last executing test programs:

38m32.912159259s ago: executing program 3 (id=4):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
readv(r0, &(0x7f0000000280)=[{&(0x7f0000000140)=""/164, 0xa4}], 0x1)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000040)={0x0, 0x6, 0x0, 0x0, 0x15, "90737f0000fbffffffffffffff679495ffffeb"})
r1 = dup(r0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0xff)

38m32.466937595s ago: executing program 3 (id=6):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000032c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{0x0}, {&(0x7f0000000400)="a26287c3a96076e33b", 0x9}], 0x2}}], 0x1, 0x20000)
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0)
inotify_init1(0x800)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000f40)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r5=>0xffffffffffffffff]}}], 0x78}, 0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010028bd70000700000002000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
syz_emit_ethernet(0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000280))
r6 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x2, 0x96, 0xd1, 0xca, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0xd, 0x0, 0x6}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r6, 0x0, 0x0)
syz_usb_control_io(r6, 0x0, &(0x7f00000000c0)={0x84, &(0x7f00000003c0)={0x0, 0x17, 0x4, "abe763a8"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

38m19.079327355s ago: executing program 3 (id=17):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000080)={'mpc624\x00', [0x3c4, 0x10, 0x2, 0xa, 0x14000000, 0x0, 0xfffffffc, 0x7, 0xffd, 0x7ffe, 0x3, 0x723, 0x400, 0x2, 0x13, 0x100, 0xffffffa7, 0x9, 0x34d, 0x1, 0x3ff, 0x9, 0x200, 0xe2df, 0xaa14, 0x1, 0x4, 0x0, 0x7, 0xf58, 0x6]})

38m18.546201089s ago: executing program 3 (id=18):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0)="00940a", 0x3)
connect$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0xc8040)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendto$unix(r1, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a3775f", 0x703d59595f6742a8, 0x800, 0x0, 0x0)
sendmsg$802154_raw(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)="eb", 0x1}, 0x1, 0x0, 0x0, 0x8008040}, 0x30008080)

38m17.687785273s ago: executing program 3 (id=19):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0x3}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB])
mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000004c0)=@multiplanar_userptr={0x4, 0x3, 0x4, 0xa018, 0x0, {}, {0x2, 0xc, 0x7, 0x3, 0x9, 0x1b, "3cdab13e"}, 0x6, 0x2, {&(0x7f0000000440)=[{0xc, 0x8001, {&(0x7f00000001c0)}, 0x60}, {0x3, 0x5, {0x0}, 0x100}]}, 0x3, 0x0, r0})
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f0000000040)={{}, 0x8, 0x5, 0xedd1})
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@bloom_filter={0x1e, 0x81, 0x10, 0x0, 0x60441, r0, 0xa4f4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x8}, 0x50)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r5, @ANYRES16], 0x4c}}, 0x40000)

38m16.494290321s ago: executing program 3 (id=21):
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe}}, 0xe8)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = getpid()
sched_setscheduler(r4, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
r6 = socket$inet6_icmp(0xa, 0x2, 0x3a)
sendmsg$inet6(r6, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x44880)

38m1.009521586s ago: executing program 32 (id=21):
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0x2, 0xfffffffe}}, 0xe8)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = getpid()
sched_setscheduler(r4, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, 0x0, 0x0)
r6 = socket$inet6_icmp(0xa, 0x2, 0x3a)
sendmsg$inet6(r6, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x44880)

35m28.370659348s ago: executing program 5 (id=310):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x8)
r0 = getpid()
ptrace$getregs(0xe, r0, 0x2, &(0x7f0000000040)=""/86)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)

35m27.686645499s ago: executing program 5 (id=314):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, 0x0, 0x41)
recvmsg(r0, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
recvmsg(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_netdev_private(r3, 0x8949, 0x0)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r4, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r5, &(0x7f00000004c0)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)
listen(r5, 0x80)
accept$netrom(r5, 0x0, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
write$dsp(0xffffffffffffffff, &(0x7f00000001c0), 0x0)
sendmsg$inet(r1, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f00000002c0)='\x00', 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB='X'], 0x58}, 0x8080)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)

35m24.371905314s ago: executing program 5 (id=317):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8001, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
fspick(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
socket$nl_route(0x10, 0x3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0)
ioctl$EXT4_IOC_SETFSUUID(r0, 0x4008662c, &(0x7f0000000080)={0x10, 0x0, "338e3468c0ad2a4f4813347ed3e1c0bf"})
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(0xffffffffffffffff, &(0x7f0000000200)={0x10, 0x30, 0xfa00, {&(0x7f00000002c0), 0x80000000000003, {0xa, 0x4e22, 0x6, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x27}}, 0x17ab}}}, 0x38)
close(r0)
r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, &(0x7f00000000c0)={'dt2814\x00', [0x4f27, 0x629, 0x2, 0x401, 0x2, 0xcc7, 0xfff, 0x9, 0xd, 0x3ff, 0x2, 0x1, 0x1, 0x1, 0x9, 0xe1cb, 0x0, 0x1a449, 0x3, 0x8000, 0x89, 0xfffffffd, 0x80000000, 0x20001e56, 0xb, 0xe69, 0x3c, 0x8, 0x106, 0x88000000, 0x2]})
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
close(0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, 0x0, 0x20004849)
modify_ldt$read(0x0, &(0x7f0000000240)=""/121, 0x79)
read$FUSE(0xffffffffffffffff, &(0x7f0000000640)={0x2020}, 0x2020)
execve(&(0x7f0000000180)='./file1\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000540)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x02\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01', &(0x7f0000000a40)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})

35m24.105783251s ago: executing program 1 (id=318):
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0600000004"], 0x48)
vmsplice(0xffffffffffffffff, &(0x7f0000002440)=[{&(0x7f00000002c0)="62af263ea3c1befb3bd81deb2fc1cacaa4d2f3c7d8ed578a43f7c4bb44173641f1fd8524ba1d6678d41a89626989170aadb2c8de3262863630637e1f80b2b4b51ee58b9299e10879e5e7cf131a96d45102b25ddcd1a9c1396236f8a9e1be48f3df174a31122fc89187100d16d31e65e68a314119e411a442d36d25fa1a910a16926bbe70937af1a2daffcd5c3a62c21741d80998ec5bdc21609f993fe686eab92a3d9509e824ba65d8ca5a278c2daaa30bae078462870b37ea7868c8f4793a95dfe47a9c60ea83231e51dda3ae07e726e228a4b101565798f3c4d0633da550910f4615720e9ca37e6f3e77bb52ae52a1312724d2f1a641035db3e81b35e55ca077ae17a98a375b6c3f56395c052113c3f125304a41a735b325b05243c1b8a0b8e47ad70f831e640e4d68e32614faef764f07940dbd655c7c45a7a22630e1c3d77bd86fd2c51621f5196efd4844bc327210f9d34141daa5acc425005e38ccdbeba7eafd392b4f3eb9f297aa6dbc28320b48b3f878d9e45916396519eb2f5c4084d210892cc8bd34489e4e12d78c16e5abcf841243e65dddfd7cbe36ec49b51d4ad368a01bba176ecdd8d147bedd7464a07dc59ad833ab8d26639de4131d324c8c1c1401a6758e660e0c7f0c9bd612f5f3589acba3b06198c30d6beb86a76c18cffff86ea6ebc282411a12ea8959b84672e17f101465", 0x1f5}], 0x1, 0x9)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000340), 0x8)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="030000000200000000000000e3ffffffffffffff"], 0x50)
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000740)={0x5, 0x8e, 0xf, 0x3, 0x9})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

35m23.527881067s ago: executing program 1 (id=319):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bf"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="611570000000000061136c0000000000bfa000000000000007000000ee0016055e03010000000000160500000000000069163e0000000000bf0700000000000026050700fcffffff6706000020000000140600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
personality(0x6673f8b78772dd0d)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000007d40)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000b00)={0xa, @pix_mp={0xffff, 0x8011, 0x31324d59, 0x7, 0x9, [{0x2319, 0x81}, {0xfffffffd, 0x7}, {0x4, 0xadf}, {0x5, 0x4018}, {0x1, 0x8}, {0x6}, {0x4, 0x9}, {0xaa}], 0x7f, 0x0, 0x1, 0x0, 0x2}})

35m21.628612172s ago: executing program 1 (id=322):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000040000000000000000850000000e000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)

35m21.353810021s ago: executing program 1 (id=324):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000200)={0x14, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7, 0x0, 0x4}}, 0x14}}, 0x40000)
move_mount(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000080)='\x00', 0x250)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x14, &(0x7f0000000040)=0x6)
write(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, 0x0, 0x0)
tkill(0x0, 0x3f)
r4 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
accept4(r4, 0x0, 0x0, 0x0)
r5 = semget(0x2, 0x1, 0x2)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r6 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/comedi3\x00', 0xc00, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @loopback}, 0x1c)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x2)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, 0x0)
semop(r5, &(0x7f0000000140)=[{0x4, 0x5}, {0x4, 0x800, 0x1000}, {0x2, 0x5d0, 0x1000}, {0x1, 0xa8f, 0x1000}, {0x1, 0x2, 0x1000}, {0x1, 0x6, 0x1800}, {0x3, 0x3af, 0x1000}, {0x4, 0x0, 0x800}], 0x8)

35m14.538129972s ago: executing program 1 (id=330):
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0600000004"], 0x48)
vmsplice(0xffffffffffffffff, &(0x7f0000002440)=[{&(0x7f00000002c0)="62af263ea3c1befb3bd81deb2fc1cacaa4d2f3c7d8ed578a43f7c4bb44173641f1fd8524ba1d6678d41a89626989170aadb2c8de3262863630637e1f80b2b4b51ee58b9299e10879e5e7cf131a96d45102b25ddcd1a9c1396236f8a9e1be48f3df174a31122fc89187100d16d31e65e68a314119e411a442d36d25fa1a910a16926bbe70937af1a2daffcd5c3a62c21741d80998ec5bdc21609f993fe686eab92a3d9509e824ba65d8ca5a278c2daaa30bae078462870b37ea7868c8f4793a95dfe47a9c60ea83231e51dda3ae07e726e228a4b101565798f3c4d0633da550910f4615720e9ca37e6f3e77bb52ae52a1312724d2f1a641035db3e81b35e55ca077ae17a98a375b6c3f56395c052113c3f125304a41a735b325b05243c1b8a0b8e47ad70f831e640e4d68e32614faef764f07940dbd655c7c45a7a22630e1c3d77bd86fd2c51621f5196efd4844bc327210f9d34141daa5acc425005e38ccdbeba7eafd392b4f3eb9f297aa6dbc28320b48b3f878d9e45916396519eb2f5c4084d210892cc8bd34489e4e12d78c16e5abcf841243e65dddfd7cbe36ec49b51d4ad368a01bba176ecdd8d147bedd7464a07dc59ad833ab8d26639de4131d324c8c1c1401a6758e660e0c7f0c9bd612f5f3589acba3b06198c30d6beb86a76c18cffff86ea6ebc282411a12ea8959b84672e17f101465", 0x1f5}], 0x1, 0x9)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000340), 0x8)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="030000000200000000000000e3ffffffffffffff"], 0x50)
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000740)={0x5, 0x8e, 0xf, 0x3, 0x9})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

35m14.390491985s ago: executing program 1 (id=332):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
recvmmsg(r3, &(0x7f0000001080)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000640)=""/85, 0x55}, {0x0}], 0x2}, 0x4}], 0x100000, 0x10022, 0x0)

35m9.630263149s ago: executing program 5 (id=339):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz1\x00', {0x3ff, 0x3, 0x4}, 0x51, [0xd4, 0x6, 0x9, 0x8a4, 0x2, 0x2, 0x7fffffff, 0x80000001, 0x4, 0x1, 0x101, 0x3c6, 0x7, 0x7, 0xf70, 0x3, 0xe7, 0x4007, 0x401, 0xbc5e, 0x4, 0x1, 0x8, 0xffff, 0xe, 0xe, 0x10, 0x20000000, 0x15098855, 0x6, 0x2, 0xfffffffb, 0x6, 0xc, 0xfffffff7, 0x4, 0xe79, 0x7, 0x1ff4, 0x1, 0x1, 0x0, 0x401, 0x9, 0xbdc7, 0xb, 0x1, 0x9, 0x3, 0x1, 0x6, 0x2, 0x5, 0x49, 0x5, 0x9, 0x0, 0x1, 0x1000, 0x3, 0x2, 0x6, 0x7ff, 0xb8547353], [0x4, 0xffffffff, 0x4, 0x5, 0x7ffffdff, 0x1, 0x550, 0x6, 0x2, 0xfffffffc, 0x10001, 0xc, 0x436, 0x4, 0x6, 0x1, 0x9, 0x98, 0x8, 0xe56d, 0xa4, 0x9, 0x99d, 0x8, 0x0, 0xd, 0x10001, 0xfffffffe, 0x6e38, 0x8000, 0xa, 0x6, 0x3, 0x0, 0x5, 0x7, 0x4, 0xd, 0x9, 0xfff, 0x4, 0x0, 0x40000040, 0x1, 0x8, 0x5, 0x8, 0x9, 0x34f1, 0x1ff, 0x4, 0x1b2c5a97, 0x0, 0x9, 0x8, 0x0, 0x1, 0x1, 0x6, 0x6, 0xac, 0x2, 0x54, 0xcfb9], [0x6, 0xdb8, 0x9, 0x4, 0x2, 0x200006, 0x5, 0x5, 0x1, 0x80, 0xfffffffd, 0xc8d3, 0x33, 0x9a45, 0x0, 0xee40000, 0x1, 0x1, 0x4, 0x69d, 0x8, 0xffff, 0x0, 0x0, 0x40000008, 0x2, 0x4, 0x800, 0x7, 0x9, 0x10000, 0x0, 0x1, 0xfffffffe, 0x3, 0x0, 0x7, 0x8c0, 0x9, 0x2, 0x8, 0x7, 0x6, 0x2, 0x81, 0x8, 0x1, 0x55f2, 0xdf46, 0xfffffffd, 0x7f, 0x9, 0x8000, 0x40, 0x3, 0x2, 0xa, 0x6, 0x2, 0xffffff00, 0xda15, 0x82, 0x3, 0x10], [0x0, 0x897, 0x8, 0x246d, 0x6, 0x101, 0x7fffffff, 0xd, 0x7ff, 0x606, 0x1000005, 0x9, 0x80000001, 0x2, 0xb, 0x2, 0x7, 0x1, 0x7, 0x8, 0x7ff, 0x1, 0x0, 0x2, 0x6, 0x20c, 0xfffffffd, 0xec9b, 0x61c8, 0x6, 0x7ff, 0x101, 0x0, 0x7, 0x9, 0x5, 0x2000007, 0x101, 0x9, 0x3000000, 0x20e, 0x4000006, 0x7, 0xfffffffd, 0x9, 0x1, 0x4, 0x100009, 0x100, 0x3, 0x3c, 0x1000, 0x3, 0x3, 0x15, 0x8000, 0x7, 0x81, 0x5, 0x7, 0xfffffffc, 0x4, 0x6, 0xeff]}, 0x45c)
r0 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0xd093, 0x10, 0x3, 0x13f}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x60, 0x185100})
io_uring_enter(r0, 0x409c, 0x3, 0x28, 0x0, 0x0)

35m9.429763019s ago: executing program 5 (id=340):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800"/14], 0x0, 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x0, 0x15, 0x0, &(0x7f0000000380)="f6f4e9a1d78ad62ceef1884386dd78bb3fb7dbfc81", 0x0, 0xa1b, 0x0, 0x1, 0x0, &(0x7f0000000700)="01", 0x0}, 0x50)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = syz_open_dev$midi(0x0, 0x8000000000000000, 0x400083)
read$midi(r2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r5=>0x0})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r4, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r5, 0x0, 0x97, 0x8000000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r4, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r5})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x6}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendmmsg$inet6(r1, 0x0, 0x0, 0x4050)

35m8.22806558s ago: executing program 5 (id=342):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@private0, @in=@empty, 0xfffe, 0x0, 0x0, 0x0, 0xa, 0x0, 0x100}, {0x0, 0x0, 0x0, 0x0, 0x800000000}, {}, 0x0, 0x6e6bb8, 0x0, 0x0, 0x0, 0x3}, {{@in=@rand_addr=0x64010101, 0x0, 0x2b}, 0x0, @in=@private=0xa010100, 0x40000000}}, 0xe8)
r6 = socket$key(0xf, 0x3, 0x2)
renameat2(r1, &(0x7f0000000080)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000600)='./file0\x00', 0x4)
sendmsg$key(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x10}}, 0x0)
close(r5)
sendmsg$nl_xfrm(r5, 0x0, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000000c0))
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x7f)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
syz_io_uring_setup(0x837, &(0x7f0000000640)={0x0, 0x2000679a, 0x2, 0x4, 0x3ce}, &(0x7f0000000140), 0x0)
dup(0xffffffffffffffff)
getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000), &(0x7f0000000040)=0x8)
sendmsg$nl_xfrm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="800100001000010000000000ffdbdf25fe880000000000000000000000000001ac1414aa00000000000000000000000000000001000000000a0020005c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000010000000033000000fc020000000000000000000000000001000000000000000500ffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff0000000000000000000000000000000000000000000002000000000000000000000000000a00048000000000000000008d001400736d33000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000802000000000000ab84411f518dc9d5565b9e05de67830aeb529f334e285efe3786823a0a1e08b53bec30240d4d6f58f05cd36e941758cf60d4c5a818aca82c12697c43daf8000000000000"], 0x180}, 0x1, 0x0, 0x0, 0x20004001}, 0x0)
close(0xffffffffffffffff)

34m57.101963836s ago: executing program 33 (id=332):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
recvmmsg(r3, &(0x7f0000001080)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000640)=""/85, 0x55}, {0x0}], 0x2}, 0x4}], 0x100000, 0x10022, 0x0)

34m52.282360935s ago: executing program 34 (id=342):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@private0, @in=@empty, 0xfffe, 0x0, 0x0, 0x0, 0xa, 0x0, 0x100}, {0x0, 0x0, 0x0, 0x0, 0x800000000}, {}, 0x0, 0x6e6bb8, 0x0, 0x0, 0x0, 0x3}, {{@in=@rand_addr=0x64010101, 0x0, 0x2b}, 0x0, @in=@private=0xa010100, 0x40000000}}, 0xe8)
r6 = socket$key(0xf, 0x3, 0x2)
renameat2(r1, &(0x7f0000000080)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000600)='./file0\x00', 0x4)
sendmsg$key(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x10}}, 0x0)
close(r5)
sendmsg$nl_xfrm(r5, 0x0, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000000c0))
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x7f)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
syz_io_uring_setup(0x837, &(0x7f0000000640)={0x0, 0x2000679a, 0x2, 0x4, 0x3ce}, &(0x7f0000000140), 0x0)
dup(0xffffffffffffffff)
getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000), &(0x7f0000000040)=0x8)
sendmsg$nl_xfrm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="800100001000010000000000ffdbdf25fe880000000000000000000000000001ac1414aa00000000000000000000000000000001000000000a0020005c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000010000000033000000fc020000000000000000000000000001000000000000000500ffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff0000000000000000000000000000000000000000000002000000000000000000000000000a00048000000000000000008d001400736d33000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000802000000000000ab84411f518dc9d5565b9e05de67830aeb529f334e285efe3786823a0a1e08b53bec30240d4d6f58f05cd36e941758cf60d4c5a818aca82c12697c43daf8000000000000"], 0x180}, 0x1, 0x0, 0x0, 0x20004001}, 0x0)
close(0xffffffffffffffff)

17m47.056691969s ago: executing program 2 (id=1984):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000e40)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in6=@private0, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in, 0x0, 0x3c}, @in6=@remote, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, {}, {}, 0x0, 0x0, 0x2, 0x5, 0x0, 0x4a}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0)

17m46.666082054s ago: executing program 2 (id=1985):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r2 = dup3(r0, r1, 0x0)
read(r2, 0x0, 0x2f)

17m46.488570861s ago: executing program 2 (id=1986):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r2, @ANYBLOB="01"], 0x3c}}, 0x0)

17m46.141039684s ago: executing program 2 (id=1988):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
inotify_init1(0x0)
fchdir(r1)
mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000080)='proc\x00', 0x189, 0x0)
syz_open_procfs(r0, &(0x7f0000000000)='map_files\x00')
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r2, 0x7d4165c9)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
listen(0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000400)={@in6={{0xa, 0x4e24, 0x91, @remote, 0x1}}, 0x0, 0x0, 0x32, 0x0, "0c9e089c1b4a04000bde79f04103c458187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents64(r7, &(0x7f0000000f80)=""/4096, 0x1000)

17m44.349789359s ago: executing program 2 (id=1990):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x4, 0x80100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
shutdown(0xffffffffffffffff, 0x1)
r1 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x1, 0x0)
symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r2, &(0x7f0000000080)='./file0\x00')

17m42.349985795s ago: executing program 2 (id=1994):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1e8629867d7bdaee, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
sendmmsg$inet(r3, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)

16m17.028331644s ago: executing program 4 (id=2166):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5, 0x0, 0x3}, 0x18)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f9cc3f4ff7f4e32f61bcdf1e422000000000100804824cabecc4b381eaadc28f23457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
shmat(0x0, &(0x7f00006a0000/0x4000)=nil, 0x7000)
sendmsg$NL80211_CMD_DEL_KEY(r0, 0x0, 0x200000c0)

16m16.598845178s ago: executing program 4 (id=2167):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
ioctl$int_in(r0, 0x5452, &(0x7f0000b28000)=0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r4, 0xffffffffffffffff, 0x0)

16m15.246714694s ago: executing program 4 (id=2168):
pipe2$9p(0x0, 0x0)
dup(0xffffffffffffffff)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_io_uring_setup(0x235, &(0x7f0000000500)={0x0, 0x4533, 0x10100, 0x0, 0x24c}, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc00000000000000010000000000000f0000000100f20000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300020000000000fedbdf25fc000000000000000000000000000000ac1414bb00000000000000000000000000000400000000000a0060", @ANYRES32=0x0], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e99900000000fedbdf25fc000000000000000000000000000000ac1414bb00000000000000000000000000000400000000000a0060", @ANYBLOB='\x00'/29], 0xb8}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x9}, {0x0, 0x0, 0x1}}}, 0xb8}}, 0x4000)

16m14.907271052s ago: executing program 4 (id=2169):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setxattr$incfs_metadata(0x0, 0x0, 0x0, 0x0, 0x1)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000400000/0x1000)=nil, 0x20400000}, 0x1})
syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x2c, r2, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x2c}}, 0x0)

16m9.779079252s ago: executing program 4 (id=2172):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x54c, 0x24b, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x30, 0x3, [{{0x9, 0x4, 0x0, 0xed, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x7, 0x8, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x81, 0x0, 0x1}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

16m6.531735005s ago: executing program 4 (id=2180):
userfaultfd(0x80001)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000040)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{&(0x7f0000000400)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xfffffffd}, 0x1c, 0x0}}], 0x1, 0x0)

15m50.460162905s ago: executing program 35 (id=2180):
userfaultfd(0x80001)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000200)=0x632a, 0x4)
r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000040)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{&(0x7f0000000400)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xfffffffd}, 0x1c, 0x0}}], 0x1, 0x0)

57.907962649s ago: executing program 0 (id=3850):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r3=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1e8629867d7bdaee, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r4, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
sendmmsg$inet(r4, 0x0, 0x0, 0x0)

55.990249788s ago: executing program 0 (id=3851):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getsockopt$XDP_STATISTICS(0xffffffffffffffff, 0x11b, 0x7, &(0x7f0000000080), 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x10, &(0x7f0000000280))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
r6 = dup3(r5, r4, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x10, 0x0, &(0x7f00000001c0)=[@request_death], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000900), 0x0, 0x0, 0x0})
syz_emit_ethernet(0xc5, &(0x7f0000000380)=ANY=[@ANYBLOB="ffffffffffffffffffffffff884700000000000000000000000000000000401a00a7006500000e219078e0000002e0000001860a346715960ce5e061445433c1e00000017fffffff0a010100000000080000000000000007ac1414aa000089880a016e9ab6960008e000000100000003ac1414bb0000008a0000000000000006ac14140a7eaa00010001ac1414bb00000005890bed0a010102e00000020000004e204e2204519078c84753b9081af4edab9464977e1a668761d696a7c692", @ANYRES16=r2], &(0x7f0000000180)={0x1, 0x1, [0x929, 0x19e, 0x221, 0x66f]})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="54000000090601080000000000000000050000000900020073797a310000000005000100070000002c000780060004404e21000005"], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

53.853989012s ago: executing program 0 (id=3854):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f00000002c0)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x0, 0x0, 0x2449})
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f00000000c0)=0xb0000)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x127e40, 0x0)
ioctl$KDSETMODE(0xffffffffffffffff, 0x4b3a, 0x0)
r5 = socket$l2tp6(0xa, 0x2, 0x73)
r6 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card0/oss_mixer\x00', 0x298f3cc22e12b39a, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
write$proc_mixer(r6, &(0x7f00000016c0)=ANY=[@ANYBLOB='LINE1 \'Master Capture\' 00000000000000000000\nCD \'CD Capture'], 0x178)
dup3(r7, r6, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000800)=@raw={'raw\x00', 0x3c1, 0x3, 0x358, 0x0, 0x111, 0x4b4, 0x140, 0x700, 0x288, 0x278, 0x278, 0x288, 0x278, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @empty, [0x0, 0x0, 0xffffff00], [0x0, 0x0, 0xffffff00], 'vlan0\x00', 'team_slave_0\x00', {0xff}, {0xff}, 0x88, 0x0, 0x0, 0x42}, 0x0, 0x120, 0x140, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x0, 0x0, [0x4e22, 0x0, 0x0, 0x0, 0x100, 0x0, 0x4e23, 0xfffe]}}, @inet=@rpfilter={{0x28}, {0xa}}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0={0xfc, 0x0, '\x00', 0x1}, [], [0x0, 0xffffff00], 'geneve1\x00', 'hsr0\x00', {}, {}, 0x0, 0x0, 0x7}, 0x0, 0xe0, 0x148, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x5, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3b8)
r8 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x80, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r8, 0x3ba0, &(0x7f0000000100)={0x48})
close_range(r4, 0xffffffffffffffff, 0x0)

51.896481577s ago: executing program 7 (id=3856):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
lseek(r0, 0x5, 0x3)

51.713525257s ago: executing program 0 (id=3857):
r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000008, 0x4000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe2$watch_queue(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
r5 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r3, 0x39)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r4, 0xffffffffffffffff)
r6 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f00000001c0)={0x7, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800})
close_range(r1, 0xffffffffffffffff, 0x0)
openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000', @ANYRESDEC=0x0, @ANYBLOB="2c67726f75705f69643da178abd7cb9849ac4217cbff6bf94e8b3bda1b0525ea45e46e0fb319bc4b7dca62b9084f1723efa8c416e628eb3dd661d73be8c43bcdf419a6209c80de6ad210b4e29a938397fe1b4b466b8bb0061ca2f671affcd7b604bd4c3f59ed6f006ddbd0e4a94c13d304d33da0659c23e8ad80e2b36bb39e8ed5281f2e7840f90d918567e390b524bba1a9e22a8bb8e949750b6d3a32186d7b231d9ea0dd0cdf5dec9e581aa20ce627a173abfd748710db14bbc6520926bc38c43c4b121cce02421559e0fdaf8799d9367d40eff7e5aa76", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])

51.585301725s ago: executing program 7 (id=3858):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x556, 0x2, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, 0x0, 0x2005c840)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
migrate_pages(0x0, 0x8, 0x0, &(0x7f00000003c0)=0x3)

50.511184633s ago: executing program 0 (id=3859):
getsockopt$inet6_mptcp_buf(0xffffffffffffffff, 0x11c, 0x4, 0x0, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000406d0494c2000000000001090224000100"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\"\a'], 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{}, {0x0, 0x989680}}, 0x0)
mount$binderfs(0x0, &(0x7f00000001c0)='./binderfs\x00', 0x0, 0x3f, 0x0)
pipe(0x0)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x24, 0x0, &(0x7f0000002000))
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f00000003c0)={0x2})
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x8)
timer_gettime(0x0, &(0x7f00000001c0))
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000100))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})

49.43096801s ago: executing program 7 (id=3861):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
readv(r1, &(0x7f0000000080)=[{&(0x7f0000000100)=""/161, 0xa1}], 0x1)
io_setup(0x8, 0x0)

48.099014707s ago: executing program 7 (id=3864):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$inet6(0x10, 0x3, 0x0)

42.58804723s ago: executing program 0 (id=3865):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r5, @ANYBLOB="04005b"], 0x28}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r2, @ANYBLOB="05005b"], 0x24}}, 0x0)

40.331804882s ago: executing program 6 (id=3866):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
lseek(r0, 0x5, 0x3)

39.258399419s ago: executing program 7 (id=3867):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000001280)={{0x12, 0x1, 0x300, 0x0, 0x1f, 0x66, 0x8, 0x58f, 0x6610, 0x4805, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x4, 0x95, 0x70, 0x81, [{{0x9, 0x4, 0x0, 0x81, 0x0, 0xff, 0xff, 0xff, 0x2}}]}}]}}, &(0x7f0000001700)={0xffffffa0, 0x0, 0x0, 0x0, 0x23})
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000000a40)={&(0x7f0000000380)=[{0x3, 0x6000, 0x1, &(0x7f00000003c0)='t'}, {0x1, 0x2a00, 0x0, 0x0}], 0x2})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000200)={0x1c, &(0x7f0000000000)=ANY=[], 0x0, 0x0})
ftruncate(0xffffffffffffffff, 0x2000008)
syz_io_uring_setup(0x3380, 0x0, 0x0, 0x0)
bind$xdp(0xffffffffffffffff, 0x0, 0x0)

39.224587504s ago: executing program 6 (id=3868):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x200002, 0x30}, 0xc)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000340)={0x0, 0x2}, 0xe0)
sendmsg$inet6(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)='h', 0x34000}], 0x1}, 0x0)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000240)=',', 0x1}], 0x1)

39.129815955s ago: executing program 6 (id=3869):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x88)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x5d032, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
ioperm(0x2, 0x8, 0xa)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_create(0x2, 0x0, &(0x7f0000000480))
mremap(&(0x7f0000dc2000/0x2000)=nil, 0x2000, 0x1000, 0x2, &(0x7f0000ffc000/0x1000)=nil)
mount$9p_tcp(0x0, 0x0, &(0x7f0000000180), 0x206c00, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
statx(0xffffffffffffff9c, 0x0, 0x4000, 0x100, &(0x7f0000000400))
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc})
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)

37.534326735s ago: executing program 7 (id=3870):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x556, 0x2, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, 0x0, 0x2005c840)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
migrate_pages(0x0, 0x8, &(0x7f0000000280)=0x9, 0x0)

37.018399492s ago: executing program 6 (id=3871):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getsockopt$XDP_STATISTICS(0xffffffffffffffff, 0x11b, 0x7, &(0x7f0000000080), 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x10, &(0x7f0000000280))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
r6 = dup3(r5, r4, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x10, 0x0, &(0x7f00000001c0)=[@request_death], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000900), 0x0, 0x0, &(0x7f0000000a40)})
syz_emit_ethernet(0xc5, &(0x7f0000000380)=ANY=[@ANYBLOB="ffffffffffffffffffffffff884700000000000000000000000000000000401a00a7006500000e219078e0000002e0000001860a346715960ce5e061445433c1e00000017fffffff0a010100000000080000000000000007ac1414aa000089880a016e9ab6960008e000000100000003ac1414bb0000008a0000000000000006ac14140a7eaa00010001ac1414bb00000005890bed0a010102e00000020000004e204e2204519078c84753b9081af4edab9464977e1a668761d696a7c692", @ANYRES16=r2], &(0x7f0000000180)={0x1, 0x1, [0x929, 0x19e, 0x221, 0x66f]})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="54000000090601080000000000000000050000000900020073797a310000000005000100070000002c000780060004404e21000005"], 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

35.984096619s ago: executing program 6 (id=3872):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x42, &(0x7f00000002c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x34, 0x0, 0x0, 0x2, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0xc2, 0x1, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x4, 0xd}]}}}}}}}, 0x0)

35.710398427s ago: executing program 6 (id=3873):
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x2, 0x0)

3.408928161s ago: executing program 36 (id=3865):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r5, @ANYBLOB="04005b"], 0x28}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r2, @ANYBLOB="05005b"], 0x24}}, 0x0)

1.952402299s ago: executing program 37 (id=3873):
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x2, 0x0)

0s ago: executing program 38 (id=3870):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x556, 0x2, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, 0x0, 0x2005c840)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
migrate_pages(0x0, 0x8, &(0x7f0000000280)=0x9, 0x0)

kernel console output (not intermixed with test programs):

: command tx timeout
[ 1962.480391][T19958] netlink: 104 bytes leftover after parsing attributes in process `syz.6.3138'.
[ 1963.430131][   T59] Bluetooth: hci5: command tx timeout
[ 1963.572623][T19966] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3141'.
[ 1964.623200][T19965] vlan2: entered promiscuous mode
[ 1964.624524][T19965] vlan2: entered allmulticast mode
[ 1964.624543][T19965] hsr_slave_1: entered allmulticast mode
[ 1964.931718][T19895] lo speed is unknown, defaulting to 1000
[ 1964.944699][T19941] lo speed is unknown, defaulting to 1000
[ 1966.664834][   T59] Bluetooth: hci5: command tx timeout
[ 1967.577594][T19991] netlink: 104 bytes leftover after parsing attributes in process `syz.7.3147'.
[ 1968.851348][   T59] Bluetooth: hci5: command tx timeout
[ 1970.875467][   T59] Bluetooth: hci5: command tx timeout
[ 1971.616094][T19895] chnl_net:caif_netlink_parms(): no params data found
[ 1971.817415][T19941] chnl_net:caif_netlink_parms(): no params data found
[ 1971.930815][T20034] netlink: 104 bytes leftover after parsing attributes in process `syz.7.3158'.
[ 1976.509617][T20087] netlink: 104 bytes leftover after parsing attributes in process `syz.7.3168'.
[ 1978.089410][T19895] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1978.089567][T19895] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1978.089810][T19895] bridge_slave_0: entered allmulticast mode
[ 1978.092968][T19895] bridge_slave_0: entered promiscuous mode
[ 1978.269547][T19895] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1978.269687][T19895] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1978.269921][T19895] bridge_slave_1: entered allmulticast mode
[ 1978.272669][T19895] bridge_slave_1: entered promiscuous mode
[ 1978.443176][T19941] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1978.443322][T19941] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1978.443562][T19941] bridge_slave_0: entered allmulticast mode
[ 1978.473882][T19941] bridge_slave_0: entered promiscuous mode
[ 1978.699143][T19941] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1978.699290][T19941] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1978.699552][T19941] bridge_slave_1: entered allmulticast mode
[ 1978.702522][T19941] bridge_slave_1: entered promiscuous mode
[ 1979.160305][ T1166] bridge_slave_1: left allmulticast mode
[ 1979.160327][ T1166] bridge_slave_1: left promiscuous mode
[ 1979.160479][ T1166] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1979.250479][ T1166] bridge_slave_0: left allmulticast mode
[ 1979.250501][ T1166] bridge_slave_0: left promiscuous mode
[ 1979.250678][ T1166] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1979.324167][ T1166] bridge_slave_1: left allmulticast mode
[ 1979.324189][ T1166] bridge_slave_1: left promiscuous mode
[ 1979.324365][ T1166] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1979.843698][ T1166] bridge_slave_0: left allmulticast mode
[ 1979.843719][ T1166] bridge_slave_0: left promiscuous mode
[ 1979.843881][ T1166] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1981.275417][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1981.275506][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1983.190975][T20125] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3177'.
[ 1984.177410][ T1166] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1985.174232][ T1166] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1985.251384][ T1166] bond0 (unregistering): Released all slaves
[ 1985.964503][ T1166] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1986.136296][ T1166] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1986.256120][ T1166] bond0 (unregistering): Released all slaves
[ 1986.343454][T19895] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1986.624877][T19895] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1986.654119][T19941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1987.890659][T19941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1990.385532][T19895] team0: Port device team_slave_0 added
[ 1990.411347][T20176] netlink: 104 bytes leftover after parsing attributes in process `syz.7.3193'.
[ 1990.487454][T14312] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[ 1990.611295][T19895] team0: Port device team_slave_1 added
[ 1990.614127][T19941] team0: Port device team_slave_0 added
[ 1990.639173][T14312] usb 1-1: Using ep0 maxpacket: 32
[ 1990.641982][T14312] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1990.646318][T14312] usb 1-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 1990.646344][T14312] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1990.646362][T14312] usb 1-1: Product: syz
[ 1990.646375][T14312] usb 1-1: Manufacturer: syz
[ 1990.646387][T14312] usb 1-1: SerialNumber: syz
[ 1990.701051][ T1166] hsr_slave_0: left promiscuous mode
[ 1990.739246][ T1166] hsr_slave_1: left promiscuous mode
[ 1990.740918][ T1166] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1990.741053][ T1661] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[ 1990.803930][ T1166] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1990.893045][ T1661] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1990.893134][ T1661] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1990.893174][ T1661] usb 7-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[ 1990.893193][ T1661] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1990.918170][T14312] pwc: Philips PCA645VC USB webcam detected.
[ 1990.932846][ T1661] usb 7-1: config 0 descriptor??
[ 1990.954182][T14312] pwc: send_video_command error -71
[ 1990.954197][T14312] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 1990.954314][T14312] Philips webcam 1-1:7.0: probe with driver Philips webcam failed with error -71
[ 1990.974611][T14312] usb 1-1: USB disconnect, device number 41
[ 1991.049683][ T1166] hsr_slave_0: left promiscuous mode
[ 1991.119068][ T1166] hsr_slave_1: left promiscuous mode
[ 1991.121786][ T1166] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1991.160097][ T1166] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1991.923365][ T1661] usbhid 7-1:0.0: can't add hid device: -71
[ 1991.923493][ T1661] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1991.928883][ T1661] usb 7-1: USB disconnect, device number 15
[ 1993.299967][ T1166] team0 (unregistering): Port device team_slave_1 removed
[ 1995.023486][ T1166] team0 (unregistering): Port device team_slave_0 removed
[ 1995.429454][ T5966] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[ 1995.584127][ T5966] usb 8-1: Using ep0 maxpacket: 32
[ 1995.595624][ T5966] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1995.624253][ T5966] usb 8-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 1995.624280][ T5966] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1995.624298][ T5966] usb 8-1: Product: syz
[ 1995.624311][ T5966] usb 8-1: Manufacturer: syz
[ 1995.624323][ T5966] usb 8-1: SerialNumber: syz
[ 1996.070629][ T5966] pwc: Philips PCA645VC USB webcam detected.
[ 1996.093551][ T5966] pwc: send_video_command error -71
[ 1996.093567][ T5966] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 1996.093683][ T5966] Philips webcam 8-1:7.0: probe with driver Philips webcam failed with error -71
[ 1996.173033][ T5966] usb 8-1: USB disconnect, device number 16
[ 1997.939157][T10419] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[ 1998.117949][T10419] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1998.117979][T10419] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1998.118016][T10419] usb 8-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[ 1998.118036][T10419] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1998.124054][T10419] usb 8-1: config 0 descriptor??
[ 1999.699811][T10419] usbhid 8-1:0.0: can't add hid device: -71
[ 1999.699888][T10419] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1999.704421][T10419] usb 8-1: USB disconnect, device number 17
[ 2001.051855][ T1166] team0 (unregistering): Port device team_slave_1 removed
[ 2001.452740][ T1166] team0 (unregistering): Port device team_slave_0 removed
[ 2001.549209][T10419] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[ 2001.834204][T10419] usb 8-1: Using ep0 maxpacket: 32
[ 2001.836181][T10419] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 2001.841137][T10419] usb 8-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2001.841163][T10419] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2001.841180][T10419] usb 8-1: Product: syz
[ 2001.841192][T10419] usb 8-1: Manufacturer: syz
[ 2001.841204][T10419] usb 8-1: SerialNumber: syz
[ 2002.163811][T10419] pwc: Philips PCA645VC USB webcam detected.
[ 2002.191994][T10419] pwc: send_video_command error -71
[ 2002.192011][T10419] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2002.192136][T10419] Philips webcam 8-1:7.0: probe with driver Philips webcam failed with error -71
[ 2002.248557][T10419] usb 8-1: USB disconnect, device number 18
[ 2004.145813][T19941] team0: Port device team_slave_1 added
[ 2004.657166][T20283] ubi: mtd0 is already attached to ubi31
[ 2005.362657][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2005.507721][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2006.223154][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2006.259185][T12078] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[ 2006.419179][T12078] usb 8-1: Using ep0 maxpacket: 32
[ 2006.422540][T12078] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 2006.427544][T12078] usb 8-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2006.427572][T12078] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2006.427590][T12078] usb 8-1: Product: syz
[ 2006.427603][T12078] usb 8-1: Manufacturer: syz
[ 2006.427616][T12078] usb 8-1: SerialNumber: syz
[ 2006.579941][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2006.658777][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2006.722050][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2006.892003][T12078] pwc: Philips PCA645VC USB webcam detected.
[ 2006.895172][T12078] pwc: send_video_command error -71
[ 2006.895186][T12078] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2006.895299][T12078] Philips webcam 8-1:7.0: probe with driver Philips webcam failed with error -71
[ 2006.914285][T12078] usb 8-1: USB disconnect, device number 19
[ 2006.964756][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2007.008534][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2007.480241][T19895] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2007.480256][T19895] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2007.480282][T19895] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2007.485216][T19941] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2007.485231][T19941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2007.485256][T19941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2007.487060][T19895] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2007.487072][T19895] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2007.487095][T19895] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2007.494654][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2007.672694][T19941] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2007.672710][T19941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2007.672735][T19941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2008.159066][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2008.320259][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2008.874238][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2008.984211][T19895] hsr_slave_0: entered promiscuous mode
[ 2008.992917][T19895] hsr_slave_1: entered promiscuous mode
[ 2009.006996][T19895] debugfs: 'hsr0' already exists in 'hsr'
[ 2009.007024][T19895] Cannot create hsr debugfs directory
[ 2009.026604][T19941] hsr_slave_0: entered promiscuous mode
[ 2009.027916][T19941] hsr_slave_1: entered promiscuous mode
[ 2009.028832][T19941] debugfs: 'hsr0' already exists in 'hsr'
[ 2009.028855][T19941] Cannot create hsr debugfs directory
[ 2009.576382][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2009.753045][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2009.768055][T10419] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[ 2010.130581][T10419] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2010.254226][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2010.296426][T10419] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2010.296475][T10419] usb 1-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[ 2010.296496][T10419] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2010.432114][T10419] usb 1-1: config 0 descriptor??
[ 2012.795118][T10419] usbhid 1-1:0.0: can't add hid device: -71
[ 2012.795245][T10419] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 2012.907438][T10419] usb 1-1: USB disconnect, device number 42
[ 2015.246290][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2015.665607][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2016.045332][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2016.085866][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2016.124434][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2016.534123][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2016.741645][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2017.119656][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2017.122326][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2017.125471][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2017.151922][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2017.412215][T14312] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[ 2018.185488][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2018.511648][T14312] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2018.511680][T14312] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2018.511718][T14312] usb 8-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[ 2018.511739][T14312] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2018.517871][T14312] usb 8-1: config 0 descriptor??
[ 2019.395372][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2019.396104][ T5849] Bluetooth: hci1: command tx timeout
[ 2019.551744][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2021.434605][ T5849] Bluetooth: hci1: command tx timeout
[ 2021.765432][ T1166] bridge_slave_1: left allmulticast mode
[ 2021.765464][ T1166] bridge_slave_1: left promiscuous mode
[ 2021.765708][ T1166] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2021.822317][ T1166] bridge_slave_0: left allmulticast mode
[ 2021.822364][ T1166] bridge_slave_0: left promiscuous mode
[ 2021.822642][ T1166] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2023.548644][ T5849] Bluetooth: hci1: command tx timeout
[ 2023.764278][T14312] usbhid 8-1:0.0: can't add hid device: -32
[ 2023.764415][T14312] usbhid 8-1:0.0: probe with driver usbhid failed with error -32
[ 2024.119901][T13633] usb 8-1: USB disconnect, device number 20
[ 2025.593814][ T5849] Bluetooth: hci1: command tx timeout
[ 2025.678645][   T59] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2025.701644][   T59] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2025.725493][   T59] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2025.747154][   T59] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2025.750487][   T59] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2025.879799][ T1166] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2027.576548][ T1166] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2027.938400][ T5849] Bluetooth: hci3: command tx timeout
[ 2028.259205][T10419] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[ 2028.589121][ T1166] bond0 (unregistering): Released all slaves
[ 2028.597555][T10419] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2028.597584][T10419] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2028.597622][T10419] usb 1-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[ 2028.597642][T10419] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2028.606650][T10419] usb 1-1: config 0 descriptor??
[ 2029.643465][T20378] lo speed is unknown, defaulting to 1000
[ 2029.920661][T20476] hugetlbfs: syz.6.3268 (20476): Using mlock ulimits for SHM_HUGETLB is obsolete
[ 2030.317904][ T5849] Bluetooth: hci3: command tx timeout
[ 2030.891638][ T1166] hsr_slave_0: left promiscuous mode
[ 2030.931435][ T1166] hsr_slave_1: left promiscuous mode
[ 2030.932541][ T1166] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2031.033352][ T1166] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2032.389121][ T5849] Bluetooth: hci3: command tx timeout
[ 2034.568074][T10419] usbhid 1-1:0.0: can't add hid device: -32
[ 2034.568203][T10419] usbhid 1-1:0.0: probe with driver usbhid failed with error -32
[ 2034.639105][ T5849] Bluetooth: hci3: command tx timeout
[ 2035.549522][ T1166] team0 (unregistering): Port device team_slave_1 removed
[ 2036.914510][T20508] ubi: mtd0 is already attached to ubi31
[ 2036.915830][ T1166] team0 (unregistering): Port device team_slave_0 removed
[ 2037.182946][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2037.194968][T10419] usb 1-1: USB disconnect, device number 43
[ 2037.334845][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2037.518082][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2037.674061][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2037.781077][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2037.851140][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2037.973839][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2038.976296][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2039.851770][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2040.067657][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2040.208020][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2040.820636][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2041.049221][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2041.140791][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2041.351022][T20445] lo speed is unknown, defaulting to 1000
[ 2041.369208][T14312] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[ 2041.569506][T14312] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2041.569537][T14312] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2041.569576][T14312] usb 1-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[ 2041.569597][T14312] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2041.593721][T14312] usb 1-1: config 0 descriptor??
[ 2041.758177][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2041.833037][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2041.943221][T20543] siw: device registration error -23
[ 2041.954894][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2042.722933][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2042.724499][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2043.380115][T20551] ubi: mtd0 is already attached to ubi31
[ 2043.608506][T20378] chnl_net:caif_netlink_parms(): no params data found
[ 2044.186113][T14312] usbhid 1-1:0.0: can't add hid device: -71
[ 2044.186234][T14312] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 2044.280629][T14312] usb 1-1: USB disconnect, device number 44
[ 2044.618873][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2045.249750][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2045.821527][T20445] chnl_net:caif_netlink_parms(): no params data found
[ 2046.095361][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2046.263148][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2046.720187][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2047.022668][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2047.329368][T14312] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[ 2047.341828][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2047.501820][T14312] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2047.501851][T14312] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2047.501889][T14312] usb 8-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[ 2047.501908][T14312] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2047.552893][T14312] usb 8-1: config 0 descriptor??
[ 2048.019881][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2048.271172][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2048.382314][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2048.593126][ T1166] bridge_slave_1: left allmulticast mode
[ 2048.593157][ T1166] bridge_slave_1: left promiscuous mode
[ 2048.593576][ T1166] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2048.671653][ T1166] bridge_slave_0: left allmulticast mode
[ 2048.671685][ T1166] bridge_slave_0: left promiscuous mode
[ 2048.672119][ T1166] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2051.764498][ T1166] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2052.250326][ T1166] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2052.372499][T14312] usbhid 8-1:0.0: can't add hid device: -71
[ 2052.372626][T14312] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 2052.433107][ T1166] bond0 (unregistering): Released all slaves
[ 2052.434923][T14312] usb 8-1: USB disconnect, device number 21
[ 2052.996139][T20378] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2052.996304][T20378] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2052.996536][T20378] bridge_slave_0: entered allmulticast mode
[ 2053.006924][T20378] bridge_slave_0: entered promiscuous mode
[ 2053.148290][T20378] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2053.148432][T20378] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2053.148661][T20378] bridge_slave_1: entered allmulticast mode
[ 2053.153554][T20378] bridge_slave_1: entered promiscuous mode
[ 2056.725105][T20663] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3314'.
[ 2056.792960][ T1166] hsr_slave_0: left promiscuous mode
[ 2056.968354][ T1166] hsr_slave_1: left promiscuous mode
[ 2056.975986][ T1166] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2057.000305][ T1166] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2057.133102][T20667] erofs (device nbd7): cannot find valid erofs superblock
[ 2057.974324][T20668] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2058.800155][ T1166] team0 (unregistering): Port device team_slave_1 removed
[ 2058.970437][ T1166] team0 (unregistering): Port device team_slave_0 removed
[ 2060.553401][T20378] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2060.558014][T20445] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2060.558241][T20445] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2060.558376][T20445] bridge_slave_0: entered allmulticast mode
[ 2060.569962][T20445] bridge_slave_0: entered promiscuous mode
[ 2060.576969][T20378] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2060.646985][T20445] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2060.647138][T20445] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2060.647370][T20445] bridge_slave_1: entered allmulticast mode
[ 2060.659031][T20445] bridge_slave_1: entered promiscuous mode
[ 2061.468066][T20378] team0: Port device team_slave_0 added
[ 2061.600092][T20445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2061.637204][T20378] team0: Port device team_slave_1 added
[ 2061.696632][T20445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2063.280177][T20696] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3325'.
[ 2063.826334][T20378] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2063.826351][T20378] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2063.826376][T20378] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2063.894806][T20445] team0: Port device team_slave_0 added
[ 2063.899373][T20378] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2063.899389][T20378] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2063.899413][T20378] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2063.965624][T20445] team0: Port device team_slave_1 added
[ 2064.690696][T20445] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2064.690712][T20445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2064.690738][T20445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2064.857934][T20445] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2064.857951][T20445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2064.857976][T20445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2065.170624][T20378] hsr_slave_0: entered promiscuous mode
[ 2065.172368][T20378] hsr_slave_1: entered promiscuous mode
[ 2065.173332][T20378] debugfs: 'hsr0' already exists in 'hsr'
[ 2065.173355][T20378] Cannot create hsr debugfs directory
[ 2065.524885][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2066.108134][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2066.175706][T20717] tipc: Started in network mode
[ 2066.175740][T20717] tipc: Node identity 9e935dcbab34, cluster identity 4711
[ 2066.380353][T20717] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2066.381097][T20719] syzkaller0: entered promiscuous mode
[ 2066.381123][T20719] syzkaller0: entered allmulticast mode
[ 2066.808980][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2067.253659][T13633] tipc: Node number set to 900160971
[ 2067.262840][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2067.330066][T20719] tipc: Resetting bearer <eth:syzkaller0>
[ 2067.360065][T20712] tipc: Resetting bearer <eth:syzkaller0>
[ 2067.540014][T20712] tipc: Disabling bearer <eth:syzkaller0>
[ 2067.970107][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2071.801418][T20445] hsr_slave_0: entered promiscuous mode
[ 2071.803043][T20445] hsr_slave_1: entered promiscuous mode
[ 2071.803979][T20445] debugfs: 'hsr0' already exists in 'hsr'
[ 2071.804003][T20445] Cannot create hsr debugfs directory
[ 2072.449087][ T1661] usb 7-1: new low-speed USB device number 16 using dummy_hcd
[ 2072.624488][ T1661] usb 7-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2072.624517][ T1661] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2072.631356][ T1661] usb 7-1: config 0 descriptor??
[ 2074.840959][ T1661] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 2074.840988][ T1661] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write Medium Mode mode to 0x0306: ffffffb9
[ 2074.841270][ T1661] asix 7-1:0.0: probe with driver asix failed with error -71
[ 2074.892609][ T1661] usb 7-1: USB disconnect, device number 16
[ 2075.448109][   T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2075.466399][   T59] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2076.400696][   T59] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2076.456783][   T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2076.457658][   T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2077.904790][T20445] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2078.247425][T20445] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2078.324565][   T64] bridge_slave_1: left allmulticast mode
[ 2078.324588][   T64] bridge_slave_1: left promiscuous mode
[ 2078.324767][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2078.440825][   T64] bridge_slave_0: left allmulticast mode
[ 2078.440847][   T64] bridge_slave_0: left promiscuous mode
[ 2078.441039][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2078.550765][   T59] Bluetooth: hci1: command tx timeout
[ 2080.629153][   T59] Bluetooth: hci1: command tx timeout
[ 2080.850078][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2081.831772][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2081.946964][   T64] bond0 (unregistering): Released all slaves
[ 2082.479036][T20778] lo speed is unknown, defaulting to 1000
[ 2082.495473][T20445] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2082.600041][T20445] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2082.729973][   T59] Bluetooth: hci1: command tx timeout
[ 2082.970638][   T64] hsr_slave_0: left promiscuous mode
[ 2083.009139][   T64] hsr_slave_1: left promiscuous mode
[ 2083.010205][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2083.049951][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2084.254017][   T64] team0 (unregistering): Port device team_slave_1 removed
[ 2084.263407][T20842] siw: device registration error -23
[ 2084.822905][   T59] Bluetooth: hci1: command tx timeout
[ 2087.100718][   T64] team0 (unregistering): Port device team_slave_0 removed
[ 2087.253594][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2087.270858][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2087.272485][ T5849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2087.274941][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2087.275821][ T5849] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2089.553121][   T59] Bluetooth: hci3: command tx timeout
[ 2089.787769][T20880] netlink: 'syz.6.3383': attribute type 4 has an invalid length.
[ 2089.787790][T20880] netlink: 17 bytes leftover after parsing attributes in process `syz.6.3383'.
[ 2091.589097][   T59] Bluetooth: hci3: command tx timeout
[ 2091.731454][T20856] lo speed is unknown, defaulting to 1000
[ 2091.817769][T20896] fuse: Bad value for 'fd'
[ 2091.982755][T20889] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 2091.982985][T20889] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2091.983150][T20889] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2091.983220][T20889] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 2092.063210][T20889] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 2092.137668][T20778] chnl_net:caif_netlink_parms(): no params data found
[ 2092.163529][T20889] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2092.163616][T20889] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 2092.263455][T20889] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 2093.526745][ T5849] Bluetooth: hci4: command 0x0406 tx timeout
[ 2093.989322][ T5849] Bluetooth: hci1: command 0x0c1a tx timeout
[ 2093.989598][ T5849] Bluetooth: hci2: command 0x0c1a tx timeout
[ 2094.229052][   T59] Bluetooth: hci3: command 0x0419 tx timeout
[ 2095.829245][T20778] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2095.829388][T20778] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2095.829646][T20778] bridge_slave_0: entered allmulticast mode
[ 2095.841148][T20778] bridge_slave_0: entered promiscuous mode
[ 2096.069648][   T59] Bluetooth: hci1: command 0x0c1a tx timeout
[ 2096.346598][   T59] Bluetooth: hci3: command 0x0419 tx timeout
[ 2098.199665][   T59] Bluetooth: hci1: command 0x0c1a tx timeout
[ 2098.353924][T20778] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2098.354070][T20778] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2098.354300][T20778] bridge_slave_1: entered allmulticast mode
[ 2098.386182][T20778] bridge_slave_1: entered promiscuous mode
[ 2098.389092][   T59] Bluetooth: hci3: command 0x0419 tx timeout
[ 2100.462139][T20856] chnl_net:caif_netlink_parms(): no params data found
[ 2100.489049][   T59] Bluetooth: hci3: command 0x0419 tx timeout
[ 2100.531940][T20778] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2100.563270][T20778] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2102.907576][T13633] IPVS: starting estimator thread 0...
[ 2103.313532][T20979] tty tty2: ldisc open failed (-12), clearing slot 1
[ 2103.419231][T20981] IPVS: using max 6 ests per chain, 14400 per kthread
[ 2106.328152][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2106.328228][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2107.807024][T20778] team0: Port device team_slave_0 added
[ 2107.971504][T20778] team0: Port device team_slave_1 added
[ 2108.449087][    T9] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[ 2108.619032][    T9] usb 7-1: Using ep0 maxpacket: 16
[ 2108.622360][    T9] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 2108.624142][    T9] usb 7-1: config 7 has an invalid interface number: 192 but max is 0
[ 2108.624165][    T9] usb 7-1: config 7 has no interface number 0
[ 2108.624197][    T9] usb 7-1: config 7 interface 192 has no altsetting 0
[ 2108.628024][    T9] usb 7-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=49.da
[ 2108.628049][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2108.628067][    T9] usb 7-1: Product: syz
[ 2108.628079][    T9] usb 7-1: Manufacturer: syz
[ 2108.628093][    T9] usb 7-1: SerialNumber: syz
[ 2108.959625][    T9] usb_ehset_test 7-1:7.192: probe with driver usb_ehset_test failed with error -32
[ 2108.969470][    T9] usb 7-1: USB disconnect, device number 17
[ 2109.225376][T21020] netlink: 'syz.0.3417': attribute type 10 has an invalid length.
[ 2109.712243][T20778] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2109.712260][T20778] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2109.712284][T20778] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2109.848482][T21020] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 2110.442461][T20778] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2110.442477][T20778] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2110.442502][T20778] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2110.990261][T20856] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2110.990401][T20856] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2110.990841][T20856] bridge_slave_0: entered allmulticast mode
[ 2111.000307][T20856] bridge_slave_0: entered promiscuous mode
[ 2111.890783][T20856] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2111.890925][T20856] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2111.891163][T20856] bridge_slave_1: entered allmulticast mode
[ 2111.893990][T20856] bridge_slave_1: entered promiscuous mode
[ 2111.982853][T21043] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2115.843059][T20856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2115.891299][T20778] hsr_slave_0: entered promiscuous mode
[ 2115.892581][T20778] hsr_slave_1: entered promiscuous mode
[ 2115.893459][T20778] debugfs: 'hsr0' already exists in 'hsr'
[ 2115.893482][T20778] Cannot create hsr debugfs directory
[ 2115.896979][T20856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2116.077778][T21079] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3437'.
[ 2116.842599][T20856] team0: Port device team_slave_0 added
[ 2116.885059][T20856] team0: Port device team_slave_1 added
[ 2117.402804][T21093] ubi: mtd0 is already attached to ubi31
[ 2117.903686][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2118.320551][T20856] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2118.320573][T20856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2118.320599][T20856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2118.450783][T20856] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2118.450801][T20856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2118.450826][T20856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2119.261216][   T64] bridge_slave_1: left allmulticast mode
[ 2119.261248][   T64] bridge_slave_1: left promiscuous mode
[ 2119.261496][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2119.340563][   T64] bridge_slave_0: left allmulticast mode
[ 2119.340597][   T64] bridge_slave_0: left promiscuous mode
[ 2119.340896][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2119.718973][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2120.143383][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2120.280077][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2120.289148][T10419] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[ 2120.381917][   T64] bond0 (unregistering): Released all slaves
[ 2120.439541][T10419] usb 1-1: Using ep0 maxpacket: 32
[ 2120.442283][T10419] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 2120.452869][T10419] usb 1-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2120.452897][T10419] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2120.452915][T10419] usb 1-1: Product: syz
[ 2120.452928][T10419] usb 1-1: Manufacturer: syz
[ 2120.452941][T10419] usb 1-1: SerialNumber: syz
[ 2120.708172][T10419] pwc: Philips PCA645VC USB webcam detected.
[ 2120.736898][T10419] pwc: send_video_command error -71
[ 2120.736918][T10419] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2120.737042][T10419] Philips webcam 1-1:7.0: probe with driver Philips webcam failed with error -71
[ 2120.743629][T10419] usb 1-1: USB disconnect, device number 45
[ 2120.895080][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2121.545003][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2121.604118][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2121.802695][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2121.858887][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2121.874320][T20856] hsr_slave_0: entered promiscuous mode
[ 2121.894047][T20856] hsr_slave_1: entered promiscuous mode
[ 2121.894960][T20856] debugfs: 'hsr0' already exists in 'hsr'
[ 2121.894983][T20856] Cannot create hsr debugfs directory
[ 2122.182088][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2122.228915][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2122.270300][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2122.365107][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2122.519386][   T64] hsr_slave_0: left promiscuous mode
[ 2122.660055][   T64] hsr_slave_1: left promiscuous mode
[ 2122.697351][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2122.866992][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2126.039338][   T64] team0 (unregistering): Port device team_slave_1 removed
[ 2126.422283][   T64] team0 (unregistering): Port device team_slave_0 removed
[ 2131.100434][T20778] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 2131.196368][T20778] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 2131.199334][T21190] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2131.283398][T20778] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 2131.394789][T20778] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 2137.936881][T21256] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2138.445695][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2138.450986][T10419] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[ 2138.484463][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2138.485987][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2138.502560][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2138.507773][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2138.640462][T10419] usb 8-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2138.640488][T10419] usb 8-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[ 2138.640522][T10419] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2138.640542][T10419] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2141.229062][   T59] Bluetooth: hci1: command tx timeout
[ 2142.518962][T20856] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2142.573932][T21269] lo speed is unknown, defaulting to 1000
[ 2143.269140][ T5849] Bluetooth: hci1: command tx timeout
[ 2143.456139][T21311] siw: device registration error -23
[ 2144.297208][T20856] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2145.020449][    T9] usb 8-1: USB disconnect, device number 22
[ 2145.359008][ T5849] Bluetooth: hci1: command tx timeout
[ 2146.810707][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2146.861682][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2146.885089][ T5849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2146.910375][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2146.919593][ T5849] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2147.052995][T21335] lo speed is unknown, defaulting to 1000
[ 2147.060590][T21329] ceph: No mds server is up or the cluster is laggy
[ 2147.426940][T21269] chnl_net:caif_netlink_parms(): no params data found
[ 2147.473325][ T5849] Bluetooth: hci1: command tx timeout
[ 2148.383522][ T6113] bridge_slave_1: left allmulticast mode
[ 2148.383544][ T6113] bridge_slave_1: left promiscuous mode
[ 2148.383707][ T6113] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2148.558364][ T6113] bridge_slave_0: left allmulticast mode
[ 2148.558388][ T6113] bridge_slave_0: left promiscuous mode
[ 2148.558573][ T6113] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2149.033505][ T5849] Bluetooth: hci3: command tx timeout
[ 2149.222901][T21358] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3502'.
[ 2150.339769][T10419] usb 1-1: new full-speed USB device number 46 using dummy_hcd
[ 2150.614620][T10419] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 2150.783350][T10419] usb 1-1: not running at top speed; connect to a high speed hub
[ 2150.797631][T10419] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2150.797655][T10419] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 2150.828475][T10419] usb 1-1: config 1 interface 0 has no altsetting 0
[ 2150.871312][T10419] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2150.871339][T10419] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2150.871356][T10419] usb 1-1: Product: syz
[ 2150.871369][T10419] usb 1-1: Manufacturer: syz
[ 2150.871382][T10419] usb 1-1: SerialNumber: syz
[ 2151.116584][ T5849] Bluetooth: hci3: command tx timeout
[ 2151.383121][ T6113] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2151.471313][ T6113] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2151.568377][ T6113] bond0 (unregistering): Released all slaves
[ 2152.856471][T10419] usb 1-1: USB disconnect, device number 46
[ 2153.191441][ T5849] Bluetooth: hci3: command tx timeout
[ 2153.441990][T21269] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2153.442091][T21269] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2153.442288][T21269] bridge_slave_0: entered allmulticast mode
[ 2153.444656][T21269] bridge_slave_0: entered promiscuous mode
[ 2153.623653][ T6113] hsr_slave_0: left promiscuous mode
[ 2153.659392][ T6113] hsr_slave_1: left promiscuous mode
[ 2153.666029][ T6113] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2153.689678][ T6113] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2154.502367][T10419] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[ 2155.209015][T10419] usb 1-1: Using ep0 maxpacket: 32
[ 2155.211819][T10419] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 2155.216672][T10419] usb 1-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2155.216700][T10419] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2155.216720][T10419] usb 1-1: Product: syz
[ 2155.216734][T10419] usb 1-1: Manufacturer: syz
[ 2155.216747][T10419] usb 1-1: SerialNumber: syz
[ 2155.268998][ T5849] Bluetooth: hci3: command tx timeout
[ 2155.539045][T10419] pwc: Philips PCA645VC USB webcam detected.
[ 2155.540491][T10419] pwc: send_video_command error -71
[ 2155.540506][T10419] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2155.540619][T10419] Philips webcam 1-1:7.0: probe with driver Philips webcam failed with error -71
[ 2155.544172][T10419] usb 1-1: USB disconnect, device number 47
[ 2156.700119][ T6113] team0 (unregistering): Port device team_slave_1 removed
[ 2156.902647][ T6113] team0 (unregistering): Port device team_slave_0 removed
[ 2158.030943][T21269] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2158.032464][T21269] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2158.032722][T21269] bridge_slave_1: entered allmulticast mode
[ 2158.035442][T21269] bridge_slave_1: entered promiscuous mode
[ 2158.197631][T21388] mac80211_hwsim hwsim18 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 2159.419049][    T9] usb 8-1: new high-speed USB device number 23 using dummy_hcd
[ 2159.569840][    T9] usb 8-1: Using ep0 maxpacket: 32
[ 2159.572028][    T9] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 2159.576065][    T9] usb 8-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2159.576081][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2159.576091][    T9] usb 8-1: Product: syz
[ 2159.576098][    T9] usb 8-1: Manufacturer: syz
[ 2159.576105][    T9] usb 8-1: SerialNumber: syz
[ 2159.635777][T21424] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3526'.
[ 2159.726573][T21269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2159.824089][T21269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2159.890914][    T9] pwc: Philips PCA645VC USB webcam detected.
[ 2159.892308][    T9] pwc: send_video_command error -71
[ 2159.892324][    T9] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2159.892439][    T9] Philips webcam 8-1:7.0: probe with driver Philips webcam failed with error -71
[ 2160.009172][    T9] usb 8-1: USB disconnect, device number 23
[ 2160.353234][T21335] chnl_net:caif_netlink_parms(): no params data found
[ 2160.421504][T21269] team0: Port device team_slave_0 added
[ 2160.432950][T21434] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3529'.
[ 2160.497630][T21269] team0: Port device team_slave_1 added
[ 2160.949104][ T6090] wlan1: Trigger new scan to find an IBSS to join
[ 2161.280326][T21269] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2161.280343][T21269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2161.280369][T21269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2161.388260][T21269] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2161.388276][T21269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2161.388303][T21269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2162.308186][T21335] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2162.308266][T21335] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2162.308414][T21335] bridge_slave_0: entered allmulticast mode
[ 2162.316952][T21335] bridge_slave_0: entered promiscuous mode
[ 2162.434285][T21335] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2162.434511][T21335] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2162.434746][T21335] bridge_slave_1: entered allmulticast mode
[ 2162.437510][T21335] bridge_slave_1: entered promiscuous mode
[ 2164.541656][   T37] audit: type=1326 audit(1756739194.809:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21479 comm="syz.7.3541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19856ebe9 code=0x7ffc0000
[ 2164.542018][   T37] audit: type=1326 audit(1756739194.829:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21479 comm="syz.7.3541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fc19856ebe9 code=0x7ffc0000
[ 2164.542743][   T37] audit: type=1326 audit(1756739194.829:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21479 comm="syz.7.3541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19856ebe9 code=0x7ffc0000
[ 2164.543323][   T37] audit: type=1326 audit(1756739194.829:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21479 comm="syz.7.3541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7fc19856ebe9 code=0x7ffc0000
[ 2164.558780][   T37] audit: type=1326 audit(1756739194.829:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21479 comm="syz.7.3541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc19856ebe9 code=0x7ffc0000
[ 2164.685429][T21485] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3539'.
[ 2164.892241][T21269] hsr_slave_0: entered promiscuous mode
[ 2164.893594][T21269] hsr_slave_1: entered promiscuous mode
[ 2164.894475][T21269] debugfs: 'hsr0' already exists in 'hsr'
[ 2164.894499][T21269] Cannot create hsr debugfs directory
[ 2165.030612][T17378] wlan1: Trigger new scan to find an IBSS to join
[ 2165.064362][T21335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2165.187837][T21335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2166.451469][T16036] wlan1: Creating new IBSS network, BSSID 7a:0f:c9:55:f1:c5
[ 2168.692136][T21335] team0: Port device team_slave_0 added
[ 2168.696342][T21515] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3550'.
[ 2168.727102][T21511] loop4: detected capacity change from 0 to 524255232
[ 2168.754700][T21335] team0: Port device team_slave_1 added
[ 2168.846300][T21512] loop4: detected capacity change from 524255232 to 524287956
[ 2169.081954][T21519] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3551'.
[ 2170.510480][T21335] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2170.510496][T21335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2170.510528][T21335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2170.869704][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2170.869778][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2170.890283][T21335] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2170.890299][T21335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2170.890324][T21335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2172.236267][T21538] input: syz0 as /devices/virtual/input/input23
[ 2172.543919][T21546] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3559'.
[ 2173.847075][T21554] ubi: mtd0 is already attached to ubi31
[ 2174.033806][T21335] hsr_slave_0: entered promiscuous mode
[ 2174.342704][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2174.499614][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2174.560987][T21335] hsr_slave_1: entered promiscuous mode
[ 2174.562223][T21335] debugfs: 'hsr0' already exists in 'hsr'
[ 2174.562248][T21335] Cannot create hsr debugfs directory
[ 2174.999134][T12078] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[ 2175.151142][T12078] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2175.151161][T12078] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2175.151183][T12078] usb 7-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[ 2175.151194][T12078] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2175.175754][T12078] usb 7-1: config 0 descriptor??
[ 2175.610558][T21567] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3564'.
[ 2177.442515][T21572] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 2177.442607][T21572] block device autoloading is deprecated and will be removed.
[ 2178.377573][ T6113] bridge_slave_1: left allmulticast mode
[ 2178.377607][ T6113] bridge_slave_1: left promiscuous mode
[ 2178.378013][ T6113] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2178.496588][ T6113] bridge_slave_0: left allmulticast mode
[ 2178.496621][ T6113] bridge_slave_0: left promiscuous mode
[ 2178.565267][ T6113] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2178.623706][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2178.828373][T12078] usbhid 7-1:0.0: can't add hid device: -71
[ 2178.828496][T12078] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 2178.839838][T12078] usb 7-1: USB disconnect, device number 18
[ 2179.548567][ T6113] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2179.574136][T21595] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3569'.
[ 2179.709965][ T6113] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2179.801457][ T6113] bond0 (unregistering): Released all slaves
[ 2181.719171][T21606] loop4: detected capacity change from 0 to 524255232
[ 2182.616354][   T37] audit: type=1107 audit(1756739212.829:31): pid=21607 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='I'
[ 2182.696795][T21603] loop4: detected capacity change from 524255232 to 524287956
[ 2183.431533][T21615] netlink: 64 bytes leftover after parsing attributes in process `syz.6.3575'.
[ 2183.459175][ T6113] hsr_slave_0: left promiscuous mode
[ 2183.923304][ T6113] hsr_slave_1: left promiscuous mode
[ 2183.924409][ T6113] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2183.994248][ T6113] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2187.555729][T21634] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3581'.
[ 2187.753125][T21636] ALSA: seq fatal error: cannot create timer (-19)
[ 2188.069255][T10419] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[ 2188.219101][T10419] usb 1-1: Using ep0 maxpacket: 32
[ 2188.224832][T10419] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 2188.230469][T10419] usb 1-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2188.230503][T10419] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2188.230521][T10419] usb 1-1: Product: syz
[ 2188.230791][T10419] usb 1-1: Manufacturer: syz
[ 2188.230806][T10419] usb 1-1: SerialNumber: syz
[ 2188.296059][ T6113] team0 (unregistering): Port device team_slave_1 removed
[ 2188.475758][T10419] pwc: Philips PCA645VC USB webcam detected.
[ 2188.476954][T10419] pwc: send_video_command error -71
[ 2188.476963][T10419] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2188.477030][T10419] Philips webcam 1-1:7.0: probe with driver Philips webcam failed with error -71
[ 2188.499188][T10419] usb 1-1: USB disconnect, device number 48
[ 2188.521038][ T6113] team0 (unregistering): Port device team_slave_0 removed
[ 2189.666596][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2189.741170][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2189.792161][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2190.324605][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2190.506529][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2190.559429][T21643] vlan2: entered promiscuous mode
[ 2190.559680][T21643] vlan2: entered allmulticast mode
[ 2190.559694][T21643] hsr_slave_1: entered allmulticast mode
[ 2191.207857][T21655] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2191.535492][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2191.624491][T21269] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 2191.667958][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2191.687090][T21269] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 2192.034704][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2192.112192][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2192.453646][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2193.369372][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2193.405041][T21269] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 2193.463518][T21269] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 2193.680536][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2194.116787][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2194.418957][T10419] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[ 2194.568954][T10419] usb 1-1: Using ep0 maxpacket: 32
[ 2194.572371][T10419] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 2194.577179][T10419] usb 1-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2194.577206][T10419] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2194.577224][T10419] usb 1-1: Product: syz
[ 2194.577237][T10419] usb 1-1: Manufacturer: syz
[ 2194.577251][T10419] usb 1-1: SerialNumber: syz
[ 2195.080494][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2195.142183][T10419] pwc: Philips PCA645VC USB webcam detected.
[ 2195.143328][T10419] pwc: send_video_command error -71
[ 2195.143341][T10419] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2195.143434][T10419] Philips webcam 1-1:7.0: probe with driver Philips webcam failed with error -71
[ 2196.126858][T10419] usb 1-1: USB disconnect, device number 49
[ 2196.239348][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2196.457938][T21705] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3596'.
[ 2196.530237][ T6090] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 2196.916138][T21335] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2196.968017][T21335] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2197.022859][T21335] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2197.061518][T21335] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2197.423874][T21335] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2197.454268][T21335] 8021q: adding VLAN 0 to HW filter on device team0
[ 2197.501264][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2197.709541][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2198.165819][T21739] 9pnet: Unknown protocol version 9
[ 2198.583763][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2198.712460][ T6090] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2198.712791][ T6090] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2198.765438][ T6088] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2198.765642][ T6088] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2199.183123][   T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2199.202276][   T59] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2199.203811][   T59] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2199.205231][   T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2199.206087][   T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2200.503392][T21746] lo speed is unknown, defaulting to 1000
[ 2201.009291][T16107] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[ 2201.159027][T16107] usb 7-1: Using ep0 maxpacket: 32
[ 2201.162624][T16107] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 2201.168479][T16107] usb 7-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2201.168508][T16107] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2201.168527][T16107] usb 7-1: Product: syz
[ 2201.168540][T16107] usb 7-1: Manufacturer: syz
[ 2201.168553][T16107] usb 7-1: SerialNumber: syz
[ 2201.269130][   T59] Bluetooth: hci1: command tx timeout
[ 2202.053579][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2202.303472][T16107] pwc: Philips PCA645VC USB webcam detected.
[ 2202.304842][T16107] pwc: send_video_command error -71
[ 2202.304855][T16107] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2202.304962][T16107] Philips webcam 7-1:7.0: probe with driver Philips webcam failed with error -71
[ 2202.315073][T16107] usb 7-1: USB disconnect, device number 19
[ 2202.545787][T21787] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3609'.
[ 2202.660709][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2202.718672][T21788] 9pnet: Unknown protocol version 9
[ 2202.795261][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2203.105753][T21335] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2203.349109][   T59] Bluetooth: hci1: command tx timeout
[ 2203.370720][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2204.416416][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2204.719656][T21746] chnl_net:caif_netlink_parms(): no params data found
[ 2205.363286][ T3609] bridge_slave_1: left allmulticast mode
[ 2205.363318][ T3609] bridge_slave_1: left promiscuous mode
[ 2205.363581][ T3609] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2205.430643][   T59] Bluetooth: hci1: command tx timeout
[ 2205.472320][ T3609] bridge_slave_0: left allmulticast mode
[ 2205.472352][ T3609] bridge_slave_0: left promiscuous mode
[ 2205.472650][ T3609] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2206.125079][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2206.244628][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2206.314971][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2207.110216][ T3609] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2207.190347][ T3609] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2207.261808][ T3609] bond0 (unregistering): Released all slaves
[ 2207.519089][   T59] Bluetooth: hci1: command tx timeout
[ 2208.210492][T21846] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3617'.
[ 2208.231249][T21746] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2208.231394][T21746] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2208.231645][T21746] bridge_slave_0: entered allmulticast mode
[ 2208.236908][T21746] bridge_slave_0: entered promiscuous mode
[ 2208.799574][ T3609] hsr_slave_0: left promiscuous mode
[ 2208.819062][ T3609] hsr_slave_1: left promiscuous mode
[ 2208.819963][ T3609] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2208.859987][ T3609] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2208.901311][T16107] usb 8-1: new high-speed USB device number 24 using dummy_hcd
[ 2208.948768][T21860] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2208.984800][T21860] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2208.987945][T21860] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2208.996653][T21860] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2208.997389][T21860] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2209.098995][T16107] usb 8-1: Using ep0 maxpacket: 32
[ 2209.103863][T16107] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 2209.108918][T16107] usb 8-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2209.108944][T16107] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2209.108961][T16107] usb 8-1: Product: syz
[ 2209.108975][T16107] usb 8-1: Manufacturer: syz
[ 2209.108988][T16107] usb 8-1: SerialNumber: syz
[ 2209.400844][T16107] pwc: Philips PCA645VC USB webcam detected.
[ 2209.405286][T16107] pwc: send_video_command error -71
[ 2209.405303][T16107] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2209.405422][T16107] Philips webcam 8-1:7.0: probe with driver Philips webcam failed with error -71
[ 2209.441794][T16107] usb 8-1: USB disconnect, device number 24
[ 2209.664240][T21864] 9pnet: Unknown protocol version 9
[ 2210.309329][T20345] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[ 2210.361871][ T3609] team0 (unregistering): Port device team_slave_1 removed
[ 2210.462162][T20345] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 2210.462188][T20345] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2210.462206][T20345] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 2210.462246][T20345] usb 8-1: too many endpoints for config 1 interface 0 altsetting 49: 56, using maximum allowed: 30
[ 2210.462287][T20345] usb 8-1: config 1 interface 0 altsetting 49 has 0 endpoint descriptors, different from the interface descriptor's value: 56
[ 2210.462310][T20345] usb 8-1: config 1 interface 0 has no altsetting 0
[ 2210.464856][T20345] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 2210.464882][T20345] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 2210.464901][T20345] usb 8-1: Product: syz
[ 2210.464914][T20345] usb 8-1: Manufacturer: syz
[ 2211.606668][   T59] Bluetooth: hci3: command tx timeout
[ 2211.830698][ T3609] team0 (unregistering): Port device team_slave_0 removed
[ 2213.050784][T21876] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3623'.
[ 2213.943015][   T59] Bluetooth: hci3: command tx timeout
[ 2214.078242][T20345] usb 8-1: USB disconnect, device number 25
[ 2215.819188][T21746] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2215.819333][T21746] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2215.819558][T21746] bridge_slave_1: entered allmulticast mode
[ 2215.822216][T21746] bridge_slave_1: entered promiscuous mode
[ 2216.110650][T21860] Bluetooth: hci3: command tx timeout
[ 2218.408855][T21860] Bluetooth: hci3: command tx timeout
[ 2218.451954][T21901] 9pnet: Unknown protocol version 9
[ 2218.603073][T21890] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3627'.
[ 2219.989007][T14312] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[ 2220.025445][T21746] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2220.143052][T21746] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2220.189434][T14312] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 2220.189451][T14312] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2220.189461][T14312] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 2220.189483][T14312] usb 7-1: too many endpoints for config 1 interface 0 altsetting 49: 56, using maximum allowed: 30
[ 2220.189503][T14312] usb 7-1: config 1 interface 0 altsetting 49 has 0 endpoint descriptors, different from the interface descriptor's value: 56
[ 2220.189517][T14312] usb 7-1: config 1 interface 0 has no altsetting 0
[ 2220.191044][T14312] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 2220.191059][T14312] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 2220.191069][T14312] usb 7-1: Product: syz
[ 2220.191076][T14312] usb 7-1: Manufacturer: syz
[ 2221.987142][T21858] lo speed is unknown, defaulting to 1000
[ 2222.087917][T21746] team0: Port device team_slave_0 added
[ 2222.132526][T21746] team0: Port device team_slave_1 added
[ 2222.876307][T14312] usb 7-1: USB disconnect, device number 20
[ 2224.694583][T21746] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2224.694602][T21746] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2224.694627][T21746] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2225.164589][T21746] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2225.164749][T21746] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2225.164804][T21746] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2226.489687][T21958] 9pnet: Unknown protocol version 9
[ 2227.429036][T20345] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[ 2227.524956][T21746] hsr_slave_0: entered promiscuous mode
[ 2227.525738][T21746] hsr_slave_1: entered promiscuous mode
[ 2227.528934][T21746] debugfs: 'hsr0' already exists in 'hsr'
[ 2227.587700][T21746] Cannot create hsr debugfs directory
[ 2227.597117][ T6113] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 2227.634050][T20345] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 2227.634078][T20345] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2227.634096][T20345] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 2227.634136][T20345] usb 7-1: too many endpoints for config 1 interface 0 altsetting 49: 56, using maximum allowed: 30
[ 2227.634177][T20345] usb 7-1: config 1 interface 0 altsetting 49 has 0 endpoint descriptors, different from the interface descriptor's value: 56
[ 2227.634202][T20345] usb 7-1: config 1 interface 0 has no altsetting 0
[ 2227.638539][T20345] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 2227.638565][T20345] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 2227.638583][T20345] usb 7-1: Product: syz
[ 2227.638595][T20345] usb 7-1: Manufacturer: syz
[ 2230.279289][T20345] usb 7-1: USB disconnect, device number 21
[ 2232.156807][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2232.156853][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2232.615333][T22010] ubi: mtd0 is already attached to ubi31
[ 2233.019325][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2233.254016][T22015] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2234.407602][T21858] chnl_net:caif_netlink_parms(): no params data found
[ 2234.703716][T22020] 9pnet: Unknown protocol version 9
[ 2235.400448][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2235.535374][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2235.894872][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2237.620042][T21858] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2237.620190][T21858] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2237.620436][T21858] bridge_slave_0: entered allmulticast mode
[ 2237.623181][T21858] bridge_slave_0: entered promiscuous mode
[ 2238.497504][T21858] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2238.506862][T21858] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2238.507037][T21858] bridge_slave_1: entered allmulticast mode
[ 2238.530312][T21858] bridge_slave_1: entered promiscuous mode
[ 2240.236084][T22056] capability: warning: `syz.6.3663' uses deprecated v2 capabilities in a way that may be insecure
[ 2240.412708][T21858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2240.445925][T21858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2240.809461][T22059] 9pnet: Unknown protocol version 9
[ 2241.054580][T21858] team0: Port device team_slave_0 added
[ 2241.079164][T21858] team0: Port device team_slave_1 added
[ 2241.310026][ T3609] bridge_slave_1: left allmulticast mode
[ 2241.310059][ T3609] bridge_slave_1: left promiscuous mode
[ 2241.311280][ T3609] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2241.676597][ T3609] bridge_slave_0: left allmulticast mode
[ 2241.676629][ T3609] bridge_slave_0: left promiscuous mode
[ 2241.676878][ T3609] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2241.979316][T10419] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[ 2242.132084][T10419] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 2242.132112][T10419] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2242.132130][T10419] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 2242.132166][T10419] usb 1-1: too many endpoints for config 1 interface 0 altsetting 49: 56, using maximum allowed: 30
[ 2242.132205][T10419] usb 1-1: config 1 interface 0 altsetting 49 has 0 endpoint descriptors, different from the interface descriptor's value: 56
[ 2242.132231][T10419] usb 1-1: config 1 interface 0 has no altsetting 0
[ 2242.134596][T10419] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 2242.134622][T10419] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 2242.134640][T10419] usb 1-1: Product: syz
[ 2242.134653][T10419] usb 1-1: Manufacturer: syz
[ 2244.819724][T10419] usb 1-1: USB disconnect, device number 50
[ 2248.000592][ T3609] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2248.082505][T22101] 9pnet: Unknown protocol version 9
[ 2249.172931][ T3609] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2249.253876][ T3609] bond0 (unregistering): Released all slaves
[ 2249.637935][T21858] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2249.637951][T21858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2249.637974][T21858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2249.648044][T21858] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2249.648060][T21858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2249.648085][T21858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2250.009904][ T3609] hsr_slave_0: left promiscuous mode
[ 2250.040532][ T3609] hsr_slave_1: left promiscuous mode
[ 2250.041575][ T3609] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2250.086597][ T3609] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2255.750287][T22133] 9pnet: Unknown protocol version 9
[ 2258.360089][ T3609] team0 (unregistering): Port device team_slave_1 removed
[ 2259.509800][ T3609] team0 (unregistering): Port device team_slave_0 removed
[ 2259.710123][ T6123] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 2260.182890][   T59] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2260.201901][   T59] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2260.205498][   T59] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2260.230903][   T59] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2260.233030][   T59] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2262.500344][   T59] Bluetooth: hci5: command tx timeout
[ 2263.192735][T22166] 9pnet: Unknown protocol version 9
[ 2264.195974][T21858] hsr_slave_0: entered promiscuous mode
[ 2264.197244][T21858] hsr_slave_1: entered promiscuous mode
[ 2264.198118][T21858] debugfs: 'hsr0' already exists in 'hsr'
[ 2264.198140][T21858] Cannot create hsr debugfs directory
[ 2264.265916][T22151] lo speed is unknown, defaulting to 1000
[ 2264.549253][   T59] Bluetooth: hci5: command tx timeout
[ 2266.633697][   T59] Bluetooth: hci5: command tx timeout
[ 2267.766081][T22207] 9pnet: Unknown protocol version 9
[ 2268.709099][   T59] Bluetooth: hci5: command tx timeout
[ 2270.040609][T21860] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2270.077391][T21860] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2270.079650][T21860] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2270.103611][T21860] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2270.106916][T21860] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2270.713945][T22243] ubi: mtd0 is already attached to ubi31
[ 2271.014848][T22151] chnl_net:caif_netlink_parms(): no params data found
[ 2271.173450][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2271.873211][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2271.888093][T22234] lo speed is unknown, defaulting to 1000
[ 2272.484564][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2272.647504][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2272.731450][T21860] Bluetooth: hci1: command tx timeout
[ 2272.872217][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2272.924906][T22257] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2272.937841][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2273.961251][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2273.999263][T22257] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2274.811138][T22257] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2274.832330][T21860] Bluetooth: hci1: command tx timeout
[ 2274.932305][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2275.519948][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2275.905110][T22257] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2275.930617][T22151] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2275.930763][T22151] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2275.930936][T22151] bridge_slave_0: entered allmulticast mode
[ 2275.932762][T22151] bridge_slave_0: entered promiscuous mode
[ 2276.111561][T22151] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2276.111725][T22151] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2276.111953][T22151] bridge_slave_1: entered allmulticast mode
[ 2276.150758][T22151] bridge_slave_1: entered promiscuous mode
[ 2276.754436][T16842] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2276.843149][T22151] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2276.843228][T16842] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2276.869109][T21860] Bluetooth: hci1: command tx timeout
[ 2276.917934][T16842] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2276.935265][T22151] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2276.998595][T16842] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2278.298883][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2279.061727][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2279.291816][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2279.292045][T21860] Bluetooth: hci1: command tx timeout
[ 2280.012731][T22151] team0: Port device team_slave_0 added
[ 2280.167199][T22151] team0: Port device team_slave_1 added
[ 2280.563955][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2280.672815][ T6075] bridge_slave_1: left allmulticast mode
[ 2280.672847][ T6075] bridge_slave_1: left promiscuous mode
[ 2280.673106][ T6075] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2280.739391][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2280.916746][ T5966] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[ 2281.064144][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2281.099507][ T5966] usb 1-1: Using ep0 maxpacket: 16
[ 2281.284786][ T5966] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 2281.284836][ T5966] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2281.284879][ T5966] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2281.287842][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2281.396092][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2281.450631][ T6075] bridge_slave_0: left allmulticast mode
[ 2281.450664][ T6075] bridge_slave_0: left promiscuous mode
[ 2281.450987][ T6075] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2281.680606][ T5966] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2281.680635][ T5966] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2281.680655][ T5966] usb 1-1: Product: syz
[ 2281.680668][ T5966] usb 1-1: Manufacturer: syz
[ 2281.680682][ T5966] usb 1-1: SerialNumber: syz
[ 2281.856836][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2281.997735][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2282.789394][ T5966] usb 1-1: 0:2 : does not exist
[ 2282.916097][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2283.449480][ T6075] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2283.630207][ T6075] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2283.708355][ T6075] bond0 (unregistering): Released all slaves
[ 2284.459854][T22151] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2284.459870][T22151] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2284.459890][T22151] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2284.589029][ T5966] usb 1-1: USB disconnect, device number 51
[ 2284.725117][T22276] udevd[22276]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2284.760669][ T6075] hsr_slave_0: left promiscuous mode
[ 2284.802116][ T6075] hsr_slave_1: left promiscuous mode
[ 2284.803093][ T6075] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2284.882308][ T6075] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2285.388952][ T1661] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[ 2285.538878][ T1661] usb 1-1: Using ep0 maxpacket: 32
[ 2285.541932][ T1661] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 2285.547921][ T1661] usb 1-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2285.547948][ T1661] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2285.547966][ T1661] usb 1-1: Product: syz
[ 2285.547980][ T1661] usb 1-1: Manufacturer: syz
[ 2285.547992][ T1661] usb 1-1: SerialNumber: syz
[ 2285.911029][T22338] siw: device registration error -23
[ 2286.733700][ T1661] pwc: Philips PCA645VC USB webcam detected.
[ 2286.750016][ T1661] pwc: send_video_command error -71
[ 2286.750031][ T1661] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2286.750143][ T1661] Philips webcam 1-1:7.0: probe with driver Philips webcam failed with error -71
[ 2286.779146][ T1661] usb 1-1: USB disconnect, device number 52
[ 2289.971334][ T1661] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[ 2289.993234][ T6075] team0 (unregistering): Port device team_slave_1 removed
[ 2290.129866][ T1661] usb 1-1: no configurations
[ 2290.129884][ T1661] usb 1-1: can't read configurations, error -22
[ 2290.169866][ T6075] team0 (unregistering): Port device team_slave_0 removed
[ 2290.269113][ T1661] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[ 2290.421422][ T1661] usb 1-1: no configurations
[ 2290.421440][ T1661] usb 1-1: can't read configurations, error -22
[ 2290.430775][ T1661] usb usb1-port1: attempt power cycle
[ 2290.779094][ T1661] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[ 2290.800586][ T1661] usb 1-1: no configurations
[ 2290.800604][ T1661] usb 1-1: can't read configurations, error -22
[ 2290.929273][ T1661] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[ 2290.958217][T17378] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 2290.982240][ T1661] usb 1-1: no configurations
[ 2290.982257][ T1661] usb 1-1: can't read configurations, error -22
[ 2290.991287][ T1661] usb usb1-port1: unable to enumerate USB device
[ 2291.129681][T22372] siw: device registration error -23
[ 2291.143810][T22151] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2291.143825][T22151] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2291.143849][T22151] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2291.306437][   T37] audit: type=1800 audit(1756739321.569:32): pid=22366 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.7.3748" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[ 2291.335695][T22366] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[ 2291.335753][T22366] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[ 2291.335773][T22366] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 2291.928977][T10419] usb 8-1: new high-speed USB device number 26 using dummy_hcd
[ 2291.973314][T22151] hsr_slave_0: entered promiscuous mode
[ 2291.974539][T22151] hsr_slave_1: entered promiscuous mode
[ 2291.975321][T22151] debugfs: 'hsr0' already exists in 'hsr'
[ 2291.975342][T22151] Cannot create hsr debugfs directory
[ 2292.019649][T22234] chnl_net:caif_netlink_parms(): no params data found
[ 2292.148955][T10419] usb 8-1: Using ep0 maxpacket: 32
[ 2292.153356][T10419] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 2292.172747][T10419] usb 8-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2292.172776][T10419] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2292.172793][T10419] usb 8-1: Product: syz
[ 2292.172806][T10419] usb 8-1: Manufacturer: syz
[ 2292.172819][T10419] usb 8-1: SerialNumber: syz
[ 2292.423105][T10419] pwc: Philips PCA645VC USB webcam detected.
[ 2292.437128][T10419] pwc: send_video_command error -71
[ 2292.437143][T10419] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2292.437266][T10419] Philips webcam 8-1:7.0: probe with driver Philips webcam failed with error -71
[ 2292.441141][T10419] usb 8-1: USB disconnect, device number 26
[ 2293.673034][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2293.673660][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2294.624985][T22234] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2294.625206][T22234] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2294.625405][T22234] bridge_slave_0: entered allmulticast mode
[ 2294.644387][T22234] bridge_slave_0: entered promiscuous mode
[ 2294.732569][T22234] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2294.732712][T22234] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2294.732949][T22234] bridge_slave_1: entered allmulticast mode
[ 2294.754665][T22413] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3757'.
[ 2294.759184][T22234] bridge_slave_1: entered promiscuous mode
[ 2295.023815][T22415] svc: failed to register nfsdv3 RPC service (errno 111).
[ 2295.026117][T22415] svc: failed to register nfsaclv3 RPC service (errno 111).
[ 2295.523090][T16887] usb 8-1: new high-speed USB device number 27 using dummy_hcd
[ 2296.020111][T16887] usb 8-1: unable to read config index 0 descriptor/start: -61
[ 2296.021056][T16887] usb 8-1: can't read configurations, error -61
[ 2296.552711][T22234] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2296.613149][T22234] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2296.648947][T16887] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[ 2296.802600][T16887] usb 8-1: unable to read config index 0 descriptor/start: -61
[ 2296.802646][T16887] usb 8-1: can't read configurations, error -61
[ 2296.803013][T16887] usb usb8-port1: attempt power cycle
[ 2296.828956][ T5966] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[ 2296.923452][ T6075] bridge_slave_1: left allmulticast mode
[ 2296.923477][ T6075] bridge_slave_1: left promiscuous mode
[ 2296.923735][ T6075] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2296.978984][ T5966] usb 7-1: Using ep0 maxpacket: 32
[ 2296.983817][ T5966] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 2297.004016][ T6075] bridge_slave_0: left allmulticast mode
[ 2297.004047][ T6075] bridge_slave_0: left promiscuous mode
[ 2297.004431][ T6075] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2297.008160][ T5966] usb 7-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2297.008178][ T5966] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2297.008187][ T5966] usb 7-1: Product: syz
[ 2297.008194][ T5966] usb 7-1: Manufacturer: syz
[ 2297.008201][ T5966] usb 7-1: SerialNumber: syz
[ 2297.138992][T16887] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[ 2297.163923][T16887] usb 8-1: unable to read config index 0 descriptor/start: -61
[ 2297.163956][T16887] usb 8-1: can't read configurations, error -61
[ 2297.289025][T16887] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[ 2297.328962][T10419] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[ 2297.332369][T16887] usb 8-1: unable to read config index 0 descriptor/start: -61
[ 2297.332402][T16887] usb 8-1: can't read configurations, error -61
[ 2297.336723][T16887] usb usb8-port1: unable to enumerate USB device
[ 2297.402667][ T5966] pwc: Philips PCA645VC USB webcam detected.
[ 2297.405266][ T5966] pwc: send_video_command error -71
[ 2297.405282][ T5966] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2297.405390][ T5966] Philips webcam 7-1:7.0: probe with driver Philips webcam failed with error -71
[ 2297.459118][ T5966] usb 7-1: USB disconnect, device number 22
[ 2297.481376][T10419] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 2297.481405][T10419] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2297.512774][T10419] usb 1-1: config 0 descriptor??
[ 2297.604285][ T6075] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2297.691459][ T6075] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2297.726073][T10419] udl 1-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 2297.728073][T10419] [drm:udl_init] *ERROR* Selecting channel failed
[ 2297.788001][T10419] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2
[ 2297.788024][T10419] [drm] Initialized udl on minor 2
[ 2297.792878][ T6075] bond0 (unregistering): Released all slaves
[ 2297.825701][T10419] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2297.842187][T10419] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[ 2297.898514][T10419] usb 1-1: USB disconnect, device number 57
[ 2297.914420][T22234] team0: Port device team_slave_0 added
[ 2297.916141][ T5966] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2297.938630][ T5966] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[ 2299.349572][T22234] team0: Port device team_slave_1 added
[ 2299.719123][T14312] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[ 2300.757472][T14312] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 2300.757499][T14312] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2300.757517][T14312] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 2300.758272][T14312] usb 7-1: too many endpoints for config 1 interface 0 altsetting 49: 56, using maximum allowed: 30
[ 2300.758311][T14312] usb 7-1: config 1 interface 0 altsetting 49 has 0 endpoint descriptors, different from the interface descriptor's value: 56
[ 2300.758335][T14312] usb 7-1: config 1 interface 0 has no altsetting 0
[ 2300.761262][T14312] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 2300.761287][T14312] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 2300.761305][T14312] usb 7-1: Product: syz
[ 2300.761319][T14312] usb 7-1: Manufacturer: syz
[ 2300.861581][ T6075] hsr_slave_0: left promiscuous mode
[ 2300.902077][ T6075] hsr_slave_1: left promiscuous mode
[ 2300.902995][ T6075] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2300.950595][ T6075] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2302.638946][T14312] usb 7-1: USB disconnect, device number 23
[ 2303.099158][T14312] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[ 2303.138985][T10419] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[ 2303.248960][T14312] usb 7-1: Using ep0 maxpacket: 32
[ 2303.285148][T14312] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 2303.298217][T14312] usb 7-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2303.298242][T14312] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2303.298252][T14312] usb 7-1: Product: syz
[ 2303.298260][T14312] usb 7-1: Manufacturer: syz
[ 2303.298267][T14312] usb 7-1: SerialNumber: syz
[ 2303.324500][T10419] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 2303.324536][T10419] usb 1-1: can't read configurations, error -61
[ 2303.408316][ T6075] team0 (unregistering): Port device team_slave_1 removed
[ 2303.488500][T10419] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[ 2303.606619][T14312] pwc: Philips PCA645VC USB webcam detected.
[ 2303.608274][T14312] pwc: send_video_command error -71
[ 2303.608288][T14312] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2303.608400][T14312] Philips webcam 7-1:7.0: probe with driver Philips webcam failed with error -71
[ 2303.646318][T14312] usb 7-1: USB disconnect, device number 24
[ 2303.668482][T10419] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 2303.668519][T10419] usb 1-1: can't read configurations, error -61
[ 2303.669231][T10419] usb usb1-port1: attempt power cycle
[ 2303.691634][ T6075] team0 (unregistering): Port device team_slave_0 removed
[ 2304.019075][T10419] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[ 2304.043018][T10419] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 2304.043056][T10419] usb 1-1: can't read configurations, error -61
[ 2304.169029][T10419] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[ 2304.207491][T10419] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 2304.207529][T10419] usb 1-1: can't read configurations, error -61
[ 2304.207961][T10419] usb usb1-port1: unable to enumerate USB device
[ 2306.300311][ T5966] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[ 2306.713568][T22479] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3780'.
[ 2306.819406][ T5966] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 2306.819437][ T5966] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2306.819455][ T5966] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 2306.819491][ T5966] usb 8-1: too many endpoints for config 1 interface 0 altsetting 49: 56, using maximum allowed: 30
[ 2306.819532][ T5966] usb 8-1: config 1 interface 0 altsetting 49 has 0 endpoint descriptors, different from the interface descriptor's value: 56
[ 2306.819567][ T5966] usb 8-1: config 1 interface 0 has no altsetting 0
[ 2306.822256][ T5966] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 2306.822281][ T5966] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 2306.822300][ T5966] usb 8-1: Product: syz
[ 2306.822312][ T5966] usb 8-1: Manufacturer: syz
[ 2306.830016][T22234] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2306.830032][T22234] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2306.830056][T22234] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2306.843947][T22234] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2306.843965][T22234] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2306.844001][T22234] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2308.005187][ T5966] usb 8-1: USB disconnect, device number 31
[ 2308.309757][T10419] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[ 2308.464216][T22234] hsr_slave_0: entered promiscuous mode
[ 2308.465043][T22234] hsr_slave_1: entered promiscuous mode
[ 2308.465570][T22234] debugfs: 'hsr0' already exists in 'hsr'
[ 2308.465588][T22234] Cannot create hsr debugfs directory
[ 2308.470538][T10419] usb 1-1: Using ep0 maxpacket: 32
[ 2308.473684][T10419] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 2308.478238][T10419] usb 1-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2308.478263][T10419] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2308.478281][T10419] usb 1-1: Product: syz
[ 2308.478294][T10419] usb 1-1: Manufacturer: syz
[ 2308.478306][T10419] usb 1-1: SerialNumber: syz
[ 2308.846909][T10419] pwc: Philips PCA645VC USB webcam detected.
[ 2308.848304][T10419] pwc: send_video_command error -71
[ 2308.848318][T10419] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2308.848437][T10419] Philips webcam 1-1:7.0: probe with driver Philips webcam failed with error -71
[ 2308.852712][T10419] usb 1-1: USB disconnect, device number 62
[ 2310.499159][    T9] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[ 2311.283881][T22521] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3790'.
[ 2311.509441][    T9] usb 8-1: unable to read config index 0 descriptor/start: -61
[ 2311.509479][    T9] usb 8-1: can't read configurations, error -61
[ 2311.649031][    T9] usb 8-1: new high-speed USB device number 33 using dummy_hcd
[ 2311.822409][    T9] usb 8-1: unable to read config index 0 descriptor/start: -61
[ 2311.822447][    T9] usb 8-1: can't read configurations, error -61
[ 2311.823105][    T9] usb usb8-port1: attempt power cycle
[ 2312.171866][    T9] usb 8-1: new high-speed USB device number 34 using dummy_hcd
[ 2312.197833][    T9] usb 8-1: unable to read config index 0 descriptor/start: -61
[ 2312.197870][    T9] usb 8-1: can't read configurations, error -61
[ 2312.349033][    T9] usb 8-1: new high-speed USB device number 35 using dummy_hcd
[ 2312.376263][    T9] usb 8-1: unable to read config index 0 descriptor/start: -61
[ 2312.376299][    T9] usb 8-1: can't read configurations, error -61
[ 2312.376917][    T9] usb usb8-port1: unable to enumerate USB device
[ 2312.758527][T22151] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 2313.137075][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2313.209005][T16887] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[ 2313.366949][T16887] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 2313.366977][T16887] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2313.366998][T16887] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 2313.367032][T16887] usb 7-1: too many endpoints for config 1 interface 0 altsetting 49: 56, using maximum allowed: 30
[ 2313.368696][T16887] usb 7-1: config 1 interface 0 altsetting 49 has 0 endpoint descriptors, different from the interface descriptor's value: 56
[ 2313.368725][T16887] usb 7-1: config 1 interface 0 has no altsetting 0
[ 2313.444641][T16887] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 2313.444668][T16887] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 2313.444685][T16887] usb 7-1: Product: syz
[ 2313.444698][T16887] usb 7-1: Manufacturer: syz
[ 2313.734832][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2313.965744][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2314.078241][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2314.713087][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2314.912987][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2314.996686][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2315.032845][T16887] usb 7-1: USB disconnect, device number 25
[ 2315.045660][T22151] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 2315.141840][T22151] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 2315.228661][T22151] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 2315.481294][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2315.531609][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2315.659142][T14312] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[ 2315.821063][T14312] usb 1-1: Using ep0 maxpacket: 8
[ 2315.823740][T14312] usb 1-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 2315.823765][T14312] usb 1-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[ 2315.823800][T14312] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2315.823821][T14312] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2315.929032][    T9] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[ 2316.089036][    T9] usb 7-1: Using ep0 maxpacket: 32
[ 2316.092356][    T9] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 2316.126797][    T9] usb 7-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2316.126826][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2316.126845][    T9] usb 7-1: Product: syz
[ 2316.126859][    T9] usb 7-1: Manufacturer: syz
[ 2316.126873][    T9] usb 7-1: SerialNumber: syz
[ 2316.283084][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2316.393608][    T9] pwc: Philips PCA645VC USB webcam detected.
[ 2316.396823][    T9] pwc: send_video_command error -71
[ 2316.396846][    T9] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2316.396953][    T9] Philips webcam 7-1:7.0: probe with driver Philips webcam failed with error -71
[ 2316.444455][    T9] usb 7-1: USB disconnect, device number 26
[ 2316.471453][ T5966] usb 1-1: USB disconnect, device number 63
[ 2316.697199][T22151] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2316.807654][T22151] 8021q: adding VLAN 0 to HW filter on device team0
[ 2316.856595][ T6113] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2316.861259][ T6113] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2316.866775][ T6113] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2316.866914][ T6113] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2317.324313][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2317.349222][T22588] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3800'.
[ 2318.331260][T22596] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2320.879009][T22234] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2321.000780][T22234] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2321.093370][T22234] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2321.173417][T22234] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2322.083559][ T6075] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 2322.349076][T10419] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[ 2322.521865][T10419] usb 7-1: Using ep0 maxpacket: 32
[ 2322.525203][T10419] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 2322.534783][T10419] usb 7-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2322.534810][T10419] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2322.534829][T10419] usb 7-1: Product: syz
[ 2322.534842][T10419] usb 7-1: Manufacturer: syz
[ 2322.534854][T10419] usb 7-1: SerialNumber: syz
[ 2322.792387][   T59] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2322.822071][T10419] pwc: Philips PCA645VC USB webcam detected.
[ 2322.831987][   T59] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2322.836254][   T59] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2322.837372][   T59] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2322.841601][   T59] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2322.872653][T10419] pwc: send_video_command error -71
[ 2322.872671][T10419] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2322.872783][T10419] Philips webcam 7-1:7.0: probe with driver Philips webcam failed with error -71
[ 2322.929699][T10419] usb 7-1: USB disconnect, device number 27
[ 2323.029943][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2324.071130][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2325.256860][T22663] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3810'.
[ 2325.497957][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2325.499216][T21860] Bluetooth: hci3: command tx timeout
[ 2325.543545][T22234] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2325.627362][T22645] lo speed is unknown, defaulting to 1000
[ 2325.804692][T22234] 8021q: adding VLAN 0 to HW filter on device team0
[ 2325.888588][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2326.779907][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2326.973579][T22677] ubi: mtd0 is already attached to ubi31
[ 2327.049201][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2327.523433][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2327.809016][T21860] Bluetooth: hci3: command tx timeout
[ 2327.890842][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2328.108482][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2328.537736][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2328.878572][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2329.060425][T16036] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2329.060649][T16036] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2329.141530][    T9] usb 8-1: new high-speed USB device number 36 using dummy_hcd
[ 2329.309076][    T9] usb 8-1: Using ep0 maxpacket: 32
[ 2329.317944][    T9] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 2329.338212][    T9] usb 8-1: New USB device found, idVendor=0471, idProduct=0302, bcdDevice=bc.45
[ 2329.338239][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2329.338257][    T9] usb 8-1: Product: syz
[ 2329.338271][    T9] usb 8-1: Manufacturer: syz
[ 2329.338284][    T9] usb 8-1: SerialNumber: syz
[ 2329.396669][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2329.664779][    T9] pwc: Philips PCA645VC USB webcam detected.
[ 2329.668560][    T9] pwc: send_video_command error -71
[ 2329.668575][    T9] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 2329.668689][    T9] Philips webcam 8-1:7.0: probe with driver Philips webcam failed with error -71
[ 2329.725410][    T9] usb 8-1: USB disconnect, device number 36
[ 2329.829359][T21860] Bluetooth: hci3: command tx timeout
[ 2330.042430][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2330.137764][ T3609] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2330.138046][ T3609] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2330.389160][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2330.789481][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2330.940498][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2331.204158][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2331.626478][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2331.863956][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2331.885123][T22708] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3819'.
[ 2331.921368][T21860] Bluetooth: hci3: command tx timeout
[ 2334.383328][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2334.544788][   T59] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2334.596613][   T59] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2334.612723][   T59] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2334.614024][   T59] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2334.615967][   T59] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2335.543472][T22645] chnl_net:caif_netlink_parms(): no params data found
[ 2335.803268][T22723] lo speed is unknown, defaulting to 1000
[ 2336.119421][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2337.095058][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2337.096233][T21860] Bluetooth: hci1: command tx timeout
[ 2337.258508][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2337.573435][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2337.663560][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2337.942691][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2338.187095][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2339.110164][T21860] Bluetooth: hci1: command tx timeout
[ 2341.189053][T21860] Bluetooth: hci1: command tx timeout
[ 2343.269123][T21860] Bluetooth: hci1: command tx timeout
[ 2344.479794][T22775] ubi: mtd0 is already attached to ubi31
[ 2345.029778][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2345.211213][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2345.259145][T22779] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3835'.
[ 2345.267590][ T6123] bridge_slave_1: left allmulticast mode
[ 2345.267613][ T6123] bridge_slave_1: left promiscuous mode
[ 2345.267778][ T6123] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2345.377708][ T6123] bridge_slave_0: left allmulticast mode
[ 2345.377731][ T6123] bridge_slave_0: left promiscuous mode
[ 2345.377963][ T6123] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2345.747245][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2345.930796][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2346.089594][T16887] usb 8-1: new high-speed USB device number 37 using dummy_hcd
[ 2346.136528][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2346.248977][T16887] usb 8-1: Using ep0 maxpacket: 8
[ 2346.252789][T16887] usb 8-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 2346.252813][T16887] usb 8-1: config 16 has 0 interfaces, different from the descriptor's value: 1
[ 2346.252850][T16887] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2346.252871][T16887] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2346.457731][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2346.954456][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2347.336302][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2347.715767][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2348.029492][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2348.664620][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2348.719432][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2348.964455][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2349.020326][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2349.852315][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2350.025835][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2351.755032][ T6123] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2351.807560][ T6123] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2351.828464][ T6123] bond0 (unregistering): Released all slaves
[ 2352.132457][T22818] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3846'.
[ 2352.474959][ T5966] usb 8-1: USB disconnect, device number 37
[ 2352.883486][T22645] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2352.883578][T22645] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2352.883741][T22645] bridge_slave_0: entered allmulticast mode
[ 2352.885736][T22645] bridge_slave_0: entered promiscuous mode
[ 2353.068992][ T6123] hsr_slave_0: left promiscuous mode
[ 2353.109217][ T6123] hsr_slave_1: left promiscuous mode
[ 2353.114856][ T6123] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2353.159762][ T6123] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2353.201318][T16036] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 2355.519361][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2355.519408][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2356.651457][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2357.320091][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2357.651299][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2357.939816][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2358.952007][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2359.057494][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2359.370496][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2359.446993][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2359.869272][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2360.028363][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2360.079327][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2360.182924][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2360.458347][T22862] fuse: Invalid rootmode
[ 2360.594003][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2360.806414][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2360.909875][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2361.064001][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2361.208696][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2361.348960][T20345] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[ 2361.401016][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2361.511330][T20345] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2361.511356][T20345] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2361.511399][T20345] usb 1-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[ 2361.511420][T20345] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2361.514835][T20345] usb 1-1: config 0 descriptor??
[ 2361.744138][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2361.971143][ T6123] team0 (unregistering): Port device team_slave_1 removed
[ 2362.081253][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2362.183125][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2362.187560][T22877] ceph: No mds server is up or the cluster is laggy
[ 2362.775301][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2363.177334][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2363.447309][ T6123] team0 (unregistering): Port device team_slave_0 removed
[ 2368.604093][T16887] usb 1-1: USB disconnect, device number 64
[ 2371.158036][T22900] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3865'.
[ 2372.398913][T16887] usb 8-1: new high-speed USB device number 38 using dummy_hcd
[ 2372.573846][T16887] usb 8-1: Using ep0 maxpacket: 8
[ 2372.596377][T16887] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 2372.606994][T16887] usb 8-1: config 4 interface 0 has no altsetting 0
[ 2372.626374][T16887] usb 8-1: string descriptor 0 read error: -22
[ 2372.626526][T16887] usb 8-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[ 2372.626548][T16887] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2372.724092][T16887] usb 8-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[ 2372.891377][T16887] usb 8-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 2372.891858][T16887] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[ 2372.891909][T16887] usb 8-1: media controller created
[ 2372.977582][T22904] usb 8-1: dvb_usb_au6610: wlen=0, aborting
[ 2372.988214][T16887] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2373.190780][T16887] zl10353_read_register: readreg error (reg=127, ret==0)
[ 2373.286151][T16887] usb 8-1: USB disconnect, device number 38
[ 2385.946106][    C1] sched: DL replenish lagged too much
[ 2389.577247][T16036] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 2410.635905][   T59] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2410.678959][   T59] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2410.682108][   T59] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2410.684144][   T59] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2410.685093][   T59] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2411.088534][   T59] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 2411.132508][   T59] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 2411.134434][   T59] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 2411.135817][   T59] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 2411.137410][   T59] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 2411.575786][   T59] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 2411.620730][   T59] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 2411.623882][   T59] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 2411.626113][   T59] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 2411.626936][   T59] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 2412.805027][T21860] Bluetooth: hci5: command tx timeout
[ 2413.001091][   T59] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 2413.044040][   T59] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 2413.045646][   T59] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 2413.046819][   T59] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 2413.048446][   T59] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 2413.268942][   T59] Bluetooth: hci6: command tx timeout
[ 2413.292829][   T59] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 2413.324098][   T59] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 2413.340904][   T59] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 2413.342333][   T59] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 2413.343954][   T59] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 2413.749106][T21860] Bluetooth: hci7: command tx timeout
[ 2414.869324][T21860] Bluetooth: hci5: command tx timeout
[ 2415.189240][   T59] Bluetooth: hci8: command tx timeout
[ 2415.349780][T21860] Bluetooth: hci6: command tx timeout
[ 2415.429167][T21860] Bluetooth: hci9: command tx timeout
[ 2415.829054][T21860] Bluetooth: hci7: command tx timeout
[ 2416.526043][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2416.526119][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2416.951344][T21860] Bluetooth: hci5: command tx timeout
[ 2417.268978][T21860] Bluetooth: hci8: command tx timeout
[ 2417.436572][T21860] Bluetooth: hci6: command tx timeout
[ 2417.508999][T21860] Bluetooth: hci9: command tx timeout
[ 2417.909007][T21860] Bluetooth: hci7: command tx timeout
[ 2419.029068][T21860] Bluetooth: hci5: command tx timeout
[ 2419.357557][T21860] Bluetooth: hci8: command tx timeout
[ 2419.556460][T21860] Bluetooth: hci6: command tx timeout
[ 2419.594879][T21860] Bluetooth: hci9: command tx timeout
[ 2419.989499][T21860] Bluetooth: hci7: command tx timeout
[ 2421.439702][T21860] Bluetooth: hci8: command tx timeout
[ 2421.668983][T21860] Bluetooth: hci9: command tx timeout
[ 2428.824609][T16036] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 2449.281348][T21860] Bluetooth: hci3: command 0x0406 tx timeout
[ 2459.589118][ T5849] Bluetooth: hci1: command 0x0406 tx timeout
[ 2463.729651][  T173] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 2464.205606][T22950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2464.231375][T22950] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2464.233171][T22950] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2464.235072][T22950] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2464.236528][T22950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2470.546656][T22956] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2470.589289][T22956] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2470.593908][T22956] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2470.595232][T22956] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2470.596942][T22956] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2471.188629][T22966] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 2471.302783][T22966] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 2471.329099][T22966] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 2471.349231][T22966] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 2471.351014][T22966] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 2474.741699][T22950] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[ 2474.787234][T22950] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[ 2474.797202][T22950] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[ 2474.798416][T22950] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[ 2474.819105][T22950] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[ 2475.012987][T22950] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[ 2475.057720][T22950] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[ 2475.078182][T22950] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[ 2475.089182][T22950] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[ 2475.090079][T22950] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[ 2475.669053][T22950] Bluetooth: hci2: command tx timeout
[ 2475.669856][T22950] Bluetooth: hci10: command tx timeout
[ 2475.670199][T22950] Bluetooth: hci0: command tx timeout
[ 2476.873917][T22950] Bluetooth: hci11: command tx timeout
[ 2477.189129][T22950] Bluetooth: hci12: command tx timeout
[ 2477.754063][T22950] Bluetooth: hci0: command tx timeout
[ 2477.754098][T22950] Bluetooth: hci10: command tx timeout
[ 2477.828949][ T5849] Bluetooth: hci2: command tx timeout
[ 2477.936400][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 2477.936474][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 2478.959105][ T5849] Bluetooth: hci11: command tx timeout
[ 2479.268961][ T5849] Bluetooth: hci12: command tx timeout
[ 2479.829212][ T5849] Bluetooth: hci10: command tx timeout
[ 2479.829245][ T5849] Bluetooth: hci0: command tx timeout
[ 2479.909006][T22950] Bluetooth: hci2: command tx timeout
[ 2481.029078][T22950] Bluetooth: hci11: command tx timeout
[ 2481.349151][T22950] Bluetooth: hci12: command tx timeout
[ 2481.908954][T21860] Bluetooth: hci0: command tx timeout
[ 2481.908986][T21860] Bluetooth: hci10: command tx timeout
[ 2481.989249][T22950] Bluetooth: hci2: command tx timeout
[ 2483.109227][T22950] Bluetooth: hci11: command tx timeout
[ 2483.429060][T22950] Bluetooth: hci12: command tx timeout
[ 2503.842488][T16842] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 2504.149276][   T38] INFO: task kworker/u8:12:3609 blocked for more than 143 seconds.
[ 2504.149303][   T38]       Not tainted syzkaller #0
[ 2504.149312][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2504.149323][   T38] task:kworker/u8:12   state:D stack:17688 pid:3609  tgid:3609  ppid:2      task_flags:0x4208160 flags:0x00004000
[ 2504.149369][   T38] Workqueue: events_unbound linkwatch_event
[ 2504.149413][   T38] Call Trace:
[ 2504.149420][   T38]  <TASK>
[ 2504.149434][   T38]  __schedule+0x16f3/0x4c20
[ 2504.149486][   T38]  ? __pfx___schedule+0x10/0x10
[ 2504.149528][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2504.149553][   T38]  rt_mutex_schedule+0x77/0xf0
[ 2504.149572][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 2504.149592][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[ 2504.149630][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[ 2504.149652][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 2504.149673][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 2504.149704][   T38]  ? linkwatch_event+0xe/0x60
[ 2504.149734][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[ 2504.149761][   T38]  ? linkwatch_event+0xe/0x60
[ 2504.149782][   T38]  mutex_lock_nested+0x16a/0x1d0
[ 2504.149799][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2504.149822][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[ 2504.149845][   T38]  linkwatch_event+0xe/0x60
[ 2504.149868][   T38]  process_scheduled_works+0xade/0x17b0
[ 2504.149930][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2504.149971][   T38]  worker_thread+0x8a0/0xda0
[ 2504.150021][   T38]  kthread+0x711/0x8a0
[ 2504.150049][   T38]  ? __pfx_worker_thread+0x10/0x10
[ 2504.150070][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.150100][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.150125][   T38]  ret_from_fork+0x3f9/0x770
[ 2504.150151][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 2504.150179][   T38]  ? __switch_to_asm+0x39/0x70
[ 2504.150196][   T38]  ? __switch_to_asm+0x33/0x70
[ 2504.150211][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.150236][   T38]  ret_from_fork_asm+0x1a/0x30
[ 2504.150271][   T38]  </TASK>
[ 2504.150285][   T38] INFO: task dhcpcd:5503 blocked for more than 143 seconds.
[ 2504.150298][   T38]       Not tainted syzkaller #0
[ 2504.150308][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2504.150317][   T38] task:dhcp[ 2504.150317][   T38] task:dhcpcd          state:D stack:21320 pid:5503  tgid:5503  ppid:5502   task_flags:0x400140 flags:0x00004002
[ 2504.150363][   T38] Call Trace:
[ 2504.150370][   T38]  <TASK>
[ 2504.150382][   T38]  __schedule+0x16f3/0x4c20
[ 2504.150430][   T38]  ? __pfx___schedule+0x10/0x10
[ 2504.150471][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2504.150495][   T38]  rt_mutex_schedule+0x77/0xf0
[ 2504.150512][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 2504.150531][   T38]  ? task_blocks_on_rt_mutex+0x78c/0x1380
[ 2504.150569][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[ 2504.150591][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 2504.150611][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 2504.150641][   T38]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 2504.150671][   T38]  ? __kmalloc_node_track_caller_noprof+0x213/0x450
[ 2504.150700][   T38]  ? rtnl_dumpit+0x92/0x200
[ 2504.150719][   T38]  mutex_lock_nested+0x16a/0x1d0
[ 2504.150737][   T38]  ? rtnl_dumpit+0x92/0x200
[ 2504.150757][   T38]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[ 2504.150778][   T38]  rtnl_dumpit+0x92/0x200
[ 2504.150803][   T38]  netlink_dump+0x6e4/0xe90
[ 2504.150839][   T38]  ? __pfx_netlink_dump+0x10/0x10
[ 2504.150877][   T38]  ? netlink_recvmsg+0x5b2/0xa30
[ 2504.150898][   T38]  ? kmem_cache_free+0x195/0x510
[ 2504.150932][   T38]  netlink_recvmsg+0x676/0xa30
[ 2504.150954][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2504.150985][   T38]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 2504.151013][   T38]  ? reacquire_held_locks+0x127/0x1d0
[ 2504.151037][   T38]  ? rt_spin_lock+0x1bb/0x2c0
[ 2504.151055][   T38]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[ 2504.151073][   T38]  ? security_socket_recvmsg+0x7e/0x2e0
[ 2504.151093][   T38]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 2504.151115][   T38]  sock_recvmsg+0x22c/0x270
[ 2504.151141][   T38]  ____sys_recvmsg+0x1ce/0x470
[ 2504.151175][   T38]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 2504.151216][   T38]  ? import_iovec+0x74/0xa0
[ 2504.151241][   T38]  ___sys_recvmsg+0x1b5/0x510
[ 2504.151272][   T38]  ? __pfx____sys_recvmsg+0x10/0x10
[ 2504.151303][   T38]  ? handle_mm_fault+0x30eb/0x3400
[ 2504.151347][   T38]  ? __pfx_handle_mm_fault+0x10/0x10
[ 2504.151379][   T38]  __x64_sys_recvmsg+0x19e/0x260
[ 2504.151406][   T38]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[ 2504.151443][   T38]  ? do_user_addr_fault+0xc8a/0x1390
[ 2504.151469][   T38]  ? do_syscall_64+0xbe/0x3b0
[ 2504.151496][   T38]  do_syscall_64+0xfa/0x3b0
[ 2504.151517][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2504.151539][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2504.151558][   T38]  ? clear_bhb_loop+0x60/0xb0
[ 2504.151581][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2504.151606][   T38] RIP: 0033:0x7f910f4c0407
[ 2504.151626][   T38] RSP: 002b:00007ffd5d0b6440 EFLAGS: 00000202 ORIG_RAX: 000000000000002f
[ 2504.151645][   T38] RAX: ffffffffffffffda RBX: 00007f910f436740 RCX: 00007f910f4c0407
[ 2504.151659][   T38] RDX: 0000000000000000 RSI: 00007ffd5d0b64d0 RDI: 0000000000000037
[ 2504.151672][   T38] RBP: 00007ffd5d0b64b4 R08: 0000000000000000 R09: 0000000000000000
[ 2504.151684][   T38] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001ea0
[ 2504.151696][   T38] R13: 00007ffd5d0b64c0 R14: 00007ffd5d0b65b0 R15: 0000000000000000
[ 2504.151727][   T38]  </TASK>
[ 2504.151745][   T38] INFO: task kworker/1:5:5966 blocked for more than 143 seconds.
[ 2504.151759][   T38]       Not tainted syzkaller #0
[ 2504.151768][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2504.151777][   T38] task:kworker/1:5     state:D stack:20472 pid:5966  tgid:5966  ppid:2      task_flags:0x4208060 flags:0x00004000
[ 2504.151822][   T38] Workqueue: events switchdev_deferred_process_work
[ 2504.151847][   T38] Call Trace:
[ 2504.151854][   T38]  <TASK>
[ 2504.151866][   T38]  __schedule+0x16f3/0x4c20
[ 2504.151915][   T38]  ? __pfx___schedule+0x10/0x10
[ 2504.151962][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2504.151987][   T38]  rt_mutex_schedule+0x77/0xf0
[ 2504.152005][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 2504.152024][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[ 2504.152059][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[ 2504.152082][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 2504.152102][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 2504.152133][   T38]  ? switchdev_deferred_process_work+0xe/0x20
[ 2504.152163][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[ 2504.152190][   T38]  ? switchdev_deferred_process_work+0xe/0x20
[ 2504.152213][   T38]  mutex_lock_nested+0x16a/0x1d0
[ 2504.152229][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2504.152251][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[ 2504.152275][   T38]  switchdev_deferred_process_work+0xe/0x20
[ 2504.152298][   T38]  process_scheduled_works+0xade/0x17b0
[ 2504.152351][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2504.152390][   T38]  worker_thread+0x8a0/0xda0
[ 2504.152440][   T38]  kthread+0x711/0x8a0
[ 2504.152468][   T38]  ? __pfx_worker_thread+0x10/0x10
[ 2504.152489][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.152518][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.152544][   T38]  ret_from_fork+0x3f9/0x770
[ 2504.152568][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 2504.152597][   T38]  ? __switch_to_asm+0x39/0x70
[ 2504.152614][   T38]  ? __switch_to_asm+0x33/0x70
[ 2504.152629][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.152654][   T38]  ret_from_fork_asm+0x1a/0x30
[ 2504.152689][   T38]  </TASK>
[ 2504.152722][   T38] INFO: task kworker/u8:5:17378 blocked for more than 143 seconds.
[ 2504.152735][   T38]       Not tainted syzkaller #0
[ 2504.152744][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2504.152752][   T38] task:kworker/u8:5    state:D stack:20264 pid:17378 tgid:17378 ppid:2      task_flags:0x4208160 flags:0x00004000
[ 2504.152799][   T38] Workqueue: ipv6_addrconf addrconf_verify_work
[ 2504.152818][   T38] Call Trace:
[ 2504.152824][   T38]  <TASK>
[ 2504.152837][   T38]  __schedule+0x16f3/0x4c20
[ 2504.152885][   T38]  ? __pfx___schedule+0x10/0x10
[ 2504.152931][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2504.152956][   T38]  rt_mutex_schedule+0x77/0xf0
[ 2504.152974][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 2504.152993][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[ 2504.153031][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[ 2504.153052][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 2504.153072][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 2504.153102][   T38]  ? addrconf_verify_work+0x19/0x30
[ 2504.153129][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[ 2504.153154][   T38]  ? addrconf_verify_work+0x19/0x30
[ 2504.153170][   T38]  mutex_lock_nested+0x16a/0x1d0
[ 2504.153189][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2504.153215][   T38]  addrconf_verify_work+0x19/0x30
[ 2504.153233][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[ 2504.153252][   T38]  process_scheduled_works+0xade/0x17b0
[ 2504.153304][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2504.153344][   T38]  worker_thread+0x8a0/0xda0
[ 2504.153369][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2504.153401][   T38]  ? __kthread_parkme+0x7b/0x200
[ 2504.153434][   T38]  kthread+0x711/0x8a0
[ 2504.153462][   T38]  ? __pfx_worker_thread+0x10/0x10
[ 2504.153483][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.153513][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.153538][   T38]  ret_from_fork+0x3f9/0x770
[ 2504.153563][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 2504.153592][   T38]  ? __switch_to_asm+0x39/0x70
[ 2504.153607][   T38]  ? __switch_to_asm+0x33/0x70
[ 2504.153623][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.153648][   T38]  ret_from_fork_asm+0x1a/0x30
[ 2504.153683][   T38]  </TASK>
[ 2504.153703][   T38] INFO: task syz-executor:22645 blocked for more than 143 seconds.
[ 2504.153716][   T38]       Not tainted syzkaller #0
[ 2504.153726][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2504.153735][   T38] task:syz-executor    state:D stack:22632 pid:22645 tgid:22645 ppid:1      task_flags:0x400140 flags:0x00004004
[ 2504.153780][   T38] Call Trace:
[ 2504.153787][   T38]  <TASK>
[ 2504.153799][   T38]  __schedule+0x16f3/0x4c20
[ 2504.153848][   T38]  ? __pfx___schedule+0x10/0x10
[ 2504.153888][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2504.153913][   T38]  rt_mutex_schedule+0x77/0xf0
[ 2504.153937][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 2504.153956][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[ 2504.153994][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[ 2504.154016][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 2504.154035][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 2504.154052][   T38]  ? __lock_acquire+0xab9/0xd20
[ 2504.154086][   T38]  ? rtnl_newlink+0x8db/0x1c70
[ 2504.154108][   T38]  ? safesetid_security_capable+0xa9/0x1a0
[ 2504.154131][   T38]  ? bpf_lsm_capable+0x9/0x20
[ 2504.154153][   T38]  ? security_capable+0x7e/0x2e0
[ 2504.154180][   T38]  ? rtnl_newlink+0x8db/0x1c70
[ 2504.154198][   T38]  mutex_lock_nested+0x16a/0x1d0
[ 2504.154223][   T38]  rtnl_newlink+0x8db/0x1c70
[ 2504.154252][   T38]  ? __lock_acquire+0xab9/0xd20
[ 2504.154276][   T38]  ? __pfx_rtnl_newlink+0x10/0x10
[ 2504.154306][   T38]  ? __lock_acquire+0xab9/0xd20
[ 2504.154334][   T38]  ? __lock_acquire+0xab9/0xd20
[ 2504.154369][   T38]  ? __lock_acquire+0xab9/0xd20
[ 2504.154417][   T38]  ? is_bpf_text_address+0x26/0x2b0
[ 2504.154446][   T38]  ? is_bpf_text_address+0x292/0x2b0
[ 2504.154472][   T38]  ? is_bpf_text_address+0x26/0x2b0
[ 2504.154501][   T38]  ? __lock_acquire+0xab9/0xd20
[ 2504.154550][   T38]  ? __pfx_rtnl_newlink+0x10/0x10
[ 2504.154571][   T38]  rtnetlink_rcv_msg+0x7cc/0xb70
[ 2504.154591][   T38]  ? __lock_acquire+0xab9/0xd20
[ 2504.154615][   T38]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 2504.154635][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2504.154675][   T38]  netlink_rcv_skb+0x205/0x470
[ 2504.154695][   T38]  ? __lock_acquire+0xab9/0xd20
[ 2504.154717][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2504.154739][   T38]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2504.154773][   T38]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2504.154803][   T38]  netlink_unicast+0x843/0xa10
[ 2504.154833][   T38]  ? __pfx_netlink_unicast+0x10/0x10
[ 2504.154855][   T38]  ? netlink_sendmsg+0x642/0xb30
[ 2504.154874][   T38]  ? skb_put+0x11b/0x210
[ 2504.154901][   T38]  netlink_sendmsg+0x805/0xb30
[ 2504.154941][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2504.154972][   T38]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2504.154990][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2504.155012][   T38]  __sock_sendmsg+0x219/0x270
[ 2504.155036][   T38]  __sys_sendto+0x3c7/0x520
[ 2504.155061][   T38]  ? __pfx___sys_sendto+0x10/0x10
[ 2504.155096][   T38]  ? fput_close_sync+0x119/0x200
[ 2504.155130][   T38]  ? __pfx_fput_close_sync+0x10/0x10
[ 2504.155149][   T38]  ? rt_spin_unlock+0x65/0x80
[ 2504.155171][   T38]  __x64_sys_sendto+0xde/0x100
[ 2504.155197][   T38]  do_syscall_64+0xfa/0x3b0
[ 2504.155221][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2504.155239][   T38]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2504.155256][   T38]  ? clear_bhb_loop+0x60/0xb0
[ 2504.155278][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2504.155295][   T38] RIP: 0033:0x7fad22bb0a7c
[ 2504.155311][   T38] RSP: 002b:00007ffe24e99480 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 2504.155329][   T38] RAX: ffffffffffffffda RBX: 00007fad23914620 RCX: 00007fad22bb0a7c
[ 2504.155343][   T38] RDX: 0000000000000028 RSI: 00007fad23914670 RDI: 0000000000000003
[ 2504.155355][   T38] RBP: 0000000000000000 R08: 00007ffe24e994d4 R09: 000000000000000c
[ 2504.155367][   T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[ 2504.155379][   T38] R13: 0000000000000000 R14: 00007fad23914670 R15: 0000000000000000
[ 2504.155409][   T38]  </TASK>
[ 2504.155417][   T38] INFO: task syz-executor:22723 blocked for more than 143 seconds.
[ 2504.155430][   T38]       Not tainted syzkaller #0
[ 2504.155440][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2504.155450][   T38] task:syz-executor    state:D stack:25272 pid:22723 tgid:22723 ppid:1      task_flags:0x400140 flags:0x00004004
[ 2504.155497][   T38] Call Trace:
[ 2504.155504][   T38]  <TASK>
[ 2504.155516][   T38]  __schedule+0x16f3/0x4c20
[ 2504.155564][   T38]  ? __pfx___schedule+0x10/0x10
[ 2504.155604][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2504.155630][   T38]  rt_mutex_schedule+0x77/0xf0
[ 2504.155647][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 2504.155667][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[ 2504.155704][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[ 2504.155725][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 2504.155746][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 2504.155763][   T38]  ? __lock_acquire+0xab9/0xd20
[ 2504.155796][   T38]  ? inet6_rtm_newaddr+0x5b7/0xd20
[ 2504.155831][   T38]  ? inet6_rtm_newaddr+0x5b7/0xd20
[ 2504.155850][   T38]  mutex_lock_nested+0x16a/0x1d0
[ 2504.155875][   T38]  inet6_rtm_newaddr+0x5b7/0xd20
[ 2504.155897][   T38]  ? is_bpf_text_address+0x26/0x2b0
[ 2504.155932][   T38]  ? __pfx_inet6_rtm_newaddr+0x10/0x10
[ 2504.155982][   T38]  ? __pfx_inet6_rtm_newaddr+0x10/0x10
[ 2504.156003][   T38]  rtnetlink_rcv_msg+0x7cc/0xb70
[ 2504.156023][   T38]  ? __lock_acquire+0xab9/0xd20
[ 2504.156046][   T38]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 2504.156066][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2504.156105][   T38]  netlink_rcv_skb+0x205/0x470
[ 2504.156124][   T38]  ? __lock_acquire+0xab9/0xd20
[ 2504.156146][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2504.156168][   T38]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2504.156203][   T38]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2504.156233][   T38]  netlink_unicast+0x843/0xa10
[ 2504.156262][   T38]  ? __pfx_netlink_unicast+0x10/0x10
[ 2504.156284][   T38]  ? netlink_sendmsg+0x642/0xb30
[ 2504.156303][   T38]  ? skb_put+0x11b/0x210
[ 2504.156329][   T38]  netlink_sendmsg+0x805/0xb30
[ 2504.156360][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2504.156391][   T38]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2504.156409][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2504.156431][   T38]  __sock_sendmsg+0x219/0x270
[ 2504.156454][   T38]  __sys_sendto+0x3c7/0x520
[ 2504.156480][   T38]  ? __pfx___sys_sendto+0x10/0x10
[ 2504.156515][   T38]  ? fput_close_sync+0x119/0x200
[ 2504.156548][   T38]  ? __pfx_fput_close_sync+0x10/0x10
[ 2504.156567][   T38]  ? rt_spin_unlock+0x65/0x80
[ 2504.156592][   T38]  __x64_sys_sendto+0xde/0x100
[ 2504.156619][   T38]  do_syscall_64+0xfa/0x3b0
[ 2504.156642][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2504.156660][   T38]  ? asm_sysvec_call_function_single+0x1a/0x20
[ 2504.156678][   T38]  ? clear_bhb_loop+0x60/0xb0
[ 2504.156699][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2504.156717][   T38] RIP: 0033:0x7fee27220a7c
[ 2504.156732][   T38] RSP: 002b:00007ffce6cd5770 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 2504.156751][   T38] RAX: ffffffffffffffda RBX: 00007fee27f84620 RCX: 00007fee27220a7c
[ 2504.156764][   T38] RDX: 0000000000000040 RSI: 00007fee27f84670 RDI: 0000000000000003
[ 2504.156777][   T38] RBP: 0000000000000000 R08: 00007ffce6cd57c4 R09: 000000000000000c
[ 2504.156789][   T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[ 2504.156801][   T38] R13: 0000000000000000 R14: 00007fee27f84670 R15: 0000000000000000
[ 2504.156831][   T38]  </TASK>
[ 2504.156861][   T38] 
[ 2504.156861][   T38] Showing all locks held in the system:
[ 2504.156872][   T38] 2 locks held by rcuc/1/28:
[ 2504.156883][   T38]  #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 2504.156935][   T38]  #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 2504.156979][   T38] 8 locks held by ktimers/1/29:
[ 2504.156990][   T38] 2 locks held by ksoftirqd/1/30:
[ 2504.157000][   T38]  #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 2504.157043][   T38]  #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 2504.157088][   T38] 1 lock held by khungtaskd/38:
[ 2504.157098][   T38]  #0: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 2504.157145][   T38] 6 locks held by kworker/u8:6/173:
[ 2504.157156][   T38]  #0: ffff88814d731938 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2504.157200][   T38]  #1: ffffc90003bafbc0 ((work_completion)(&(&forw_packet_aggr->delayed_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2504.157246][   T38]  #2: ffff88805cda6110 (&hard_iface->bat_iv.ogm_buff_mutex){+.+.}-{4:4}, at: batadv_iv_ogm_schedule+0xea/0xf00
[ 2504.157292][   T38]  #3: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: batadv_iv_ogm_schedule+0x8a7/0xf00
[ 2504.157335][   T38]  #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 2504.157378][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 2504.157439][   T38] 3 locks held by kworker/u8:12/3609:
[ 2504.157450][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2504.157495][   T38]  #1: ffffc9000d9efbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2504.157539][   T38]  #2: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[ 2504.157586][   T38] 2 locks held by dhcpcd/5503:
[ 2504.157597][   T38]  #0: ffff888061696908 (nlk_cb_mutex-ROUTE){+.+.}-{4:4}, at: netlink_dump+0xbd/0xe90
[ 2504.157640][   T38]  #1: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_dumpit+0x92/0x200
[ 2504.157682][   T38] 2 locks held by getty/5599:
[ 2504.157692][   T38]  #0: ffff88823bf388a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 2504.157738][   T38]  #1: ffffc90003e762e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410
[ 2504.157784][   T38] 3 locks held by kworker/1:5/5966:
[ 2504.157794][   T38]  #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2504.157839][   T38]  #1: ffffc9000529fbc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2504.157883][   T38]  #2: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[ 2504.157937][   T38] 4 locks held by kworker/u8:29/6123:
[ 2504.157948][   T38]  #0: ffff88801a6f4138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2504.157992][   T38]  #1: ffffc90005ee7bc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2504.158036][   T38]  #2: ffffffff8ecc5400 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[ 2504.158080][   T38]  #3: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0xdc/0x890
[ 2504.158127][   T38] 2 locks held by kworker/1:7/13633:
[ 2504.158138][   T38] 1 lock held by syz-executor/13826:
[ 2504.158149][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[ 2504.158194][   T38] 1 lock held by syz-executor/14716:
[ 2504.158205][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[ 2504.158250][   T38] 4 locks held by kworker/1:2/16887:
[ 2504.158260][   T38]  #0: ffff888019899138 ((wq_completion)events_long){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2504.158305][   T38]  #1: ffffc90003cbfbc0 ((work_completion)(&(&ipvs->defense_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2504.158350][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 2504.158393][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 2504.158438][   T38] 3 locks held by kworker/u8:5/17378:
[ 2504.158449][   T38]  #0: ffff88803014f938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2504.158493][   T38]  #1: ffffc90004ad7bc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2504.158539][   T38]  #2: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[ 2504.158583][   T38] 2 locks held by kworker/1:4/22431:
[ 2504.158595][   T38] 1 lock held by syz-executor/22645:
[ 2504.158606][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[ 2504.158649][   T38] 1 lock held by syz-executor/22723:
[ 2504.428932][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: inet6_rtm_newaddr+0x5b7/0xd20
[ 2504.428996][   T38] 2 locks held by syz.0.3865/22899:
[ 2504.429007][   T38]  #0: ffffffff8ed38300 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 2504.429055][   T38]  #1: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_pre_doit+0x5f/0x930
[ 2504.429096][   T38] 2 locks held by syz.0.3865/22900:
[ 2504.429107][   T38]  #0: ffffffff8ed38300 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 2504.429152][   T38]  #1: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_pre_doit+0x5f/0x930
[ 2504.429190][   T38] 1 lock held by syz-executor/22929:
[ 2504.429202][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 2504.429249][   T38] 1 lock held by syz-executor/22934:
[ 2504.429260][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 2504.429306][   T38] 1 lock held by syz-executor/22938:
[ 2504.429317][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 2504.429363][   T38] 1 lock held by syz-executor/22940:
[ 2504.429374][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 2504.429420][   T38] 1 lock held by syz-executor/22942:
[ 2504.429430][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 2504.429477][   T38] 4 locks held by kworker/1:9/22948:
[ 2504.429488][   T38]  #0: ffff88802375b538 ((wq_completion)wg-crypt-wg1#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2504.429537][   T38]  #1: ffffc900049b7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2504.429595][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[ 2504.429639][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[ 2504.429684][   T38] 2 locks held by kworker/1:11/22952:
[ 2504.429695][   T38] 1 lock held by syz-executor/22954:
[ 2504.429706][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 2504.429753][   T38] 1 lock held by syz-executor/22963:
[ 2504.429764][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 2504.429810][   T38] 1 lock held by syz-executor/22968:
[ 2504.429821][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 2504.429868][   T38] 1 lock held by syz-executor/22974:
[ 2504.429879][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 2504.429932][   T38] 1 lock held by syz-executor/22976:
[ 2504.429943][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 2504.429991][   T38] 
[ 2504.429997][   T38] =============================================
[ 2504.429997][   T38] 
[ 2504.430015][   T38] NMI backtrace for cpu 0
[ 2504.430036][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2504.430056][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2504.430068][   T38] Call Trace:
[ 2504.430076][   T38]  <TASK>
[ 2504.430085][   T38]  dump_stack_lvl+0x189/0x250
[ 2504.430113][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2504.430136][   T38]  ? __pfx__printk+0x10/0x10
[ 2504.430172][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[ 2504.430195][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2504.430217][   T38]  ? __pfx__printk+0x10/0x10
[ 2504.430240][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2504.430264][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 2504.430287][   T38]  watchdog+0xf93/0xfe0
[ 2504.430313][   T38]  ? watchdog+0x1de/0xfe0
[ 2504.430340][   T38]  kthread+0x711/0x8a0
[ 2504.430367][   T38]  ? __pfx_watchdog+0x10/0x10
[ 2504.430387][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.430415][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.430440][   T38]  ret_from_fork+0x3f9/0x770
[ 2504.430465][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 2504.430492][   T38]  ? __switch_to_asm+0x39/0x70
[ 2504.430508][   T38]  ? __switch_to_asm+0x33/0x70
[ 2504.430523][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.430548][   T38]  ret_from_fork_asm+0x1a/0x30
[ 2504.430580][   T38]  </TASK>
[ 2504.430588][   T38] Sending NMI from CPU 0 to CPUs 1:
[ 2504.430613][    C1] NMI backtrace for cpu 1
[ 2504.430627][    C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2504.430647][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2504.430657][    C1] RIP: 0010:unwind_next_frame+0x1334/0x2390
[ 2504.430682][    C1] Code: 0f b6 04 08 84 c0 75 27 49 63 07 4c 01 f8 49 8d 4f 04 4c 39 e0 48 0f 46 e9 49 8d 47 fc 48 0f 47 d8 4d 0f 46 ef 48 39 dd 76 a2 <e9> 7b ef ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 7c cc 4c 89 ff 48
[ 2504.430698][    C1] RSP: 0018:ffffc90000a3e3b8 EFLAGS: 00000202
[ 2504.430712][    C1] RAX: ffffffff8f2f7c9c RBX: ffffffff8f2f7ca0 RCX: ffffffff8f2f7ca4
[ 2504.430726][    C1] RDX: ffffffff8f2f7c98 RSI: ffffffff8fa560e2 RDI: ffffffff8b620e20
[ 2504.430739][    C1] RBP: ffffffff8f2f7ca4 R08: 0000000000000003 R09: ffffffff8172b165
[ 2504.430752][    C1] R10: ffffc90000a3e4d8 R11: ffffffff81aae2b0 R12: ffffffff8167d8f8
[ 2504.430765][    C1] R13: ffffffff8f2f7ca0 R14: ffffc90000a3e488 R15: ffffffff8f2f7ca0
[ 2504.430778][    C1] FS:  0000000000000000(0000) GS:ffff8881269c2000(0000) knlGS:0000000000000000
[ 2504.430792][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2504.430805][    C1] CR2: 00007fbe3cf1ed00 CR3: 000000008c3a6000 CR4: 00000000003526f0
[ 2504.430820][    C1] Call Trace:
[ 2504.430828][    C1]  <TASK>
[ 2504.430838][    C1]  ? unwind_next_frame+0xa5/0x2390
[ 2504.430861][    C1]  ? ret_from_fork+0x3f9/0x770
[ 2504.430882][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2504.430899][    C1]  arch_stack_walk+0x11c/0x150
[ 2504.430925][    C1]  ? ret_from_fork+0x3f9/0x770
[ 2504.430946][    C1]  stack_trace_save+0x9c/0xe0
[ 2504.430963][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 2504.430979][    C1]  ? do_raw_spin_lock+0x121/0x290
[ 2504.431003][    C1]  kasan_save_track+0x3e/0x80
[ 2504.431020][    C1]  ? kasan_save_track+0x3e/0x80
[ 2504.431037][    C1]  ? __kasan_kmalloc+0x93/0xb0
[ 2504.431055][    C1]  ? __kmalloc_cache_noprof+0x1a8/0x320
[ 2504.431075][    C1]  ? ref_tracker_alloc+0x13b/0x450
[ 2504.431095][    C1]  ? dst_init+0xd9/0x450
[ 2504.431120][    C1]  ? dst_alloc+0x12a/0x170
[ 2504.431147][    C1]  ? ip_route_output_key_hash_rcu+0x1560/0x23e0
[ 2504.431171][    C1]  ? ip_route_output_key_hash+0x1b9/0x2e0
[ 2504.431194][    C1]  ? ip_route_output_flow+0x2a/0x150
[ 2504.431214][    C1]  ? ip_route_me_harder+0x6d2/0x1030
[ 2504.431230][    C1]  ? synproxy_send_tcp+0x359/0x6c0
[ 2504.431250][    C1]  ? synproxy_send_client_synack+0x8bb/0xe20
[ 2504.431270][    C1]  ? nft_synproxy_eval_v4+0x36e/0x560
[ 2504.431293][    C1]  ? nft_synproxy_do_eval+0x345/0x570
[ 2504.431315][    C1]  ? nft_do_chain+0x409/0x1920
[ 2504.431335][    C1]  ? nft_do_chain_inet+0x25d/0x340
[ 2504.431357][    C1]  ? nf_hook_slow+0xc5/0x220
[ 2504.431375][    C1]  ? NF_HOOK+0x206/0x3a0
[ 2504.431392][    C1]  ? NF_HOOK+0x30c/0x3a0
[ 2504.431409][    C1]  ? __netif_receive_skb+0x143/0x380
[ 2504.431425][    C1]  ? process_backlog+0x31e/0x900
[ 2504.431442][    C1]  ? __napi_poll+0xb6/0x540
[ 2504.431458][    C1]  ? net_rx_action+0x707/0xe00
[ 2504.431475][    C1]  ? handle_softirqs+0x22c/0x710
[ 2504.431493][    C1]  ? run_ktimerd+0xcf/0x190
[ 2504.431512][    C1]  ? smpboot_thread_fn+0x542/0xa60
[ 2504.431530][    C1]  ? kthread+0x711/0x8a0
[ 2504.431551][    C1]  ? ret_from_fork+0x3f9/0x770
[ 2504.431583][    C1]  ? ref_tracker_alloc+0x13b/0x450
[ 2504.431603][    C1]  __kasan_kmalloc+0x93/0xb0
[ 2504.431623][    C1]  __kmalloc_cache_noprof+0x1a8/0x320
[ 2504.431643][    C1]  ? ref_tracker_alloc+0x13b/0x450
[ 2504.431665][    C1]  ref_tracker_alloc+0x13b/0x450
[ 2504.431687][    C1]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 2504.431714][    C1]  ? dst_alloc+0x105/0x170
[ 2504.431735][    C1]  ? dst_alloc+0x105/0x170
[ 2504.431759][    C1]  dst_init+0xd9/0x450
[ 2504.431782][    C1]  dst_alloc+0x12a/0x170
[ 2504.431806][    C1]  ip_route_output_key_hash_rcu+0x1560/0x23e0
[ 2504.431838][    C1]  ? ip_route_output_key_hash+0xde/0x2e0
[ 2504.431862][    C1]  ip_route_output_key_hash+0x1b9/0x2e0
[ 2504.431884][    C1]  ? __lock_acquire+0xab9/0xd20
[ 2504.431909][    C1]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[ 2504.431936][    C1]  ? ip_route_me_harder+0x4ad/0x1030
[ 2504.431955][    C1]  ip_route_output_flow+0x2a/0x150
[ 2504.431976][    C1]  ? ip_route_me_harder+0x6c0/0x1030
[ 2504.431993][    C1]  ip_route_me_harder+0x6d2/0x1030
[ 2504.432016][    C1]  ? __pfx_ip_route_me_harder+0x10/0x10
[ 2504.432046][    C1]  synproxy_send_tcp+0x359/0x6c0
[ 2504.432070][    C1]  synproxy_send_client_synack+0x8bb/0xe20
[ 2504.432098][    C1]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[ 2504.432118][    C1]  ? nft_osf_init+0x68/0x240
[ 2504.432143][    C1]  ? synproxy_pernet+0x45/0x270
[ 2504.432169][    C1]  nft_synproxy_eval_v4+0x36e/0x560
[ 2504.432195][    C1]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[ 2504.432220][    C1]  ? nf_ip_checksum+0x13c/0x510
[ 2504.432245][    C1]  nft_synproxy_do_eval+0x345/0x570
[ 2504.432271][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[ 2504.432295][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 2504.432322][    C1]  nft_do_chain+0x409/0x1920
[ 2504.432351][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[ 2504.432377][    C1]  ? __lock_acquire+0xab9/0xd20
[ 2504.432411][    C1]  nft_do_chain_inet+0x25d/0x340
[ 2504.432433][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 2504.432456][    C1]  ? __lock_acquire+0xab9/0xd20
[ 2504.432481][    C1]  ? NF_HOOK+0x9a/0x3a0
[ 2504.432499][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 2504.432522][    C1]  nf_hook_slow+0xc5/0x220
[ 2504.432544][    C1]  NF_HOOK+0x206/0x3a0
[ 2504.432563][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 2504.432582][    C1]  ? NF_HOOK+0x9a/0x3a0
[ 2504.432600][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 2504.432617][    C1]  ? ip_rcv_finish_core+0xda3/0x1c00
[ 2504.432638][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 2504.432658][    C1]  ? skb_dst+0x4f/0xd0
[ 2504.432677][    C1]  ? ip_local_deliver+0x12a/0x1b0
[ 2504.432697][    C1]  NF_HOOK+0x30c/0x3a0
[ 2504.432716][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 2504.432735][    C1]  ? NF_HOOK+0x9a/0x3a0
[ 2504.432752][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 2504.432772][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 2504.432796][    C1]  ? __pfx_ip_rcv+0x10/0x10
[ 2504.432813][    C1]  __netif_receive_skb+0x143/0x380
[ 2504.432830][    C1]  ? rt_spin_unlock+0x65/0x80
[ 2504.432850][    C1]  ? process_backlog+0x27b/0x900
[ 2504.432868][    C1]  process_backlog+0x31e/0x900
[ 2504.432892][    C1]  __napi_poll+0xb6/0x540
[ 2504.432912][    C1]  net_rx_action+0x707/0xe00
[ 2504.432939][    C1]  ? __pfx_net_rx_action+0x10/0x10
[ 2504.432976][    C1]  handle_softirqs+0x22c/0x710
[ 2504.432999][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 2504.433024][    C1]  run_ktimerd+0xcf/0x190
[ 2504.433045][    C1]  ? __pfx_run_ktimerd+0x10/0x10
[ 2504.433065][    C1]  ? schedule+0x91/0x360
[ 2504.433086][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[ 2504.433105][    C1]  smpboot_thread_fn+0x542/0xa60
[ 2504.433125][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[ 2504.433156][    C1]  kthread+0x711/0x8a0
[ 2504.433179][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 2504.433198][    C1]  ? __pfx_kthread+0x10/0x10
[ 2504.433223][    C1]  ? __pfx_kthread+0x10/0x10
[ 2504.433245][    C1]  ret_from_fork+0x3f9/0x770
[ 2504.433266][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 2504.433288][    C1]  ? __switch_to_asm+0x39/0x70
[ 2504.433303][    C1]  ? __switch_to_asm+0x33/0x70
[ 2504.433318][    C1]  ? __pfx_kthread+0x10/0x10
[ 2504.433340][    C1]  ret_from_fork_asm+0x1a/0x30
[ 2504.433363][    C1]  </TASK>
[ 2504.433617][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[ 2504.433631][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2504.433652][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2504.433662][   T38] Call Trace:
[ 2504.433669][   T38]  <TASK>
[ 2504.433677][   T38]  dump_stack_lvl+0x99/0x250
[ 2504.433700][   T38]  ? __asan_memcpy+0x40/0x70
[ 2504.433718][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2504.433742][   T38]  ? __pfx__printk+0x10/0x10
[ 2504.433772][   T38]  vpanic+0x281/0x750
[ 2504.433799][   T38]  ? __pfx_vpanic+0x10/0x10
[ 2504.433820][   T38]  ? __x2apic_send_IPI_mask+0x1e4/0x260
[ 2504.433839][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2504.433871][   T38]  panic+0xb9/0xc0
[ 2504.433899][   T38]  ? __pfx_panic+0x10/0x10
[ 2504.433925][   T38]  ? irq_work_queue+0xc3/0x140
[ 2504.433950][   T38]  ? nmi_trigger_cpumask_backtrace+0x234/0x300
[ 2504.433973][   T38]  watchdog+0xfd2/0xfe0
[ 2504.433998][   T38]  ? watchdog+0x1de/0xfe0
[ 2504.434025][   T38]  kthread+0x711/0x8a0
[ 2504.434052][   T38]  ? __pfx_watchdog+0x10/0x10
[ 2504.434071][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.434099][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.434123][   T38]  ret_from_fork+0x3f9/0x770
[ 2504.434146][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 2504.434173][   T38]  ? __switch_to_asm+0x39/0x70
[ 2504.434190][   T38]  ? __switch_to_asm+0x33/0x70
[ 2504.434206][   T38]  ? __pfx_kthread+0x10/0x10
[ 2504.434230][   T38]  ret_from_fork_asm+0x1a/0x30
[ 2504.434262][   T38]  </TASK>
[ 2504.434529][   T38] Kernel Offset: disabled