275][ T5808] veth1_macvtap: entered promiscuous mode
[  109.572919][   T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.572941][   T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.600426][ T5806] veth1_vlan: entered promiscuous mode
[  109.647896][ T5812] veth0_macvtap: entered promiscuous mode
[  109.658254][   T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.658276][   T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.708963][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.739762][ T5812] veth1_macvtap: entered promiscuous mode
[  109.762329][ T4224] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.762350][ T4224] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.779724][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.820793][   T43] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.822539][   T43] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.825763][   T43] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.830322][   T43] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.862564][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.869696][ T5806] veth0_macvtap: entered promiscuous mode
[  109.962525][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.966242][ T5806] veth1_macvtap: entered promiscuous mode
[  110.100220][ T1222] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.124570][ T1222] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.153626][ T1222] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.212968][ T1222] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.250181][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.255501][ T5925] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  110.286565][ T4224] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.286587][ T4224] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.331661][ T5806] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.387527][ T5921] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4'.
[  110.713451][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  110.763426][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  110.813434][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  110.853429][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  110.863567][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  110.883786][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  110.933425][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  110.953459][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  110.993437][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  111.004630][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  111.050388][ T5930] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  111.291531][ T5930] cramfs: wrong magic
[  111.373605][ T3564] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.526988][ T3564] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.545672][ T3564] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.606989][ T2139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.607011][ T2139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.649400][ T3564] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.810917][ T2139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.810938][ T2139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.036806][ T5936] syzkaller0: entered promiscuous mode
[  112.036832][ T5936] syzkaller0: entered allmulticast mode
[  112.039850][  T174] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.039866][  T174] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.069305][ T5870] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  112.187461][ T5938] netlink: 2 bytes leftover after parsing attributes in process `syz.1.8'.
[  112.212776][ T5936] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8'.
[  112.232104][ T5870] usb 4-1: config 0 has no interfaces?
[  112.235272][ T2139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.235290][ T2139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.238660][ T5870] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  112.238685][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  112.238706][ T5870] usb 4-1: Product: syz
[  112.238729][ T5870] usb 4-1: Manufacturer: syz
[  112.238744][ T5870] usb 4-1: SerialNumber: syz
[  112.364257][ T5870] usb 4-1: config 0 descriptor??
[  115.585368][ T5936] ------------[ cut here ]------------
[  115.585394][ T5936] WARNING: CPU: 1 PID: 5936 at kernel/kcov.c:477 kcov_task_exit+0x13c/0x150
[  115.585447][ T5936] Modules linked in:
[  115.585486][ T5936] CPU: 1 UID: 0 PID: 5936 Comm: syz.1.8 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  115.585512][ T5936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  115.585531][ T5936] RIP: 0010:kcov_task_exit+0x13c/0x150
[  115.585568][ T5936] Code: c7 c7 90 3e c5 8e 48 c7 c6 38 22 da 8c 48 c7 c2 17 f8 d8 8c 4c 89 f9 e8 a2 3b f1 02 4c 39 bb 98 00 00 00 0f 84 ff fe ff ff 90 <0f> 0b 90 4c 89 f7 5b 41 5e 41 5f e9 c4 0e 04 09 0f 1f 40 00 90 90
[  115.585588][ T5936] RSP: 0018:ffffc90005acfac0 EFLAGS: 00010287
[  115.585609][ T5936] RAX: bc693d709c17a700 RBX: ffff888028a02700 RCX: 0000000000000000
[  115.585632][ T5936] RDX: 0000000000000000 RSI: ffffffff8b3ddd40 RDI: 00000000ffffffff
[  115.585648][ T5936] RBP: ffffc90005acfc28 R08: 0000000000000000 R09: ffffffff8ac2bb41
[  115.585665][ T5936] R10: dffffc0000000000 R11: fffffbfff1dac76f R12: 1ffff11004cd9f1d
[  115.585682][ T5936] R13: 0000000000000000 R14: ffff888028a02708 R15: ffff8880350f9e00
[  115.585699][ T5936] FS:  00007ffb8cc466c0(0000) GS:ffff888126ef7000(0000) knlGS:0000000000000000
[  115.585719][ T5936] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  115.585736][ T5936] CR2: 00007fffcbbfefc8 CR3: 0000000037112000 CR4: 00000000003526f0
[  115.585756][ T5936] Call Trace:
[  115.585769][ T5936]  <TASK>
[  115.585783][ T5936]  do_exit+0x105/0x2300
[  115.585822][ T5936]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  115.585867][ T5936]  ? __lock_acquire+0xab9/0xd20
[  115.585908][ T5936]  ? __pfx_do_exit+0x10/0x10
[  115.585943][ T5936]  ? rt_mutex_slowunlock+0x493/0x8a0
[  115.585972][ T5936]  ? rt_spin_lock+0x1c1/0x3e0
[  115.586003][ T5936]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  115.586040][ T5936]  do_group_exit+0x21c/0x2d0
[  115.586062][ T5936]  ? rt_spin_unlock+0x161/0x200
[  115.586093][ T5936]  get_signal+0x125d/0x1310
[  115.586148][ T5936]  arch_do_signal_or_restart+0xa0/0x790
[  115.586174][ T5936]  ? fput_close_sync+0x119/0x200
[  115.586202][ T5936]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  115.586242][ T5936]  ? exit_to_user_mode_loop+0x40/0x130
[  115.586280][ T5936]  exit_to_user_mode_loop+0x72/0x130
[  115.586315][ T5936]  do_syscall_64+0x2bd/0xfa0
[  115.586348][ T5936]  ? lockdep_hardirqs_on+0x9c/0x150
[  115.586382][ T5936]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.586406][ T5936]  ? clear_bhb_loop+0x60/0xb0
[  115.586435][ T5936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.586459][ T5936] RIP: 0033:0x7ffb8e9df6c9
[  115.586488][ T5936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.586508][ T5936] RSP: 002b:00007ffb8cc46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  115.586532][ T5936] RAX: 0000000000000000 RBX: 00007ffb8ec35fa0 RCX: 00007ffb8e9df6c9
[  115.586549][ T5936] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  115.586562][ T5936] RBP: 00007ffb8ea61f91 R08: 0000000000000000 R09: 0000000000000000
[  115.586576][ T5936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  115.586590][ T5936] R13: 00007ffb8ec36038 R14: 00007ffb8ec35fa0 R15: 00007fffed2390c8
[  115.586635][ T5936]  </TASK>
[  115.586646][ T5936] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  115.586663][ T5936] CPU: 1 UID: 0 PID: 5936 Comm: syz.1.8 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  115.586689][ T5936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  115.586703][ T5936] Call Trace:
[  115.586712][ T5936]  <TASK>
[  115.586722][ T5936]  dump_stack_lvl+0x99/0x250
[  115.586762][ T5936]  ? __asan_memcpy+0x40/0x70
[  115.586789][ T5936]  ? __pfx_dump_stack_lvl+0x10/0x10
[  115.586827][ T5936]  ? __pfx__printk+0x10/0x10
[  115.586871][ T5936]  vpanic+0x237/0x6d0
[  115.586895][ T5936]  ? __pfx_vpanic+0x10/0x10
[  115.586930][ T5936]  panic+0xb9/0xc0
[  115.586953][ T5936]  ? __pfx_panic+0x10/0x10
[  115.586992][ T5936]  __warn+0x31b/0x4b0
[  115.587013][ T5936]  ? kcov_task_exit+0x13c/0x150
[  115.587048][ T5936]  ? kcov_task_exit+0x13c/0x150
[  115.587081][ T5936]  report_bug+0x2be/0x4f0
[  115.587113][ T5936]  ? kcov_task_exit+0x13c/0x150
[  115.587148][ T5936]  ? kcov_task_exit+0x13c/0x150
[  115.587182][ T5936]  ? kcov_task_exit+0x13e/0x150
[  115.587214][ T5936]  handle_bug+0x84/0x160
[  115.587238][ T5936]  exc_invalid_op+0x1a/0x50
[  115.587261][ T5936]  asm_exc_invalid_op+0x1a/0x20
[  115.587284][ T5936] RIP: 0010:kcov_task_exit+0x13c/0x150
[  115.587318][ T5936] Code: c7 c7 90 3e c5 8e 48 c7 c6 38 22 da 8c 48 c7 c2 17 f8 d8 8c 4c 89 f9 e8 a2 3b f1 02 4c 39 bb 98 00 00 00 0f 84 ff fe ff ff 90 <0f> 0b 90 4c 89 f7 5b 41 5e 41 5f e9 c4 0e 04 09 0f 1f 40 00 90 90
[  115.587347][ T5936] RSP: 0018:ffffc90005acfac0 EFLAGS: 00010287
[  115.587366][ T5936] RAX: bc693d709c17a700 RBX: ffff888028a02700 RCX: 0000000000000000
[  115.587384][ T5936] RDX: 0000000000000000 RSI: ffffffff8b3ddd40 RDI: 00000000ffffffff
[  115.587400][ T5936] RBP: ffffc90005acfc28 R08: 0000000000000000 R09: ffffffff8ac2bb41
[  115.587421][ T5936] R10: dffffc0000000000 R11: fffffbfff1dac76f R12: 1ffff11004cd9f1d
[  115.587440][ T5936] R13: 0000000000000000 R14: ffff888028a02708 R15: ffff8880350f9e00
[  115.587463][ T5936]  ? rt_spin_lock+0x1c1/0x3e0
[  115.587500][ T5936]  do_exit+0x105/0x2300
[  115.587538][ T5936]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  115.587575][ T5936]  ? __lock_acquire+0xab9/0xd20
[  115.587622][ T5936]  ? __pfx_do_exit+0x10/0x10
[  115.587655][ T5936]  ? rt_mutex_slowunlock+0x493/0x8a0
[  115.587683][ T5936]  ? rt_spin_lock+0x1c1/0x3e0
[  115.587715][ T5936]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  115.587750][ T5936]  do_group_exit+0x21c/0x2d0
[  115.587772][ T5936]  ? rt_spin_unlock+0x161/0x200
[  115.587803][ T5936]  get_signal+0x125d/0x1310
[  115.587857][ T5936]  arch_do_signal_or_restart+0xa0/0x790
[  115.587882][ T5936]  ? fput_close_sync+0x119/0x200
[  115.587908][ T5936]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  115.587953][ T5936]  ? exit_to_user_mode_loop+0x40/0x130
[  115.587988][ T5936]  exit_to_user_mode_loop+0x72/0x130
[  115.588015][ T5936]  do_syscall_64+0x2bd/0xfa0
[  115.588044][ T5936]  ? lockdep_hardirqs_on+0x9c/0x150
[  115.588071][ T5936]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.588091][ T5936]  ? clear_bhb_loop+0x60/0xb0
[  115.588116][ T5936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.588135][ T5936] RIP: 0033:0x7ffb8e9df6c9
[  115.588153][ T5936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.588171][ T5936] RSP: 002b:00007ffb8cc46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[  115.588191][ T5936] RAX: 0000000000000000 RBX: 00007ffb8ec35fa0 RCX: 00007ffb8e9df6c9
[  115.588204][ T5936] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  115.588216][ T5936] RBP: 00007ffb8ea61f91 R08: 0000000000000000 R09: 0000000000000000
[  115.588229][ T5936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  115.588242][ T5936] R13: 00007ffb8ec36038 R14: 00007ffb8ec35fa0 R15: 00007fffed2390c8
[  115.588278][ T5936]  </TASK>
[  115.589185][ T5936] Kernel Offset: disabled