last executing test programs:

7m40.84501028s ago: executing program 0 (id=40):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x50, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, 0x0, 0xed522907ca1b3483, 0x25018}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_UDP_CSUM={0x5, 0x8, 0x1}]}}}, @IFLA_IFNAME={0x14, 0x3, 'geneve0\x00'}]}, 0x50}}, 0x80)

7m39.892932813s ago: executing program 0 (id=42):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
socket(0x10, 0x803, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getdents64(0xffffffffffffffff, &(0x7f0000000080)=""/105, 0x69)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2c, 0x0, &(0x7f00000001c0))
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r3, &(0x7f0000001040)={0xc, {"a2e3ad21ed0d52f91b5d390887f70e06d038e7ff7fc6e5539b3272298b089b07081b4d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b39070d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc825d8e524b2451138e495bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546850a27af9544ae15a7e454dea05918b4fd42513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c9000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cfe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdc80c47ee4f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2691491abf8ab9c015073014d9e08d4338b8780bdecd436cf0541e4505bc3a45237f104b962102de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78ff95b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd735892892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af0000807e0000000002d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5407000000e3ad038f2211f1033195563c7f93cd54b9094f226e78b271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b4051db55e0510a6e4114a53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005008000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a6d8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546def271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652770711935f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f42f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599af40005b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fd30d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb84d9a88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678458fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000000000000000000000000bd700", 0x1000}}, 0x375)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r5 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x210000, 0x0)
readv(r5, &(0x7f0000000380)=[{&(0x7f0000000180)}, {&(0x7f0000000240)=""/109, 0x6d}], 0x2)
fcntl$setstatus(r4, 0x4, 0x0)
ioctl$UI_GET_SYSNAME(r4, 0x8040552c, 0x0)

7m29.143458253s ago: executing program 0 (id=59):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000200)="fd", 0x1}], 0x1, 0x0, 0x0, 0x8008044}, 0x881)
r1 = dup(r0)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000000)=0xb, 0x4)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000180)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x29fdf)

7m28.884947931s ago: executing program 0 (id=61):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215, 0xffe}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x4c}, 0x1, 0xba01, 0x0, 0x4010}, 0x4000040)

7m24.868682895s ago: executing program 0 (id=66):
r0 = socket$kcm(0x10, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x2)
r4 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x60000)
ioctl$I2C_PEC(0xffffffffffffffff, 0x708, 0x9099)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000000300)={0x1, 0x0, 0x7, &(0x7f0000000100)={0x0, "fd6d44512b7e1b0420ec2a3ba53b31dd77e7ffffff0300"}})
r5 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r5, 0x58, &(0x7f0000000080)={0x0, <r6=>0x0}}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000540)={r6, 0xfffffff8}, 0xc)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
r8 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb), 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(0xffffffffffffffff, 0x22, &(0x7f0000000000)={&(0x7f0000003000)={[{0x0, 0x0, 0x3}]}, 0x1}, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r7)

7m23.074766788s ago: executing program 0 (id=68):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0xa, 0x0)
read$msr(r0, &(0x7f0000002240)=""/102400, 0x19000)
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$I2C_SMBUS(r1, 0x720, 0x0)
open(0x0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x840}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, &(0x7f0000000480)=ANY=[@ANYBLOB])
r3 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
open(&(0x7f0000000140)='./file1\x00', 0x0, 0xc0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})

7m7.942660356s ago: executing program 32 (id=68):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0xa, 0x0)
read$msr(r0, &(0x7f0000002240)=""/102400, 0x19000)
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$I2C_SMBUS(r1, 0x720, 0x0)
open(0x0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x840}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, &(0x7f0000000480)=ANY=[@ANYBLOB])
r3 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
open(&(0x7f0000000140)='./file1\x00', 0x0, 0xc0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})

4m3.82393448s ago: executing program 1 (id=449):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010, 0x2, 0x39d}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, 0x0)
io_uring_enter(r1, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)

4m2.205320527s ago: executing program 1 (id=452):
mkdir(0x0, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
lstat(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20004800)
socket(0x10, 0x803, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
preadv(0xffffffffffffffff, &(0x7f00000002c0), 0x0, 0x35, 0x1)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x400048c0}, 0x0)

4m1.247656507s ago: executing program 1 (id=455):
r0 = syz_open_dev$vim2m(0x0, 0x800, 0x2)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_QUERYBUF(r1, 0xc04c5609, &(0x7f0000000140)=@fd={0x1, 0x4, 0x4, 0x40, 0xf1, {}, {0x7, 0x1, 0xf, 0x4, 0x6, 0x3, "b7e1c5ad"}, 0x3, 0x4, {}, 0x67})
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000280)={0xf0f022})
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x2, @win={{0x6, 0xc, 0x40, 0xe0fd}, 0x0, 0x2, 0x0, 0xc, 0x0, 0x6}})

4m0.792978225s ago: executing program 1 (id=457):
syz_open_dev$tty1(0xc, 0x4, 0x3)
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00')
lseek(r0, 0x3, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)})
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet6_buf(r0, 0x29, 0x14, &(0x7f0000000440)=""/156, &(0x7f0000000180)=0x9c)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0)
prlimit64(0x0, 0xc, &(0x7f0000000100)={0x40000000000000, 0x8}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, 0x0)
setpgid(0x0, r1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

4m0.376491939s ago: executing program 1 (id=459):
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x18ca02a0, 0x0)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(r0, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
sendmmsg$inet6(r0, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0}}], 0x17fd147c801ae9ab, 0xff00)

3m59.076744624s ago: executing program 1 (id=460):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000080)={@loopback={0xfec0ffff00000000}, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0x0, 0x7, 0x20, 0x0, 0x0, 0x100000212})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$unix(0x1, 0x2, 0x0)
preadv(r3, 0x0, 0x0, 0x1f1, 0x0)
socket$inet(0x2, 0x3, 0x4000001)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r4 = socket(0x9, 0x2, 0xfffffff0)
write(r4, 0x0, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, &(0x7f00000001c0)={0x77359400})
socket(0x2, 0x80805, 0x0)
modify_ldt$write(0x1, &(0x7f0000000340)={0x8, 0x20000000}, 0x10)
modify_ldt$read(0x0, 0x0, 0x0)
getsockopt$inet_int(0xffffffffffffffff, 0x0, 0x14, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x18}, [@ldst={0x6, 0x3, 0x6, 0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
connect$unix(r5, 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001380), 0x0, 0x0)
ioctl$TIOCSPGRP(r6, 0x5410, 0x0)
recvmmsg(r5, &(0x7f0000000140), 0x0, 0x2, 0x0)

3m58.263327832s ago: executing program 33 (id=460):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000080)={@loopback={0xfec0ffff00000000}, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0x0, 0x7, 0x20, 0x0, 0x0, 0x100000212})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$unix(0x1, 0x2, 0x0)
preadv(r3, 0x0, 0x0, 0x1f1, 0x0)
socket$inet(0x2, 0x3, 0x4000001)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r4 = socket(0x9, 0x2, 0xfffffff0)
write(r4, 0x0, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x2, &(0x7f00000001c0)={0x77359400})
socket(0x2, 0x80805, 0x0)
modify_ldt$write(0x1, &(0x7f0000000340)={0x8, 0x20000000}, 0x10)
modify_ldt$read(0x0, 0x0, 0x0)
getsockopt$inet_int(0xffffffffffffffff, 0x0, 0x14, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x18}, [@ldst={0x6, 0x3, 0x6, 0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff})
connect$unix(r5, 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001380), 0x0, 0x0)
ioctl$TIOCSPGRP(r6, 0x5410, 0x0)
recvmmsg(r5, &(0x7f0000000140), 0x0, 0x2, 0x0)

2m34.360929446s ago: executing program 3 (id=688):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

2m34.225644438s ago: executing program 3 (id=690):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x4800)

2m34.04476663s ago: executing program 3 (id=691):
mount(0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
gettid()
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r2=>0x0})
connect$can_j1939(r1, &(0x7f00000000c0)={0x1d, r2, 0x0, {0x0, 0xf0}, 0xfe}, 0x18)
r3 = fcntl$dupfd(r1, 0x406, r1)
bind$can_j1939(r3, &(0x7f0000000040)={0x1d, r2, 0x2, {0x0, 0xff, 0x3}, 0xfe}, 0x18)

2m33.365612705s ago: executing program 3 (id=692):
syz_open_dev$tty1(0xc, 0x4, 0x3)
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00')
lseek(r0, 0x3, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)})
socket$nl_route(0x10, 0x3, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0)
syz_pidfd_open(0x0, 0x0)
prlimit64(0x0, 0xc, &(0x7f0000000100)={0x40000000000000, 0x8}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r1, 0x0)
setpgid(0x0, r1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

2m33.075127648s ago: executing program 3 (id=694):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
unshare(0x22020400)
execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)

2m32.180996715s ago: executing program 3 (id=696):
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x463}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d424000000000000002900000002", 0x2d)

2m30.604535928s ago: executing program 34 (id=696):
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x463}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d424000000000000002900000002", 0x2d)

8.32806571s ago: executing program 2 (id=984):
ioctl$RTC_RD_TIME(0xffffffffffffffff, 0x80247009, &(0x7f0000000300))
syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x20, 0x4, 0x44, 0x0, 0x0, 0x1}, [@FRA_SRC={0x8, 0x2, @private=0xa010101}]}, 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)

7.02329186s ago: executing program 4 (id=986):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = dup(r0)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
close(r4)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x3a9e9908})
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x6, 0x2, 0x2, 0x0, 0xc6})
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000780)=ANY=[@ANYBLOB="c20200007d00000005fa0000006a0000004000000000000000000000000000000010000000020000000000000000000000001f00046e6f6465767b6376666f7825ffffff8102000000000000000000000000003800704a86cec602007dfa673effeb09b5351f5bde054000000000187b8200b500003b595fcb14034354b9fd9ef196a51cd5157adc8106b494e11200fbe161e900000000000000000000f313f6005e00f8f67efb716dcf315ecaf385409ac65b9408679d2c3b9e1d52c3d6da9bf1995688dace6cde7ba4a400b4b0b4dbe64f64b1d63f26796dcbec498623d6a838c69a69dfce9cdd5906f174a666a8529a45773407dbdab2885baf050000000000b3016f6465762d6eb17b2300f9daa1ee23266ecf85fea65eb2d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae89480687bd7f3d7f298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d7238501000000aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9cf3ee3884002a91c54528b807a89ca184d16645f06188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f299f061f75b7797ce1e411ea918ebd888c1e156b8456931d2ea726ba9609d51a41dd3de304bd7c7ed0a456f0ae12516105c9478f7ded2dc47ec13c0f6af88ba6e5c6397c7d5021d7989528fd1739e1c2d87fff000000000000007461b0ccaaa1933a0e8a826b14d4fcb2989ffaaa1acffa8054e9559dfae4697aa00b03b3d80e5524f8495fee7e8d88cb5a040302acb0d1260f2584db48e8d9064e8ce178ce396e85b97e4886444049810f25f1ceca975deb491a125bf0d72f87cc10b0154e08936daadd8b1e9798d4ec", @ANYRES64], 0x2c2)
write$UHID_INPUT(r1, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5d300987f70e06d038e7ff7fc6e5539b0d650e8b089b3f313b6c090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07410936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0)
name_to_handle_at(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x400)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f0000000200)={{0x1, 0x1, 0x18, r1, {0x23e}}, './file0\x00'})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)

5.336948159s ago: executing program 4 (id=987):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000240)={<r1=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000400))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740))
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f00000001c0)={r1})

5.24989003s ago: executing program 4 (id=988):
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000080), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x68e, &(0x7f0000000740)={0x0, 0x5531, 0x10100, 0x2, 0x1d4, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, 0x0)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
recvmsg(r4, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x122)

4.861931721s ago: executing program 2 (id=989):
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x9, 0x8, 0x0, 0x3}, 0x0)
write$RDMA_USER_CM_CMD_MIGRATE_ID(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$ttys(0xc, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x2, 0x3}}, 0x20)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5393, &(0x7f0000000000))
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0xe)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a45320, &(0x7f00000000c0)={{0x80}, 'port0\x00', 0x3eb, 0x2062f, 0x3, 0x7, 0x0, 0xc, 0x400, 0x0, 0x6, 0xfd})

3.512890257s ago: executing program 4 (id=990):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x3a00, 0x5, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

3.119996617s ago: executing program 4 (id=991):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r3 = syz_open_procfs(0xffffffffffffffff, 0x0)
pread64(r3, &(0x7f0000001300)=""/4118, 0x1016, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
memfd_create(0x0, 0x3)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r5 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bind$tipc(r4, 0x0, 0x0)
sendmsg$tipc(r5, 0x0, 0x8820)
close(r4)

2.590366169s ago: executing program 2 (id=992):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="1800000024000103000000000000000001008c000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f00000007c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000003c0)=""/130, 0x82}, {&(0x7f0000004740)=""/4090, 0xffa}], 0x2}}, {{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000001740)=""/4106, 0x100a}, {&(0x7f0000003740)=""/4083, 0xff3}], 0x2}, 0x8}], 0x3, 0x2, 0x0)

1.538650679s ago: executing program 2 (id=993):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r0, &(0x7f0000001300)="92", 0x2)

1.113618541s ago: executing program 4 (id=994):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r1 = dup(r0)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
close(r4)
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(0xffffffffffffffff, 0xc01864b0, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, 0x3a9e9908})
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x6, 0x2, 0x2, 0x0, 0xc6})
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000780)=ANY=[@ANYBLOB="c20200007d00000005fa0000006a0000004000000000000000000000000000000010000000020000000000000000000000001f00046e6f6465767b6376666f7825ffffff8102000000000000000000000000003800704a86cec602007dfa673effeb09b5351f5bde054000000000187b8200b500003b595fcb14034354b9fd9ef196a51cd5157adc8106b494e11200fbe161e900000000000000000000f313f6005e00f8f67efb716dcf315ecaf385409ac65b9408679d2c3b9e1d52c3d6da9bf1995688dace6cde7ba4a400b4b0b4dbe64f64b1d63f26796dcbec498623d6a838c69a69dfce9cdd5906f174a666a8529a45773407dbdab2885baf050000000000b3016f6465762d6eb17b2300f9daa1ee23266ecf85fea65eb2d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae89480687bd7f3d7f298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d7238501000000aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9cf3ee3884002a91c54528b807a89ca184d16645f06188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f299f061f75b7797ce1e411ea918ebd888c1e156b8456931d2ea726ba9609d51a41dd3de304bd7c7ed0a456f0ae12516105c9478f7ded2dc47ec13c0f6af88ba6e5c6397c7d5021d7989528fd1739e1c2d87fff000000000000007461b0ccaaa1933a0e8a826b14d4fcb2989ffaaa1acffa8054e9559dfae4697aa00b03b3d80e5524f8495fee7e8d88cb5a040302acb0d1260f2584db48e8d9064e8ce178ce396e85b97e4886444049810f25f1ceca975deb491a125bf0d72f87cc10b0154e08936daadd8b1e9798d4ec", @ANYRES64], 0x2c2)
write$UHID_INPUT(r1, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5d300987f70e06d038e7ff7fc6e5539b0d650e8b089b3f313b6c090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07410936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0)
name_to_handle_at(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x400)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)

184.750752ms ago: executing program 2 (id=995):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0})
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000240)={<r1=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000400))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740))
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f00000001c0)={r1})

0s ago: executing program 2 (id=996):
unlink(0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$loop(0x0, 0x7, 0x400)
ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r2)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x0, 0x200000, 0x0, 0x20b49, 0x9, 0x6, 0x10, 0x3}, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r6=>0x0})
connect$can_bcm(r5, &(0x7f00000000c0)={0x1d, r6}, 0x10)
sendmsg$can_bcm(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r4, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40810}, 0x4000)
sendmsg$can_bcm(r5, 0x0, 0x0)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0xfffa, @empty}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r7, 0x29, 0x48, 0x0, 0x40)

kernel console output (not intermixed with test programs):

uetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   84.784119][ T5852] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   84.784384][ T5853] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   84.799668][ T5852] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   84.801662][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   84.808671][ T5848] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   84.809916][ T5848] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   84.811507][ T5848] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   84.812408][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   84.819947][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   84.858962][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   84.934459][ T5156] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   84.935930][ T5156] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   84.956828][ T5156] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   84.958730][ T5156] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   84.974028][ T5156] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   85.812427][ T5847] chnl_net:caif_netlink_parms(): no params data found
[   85.817427][ T5837] chnl_net:caif_netlink_parms(): no params data found
[   85.889896][ T5835] chnl_net:caif_netlink_parms(): no params data found
[   85.924634][ T5855] chnl_net:caif_netlink_parms(): no params data found
[   86.147583][ T5838] chnl_net:caif_netlink_parms(): no params data found
[   86.753832][   T31] cfg80211: failed to load regulatory.db
[   86.831121][ T5848] Bluetooth: hci2: command tx timeout
[   86.871208][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.872938][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.873515][ T5847] bridge_slave_0: entered allmulticast mode
[   86.875488][ T5847] bridge_slave_0: entered promiscuous mode
[   86.879288][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.879416][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.879577][ T5837] bridge_slave_0: entered allmulticast mode
[   86.882181][ T5837] bridge_slave_0: entered promiscuous mode
[   86.910463][ T5848] Bluetooth: hci0: command tx timeout
[   86.910482][ T5156] Bluetooth: hci3: command tx timeout
[   86.910888][   T59] Bluetooth: hci1: command tx timeout
[   86.989431][ T5848] Bluetooth: hci4: command tx timeout
[   87.092804][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.092951][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.093137][ T5837] bridge_slave_1: entered allmulticast mode
[   87.097814][ T5837] bridge_slave_1: entered promiscuous mode
[   87.101596][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.101724][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.101889][ T5847] bridge_slave_1: entered allmulticast mode
[   87.104455][ T5847] bridge_slave_1: entered promiscuous mode
[   87.211273][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.211405][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.211586][ T5835] bridge_slave_0: entered allmulticast mode
[   87.213491][ T5835] bridge_slave_0: entered promiscuous mode
[   87.449040][ T5855] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.449116][ T5855] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.450919][ T5855] bridge_slave_0: entered allmulticast mode
[   87.453592][ T5855] bridge_slave_0: entered promiscuous mode
[   87.457054][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.457181][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.457339][ T5835] bridge_slave_1: entered allmulticast mode
[   87.470463][ T5835] bridge_slave_1: entered promiscuous mode
[   87.740183][ T5855] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.740335][ T5855] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.740509][ T5855] bridge_slave_1: entered allmulticast mode
[   87.742321][ T5855] bridge_slave_1: entered promiscuous mode
[   87.826479][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.834869][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.836341][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.836469][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.836659][ T5838] bridge_slave_0: entered allmulticast mode
[   87.853023][ T5838] bridge_slave_0: entered promiscuous mode
[   88.065972][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.072041][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.072260][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.072385][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.072542][ T5838] bridge_slave_1: entered allmulticast mode
[   88.075397][ T5838] bridge_slave_1: entered promiscuous mode
[   88.166924][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.366822][ T5855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.374734][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.604864][ T5855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.673382][ T5837] team0: Port device team_slave_0 added
[   88.676468][ T5847] team0: Port device team_slave_0 added
[   88.687025][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.835998][ T5837] team0: Port device team_slave_1 added
[   88.842291][ T5847] team0: Port device team_slave_1 added
[   88.846213][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.909571][ T5848] Bluetooth: hci2: command tx timeout
[   88.929168][ T5835] team0: Port device team_slave_0 added
[   88.989566][ T5848] Bluetooth: hci0: command tx timeout
[   88.989595][ T5848] Bluetooth: hci3: command tx timeout
[   88.989610][ T5848] Bluetooth: hci1: command tx timeout
[   89.069479][   T59] Bluetooth: hci4: command tx timeout
[   89.171707][ T5855] team0: Port device team_slave_0 added
[   89.174026][ T5835] team0: Port device team_slave_1 added
[   89.671708][ T5855] team0: Port device team_slave_1 added
[   89.731182][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.731193][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.731207][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.733445][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.733457][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.733479][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.735586][ T5838] team0: Port device team_slave_0 added
[   89.892194][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.892210][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.892233][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.893323][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.893331][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.893344][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.895113][ T5838] team0: Port device team_slave_1 added
[   89.978625][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.978640][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.978662][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.100574][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.100596][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.100618][ T5855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.101888][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.101899][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.101920][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.307284][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.307299][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.307312][ T5855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.357054][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.357065][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.357079][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.517211][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.517227][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.517250][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.776153][ T5837] hsr_slave_0: entered promiscuous mode
[   90.777170][ T5837] hsr_slave_1: entered promiscuous mode
[   90.789173][ T5847] hsr_slave_0: entered promiscuous mode
[   90.797797][ T5847] hsr_slave_1: entered promiscuous mode
[   90.798877][ T5847] debugfs: 'hsr0' already exists in 'hsr'
[   90.798991][ T5847] Cannot create hsr debugfs directory
[   90.968143][ T5835] hsr_slave_0: entered promiscuous mode
[   90.968961][ T5835] hsr_slave_1: entered promiscuous mode
[   90.970498][ T5835] debugfs: 'hsr0' already exists in 'hsr'
[   90.970521][ T5835] Cannot create hsr debugfs directory
[   90.989583][   T59] Bluetooth: hci2: command tx timeout
[   91.069717][   T59] Bluetooth: hci1: command tx timeout
[   91.069746][   T59] Bluetooth: hci3: command tx timeout
[   91.069767][   T59] Bluetooth: hci0: command tx timeout
[   91.131237][ T5855] hsr_slave_0: entered promiscuous mode
[   91.132361][ T5855] hsr_slave_1: entered promiscuous mode
[   91.132867][ T5855] debugfs: 'hsr0' already exists in 'hsr'
[   91.132884][ T5855] Cannot create hsr debugfs directory
[   91.149524][ T5848] Bluetooth: hci4: command tx timeout
[   91.570025][ T5838] hsr_slave_0: entered promiscuous mode
[   91.571288][ T5838] hsr_slave_1: entered promiscuous mode
[   91.572160][ T5838] debugfs: 'hsr0' already exists in 'hsr'
[   91.572181][ T5838] Cannot create hsr debugfs directory
[   93.071227][ T5848] Bluetooth: hci2: command tx timeout
[   93.076633][ T5837] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   93.126659][ T5837] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   93.150204][   T59] Bluetooth: hci3: command tx timeout
[   93.150235][   T59] Bluetooth: hci1: command tx timeout
[   93.150274][ T5848] Bluetooth: hci0: command tx timeout
[   93.153334][ T5837] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   93.208958][ T5837] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   93.229445][ T5156] Bluetooth: hci4: command tx timeout
[   93.367753][ T5847] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   93.416488][ T5847] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   93.459553][ T5847] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   93.508969][ T5847] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   93.658195][ T5835] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   93.708622][ T5835] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   93.747217][ T5835] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   93.804032][ T5835] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   93.958270][ T5855] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   94.004990][ T5855] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   94.047645][ T5855] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   94.112272][ T5855] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   94.169881][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.267480][ T5838] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   94.323857][ T5838] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   94.369038][ T5838] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   94.406824][ T5837] 8021q: adding VLAN 0 to HW filter on device team0
[   94.408398][ T5838] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   94.496208][ T1728] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.496880][ T1728] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.550539][ T1728] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.550665][ T1728] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.586172][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.698247][ T5847] 8021q: adding VLAN 0 to HW filter on device team0
[   94.750671][ T1728] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.750891][ T1728] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.762197][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.814150][ T1728] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.814290][ T1728] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.897057][ T5835] 8021q: adding VLAN 0 to HW filter on device team0
[   94.998299][ T1471] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.999628][ T1471] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.023347][ T5855] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.081573][ T1728] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.081731][ T1728] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.192449][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.198898][ T5855] 8021q: adding VLAN 0 to HW filter on device team0
[   95.254287][ T1728] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.254502][ T1728] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.333056][ T1471] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.333331][ T1471] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.372412][ T5838] 8021q: adding VLAN 0 to HW filter on device team0
[   95.386191][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.455225][ T1728] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.459132][ T1728] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.503858][ T4308] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.504135][ T4308] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.808413][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.181219][ T5847] veth0_vlan: entered promiscuous mode
[   96.240776][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.284067][ T5847] veth1_vlan: entered promiscuous mode
[   96.457952][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.501639][ T5855] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.519728][ T5847] veth0_macvtap: entered promiscuous mode
[   96.537300][ T5837] veth0_vlan: entered promiscuous mode
[   96.558463][ T5847] veth1_macvtap: entered promiscuous mode
[   96.597354][ T5835] veth0_vlan: entered promiscuous mode
[   96.622088][ T5837] veth1_vlan: entered promiscuous mode
[   96.671259][ T5835] veth1_vlan: entered promiscuous mode
[   96.691995][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.728749][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.791283][ T1471] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.797237][ T5838] veth0_vlan: entered promiscuous mode
[   96.798375][ T1471] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.826875][ T1471] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.838159][ T1471] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.846100][ T5855] veth0_vlan: entered promiscuous mode
[   96.919933][ T5838] veth1_vlan: entered promiscuous mode
[   96.923712][ T5837] veth0_macvtap: entered promiscuous mode
[   97.009726][ T5855] veth1_vlan: entered promiscuous mode
[   97.015738][ T5837] veth1_macvtap: entered promiscuous mode
[   97.032962][ T5835] veth0_macvtap: entered promiscuous mode
[   97.116173][ T5835] veth1_macvtap: entered promiscuous mode
[   97.200166][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.255257][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.258676][ T1508] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.258700][ T1508] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.265713][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.340344][ T5838] veth0_macvtap: entered promiscuous mode
[   97.341899][ T5855] veth0_macvtap: entered promiscuous mode
[   97.344570][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.344651][   T57] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.387024][   T57] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.410990][   T57] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.417989][ T5838] veth1_macvtap: entered promiscuous mode
[   97.428214][ T5855] veth1_macvtap: entered promiscuous mode
[   97.442491][ T1508] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.461207][ T1471] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.461225][ T1471] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.468886][ T1508] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.521750][ T1508] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.546545][ T1508] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.556844][ T1508] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.795987][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.838821][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.909907][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.966359][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.027815][ T1508] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.027837][ T1508] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.053687][ T1411] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.074268][ T1411] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.098586][ T1411] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.109555][ T1411] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.166383][ T1411] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.218797][ T1411] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.231276][ T1411] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.231390][ T1411] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.231403][ T1411] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.238291][ T1411] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.499510][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   98.643930][ T1728] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.643947][ T1728] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.689277][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   98.690142][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   98.691305][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   98.692435][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   98.693596][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   98.694761][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   98.695916][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   98.697072][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[   99.065339][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.065360][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.290006][   T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.290029][   T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.479465][ T1728] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.479483][ T1728] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.080850][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  101.028236][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.028249][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.343973][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.343988][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.667045][ T5987] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  103.716806][ T5987] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  106.973548][   T45] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  107.093904][ T6015] process 'syz.0.14' launched './file0' with NULL argv: empty string added
[  107.497279][   T45] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  107.497314][   T45] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  107.497357][   T45] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  107.497378][   T45] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.531721][ T6008] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  107.813430][   T45] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  109.116422][ T6028] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  109.973413][ T6039] netlink: 28 bytes leftover after parsing attributes in process `syz.3.21'.
[  109.973440][ T6039] netlink: 28 bytes leftover after parsing attributes in process `syz.3.21'.
[  110.002608][ T6039] ubi31: attaching mtd0
[  110.062842][ T6039] ubi31: scanning is finished
[  110.062887][ T6039] ubi31: empty MTD device detected
[  110.848054][ T6039] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  110.848070][ T6039] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  110.848079][ T6039] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  110.848088][ T6039] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  110.848102][ T6039] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  110.848110][ T6039] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  110.848119][ T6039] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2856705545
[  110.848129][ T6039] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  110.915423][ T6045] ubi31: background thread "ubi_bgt31d" started, PID 6045
[  111.176052][   T45] usb 3-1: USB disconnect, device number 2
[  112.588177][ T6051] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  116.429506][   T31] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  116.704059][   T31] usb 3-1: Using ep0 maxpacket: 8
[  116.709685][   T31] usb 3-1: unable to get BOS descriptor or descriptor too short
[  116.711209][   T31] usb 3-1: config 4 interface 0 has no altsetting 0
[  116.718224][   T31] usb 3-1: string descriptor 0 read error: -22
[  116.718390][   T31] usb 3-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  116.718413][   T31] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.347999][   T31] usb 3-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  117.520335][   T31] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  117.522416][   T31] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  117.522500][   T31] usb 3-1: media controller created
[  117.803001][   T31] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  119.326360][   T31] usb 3-1: USB disconnect, device number 3
[  125.501215][    C1] vkms_vblank_simulate: vblank timer overrun
[  125.890767][ T6140] Bluetooth: MGMT ver 1.23
[  125.960352][    C1] vkms_vblank_simulate: vblank timer overrun
[  126.163956][    C1] vkms_vblank_simulate: vblank timer overrun
[  128.226402][ T6154] warning: `syz.4.53' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  128.913086][ T6159] Zero length message leads to an empty skb
[  132.850424][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  132.850521][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  135.142839][ T6178] vlan2: entered allmulticast mode
[  135.143087][ T6178] bridge0: port 3(vlan2) entered blocking state
[  135.159653][ T6178] bridge0: port 3(vlan2) entered disabled state
[  135.181552][ T6178] vlan2: entered promiscuous mode
[  142.172097][    C0] vkms_vblank_simulate: vblank timer overrun
[  142.857016][    C0] vkms_vblank_simulate: vblank timer overrun
[  143.671148][    C0] vkms_vblank_simulate: vblank timer overrun
[  143.870695][    C0] vkms_vblank_simulate: vblank timer overrun
[  144.007924][    C0] vkms_vblank_simulate: vblank timer overrun
[  144.677195][    C0] vkms_vblank_simulate: vblank timer overrun
[  144.703321][    C0] vkms_vblank_simulate: vblank timer overrun
[  144.986628][ T6244] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  147.194590][    C0] vkms_vblank_simulate: vblank timer overrun
[  147.658376][    C0] vkms_vblank_simulate: vblank timer overrun
[  148.447171][    C0] vkms_vblank_simulate: vblank timer overrun
[  148.616484][    C0] vkms_vblank_simulate: vblank timer overrun
[  148.761483][    C0] vkms_vblank_simulate: vblank timer overrun
[  149.360814][    C0] vkms_vblank_simulate: vblank timer overrun
[  149.723164][    C0] vkms_vblank_simulate: vblank timer overrun
[  149.905901][    C0] vkms_vblank_simulate: vblank timer overrun
[  150.702963][    C0] vkms_vblank_simulate: vblank timer overrun
[  157.612057][ T5930] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  157.714958][ T5848] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  157.755757][ T5848] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  157.758104][ T5848] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  157.769428][ T5848] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  157.773994][ T5848] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  157.831503][ T5930] usb 3-1: Using ep0 maxpacket: 32
[  157.837378][ T5930] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  157.837404][ T5930] usb 3-1: config 0 has no interface number 0
[  157.837455][ T5930] usb 3-1: config 0 interface 184 has no altsetting 0
[  157.881086][ T5930] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  157.881124][ T5930] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.881135][ T5930] usb 3-1: Product: syz
[  157.881142][ T5930] usb 3-1: Manufacturer: syz
[  157.881149][ T5930] usb 3-1: SerialNumber: syz
[  157.884119][ T5930] usb 3-1: config 0 descriptor??
[  157.925734][ T5930] smsc75xx v1.0.0
[  159.070368][ T5916] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  159.222173][ T5930] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  159.222202][ T5930] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  159.248082][ T5916] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  159.248111][ T5916] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.343747][ T5916] usb 2-1: config 0 descriptor??
[  159.427638][ T5930] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  159.427658][ T5930] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  159.427668][ T5930] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  159.427684][ T5930] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  159.428039][ T5930] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[  159.452935][ T5916] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  159.463843][ T5930] usb 3-1: USB disconnect, device number 4
[  159.871081][ T5848] Bluetooth: hci5: command tx timeout
[  161.965038][ T5848] Bluetooth: hci5: command tx timeout
[  163.266408][ T5916] usb 2-1: USB disconnect, device number 2
[  163.322115][ T6328] netlink: 64 bytes leftover after parsing attributes in process `syz.2.106'.
[  164.430917][ T5848] Bluetooth: hci5: command tx timeout
[  164.516854][ T5848] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  164.516910][ T5848] CPU: 1 UID: 0 PID: 5848 Comm: kworker/u9:5 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  164.516936][ T5848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  164.516950][ T5848] Workqueue: hci1 hci_rx_work
[  164.516990][ T5848] Call Trace:
[  164.516999][ T5848]  <TASK>
[  164.517008][ T5848]  dump_stack_lvl+0x189/0x250
[  164.517042][ T5848]  ? __pfx_dump_stack_lvl+0x10/0x10
[  164.517070][ T5848]  ? __pfx__printk+0x10/0x10
[  164.517095][ T5848]  ? kernfs_path_from_node+0x2c/0x280
[  164.517116][ T5848]  ? kernfs_path_from_node+0x243/0x280
[  164.517133][ T5848]  ? kernfs_path_from_node+0x2c/0x280
[  164.517157][ T5848]  sysfs_create_dir_ns+0x259/0x280
[  164.517176][ T5848]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  164.517202][ T5848]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  164.517222][ T5848]  ? rt_spin_unlock+0x65/0x80
[  164.517252][ T5848]  kobject_add_internal+0x5a5/0xb50
[  164.517283][ T5848]  kobject_add+0x155/0x220
[  164.517309][ T5848]  ? __pfx_kobject_add+0x10/0x10
[  164.517337][ T5848]  ? get_device_parent+0x370/0x3a0
[  164.517361][ T5848]  device_add+0x408/0xb50
[  164.517391][ T5848]  hci_conn_add_sysfs+0xd5/0x1e0
[  164.517417][ T5848]  le_conn_complete_evt+0xc3a/0x1220
[  164.517460][ T5848]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  164.517489][ T5848]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  164.517518][ T5848]  ? lockdep_hardirqs_on+0x9c/0x150
[  164.517550][ T5848]  ? skb_pull_data+0xfb/0x200
[  164.517579][ T5848]  hci_le_conn_complete_evt+0x187/0x450
[  164.517614][ T5848]  hci_event_packet+0x78f/0x1200
[  164.517641][ T5848]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  164.517670][ T5848]  ? __pfx_hci_event_packet+0x10/0x10
[  164.517693][ T5848]  ? __pfx_migrate_enable+0x10/0x10
[  164.517726][ T5848]  ? hci_send_to_monitor+0xe2/0x570
[  164.517758][ T5848]  hci_rx_work+0x46a/0xe80
[  164.517789][ T5848]  ? process_scheduled_works+0x9ef/0x17b0
[  164.517815][ T5848]  process_scheduled_works+0xade/0x17b0
[  164.517871][ T5848]  ? __pfx_process_scheduled_works+0x10/0x10
[  164.517914][ T5848]  worker_thread+0x8a0/0xda0
[  164.517967][ T5848]  kthread+0x70e/0x8a0
[  164.518000][ T5848]  ? __pfx_worker_thread+0x10/0x10
[  164.518023][ T5848]  ? __pfx_kthread+0x10/0x10
[  164.518058][ T5848]  ? __pfx_kthread+0x10/0x10
[  164.518087][ T5848]  ret_from_fork+0x439/0x7d0
[  164.518116][ T5848]  ? __pfx_ret_from_fork+0x10/0x10
[  164.518147][ T5848]  ? __switch_to_asm+0x39/0x70
[  164.518165][ T5848]  ? __switch_to_asm+0x33/0x70
[  164.518182][ T5848]  ? __pfx_kthread+0x10/0x10
[  164.518211][ T5848]  ret_from_fork_asm+0x1a/0x30
[  164.518247][ T5848]  </TASK>
[  164.518279][ T5848] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  164.518322][ T5848] Bluetooth: hci1: failed to register connection device
[  165.410596][ T6343] capability: warning: `syz.3.109' uses deprecated v2 capabilities in a way that may be insecure
[  166.297936][ T6355] syz.4.112 uses obsolete (PF_INET,SOCK_PACKET)
[  166.519309][ T5848] Bluetooth: hci5: command tx timeout
[  172.022112][ T6019] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.135256][ T6300] chnl_net:caif_netlink_parms(): no params data found
[  174.893846][ T6019] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.580992][ T6019] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.547345][ T6300] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.584833][ T6300] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.585069][ T6300] bridge_slave_0: entered allmulticast mode
[  179.587828][ T6300] bridge_slave_0: entered promiscuous mode
[  179.989899][ T6300] bridge0: port 2(bridge_slave_1) entered blocking state
[  179.990641][ T6300] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.990885][ T6300] bridge_slave_1: entered allmulticast mode
[  179.993877][ T6300] bridge_slave_1: entered promiscuous mode
[  180.762051][ T6460] netlink: set zone limit has 4 unknown bytes
[  180.954516][ T6019] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.028070][ T6300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  181.031868][ T6465] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  181.034876][ T6465] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.042407][ T6465] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.149491][ T6300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  181.781455][ T6300] team0: Port device team_slave_0 added
[  181.804441][ T6300] team0: Port device team_slave_1 added
[  185.123101][ T6300] batman_adv: batadv0: Adding interface: batadv_slave_0
[  185.123117][ T6300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.123140][ T6300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  185.201223][   T45] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  185.662245][ T6300] batman_adv: batadv0: Adding interface: batadv_slave_1
[  185.662262][ T6300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.662283][ T6300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  185.739504][   T45] usb 2-1: Using ep0 maxpacket: 16
[  185.745625][   T45] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  185.745658][   T45] usb 2-1: config 0 interface 0 has no altsetting 0
[  185.745692][   T45] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  185.745715][   T45] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.821592][   T45] usb 2-1: config 0 descriptor??
[  186.522366][ T6498] 9pnet_virtio: no channels available for device 127.0.0.1
[  187.454603][   T45] nzxt-smart2 0003:1E71:2009.0001: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  187.772124][ T6019] vlan2: left promiscuous mode
[  187.802202][   T45] usb 2-1: USB disconnect, device number 3
[  187.810669][ T6019] bridge0: port 3(vlan2) entered disabled state
[  189.051840][ T6502] fido_id[6502]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory
[  190.512214][ T6019] bridge_slave_1: left allmulticast mode
[  190.512379][ T6019] bridge_slave_1: left promiscuous mode
[  190.512651][ T6019] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.107296][ T6019] bridge_slave_0: left promiscuous mode
[  191.109723][ T6019] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.283861][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  194.283911][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  196.004544][   T37] audit: type=1326 audit(1758206625.225:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6547 comm="syz.2.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  196.698595][   T37] audit: type=1326 audit(1758206625.905:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6547 comm="syz.2.169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  197.091896][ T6556] netlink: 28 bytes leftover after parsing attributes in process `syz.1.172'.
[  198.614513][ T6019] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  198.714968][ T6019] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  199.045820][ T6019] bond0 (unregistering): Released all slaves
[  200.077490][ T6300] hsr_slave_0: entered promiscuous mode
[  200.078840][ T6300] hsr_slave_1: entered promiscuous mode
[  200.082419][ T6300] debugfs: 'hsr0' already exists in 'hsr'
[  200.082443][ T6300] Cannot create hsr debugfs directory
[  202.811757][ T6589] netlink: 20 bytes leftover after parsing attributes in process `syz.3.179'.
[  209.112374][ T6019] hsr_slave_0: left promiscuous mode
[  209.213033][ T6019] hsr_slave_1: left promiscuous mode
[  209.214084][ T6019] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  209.214163][ T6019] batman_adv: batadv0: Removing interface: batadv_slave_0
[  209.274008][ T6019] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  209.274039][ T6019] batman_adv: batadv0: Removing interface: batadv_slave_1
[  209.517952][ T6019] veth1_macvtap: left promiscuous mode
[  209.518187][ T6019] veth0_macvtap: left promiscuous mode
[  209.518511][ T6019] veth1_vlan: left promiscuous mode
[  209.712252][ T6019] veth0_vlan: left promiscuous mode
[  212.163818][ T5852] Bluetooth: hci2: command 0x0406 tx timeout
[  212.163860][ T5852] Bluetooth: hci0: command 0x0406 tx timeout
[  212.163885][ T5852] Bluetooth: hci4: command 0x0406 tx timeout
[  212.163956][ T5849] Bluetooth: hci1: command 0x0406 tx timeout
[  215.384324][ T5156] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  215.388760][ T5156] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  215.405387][ T5156] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  215.408166][ T5156] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  215.408757][ T5156] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  215.489317][    C0] vkms_vblank_simulate: vblank timer overrun
[  215.693610][ T6679] syz.1.206 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  215.696766][    C0] vkms_vblank_simulate: vblank timer overrun
[  215.768469][    C0] vkms_vblank_simulate: vblank timer overrun
[  215.926675][    C0] vkms_vblank_simulate: vblank timer overrun
[  216.439810][    C0] vkms_vblank_simulate: vblank timer overrun
[  216.868949][    C0] vkms_vblank_simulate: vblank timer overrun
[  217.003770][    C0] vkms_vblank_simulate: vblank timer overrun
[  217.897383][    C0] vkms_vblank_simulate: vblank timer overrun
[  217.899076][ T5844] Bluetooth: hci3: command tx timeout
[  217.994926][    C0] vkms_vblank_simulate: vblank timer overrun
[  218.439347][    C0] vkms_vblank_simulate: vblank timer overrun
[  218.529503][    C0] vkms_vblank_simulate: vblank timer overrun
[  218.772482][    C0] vkms_vblank_simulate: vblank timer overrun
[  218.805958][    C0] vkms_vblank_simulate: vblank timer overrun
[  218.871237][ T6019] team0 (unregistering): Port device team_slave_1 removed
[  218.889429][    C0] vkms_vblank_simulate: vblank timer overrun
[  219.210636][ T6019] team0 (unregistering): Port device team_slave_0 removed
[  219.949293][ T5844] Bluetooth: hci3: command tx timeout
[  222.033069][ T5844] Bluetooth: hci3: command tx timeout
[  222.307887][    C0] vkms_vblank_simulate: vblank timer overrun
[  222.505829][    C0] vkms_vblank_simulate: vblank timer overrun
[  222.695964][    C0] vkms_vblank_simulate: vblank timer overrun
[  223.181790][    C0] vkms_vblank_simulate: vblank timer overrun
[  223.412841][    C0] vkms_vblank_simulate: vblank timer overrun
[  223.696012][    C0] vkms_vblank_simulate: vblank timer overrun
[  224.320135][ T5844] Bluetooth: hci3: command tx timeout
[  230.278687][ T6791] tty tty28: ldisc open failed (-12), clearing slot 27
[  235.079310][ T5889] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  235.237414][ T5889] usb 4-1: Using ep0 maxpacket: 32
[  235.241591][ T5889] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  235.244482][ T5889] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  235.244507][ T5889] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  235.244526][ T5889] usb 4-1: Product: syz
[  235.244539][ T5889] usb 4-1: Manufacturer: syz
[  235.244552][ T5889] usb 4-1: SerialNumber: syz
[  235.262047][ T5889] usb 4-1: config 0 descriptor??
[  235.315184][ T6822] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  237.779255][ T5930] usb 4-1: USB disconnect, device number 2
[  238.216585][ T6815] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  238.265627][ T6672] chnl_net:caif_netlink_parms(): no params data found
[  241.688510][ T6878] netlink: 4 bytes leftover after parsing attributes in process `syz.4.258'.
[  242.096780][ T6878] bridge_slave_1: left allmulticast mode
[  242.096803][ T6878] bridge_slave_1: left promiscuous mode
[  242.098233][ T6878] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.340872][ T6878] bridge_slave_0: left allmulticast mode
[  242.340943][ T6878] bridge_slave_0: left promiscuous mode
[  242.343514][ T6878] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.968790][ T6019] bridge_slave_1: left allmulticast mode
[  244.968819][ T6019] bridge_slave_1: left promiscuous mode
[  244.971411][ T6019] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.228812][ T6019] bridge_slave_0: left allmulticast mode
[  246.228846][ T6019] bridge_slave_0: left promiscuous mode
[  246.229100][ T6019] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.879523][ T6909] syz.2.266 (6909) used greatest stack depth: 18424 bytes left
[  247.022419][ T6917] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  247.059986][ T6920] netlink: 8 bytes leftover after parsing attributes in process `syz.4.267'.
[  247.530975][ T6922] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  247.544207][   T37] audit: type=1326 audit(1758206676.745:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6918 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  247.718435][   T37] audit: type=1326 audit(1758206676.935:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6918 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  247.746056][   T37] audit: type=1326 audit(1758206676.965:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6918 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  247.746120][   T37] audit: type=1326 audit(1758206676.965:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6918 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  247.746170][   T37] audit: type=1326 audit(1758206676.965:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6918 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  247.746192][   T37] audit: type=1326 audit(1758206676.965:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6918 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  247.746214][   T37] audit: type=1326 audit(1758206676.965:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6918 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  247.746235][   T37] audit: type=1326 audit(1758206676.965:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6918 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  247.746255][   T37] audit: type=1326 audit(1758206676.965:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6918 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  247.746277][   T37] audit: type=1326 audit(1758206676.965:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6918 comm="syz.2.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  248.016927][ T6019] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  248.142863][ T6019] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  248.206523][ T6019] bond0 (unregistering): Released all slaves
[  248.285271][ T6672] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.285411][ T6672] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.285592][ T6672] bridge_slave_0: entered allmulticast mode
[  248.335771][ T6672] bridge_slave_0: entered promiscuous mode
[  248.340327][ T6915] netlink: 8 bytes leftover after parsing attributes in process `syz.1.268'.
[  248.399420][ T6925] vcan0: MTU too low for tipc bearer
[  248.399453][ T6925] tipc: Enabling of bearer <eth:vcan0> rejected, failed to enable media
[  248.409375][ T6672] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.409517][ T6672] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.409748][ T6672] bridge_slave_1: entered allmulticast mode
[  248.459786][ T6672] bridge_slave_1: entered promiscuous mode
[  249.932535][ T6672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  251.979345][ T6019] hsr_slave_0: left promiscuous mode
[  252.079440][ T6019] hsr_slave_1: left promiscuous mode
[  252.080037][ T6019] batman_adv: batadv0: Removing interface: batadv_slave_0
[  252.157445][ T6019] batman_adv: batadv0: Removing interface: batadv_slave_1
[  252.485613][ T6957] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  254.981076][ T5930] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  254.986206][ T6019] team0 (unregistering): Port device team_slave_1 removed
[  255.174056][ T5930] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  255.174112][ T5930] usb 2-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  255.174154][ T5930] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  255.174176][ T5930] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.298395][ T5930] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  255.443790][ T6019] team0 (unregistering): Port device team_slave_0 removed
[  255.725414][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  255.725458][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  255.791871][ T5930] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -2
[  257.448311][ T6672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  257.448571][ T6955] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  257.450509][ T6972] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  257.669075][ T6977] program syz.4.285 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  258.035938][ T6981] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  259.033475][ T5930] usb 2-1: USB disconnect, device number 4
[  259.048227][ T6972] delete_channel: no stack
[  259.509258][ T6672] team0: Port device team_slave_0 added
[  259.555976][ T6672] team0: Port device team_slave_1 added
[  260.820246][ T7007] program syz.3.296 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  260.957159][ T6672] batman_adv: batadv0: Adding interface: batadv_slave_0
[  260.957175][ T6672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.957198][ T6672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  260.994828][ T6672] batman_adv: batadv0: Adding interface: batadv_slave_1
[  260.994846][ T6672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.994869][ T6672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  261.598095][ T6672] hsr_slave_0: entered promiscuous mode
[  261.664524][ T6672] hsr_slave_1: entered promiscuous mode
[  261.696481][ T6672] debugfs: 'hsr0' already exists in 'hsr'
[  261.696510][ T6672] Cannot create hsr debugfs directory
[  262.676929][    C0] vkms_vblank_simulate: vblank timer overrun
[  262.749606][    C0] vkms_vblank_simulate: vblank timer overrun
[  263.030843][ T7025] netlink: 16 bytes leftover after parsing attributes in process `syz.2.299'.
[  263.468940][ T7035] F2FS-fs: Conflicting test_dummy_encryption options
[  268.233119][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.691797][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.785604][    C0] vkms_vblank_simulate: vblank timer overrun
[  269.045968][ T6672] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  269.097797][ T6672] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  270.062404][ T6672] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  270.242433][ T6672] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  270.707203][ T7109] netlink: 60 bytes leftover after parsing attributes in process `syz.3.319'.
[  270.707822][ T7109] unsupported nlmsg_type 40
[  271.707991][ T6672] 8021q: adding VLAN 0 to HW filter on device bond0
[  277.116048][    C1] vkms_vblank_simulate: vblank timer overrun
[  277.173687][ T5156] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  277.199603][ T5156] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  277.219529][ T5156] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  277.236584][ T5156] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  277.242188][ T5156] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  277.838899][    C1] vkms_vblank_simulate: vblank timer overrun
[  278.860723][ T7174] mmap: syz.1.335 (7174) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  279.315684][ T5844] Bluetooth: hci5: command tx timeout
[  279.511000][    C1] vkms_vblank_simulate: vblank timer overrun
[  279.840145][    C1] vkms_vblank_simulate: vblank timer overrun
[  280.211651][    C1] vkms_vblank_simulate: vblank timer overrun
[  280.767300][    C1] vkms_vblank_simulate: vblank timer overrun
[  281.601493][    C1] vkms_vblank_simulate: vblank timer overrun
[  281.603257][ T5844] Bluetooth: hci5: command tx timeout
[  283.656414][ T5844] Bluetooth: hci5: command tx timeout
[  284.384518][ T7151] chnl_net:caif_netlink_parms(): no params data found
[  286.047491][ T5844] Bluetooth: hci5: command tx timeout
[  290.050179][ T7151] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.050266][ T7151] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.050429][ T7151] bridge_slave_0: entered allmulticast mode
[  290.052407][ T7151] bridge_slave_0: entered promiscuous mode
[  290.055194][ T7151] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.069374][ T7151] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.069582][ T7151] bridge_slave_1: entered allmulticast mode
[  290.141292][ T7151] bridge_slave_1: entered promiscuous mode
[  290.733394][ T7151] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  290.805521][ T7151] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  293.091308][ T7151] team0: Port device team_slave_0 added
[  293.150967][ T7151] team0: Port device team_slave_1 added
[  296.733939][ T7151] batman_adv: batadv0: Adding interface: batadv_slave_0
[  296.733950][ T7151] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.733963][ T7151] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  296.737744][ T7151] batman_adv: batadv0: Adding interface: batadv_slave_1
[  296.737757][ T7151] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.737774][ T7151] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  297.768611][ T7151] hsr_slave_0: entered promiscuous mode
[  297.779511][ T7151] hsr_slave_1: entered promiscuous mode
[  297.805382][ T7151] debugfs: 'hsr0' already exists in 'hsr'
[  297.805409][ T7151] Cannot create hsr debugfs directory
[  297.806507][   T70] bridge_slave_1: left allmulticast mode
[  297.806535][   T70] bridge_slave_1: left promiscuous mode
[  297.808301][   T70] bridge0: port 2(bridge_slave_1) entered disabled state
[  299.047235][   T70] bridge_slave_0: left allmulticast mode
[  299.047266][   T70] bridge_slave_0: left promiscuous mode
[  299.047527][   T70] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.608617][ T6519] IPVS: starting estimator thread 0...
[  304.661026][ T7388] fuse: Bad value for 'fd'
[  304.749484][ T7385] IPVS: using max 7 ests per chain, 16800 per kthread
[  305.059876][ T6519] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  305.398293][ T6519] usb 2-1: config index 0 descriptor too short (expected 45, got 36)
[  305.400639][ T6519] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  305.400726][ T6519] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  305.400842][ T6519] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  305.400954][ T6519] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  305.401193][ T6519] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  305.401275][ T6519] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.711051][ T6519] usb 2-1: config 0 descriptor??
[  305.712082][ T7389] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  306.259947][   T70] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  306.271229][ T6519] plantronics 0003:047F:FFFF.0002: reserved main item tag 0xd
[  307.142542][ T6519] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  307.318823][ T5908] usb 2-1: USB disconnect, device number 5
[  307.425366][   T70] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  307.541729][   T70] bond0 (unregistering): Released all slaves
[  310.547794][   T70] hsr_slave_0: left promiscuous mode
[  310.883244][   T70] hsr_slave_1: left promiscuous mode
[  311.065497][   T70] batman_adv: batadv0: Removing interface: batadv_slave_0
[  311.110617][   T70] batman_adv: batadv0: Removing interface: batadv_slave_1
[  313.341880][ T7457] loop8: detected capacity change from 0 to 7
[  313.402422][ T7457] Dev loop8: unable to read RDB block 7
[  313.402469][ T7457]  loop8: AHDI p1 p2 p3
[  313.402635][ T7457] loop8: partition table partially beyond EOD, truncated
[  313.411416][ T7457] loop8: p1 start 1601398130 is beyond EOD, truncated
[  313.411434][ T7457] loop8: p2 start 1702059890 is beyond EOD, truncated
[  313.774682][ T7146] Dev loop8: unable to read RDB block 7
[  313.774705][ T7146]  loop8: AHDI p1 p2 p3
[  313.774723][ T7146] loop8: partition table partially beyond EOD, truncated
[  313.775926][ T7146] loop8: p1 start 1601398130 is beyond EOD, truncated
[  313.775939][ T7146] loop8: p2 start 1702059890 is beyond EOD, truncated
[  314.948352][   T70] team0 (unregistering): Port device team_slave_1 removed
[  315.219899][   T70] team0 (unregistering): Port device team_slave_0 removed
[  316.777276][    C1] vkms_vblank_simulate: vblank timer overrun
[  317.155901][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  317.155972][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  320.770137][ T5908] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  320.927793][ T5908] usb 2-1: Using ep0 maxpacket: 8
[  320.958573][ T7519] netlink: 8 bytes leftover after parsing attributes in process `syz.1.419'.
[  321.070528][ T7519] syz_tun: entered promiscuous mode
[  321.197546][ T7519] syz_tun: left promiscuous mode
[  322.312442][ T5908] usb 2-1: unable to get BOS descriptor or descriptor too short
[  322.313368][ T5908] usb 2-1: unable to read config index 0 descriptor/start: -71
[  322.313388][ T5908] usb 2-1: can't read configurations, error -71
[  324.438642][ T7537] bridge0: port 2(bridge_slave_1) entered disabled state
[  324.440101][ T7537] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.260322][ T7537] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  327.373285][ T7537] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  328.369313][ T5908] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  328.521732][ T5908] usb 2-1: Using ep0 maxpacket: 16
[  328.525571][ T5908] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  328.526784][ T5908] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  328.526868][ T5908] usb 2-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  328.526900][ T5908] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.592844][ T5908] usb 2-1: config 0 descriptor??
[  328.618891][ T7578] sg_read: process 321 (syz.2.431) changed security contexts after opening file descriptor, this is not allowed.
[  329.068332][ T5908] logitech 0003:046D:C29C.0003: reserved main item tag 0xe
[  329.068516][ T5908] logitech 0003:046D:C29C.0003: unknown main item tag 0x0
[  329.068536][ T5908] logitech 0003:046D:C29C.0003: unknown global tag 0xd
[  329.068543][ T5908] logitech 0003:046D:C29C.0003: item 0 2 1 13 parsing failed
[  329.069026][ T5908] logitech 0003:046D:C29C.0003: parse failed
[  329.069081][ T5908] logitech 0003:046D:C29C.0003: probe with driver logitech failed with error -22
[  329.434747][ T6519] usb 2-1: USB disconnect, device number 8
[  329.459326][ T3996] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  329.531863][ T6185] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  329.541415][ T6185] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  329.557667][ T7151] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  330.174487][ T6185] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  330.193201][ T7151] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  330.316847][ T7151] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  330.437284][ T7151] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  336.094251][ T5156] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  336.121020][ T5156] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  336.122918][ T5156] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  336.124260][ T5156] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  336.125871][ T5156] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  338.189255][ T5156] Bluetooth: hci3: command tx timeout
[  338.229500][ T7653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.451'.
[  340.329248][ T5156] Bluetooth: hci3: command tx timeout
[  342.023127][ T7639] chnl_net:caif_netlink_parms(): no params data found
[  342.357698][ T5156] Bluetooth: hci3: command tx timeout
[  343.526462][   T31] IPVS: starting estimator thread 0...
[  343.610397][ T7699] IPVS: using max 8 ests per chain, 19200 per kthread
[  343.715275][ T7693] pim6reg: entered allmulticast mode
[  344.429308][ T5156] Bluetooth: hci3: command tx timeout
[  345.491000][ T7639] bridge0: port 1(bridge_slave_0) entered blocking state
[  345.491127][ T7639] bridge0: port 1(bridge_slave_0) entered disabled state
[  345.491256][ T7639] bridge_slave_0: entered allmulticast mode
[  345.501629][ T7639] bridge_slave_0: entered promiscuous mode
[  345.520756][ T7639] bridge0: port 2(bridge_slave_1) entered blocking state
[  345.520964][ T7639] bridge0: port 2(bridge_slave_1) entered disabled state
[  345.521164][ T7639] bridge_slave_1: entered allmulticast mode
[  345.528615][ T7639] bridge_slave_1: entered promiscuous mode
[  345.630426][ T5844] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  345.644278][ T5844] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  345.649498][ T5844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  345.651078][ T5844] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  345.652906][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  345.838736][ T1411] bridge_slave_1: left allmulticast mode
[  345.838768][ T1411] bridge_slave_1: left promiscuous mode
[  345.839023][ T1411] bridge0: port 2(bridge_slave_1) entered disabled state
[  346.013281][ T1411] bridge_slave_0: left allmulticast mode
[  346.013303][ T1411] bridge_slave_0: left promiscuous mode
[  346.013521][ T1411] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.709522][ T5844] Bluetooth: hci0: command tx timeout
[  348.882150][ T1411] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  349.241467][ T1411] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  349.309391][ T1411] bond0 (unregistering): Released all slaves
[  349.534359][ T7733] netlink: 60 bytes leftover after parsing attributes in process `syz.3.473'.
[  349.587809][ T7639] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  349.634819][ T7639] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  349.798188][ T5844] Bluetooth: hci0: command tx timeout
[  350.672213][ T1411] hsr_slave_0: left promiscuous mode
[  350.710046][ T1411] hsr_slave_1: left promiscuous mode
[  350.711087][ T1411] batman_adv: batadv0: Removing interface: batadv_slave_0
[  351.033651][ T1411] batman_adv: batadv0: Removing interface: batadv_slave_1
[  351.869971][ T5844] Bluetooth: hci0: command tx timeout
[  353.169798][ T1411] team0 (unregistering): Port device team_slave_1 removed
[  353.494623][ T1411] team0 (unregistering): Port device team_slave_0 removed
[  353.949216][ T5844] Bluetooth: hci0: command tx timeout
[  355.281091][ T7767] netlink: 24 bytes leftover after parsing attributes in process `syz.2.484'.
[  355.461990][ T7639] team0: Port device team_slave_0 added
[  355.506884][ T7639] team0: Port device team_slave_1 added
[  355.871419][ T7789] binder: 7784:7789 ioctl c018620c 200000000100 returned -1
[  356.048885][ T7639] batman_adv: batadv0: Adding interface: batadv_slave_0
[  356.048901][ T7639] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  356.048925][ T7639] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  356.213447][ T7639] batman_adv: batadv0: Adding interface: batadv_slave_1
[  356.213462][ T7639] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  356.213486][ T7639] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  357.238849][ T7639] hsr_slave_0: entered promiscuous mode
[  357.241052][ T7639] hsr_slave_1: entered promiscuous mode
[  357.253967][ T7639] debugfs: 'hsr0' already exists in 'hsr'
[  357.253994][ T7639] Cannot create hsr debugfs directory
[  357.859526][ T7814] fuse: Bad value for 'fd'
[  358.602480][  T991] IPVS: starting estimator thread 0...
[  358.769315][ T7830] IPVS: using max 7 ests per chain, 16800 per kthread
[  359.906959][ T1411] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.578258][ T1411] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.016210][ T7710] chnl_net:caif_netlink_parms(): no params data found
[  361.043083][ T7851] fuse: Bad value for 'fd'
[  361.564812][ T1411] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.523925][ T1411] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.503340][ T7710] bridge0: port 1(bridge_slave_0) entered blocking state
[  363.503504][ T7710] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.503730][ T7710] bridge_slave_0: entered allmulticast mode
[  363.548285][ T7710] bridge_slave_0: entered promiscuous mode
[  364.018033][ T7710] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.018113][ T7710] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.018276][ T7710] bridge_slave_1: entered allmulticast mode
[  364.022217][ T7710] bridge_slave_1: entered promiscuous mode
[  365.612057][ T7710] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  366.375971][ T7710] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  367.036327][ T7710] team0: Port device team_slave_0 added
[  367.046329][ T7710] team0: Port device team_slave_1 added
[  367.337893][ T1411] bridge_slave_1: left allmulticast mode
[  367.337926][ T1411] bridge_slave_1: left promiscuous mode
[  367.338228][ T1411] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.461015][ T1411] bridge_slave_0: left allmulticast mode
[  367.461037][ T1411] bridge_slave_0: left promiscuous mode
[  367.461230][ T1411] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.283850][ T7923] Bluetooth: MGMT ver 1.23
[  370.139980][  T991] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  370.346039][  T991] usb 3-1: Using ep0 maxpacket: 32
[  370.360871][  T991] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  370.360897][  T991] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  370.360912][  T991] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  370.360945][  T991] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  370.360955][  T991] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  370.360968][  T991] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  370.361002][  T991] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  370.361013][  T991] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  370.365675][  T991] usb 3-1: config 0 descriptor??
[  370.594760][  T991] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 5 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  371.872634][ T7948] netlink: 8 bytes leftover after parsing attributes in process `syz.4.531'.
[  372.305398][ T1411] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  372.380861][ T1411] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  372.409933][ T1411] bond0 (unregistering): Released all slaves
[  373.691509][ T5930] usb 3-1: USB disconnect, device number 5
[  373.716491][ T5930] usblp0: removed
[  374.383013][ T7710] batman_adv: batadv0: Adding interface: batadv_slave_0
[  374.383024][ T7710] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.383038][ T7710] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  374.388615][ T7710] batman_adv: batadv0: Adding interface: batadv_slave_1
[  374.388625][ T7710] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.388638][ T7710] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  375.824057][ T7710] hsr_slave_0: entered promiscuous mode
[  375.824802][ T7710] hsr_slave_1: entered promiscuous mode
[  375.825279][ T7710] debugfs: 'hsr0' already exists in 'hsr'
[  375.825293][ T7710] Cannot create hsr debugfs directory
[  376.085672][ T7962] loop8: detected capacity change from 0 to 7
[  376.208006][ T7639] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  376.288589][ T7962] Dev loop8: unable to read RDB block 7
[  376.288627][ T7962]  loop8: AHDI p1 p2 p3
[  376.288659][ T7962] loop8: partition table partially beyond EOD, truncated
[  376.288917][ T7962] loop8: p1 start 1601398130 is beyond EOD, truncated
[  376.288936][ T7962] loop8: p2 start 1702059890 is beyond EOD, truncated
[  376.364399][ T7964] Dev loop8: unable to read RDB block 7
[  376.364433][ T7964]  loop8: AHDI p1 p2 p3
[  376.364463][ T7964] loop8: partition table partially beyond EOD, truncated
[  376.364712][ T7964] loop8: p1 start 1601398130 is beyond EOD, truncated
[  376.364730][ T7964] loop8: p2 start 1702059890 is beyond EOD, truncated
[  376.664442][ T7639] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  376.983124][ T1411] hsr_slave_0: left promiscuous mode
[  377.019829][ T1411] hsr_slave_1: left promiscuous mode
[  377.020437][ T1411] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  377.020454][ T1411] batman_adv: batadv0: Removing interface: batadv_slave_0
[  377.082059][ T1411] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  377.082079][ T1411] batman_adv: batadv0: Removing interface: batadv_slave_1
[  377.294851][ T1411] veth1_macvtap: left promiscuous mode
[  377.294923][ T1411] veth0_macvtap: left promiscuous mode
[  377.297463][ T1411] veth1_vlan: left promiscuous mode
[  377.298386][ T1411] veth0_vlan: left promiscuous mode
[  378.440462][    C0] vkms_vblank_simulate: vblank timer overrun
[  378.465785][    C0] vkms_vblank_simulate: vblank timer overrun
[  378.595563][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  378.595648][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  380.569494][ T5930] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  380.725175][ T5930] usb 4-1: config 0 has no interfaces?
[  380.728890][ T5930] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  380.728907][ T5930] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  380.728917][ T5930] usb 4-1: Product: syz
[  380.728924][ T5930] usb 4-1: Manufacturer: syz
[  380.728931][ T5930] usb 4-1: SerialNumber: syz
[  380.783646][ T5930] usb 4-1: config 0 descriptor??
[  381.052021][ T8007] loop6: detected capacity change from 0 to 524288000
[  381.234220][ T8015] support for the xor transformation has been removed.
[  385.981001][ T1411] team0 (unregistering): Port device team_slave_1 removed
[  386.466611][ T1411] team0 (unregistering): Port device team_slave_0 removed
[  391.321135][ T7639] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  391.519285][ T5908] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  391.548426][   T10] infiniband syz1: ib_query_port failed (-19)
[  391.561148][ T7639] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  391.634879][ T5839] usb 4-1: USB disconnect, device number 3
[  391.694856][ T5908] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  391.694906][ T5908] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  391.694927][ T5908] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.705378][ T5908] usb 3-1: config 0 descriptor??
[  391.991976][ T5908] usbhid 3-1:0.0: can't add hid device: -71
[  391.992103][ T5908] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  392.022239][ T5908] usb 3-1: USB disconnect, device number 6
[  392.513025][ T5908] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  392.669769][ T5908] usb 3-1: Using ep0 maxpacket: 16
[  392.676643][ T5908] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  392.676692][ T5908] usb 3-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[  392.676715][ T5908] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  392.684281][ T5908] usb 3-1: config 0 descriptor??
[  393.151015][ T5908] kye 0003:0458:5016.0004: control desc unexpectedly large
[  393.216989][ T5908] input: HID 0458:5016 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5016.0004/input/input10
[  393.435590][ T5908] input: HID 0458:5016 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5016.0004/input/input11
[  393.591046][ T5908] kye 0003:0458:5016.0004: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.2-1/input0
[  393.649822][ T7639] 8021q: adding VLAN 0 to HW filter on device bond0
[  393.953657][ T7710] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  394.042848][ T7710] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  394.109259][ T7710] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  394.126748][ T6519] usb 3-1: USB disconnect, device number 7
[  394.183519][ T7710] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  394.243471][ T8117] fido_id[8117]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  395.432297][ T5156] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  395.454942][ T5156] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  395.458157][ T5156] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  395.476172][ T5156] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  395.479351][ T5156] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  395.625191][ T8141] netlink: 6 bytes leftover after parsing attributes in process `syz.3.587'.
[  395.625215][ T8141] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  397.589195][ T5156] Bluetooth: hci3: command tx timeout
[  398.107904][ T8188] fuse: Bad value for 'fd'
[  398.334243][ T7710] 8021q: adding VLAN 0 to HW filter on device bond0
[  399.050028][ T7710] 8021q: adding VLAN 0 to HW filter on device team0
[  399.729156][ T5156] Bluetooth: hci3: command tx timeout
[  399.760147][ T6185] bridge0: port 1(bridge_slave_0) entered blocking state
[  399.760299][ T6185] bridge0: port 1(bridge_slave_0) entered forwarding state
[  400.701361][ T1728] bridge0: port 2(bridge_slave_1) entered blocking state
[  400.702422][ T1728] bridge0: port 2(bridge_slave_1) entered forwarding state
[  401.790579][ T5156] Bluetooth: hci3: command tx timeout
[  402.619600][ T8149] chnl_net:caif_netlink_parms(): no params data found
[  403.949684][ T5156] Bluetooth: hci3: command tx timeout
[  404.120177][ T5844] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  404.212896][ T5844] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  404.233275][ T5844] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  404.259499][ T5844] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  404.267532][ T5844] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  404.906843][ T4308] bridge_slave_1: left allmulticast mode
[  404.906874][ T4308] bridge_slave_1: left promiscuous mode
[  404.907131][ T4308] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.030767][ T4308] bridge_slave_0: left allmulticast mode
[  405.030800][ T4308] bridge_slave_0: left promiscuous mode
[  405.031081][ T4308] bridge0: port 1(bridge_slave_0) entered disabled state
[  406.349235][ T5156] Bluetooth: hci5: command tx timeout
[  408.429350][ T5156] Bluetooth: hci5: command tx timeout
[  410.510196][ T5156] Bluetooth: hci5: command tx timeout
[  410.761260][ T4308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  410.871259][ T4308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  410.966073][ T4308] bond0 (unregistering): Released all slaves
[  412.576629][ T8149] bridge0: port 1(bridge_slave_0) entered blocking state
[  412.576852][ T8149] bridge0: port 1(bridge_slave_0) entered disabled state
[  412.577027][ T8149] bridge_slave_0: entered allmulticast mode
[  412.589267][ T5156] Bluetooth: hci5: command tx timeout
[  412.593484][ T8149] bridge_slave_0: entered promiscuous mode
[  412.844259][ T4308] hsr_slave_0: left promiscuous mode
[  413.057938][ T4308] hsr_slave_1: left promiscuous mode
[  413.081619][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  413.798558][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  416.139928][ T4308] team0 (unregistering): Port device team_slave_1 removed
[  416.294090][ T4308] team0 (unregistering): Port device team_slave_0 removed
[  417.679561][ T8149] bridge0: port 2(bridge_slave_1) entered blocking state
[  417.679706][ T8149] bridge0: port 2(bridge_slave_1) entered disabled state
[  417.679957][ T8149] bridge_slave_1: entered allmulticast mode
[  417.686165][ T8149] bridge_slave_1: entered promiscuous mode
[  418.073990][ T8149] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  418.096761][ T8149] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  418.562722][ T8149] team0: Port device team_slave_0 added
[  418.634256][ T8149] team0: Port device team_slave_1 added
[  419.441277][ T8149] batman_adv: batadv0: Adding interface: batadv_slave_0
[  419.441293][ T8149] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.441316][ T8149] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  419.575022][ T8149] batman_adv: batadv0: Adding interface: batadv_slave_1
[  419.575034][ T8149] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.575048][ T8149] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  420.425846][ T8149] hsr_slave_0: entered promiscuous mode
[  420.428120][ T8149] hsr_slave_1: entered promiscuous mode
[  420.468861][ T8149] debugfs: 'hsr0' already exists in 'hsr'
[  420.468888][ T8149] Cannot create hsr debugfs directory
[  422.628246][ T8490] sd 0:0:1:0: device reset
[  426.042221][ T8278] chnl_net:caif_netlink_parms(): no params data found
[  429.965637][ T8278] bridge0: port 1(bridge_slave_0) entered blocking state
[  429.965718][ T8278] bridge0: port 1(bridge_slave_0) entered disabled state
[  429.965885][ T8278] bridge_slave_0: entered allmulticast mode
[  429.967408][ T8278] bridge_slave_0: entered promiscuous mode
[  429.979537][ T8278] bridge0: port 2(bridge_slave_1) entered blocking state
[  429.979617][ T8278] bridge0: port 2(bridge_slave_1) entered disabled state
[  429.979755][ T8278] bridge_slave_1: entered allmulticast mode
[  429.981205][ T8278] bridge_slave_1: entered promiscuous mode
[  430.480917][ T8278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  430.791888][ T8278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  431.103735][ T5844] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  431.105960][ T5844] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  431.126585][ T5844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  431.157591][ T5844] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  431.183541][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  431.691640][ T8278] team0: Port device team_slave_0 added
[  432.096613][ T8278] team0: Port device team_slave_1 added
[  432.392422][ T8278] batman_adv: batadv0: Adding interface: batadv_slave_0
[  432.392437][ T8278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  432.392459][ T8278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  432.397136][ T8278] batman_adv: batadv0: Adding interface: batadv_slave_1
[  432.397149][ T8278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  432.397171][ T8278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  432.669521][ T4308] bridge_slave_1: left allmulticast mode
[  432.669552][ T4308] bridge_slave_1: left promiscuous mode
[  432.669828][ T4308] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.760995][ T4308] bridge_slave_0: left allmulticast mode
[  432.761028][ T4308] bridge_slave_0: left promiscuous mode
[  432.761295][ T4308] bridge0: port 1(bridge_slave_0) entered disabled state
[  433.239209][ T5844] Bluetooth: hci0: command tx timeout
[  435.309507][ T5844] Bluetooth: hci0: command tx timeout
[  436.677661][ T4308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  437.330978][ T8596] sd 0:0:1:0: device reset
[  437.389259][ T5844] Bluetooth: hci0: command tx timeout
[  437.433276][ T4308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  437.502616][ T4308] bond0 (unregistering): Released all slaves
[  437.954541][ T8278] hsr_slave_0: entered promiscuous mode
[  437.955719][ T8278] hsr_slave_1: entered promiscuous mode
[  437.956519][ T8278] debugfs: 'hsr0' already exists in 'hsr'
[  437.956539][ T8278] Cannot create hsr debugfs directory
[  438.791075][ T4308] hsr_slave_0: left promiscuous mode
[  438.837690][ T4308] hsr_slave_1: left promiscuous mode
[  438.838385][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  438.859500][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  439.471374][ T5844] Bluetooth: hci0: command tx timeout
[  440.038111][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  440.038187][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  440.950309][ T8624] netlink: 4 bytes leftover after parsing attributes in process `syz.2.724'.
[  442.297762][ T4308] team0 (unregistering): Port device team_slave_1 removed
[  442.523425][ T4308] team0 (unregistering): Port device team_slave_0 removed
[  444.615872][ T8149] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  444.710219][ T8643] netlink: 8 bytes leftover after parsing attributes in process `syz.2.728'.
[  444.817730][ T8149] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  444.901565][ T8149] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  445.031742][ T8149] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  447.722486][ T8540] chnl_net:caif_netlink_parms(): no params data found
[  448.013706][ T8667] blktrace: Concurrent blktraces are not allowed on sg0
[  449.017003][ T8675] Bluetooth: MGMT ver 1.23
[  449.919964][ T8540] bridge0: port 1(bridge_slave_0) entered blocking state
[  449.920113][ T8540] bridge0: port 1(bridge_slave_0) entered disabled state
[  449.920362][ T8540] bridge_slave_0: entered allmulticast mode
[  449.929682][ T8540] bridge_slave_0: entered promiscuous mode
[  449.969513][ T8540] bridge0: port 2(bridge_slave_1) entered blocking state
[  449.969649][ T8540] bridge0: port 2(bridge_slave_1) entered disabled state
[  449.969888][ T8540] bridge_slave_1: entered allmulticast mode
[  449.987199][ T8540] bridge_slave_1: entered promiscuous mode
[  450.242546][ T8540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  450.922658][ T8540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  451.892565][ T8278] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  451.995816][ T8540] team0: Port device team_slave_0 added
[  452.005060][ T8278] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  452.118747][ T8149] 8021q: adding VLAN 0 to HW filter on device bond0
[  452.143943][ T8540] team0: Port device team_slave_1 added
[  452.149749][ T8278] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  452.481640][ T8278] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  452.732975][ T8540] batman_adv: batadv0: Adding interface: batadv_slave_0
[  452.732985][ T8540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  452.732999][ T8540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  452.880765][ T8540] batman_adv: batadv0: Adding interface: batadv_slave_1
[  452.880781][ T8540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  452.880806][ T8540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  453.414757][ T8149] 8021q: adding VLAN 0 to HW filter on device team0
[  453.416068][ T4308] bridge_slave_1: left allmulticast mode
[  453.416097][ T4308] bridge_slave_1: left promiscuous mode
[  453.416369][ T4308] bridge0: port 2(bridge_slave_1) entered disabled state
[  453.485184][ T4308] bridge_slave_0: left allmulticast mode
[  453.485246][ T4308] bridge_slave_0: left promiscuous mode
[  453.485420][ T4308] bridge0: port 1(bridge_slave_0) entered disabled state
[  455.129932][ T4308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  455.180268][ T5156] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  455.195694][ T5156] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  455.197358][ T5156] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  455.198597][ T5156] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  455.199914][ T5156] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  455.254642][ T4308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  455.287704][ T4308] bond0 (unregistering): Released all slaves
[  455.543390][ T8540] hsr_slave_0: entered promiscuous mode
[  455.544715][ T8540] hsr_slave_1: entered promiscuous mode
[  455.545601][ T8540] debugfs: 'hsr0' already exists in 'hsr'
[  455.545623][ T8540] Cannot create hsr debugfs directory
[  457.325186][ T5156] Bluetooth: hci2: command tx timeout
[  458.353325][ T4308] hsr_slave_0: left promiscuous mode
[  458.389239][ T4308] hsr_slave_1: left promiscuous mode
[  458.390248][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  458.430563][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  459.389273][ T5156] Bluetooth: hci2: command tx timeout
[  461.529429][ T5156] Bluetooth: hci2: command tx timeout
[  461.608009][   T37] kauditd_printk_skb: 867 callbacks suppressed
[  461.608045][   T37] audit: type=1326 audit(1758206890.785:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8746 comm="syz.4.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b2cceeba9 code=0x7fc00000
[  462.391636][ T4308] team0 (unregistering): Port device team_slave_1 removed
[  463.123222][ T4308] team0 (unregistering): Port device team_slave_0 removed
[  464.039469][ T5156] Bluetooth: hci2: command tx timeout
[  464.141808][ T8783] sd 0:0:1:0: device reset
[  465.436844][ T5156] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  465.450505][ T5156] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  465.452734][ T5156] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  465.454624][ T5156] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  465.455526][ T5156] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  465.653166][ T8795] fuse: Bad value for 'group_id'
[  465.653185][ T8795] fuse: Bad value for 'group_id'
[  465.915384][   T37] audit: type=1326 audit(1758206895.135:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8796 comm="syz.2.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  466.992059][   T37] audit: type=1326 audit(1758206896.205:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8796 comm="syz.2.773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  467.549190][ T5156] Bluetooth: hci3: command tx timeout
[  467.571741][ T8809] netlink: 4 bytes leftover after parsing attributes in process `syz.2.775'.
[  469.629507][ T5156] Bluetooth: hci3: command tx timeout
[  470.550141][ T8540] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  470.644605][ T8540] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  470.773441][ T8836] sd 0:0:1:0: device reset
[  471.533445][ T8540] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  471.599576][ T8719] chnl_net:caif_netlink_parms(): no params data found
[  471.676493][ T8540] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  471.709197][ T5156] Bluetooth: hci3: command tx timeout
[  471.791863][ T4308] IPVS: stop unused estimator thread 0...
[  473.841415][ T5156] Bluetooth: hci3: command tx timeout
[  474.744739][ T8719] bridge0: port 1(bridge_slave_0) entered blocking state
[  474.744950][ T8719] bridge0: port 1(bridge_slave_0) entered disabled state
[  474.745186][ T8719] bridge_slave_0: entered allmulticast mode
[  474.779806][ T8719] bridge_slave_0: entered promiscuous mode
[  474.805181][ T8788] chnl_net:caif_netlink_parms(): no params data found
[  474.859916][ T8719] bridge0: port 2(bridge_slave_1) entered blocking state
[  474.860063][ T8719] bridge0: port 2(bridge_slave_1) entered disabled state
[  474.860285][ T8719] bridge_slave_1: entered allmulticast mode
[  474.879620][ T8719] bridge_slave_1: entered promiscuous mode
[  476.666307][ T8719] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  477.005923][ T8719] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  477.495562][ T8719] team0: Port device team_slave_0 added
[  477.574044][ T8719] team0: Port device team_slave_1 added
[  477.577755][ T8788] bridge0: port 1(bridge_slave_0) entered blocking state
[  477.577995][ T8788] bridge0: port 1(bridge_slave_0) entered disabled state
[  477.578176][ T8788] bridge_slave_0: entered allmulticast mode
[  477.598027][ T8788] bridge_slave_0: entered promiscuous mode
[  477.746392][ T8788] bridge0: port 2(bridge_slave_1) entered blocking state
[  477.746550][ T8788] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.746769][ T8788] bridge_slave_1: entered allmulticast mode
[  477.770916][ T8788] bridge_slave_1: entered promiscuous mode
[  478.081691][ T8719] batman_adv: batadv0: Adding interface: batadv_slave_0
[  478.081705][ T8719] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  478.081723][ T8719] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  478.251771][ T8719] batman_adv: batadv0: Adding interface: batadv_slave_1
[  478.251786][ T8719] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  478.251810][ T8719] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  478.274922][ T8788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  478.356648][ T8788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  479.175326][ T8788] team0: Port device team_slave_0 added
[  479.377216][ T8719] hsr_slave_0: entered promiscuous mode
[  479.378524][ T8719] hsr_slave_1: entered promiscuous mode
[  479.388512][ T8719] debugfs: 'hsr0' already exists in 'hsr'
[  479.388535][ T8719] Cannot create hsr debugfs directory
[  479.442738][ T8788] team0: Port device team_slave_1 added
[  480.102647][ T8788] batman_adv: batadv0: Adding interface: batadv_slave_0
[  480.102664][ T8788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  480.102695][ T8788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  480.236572][ T8788] batman_adv: batadv0: Adding interface: batadv_slave_1
[  480.236584][ T8788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  480.236597][ T8788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  482.324629][ T8788] hsr_slave_0: entered promiscuous mode
[  482.328779][ T8788] hsr_slave_1: entered promiscuous mode
[  482.341603][ T8788] debugfs: 'hsr0' already exists in 'hsr'
[  482.341630][ T8788] Cannot create hsr debugfs directory
[  483.364570][ T8540] 8021q: adding VLAN 0 to HW filter on device bond0
[  483.879686][   T37] audit: type=1326 audit(1758206913.085:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8955 comm="syz.2.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  484.108497][ T8540] 8021q: adding VLAN 0 to HW filter on device team0
[  484.267782][ T8971] sd 0:0:1:0: device reset
[  485.359871][ T4308] bridge_slave_1: left allmulticast mode
[  485.359902][ T4308] bridge_slave_1: left promiscuous mode
[  485.360173][ T4308] bridge0: port 2(bridge_slave_1) entered disabled state
[  485.461016][ T4308] bridge_slave_0: left allmulticast mode
[  485.461047][ T4308] bridge_slave_0: left promiscuous mode
[  485.461330][ T4308] bridge0: port 1(bridge_slave_0) entered disabled state
[  485.547587][ T4308] bridge_slave_1: left allmulticast mode
[  485.547620][ T4308] bridge_slave_1: left promiscuous mode
[  485.549229][ T4308] bridge0: port 2(bridge_slave_1) entered disabled state
[  485.613184][ T4308] bridge_slave_0: left allmulticast mode
[  485.613217][ T4308] bridge_slave_0: left promiscuous mode
[  485.613478][ T4308] bridge0: port 1(bridge_slave_0) entered disabled state
[  487.130169][ T4308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  487.164542][   T37] audit: type=1326 audit(1758206916.385:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8990 comm="syz.2.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  487.259802][ T4308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  487.344048][ T4308] bond0 (unregistering): Released all slaves
[  487.843891][   T37] audit: type=1326 audit(1758206917.055:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8990 comm="syz.2.811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  488.656755][ T9004] netlink: 4 bytes leftover after parsing attributes in process `syz.4.812'.
[  490.457690][ T4308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  490.570033][ T4308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  490.636528][ T4308] bond0 (unregistering): Released all slaves
[  490.735105][ T1508] bridge0: port 1(bridge_slave_0) entered blocking state
[  490.735193][ T1508] bridge0: port 1(bridge_slave_0) entered forwarding state
[  491.235491][ T5844] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  491.253029][ T5844] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  491.254260][ T5844] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  491.285125][ T5844] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  491.286398][ T5844] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  491.825386][ T4308] hsr_slave_0: left promiscuous mode
[  491.860289][ T4308] hsr_slave_1: left promiscuous mode
[  491.862259][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  491.934351][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  492.209588][   T37] audit: type=1326 audit(1758206921.415:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9031 comm="syz.4.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b2cceeba9 code=0x7fc00000
[  492.252406][ T4308] hsr_slave_0: left promiscuous mode
[  492.308665][ T4308] hsr_slave_1: left promiscuous mode
[  492.315671][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  492.367154][ T9041] sd 0:0:1:0: device reset
[  492.420032][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  492.855789][   T37] audit: type=1326 audit(1758206922.075:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9031 comm="syz.4.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8b2cceeba9 code=0x7fc00000
[  493.389388][ T5156] Bluetooth: hci5: command tx timeout
[  494.186832][ T9058] netlink: 4 bytes leftover after parsing attributes in process `syz.4.827'.
[  494.239912][ T4308] team0 (unregistering): Port device team_slave_1 removed
[  494.452144][ T4308] team0 (unregistering): Port device team_slave_0 removed
[  495.479096][ T5156] Bluetooth: hci5: command tx timeout
[  496.030110][ T4308] team0 (unregistering): Port device team_slave_1 removed
[  496.160642][ T4308] team0 (unregistering): Port device team_slave_0 removed
[  497.549265][ T5156] Bluetooth: hci5: command tx timeout
[  498.587949][ T9080] sd 0:0:1:0: device reset
[  499.629304][ T5156] Bluetooth: hci5: command tx timeout
[  500.164188][ T9016] chnl_net:caif_netlink_parms(): no params data found
[  501.179308][ T9016] bridge0: port 1(bridge_slave_0) entered blocking state
[  501.179521][ T9016] bridge0: port 1(bridge_slave_0) entered disabled state
[  501.179748][ T9016] bridge_slave_0: entered allmulticast mode
[  501.182540][ T9016] bridge_slave_0: entered promiscuous mode
[  501.231227][ T9016] bridge0: port 2(bridge_slave_1) entered blocking state
[  501.231437][ T9016] bridge0: port 2(bridge_slave_1) entered disabled state
[  501.231676][ T9016] bridge_slave_1: entered allmulticast mode
[  501.243634][ T9016] bridge_slave_1: entered promiscuous mode
[  501.486769][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  501.486845][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  501.920454][ T9016] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  501.979373][ T9016] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  501.979907][ T9136] netlink: 4 bytes leftover after parsing attributes in process `syz.4.840'.
[  502.033648][ T8719] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  502.599182][ T8719] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  502.806959][ T8719] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  502.868433][ T9016] team0: Port device team_slave_0 added
[  502.902521][ T9016] team0: Port device team_slave_1 added
[  502.913060][ T8719] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  503.539578][ T9016] batman_adv: batadv0: Adding interface: batadv_slave_0
[  503.539594][ T9016] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  503.539617][ T9016] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  503.667606][ T9016] batman_adv: batadv0: Adding interface: batadv_slave_1
[  503.667621][ T9016] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  503.667643][ T9016] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  504.024870][ T8788] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  504.533224][ T8788] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  504.660643][ T8788] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  504.760980][ T9016] hsr_slave_0: entered promiscuous mode
[  504.768863][ T9016] hsr_slave_1: entered promiscuous mode
[  504.770515][ T9016] debugfs: 'hsr0' already exists in 'hsr'
[  504.770538][ T9016] Cannot create hsr debugfs directory
[  504.772361][ T8788] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  506.865359][ T9180] netlink: 4 bytes leftover after parsing attributes in process `syz.2.850'.
[  508.427749][ T4308] bridge_slave_1: left allmulticast mode
[  508.427782][ T4308] bridge_slave_1: left promiscuous mode
[  508.428713][ T4308] bridge0: port 2(bridge_slave_1) entered disabled state
[  508.533181][ T4308] bridge_slave_0: left allmulticast mode
[  508.533214][ T4308] bridge_slave_0: left promiscuous mode
[  508.533486][ T4308] bridge0: port 1(bridge_slave_0) entered disabled state
[  508.612120][   T37] audit: type=1326 audit(1758206937.835:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9181 comm="syz.2.851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  512.195593][ T4308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  512.319696][ T4308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  512.441778][ T4308] bond0 (unregistering): Released all slaves
[  512.745088][ T8719] 8021q: adding VLAN 0 to HW filter on device bond0
[  512.871433][ T4308] hsr_slave_0: left promiscuous mode
[  512.884647][ T5930] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  512.912391][ T4308] hsr_slave_1: left promiscuous mode
[  512.913022][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  512.943173][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  513.049109][ T5930] usb 3-1: Using ep0 maxpacket: 8
[  513.052932][ T5930] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  513.052959][ T5930] usb 3-1: config 0 has no interface number 0
[  513.053009][ T5930] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  513.053051][ T5930] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  513.053072][ T5930] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  513.058429][ T5930] usb 3-1: config 0 descriptor??
[  513.132774][ T5930] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  513.300710][ T5930] usb 3-1: USB disconnect, device number 8
[  513.309263][   T37] audit: type=1326 audit(1758206942.525:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9219 comm="syz.4.864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b2cceeba9 code=0x7fc00000
[  514.290368][ T4308] team0 (unregistering): Port device team_slave_1 removed
[  514.563301][ T4308] team0 (unregistering): Port device team_slave_0 removed
[  516.737992][ T5844] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  516.774625][ T5844] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  516.797584][ T5844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  516.807516][ T5844] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  516.809830][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  518.909666][ T5156] Bluetooth: hci0: command tx timeout
[  519.220525][ T8788] 8021q: adding VLAN 0 to HW filter on device bond0
[  519.578862][   T37] audit: type=1326 audit(1758206948.795:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9259 comm="syz.2.875" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  519.899843][ T8788] 8021q: adding VLAN 0 to HW filter on device team0
[  520.059449][ T5916] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  520.168005][ T1508] bridge0: port 1(bridge_slave_0) entered blocking state
[  520.168100][ T1508] bridge0: port 1(bridge_slave_0) entered forwarding state
[  520.229173][ T5916] usb 3-1: Using ep0 maxpacket: 8
[  520.231707][ T5916] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  520.231728][ T5916] usb 3-1: config 0 has no interface number 0
[  520.231767][ T5916] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  520.231805][ T5916] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  520.231823][ T5916] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  520.288090][ T5916] usb 3-1: config 0 descriptor??
[  520.303697][ T5916] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  520.409718][ T9016] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  520.524923][ T5916] usb 3-1: USB disconnect, device number 9
[  520.798614][ T9016] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  520.845784][ T1411] bridge0: port 2(bridge_slave_1) entered blocking state
[  520.845878][ T1411] bridge0: port 2(bridge_slave_1) entered forwarding state
[  520.940773][ T9016] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  520.989198][ T5156] Bluetooth: hci0: command tx timeout
[  522.447225][ T9016] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  522.581252][ T9247] chnl_net:caif_netlink_parms(): no params data found
[  523.070721][ T5156] Bluetooth: hci0: command tx timeout
[  525.149358][ T5156] Bluetooth: hci0: command tx timeout
[  525.253274][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  525.268665][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  525.275499][ T5844] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  525.284234][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  525.288834][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  525.591967][ T9247] bridge0: port 1(bridge_slave_0) entered blocking state
[  525.599403][ T9247] bridge0: port 1(bridge_slave_0) entered disabled state
[  525.599643][ T9247] bridge_slave_0: entered allmulticast mode
[  525.602794][ T9247] bridge_slave_0: entered promiscuous mode
[  525.620679][ T9247] bridge0: port 2(bridge_slave_1) entered blocking state
[  525.620849][ T9247] bridge0: port 2(bridge_slave_1) entered disabled state
[  525.621064][ T9247] bridge_slave_1: entered allmulticast mode
[  525.629699][ T9247] bridge_slave_1: entered promiscuous mode
[  525.913022][ T9247] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  525.992104][ T9247] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  526.267327][   T37] audit: type=1326 audit(1758206955.485:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9305 comm="syz.2.884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffabd5deba9 code=0x7fc00000
[  527.389274][ T5844] Bluetooth: hci2: command tx timeout
[  527.407462][ T9247] team0: Port device team_slave_0 added
[  527.535128][ T9247] team0: Port device team_slave_1 added
[  528.227460][ T9247] batman_adv: batadv0: Adding interface: batadv_slave_0
[  528.227475][ T9247] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  528.227498][ T9247] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  528.327077][ T9247] batman_adv: batadv0: Adding interface: batadv_slave_1
[  528.327094][ T9247] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  528.327117][ T9247] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  528.329704][ T4308] bridge_slave_1: left allmulticast mode
[  528.329733][ T4308] bridge_slave_1: left promiscuous mode
[  528.329985][ T4308] bridge0: port 2(bridge_slave_1) entered disabled state
[  528.515123][ T4308] bridge_slave_0: left allmulticast mode
[  528.515144][ T4308] bridge_slave_0: left promiscuous mode
[  528.515314][ T4308] bridge0: port 1(bridge_slave_0) entered disabled state
[  529.469119][ T5844] Bluetooth: hci2: command tx timeout
[  530.701839][   T37] audit: type=1326 audit(1758206959.915:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9339 comm="syz.4.896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b2cceeba9 code=0x7fc00000
[  530.840094][ T4308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  530.920855][ T4308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  530.986778][ T4308] bond0 (unregistering): Released all slaves
[  531.552676][ T5844] Bluetooth: hci2: command tx timeout
[  532.477139][ T9247] hsr_slave_0: entered promiscuous mode
[  532.477947][ T9247] hsr_slave_1: entered promiscuous mode
[  532.478506][ T9247] debugfs: 'hsr0' already exists in 'hsr'
[  532.478523][ T9247] Cannot create hsr debugfs directory
[  532.620672][ T4308] hsr_slave_0: left promiscuous mode
[  532.640635][ T4308] hsr_slave_1: left promiscuous mode
[  532.641611][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  532.683260][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  533.509681][ T4308] team0 (unregistering): Port device team_slave_1 removed
[  533.629323][ T5844] Bluetooth: hci2: command tx timeout
[  533.689941][ T4308] team0 (unregistering): Port device team_slave_0 removed
[  534.249495][ T9364] sd 0:0:1:0: device reset
[  535.575443][ T9016] 8021q: adding VLAN 0 to HW filter on device bond0
[  536.331531][ T9303] chnl_net:caif_netlink_parms(): no params data found
[  536.551404][ T9388] netlink: 48 bytes leftover after parsing attributes in process `syz.2.910'.
[  536.741302][ T9016] 8021q: adding VLAN 0 to HW filter on device team0
[  536.943275][ T9396] sd 0:0:1:0: device reset
[  537.267744][  T151] bridge0: port 1(bridge_slave_0) entered blocking state
[  537.267878][  T151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  537.721416][ T9303] bridge0: port 1(bridge_slave_0) entered blocking state
[  537.722656][ T9303] bridge0: port 1(bridge_slave_0) entered disabled state
[  537.726817][ T9303] bridge_slave_0: entered allmulticast mode
[  537.955787][ T9303] bridge_slave_0: entered promiscuous mode
[  538.121965][  T151] bridge0: port 2(bridge_slave_1) entered blocking state
[  538.129202][  T151] bridge0: port 2(bridge_slave_1) entered forwarding state
[  538.231388][ T9303] bridge0: port 2(bridge_slave_1) entered blocking state
[  538.232987][ T9303] bridge0: port 2(bridge_slave_1) entered disabled state
[  538.233226][ T9303] bridge_slave_1: entered allmulticast mode
[  538.250152][ T9303] bridge_slave_1: entered promiscuous mode
[  539.518649][ T9303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  539.753300][ T9303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  540.331759][ T9303] team0: Port device team_slave_0 added
[  540.402483][ T9303] team0: Port device team_slave_1 added
[  540.722862][ T9424] sd 0:0:1:0: device reset
[  541.985778][ T9303] batman_adv: batadv0: Adding interface: batadv_slave_0
[  541.985793][ T9303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  541.985816][ T9303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  542.417567][ T9303] batman_adv: batadv0: Adding interface: batadv_slave_1
[  542.417584][ T9303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  542.417606][ T9303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  543.098835][ T9448] netlink: 4 bytes leftover after parsing attributes in process `syz.2.928'.
[  544.002895][ T9303] hsr_slave_0: entered promiscuous mode
[  544.004229][ T9303] hsr_slave_1: entered promiscuous mode
[  544.005111][ T9303] debugfs: 'hsr0' already exists in 'hsr'
[  544.005134][ T9303] Cannot create hsr debugfs directory
[  544.083502][ T9247] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  544.332493][ T9247] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  544.579059][ T9247] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  544.715223][ T9247] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  545.455306][ T4308] bridge_slave_1: left allmulticast mode
[  545.455339][ T4308] bridge_slave_1: left promiscuous mode
[  545.455604][ T4308] bridge0: port 2(bridge_slave_1) entered disabled state
[  545.531015][ T4308] bridge_slave_0: left allmulticast mode
[  545.531048][ T4308] bridge_slave_0: left promiscuous mode
[  545.531379][ T4308] bridge0: port 1(bridge_slave_0) entered disabled state
[  546.064748][ T9470] sd 0:0:1:0: device reset
[  549.779655][ T4308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  549.873625][ T4308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  549.950098][ T4308] bond0 (unregistering): Released all slaves
[  551.739202][ T5839] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  551.749644][ T4308] hsr_slave_0: left promiscuous mode
[  551.794488][ T4308] hsr_slave_1: left promiscuous mode
[  551.796965][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  551.860006][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  551.895528][ T5839] usb 3-1: config 0 has no interfaces?
[  551.900754][ T5839] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  551.900780][ T5839] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  551.900798][ T5839] usb 3-1: Product: syz
[  551.900811][ T5839] usb 3-1: Manufacturer: syz
[  551.900821][ T5839] usb 3-1: SerialNumber: syz
[  551.941918][ T5839] usb 3-1: config 0 descriptor??
[  552.247415][ T9508] loop6: detected capacity change from 0 to 524288000
[  552.351665][ T5156] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  552.354963][ T5156] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  552.375721][ T5156] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  552.394195][ T5156] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  552.394789][ T5156] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  552.529564][ T9510] support for the xor transformation has been removed.
[  552.721687][ T9521] binder: 9518:9521 ioctl c018620c 200000000100 returned -1
[  554.284959][ T4308] team0 (unregistering): Port device team_slave_1 removed
[  554.519271][ T5156] Bluetooth: hci3: command tx timeout
[  554.549946][ T4308] team0 (unregistering): Port device team_slave_0 removed
[  556.599405][ T5156] Bluetooth: hci3: command tx timeout
[  558.027973][   T10] usb 3-1: USB disconnect, device number 10
[  558.683568][ T5156] Bluetooth: hci3: command tx timeout
[  560.353680][ T9247] 8021q: adding VLAN 0 to HW filter on device bond0
[  560.760277][ T5156] Bluetooth: hci3: command tx timeout
[  562.648137][ T9516] chnl_net:caif_netlink_parms(): no params data found
[  562.759255][  T994] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  562.810811][ T9247] 8021q: adding VLAN 0 to HW filter on device team0
[  562.924645][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  562.924692][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  562.971807][  T994] usb 3-1: config 0 has no interfaces?
[  563.003348][  T994] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  563.003375][  T994] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  563.003399][  T994] usb 3-1: Product: syz
[  563.003411][  T994] usb 3-1: Manufacturer: syz
[  563.003423][  T994] usb 3-1: SerialNumber: syz
[  563.072140][  T994] usb 3-1: config 0 descriptor??
[  563.827616][ T6185] bridge0: port 1(bridge_slave_0) entered blocking state
[  563.829279][ T6185] bridge0: port 1(bridge_slave_0) entered forwarding state
[  564.126260][ T9303] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  564.253330][ T9303] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  564.474470][ T9303] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  564.652594][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  564.652818][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  564.657062][ T9303] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  564.705903][ T9516] bridge0: port 1(bridge_slave_0) entered blocking state
[  564.705991][ T9516] bridge0: port 1(bridge_slave_0) entered disabled state
[  564.706118][ T9516] bridge_slave_0: entered allmulticast mode
[  564.712053][ T9516] bridge_slave_0: entered promiscuous mode
[  564.752471][ T9516] bridge0: port 2(bridge_slave_1) entered blocking state
[  564.752604][ T9516] bridge0: port 2(bridge_slave_1) entered disabled state
[  564.752833][ T9516] bridge_slave_1: entered allmulticast mode
[  564.757760][ T9516] bridge_slave_1: entered promiscuous mode
[  565.094099][ T9516] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  565.204280][ T9516] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  565.696202][ T9516] team0: Port device team_slave_0 added
[  565.807746][   T31] usb 3-1: USB disconnect, device number 11
[  565.926166][ T9516] team0: Port device team_slave_1 added
[  566.098438][ T4308] bridge_slave_1: left allmulticast mode
[  566.098469][ T4308] bridge_slave_1: left promiscuous mode
[  566.098813][ T4308] bridge0: port 2(bridge_slave_1) entered disabled state
[  566.170942][ T4308] bridge_slave_0: left allmulticast mode
[  566.170963][ T4308] bridge_slave_0: left promiscuous mode
[  566.171215][ T4308] bridge0: port 1(bridge_slave_0) entered disabled state
[  566.966114][ T9620] sd 0:0:1:0: device reset
[  569.931196][ T4308] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  570.022131][ T4308] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  570.064021][ T4308] bond0 (unregistering): Released all slaves
[  570.309700][ T9516] batman_adv: batadv0: Adding interface: batadv_slave_0
[  570.309717][ T9516] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  570.309740][ T9516] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  570.375798][ T9516] batman_adv: batadv0: Adding interface: batadv_slave_1
[  570.375814][ T9516] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  570.375838][ T9516] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  570.769322][ T4308] hsr_slave_0: left promiscuous mode
[  570.789330][ T4308] hsr_slave_1: left promiscuous mode
[  570.790301][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_0
[  570.825519][ T9649] sd 0:0:1:0: device reset
[  570.862688][ T4308] batman_adv: batadv0: Removing interface: batadv_slave_1
[  571.940423][ T4308] team0 (unregistering): Port device team_slave_1 removed
[  572.530964][ T9659] netlink: 4 bytes leftover after parsing attributes in process `syz.2.984'.
[  573.162504][ T4308] team0 (unregistering): Port device team_slave_0 removed
[  575.397479][ T9516] hsr_slave_0: entered promiscuous mode
[  575.398769][ T9516] hsr_slave_1: entered promiscuous mode
[  575.418853][ T9516] debugfs: 'hsr0' already exists in 'hsr'
[  575.418879][ T9516] Cannot create hsr debugfs directory
[  577.461154][ T9303] 8021q: adding VLAN 0 to HW filter on device bond0
[  577.993214][ T9699] tipc: Failed to remove unknown binding: 66,1,1/0:400850958/400850960
[  577.997890][ T9699] tipc: Failed to remove unknown binding: 66,1,1/0:400850958/400850960
[  577.997934][ T9699] tipc: Failed to remove unknown binding: 66,1,1/0:400850958/400850960
[  578.085441][ T5844] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  578.118082][ T5844] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  578.126673][ T5844] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  578.139579][ T5844] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  578.144838][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  578.405335][ T9303] 8021q: adding VLAN 0 to HW filter on device team0
[  578.851837][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  578.852049][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  579.149104][ T5839] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  579.210071][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  579.210226][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  579.322244][ T5839] usb 3-1: Using ep0 maxpacket: 8
[  579.325122][ T5839] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  579.325146][ T5839] usb 3-1: config 0 has no interface number 0
[  579.325192][ T5839] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  579.325230][ T5839] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  579.325251][ T5839] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.335573][ T5839] usb 3-1: config 0 descriptor??
[  579.346893][ T5839] iowarrior 3-1:0.1: no interrupt-in endpoint found
[  579.542516][ T5839] usb 3-1: USB disconnect, device number 12
[  580.189174][ T5156] Bluetooth: hci0: command tx timeout
[  588.592894][ T5844] Bluetooth: hci0: command tx timeout
[  619.608727][ T5844] Bluetooth: hci0: command tx timeout
[  623.591899][ T5844] Bluetooth: hci0: command tx timeout
[  624.603382][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  624.603455][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  687.791055][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  687.791134][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  688.803838][ T5844] Bluetooth: hci2: command tx timeout
[  762.792960][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  762.793037][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  783.786943][   T38] INFO: task kworker/1:0:31[  783.786943][   T38] INFO: task kworker/1:0:31 blocked for more than 147 seconds.
[  783.786967][   T38]       Not tainted syzkaller #0
[  783.786977][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  783.786986][   T38] task:kworker/1:0     state:D stack:19632 pid:31    tgid:31    ppid:2      task_flags:0x4208060 flags:0x00004000
[  783.787031][   T38] Workqueue: events switchdev_deferred_process_work
[  783.787064][   T38] Call Trace:
[  783.787071][   T38]  <TASK>
[  783.787085][   T38]  __schedule+0x16f3/0x4c20
[  783.787137][   T38]  ? __pfx___schedule+0x10/0x10
[  783.787179][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  783.787206][   T38]  rt_mutex_schedule+0x77/0xf0
[  783.787225][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  783.787252][   T38]  ? task_blocks_on_rt_mutex+0xf04/0x1380
[  783.787291][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  783.787314][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  783.787336][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  783.787368][   T38]  ? switchdev_deferred_process_work+0xe/0x20
[  783.787394][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  783.787420][   T38]  ? switchdev_deferred_process_work+0xe/0x20
[  783.787437][   T38]  mutex_lock_nested+0x16a/0x1d0
[  783.787456][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  783.787479][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  783.787503][   T38]  switchdev_deferred_process_work+0xe/0x20
[  783.787521][   T38]  process_scheduled_works+0xade/0x17b0
[  783.787572][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  783.787611][   T38]  worker_thread+0x8a0/0xda0
[  783.787661][   T38]  kthread+0x70e/0x8a0
[  783.787688][   T38]  ? __pfx_worker_thread+0x10/0x10
[  783.787709][   T38]  ? __pfx_kthread+0x10/0x10
[  783.787738][   T38]  ? __pfx_kthread+0x10/0x10
[  783.787762][   T38]  ret_from_fork+0x439/0x7d0
[  783.787786][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  783.787815][   T38]  ? __switch_to_asm+0x39/0x70
[  783.787831][   T38]  ? __switch_to_asm+0x33/0x70
[  783.787847][   T38]  ? __pfx_kthread+0x10/0x10
[  783.787871][   T38]  ret_from_fork_asm+0x1a/0x30
[  783.787905][   T38]  </TASK>
[  783.788015][   T38] INFO: task kworker/u8:14:6018 blocked for more than 147 seconds.
[  783.788029][   T38]       Not tainted syzkaller #0
[  783.788037][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  783.788046][   T38] task:kworker/u8:14   state:D stack:19080 pid:6018  tgid:6018  ppid:2      task_flags:0x4208160 flags:0x00004000
[  783.788085][   T38] Workqueue: ipv6_addrconf addrconf_dad_work
[  783.788105][   T38] Call Trace:
[  783.788111][   T38]  <TASK>
[  783.788123][   T38]  __schedule+0x16f3/0x4c20
[  783.788158][   T38]  ? psi_group_change+0xab8/0x1050
[  783.788188][   T38]  ? __pfx___schedule+0x10/0x10
[  783.788231][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  783.788263][   T38]  rt_mutex_schedule+0x77/0xf0
[  783.788281][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  783.788301][   T38]  ? task_blocks_on_rt_mutex+0x78c/0x1380
[  783.788341][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  783.788364][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  783.788386][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  783.788417][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  783.788445][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  783.788479][   T38]  ? addrconf_dad_work+0x119/0x15a0
[  783.788495][   T38]  mutex_lock_nested+0x16a/0x1d0
[  783.788515][   T38]  ? addrconf_dad_work+0x119/0x15a0
[  783.788537][   T38]  addrconf_dad_work+0x119/0x15a0
[  783.788559][   T38]  ? __lock_acquire+0xab9/0xd20
[  783.788589][   T38]  ? __pfx_addrconf_dad_work+0x10/0x10
[  783.788608][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  783.788635][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  783.788658][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  783.788678][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  783.788701][   T38]  process_scheduled_works+0xade/0x17b0
[  783.788753][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  783.788793][   T38]  worker_thread+0x8a0/0xda0
[  783.788817][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  783.788850][   T38]  ? __kthread_parkme+0x7b/0x200
[  783.829034][   T38]  kthread+0x70e/0x8a0
[  783.829071][   T38]  ? __pfx_worker_thread+0x10/0x10
[  783.829090][   T38]  ? __pfx_kthread+0x10/0x10
[  783.829115][   T38]  ? __pfx_kthread+0x10/0x10
[  783.829246][   T38]  ret_from_fork+0x439/0x7d0
[  783.829275][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  783.829299][   T38]  ? __switch_to_asm+0x39/0x70
[  783.829314][   T38]  ? __switch_to_asm+0x33/0x70
[  783.829328][   T38]  ? __pfx_kthread+0x10/0x10
[  783.829349][   T38]  ret_from_fork_asm+0x1a/0x30
[  783.829381][   T38]  </TASK>
[  783.829429][   T38] 
[  783.829429][   T38] Showing all locks held in the system:
[  783.829437][   T38] 1 lock held by kthreadd/2:
[  783.829450][   T38] 7 locks held by kworker/0:1/10:
[  783.829459][   T38]  #0: ffff88805ad3a938 ((wq_completion)wg-kex-wg1#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  783.829507][   T38]  #1: ffffc900000f7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  783.829563][   T38]  #2: ffff88805d1783f8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x38/0xbe0
[  783.829603][   T38]  #3: ffffffff8dac5728 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60
[  783.829644][   T38]  #4: ffff8880b8842018 (&pcp->lock){+.+.}-{3:3}, at: __free_frozen_pages+0x708/0xce0
[  783.829687][   T38]  #5: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_trylock+0xfa/0x180
[  783.829729][   T38]  #6: ffff88813fffc5d8 (&zone->lock){+.+.}-{3:3}, at: free_pcppages_bulk+0x61/0x4b0
[  783.829782][   T38] 3 locks held by kworker/u8:0/12:
[  783.829792][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  783.829833][   T38]  #1: ffffc90000117bc0 ((work_completion)(&pool->idle_cull_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  783.829872][   T38]  #2: ffffffff8d8527f8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: idle_cull_fn+0xca/0x730
[  783.829910][   T38] 4 locks held by kworker/u8:1/13:
[  783.829920][   T38] 1 lock held by kworker/R-mm_pe/14:
[  783.829929][   T38]  #0: ffffffff8d8527f8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0
[  783.829970][   T38] 4 locks held by pr/legacy/17:
[  783.829981][   T38] 3 locks held by kworker/1:0/31:
[  783.830027][   T38]  #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  783.830072][   T38]  #1: ffffc90000a5fbc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  783.830115][   T38]  #2: ffffffff8ecd3738 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[  783.830157][   T38] 1 lock held by khungtaskd/38:
[  783.830167][   T38]  #0: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  783.830208][   T38] 2 locks held by kworker/u8:2/43:
[  783.830218][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  783.830261][   T38]  #1: ffffc90000b47bc0 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  783.830309][   T38] 3 locks held by kworker/u8:4/67:
[  783.830319][   T38] 6 locks held by kworker/u8:5/70:
[  783.830329][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  783.830382][   T38]  #1: ffffc9000155fbc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  783.830426][   T38]  #2: ffff888037c45300 (&devlink->lock_key#3){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  783.830477][   T38]  #3: ffff888033c3c520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  783.830524][   T38]  #4: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  783.830566][   T38]  #5: ffff88801d2ca858 (&n->list_lock){+.+.}-{3:3}, at: get_partial_node+0x3a/0x3a0
[  783.830608][   T38] 4 locks held by kswapd0/95:
[  783.830622][   T38] 3 locks held by kworker/u8:6/151:
[  783.830635][   T38] 3 locks held by kworker/1:2/991:
[  783.830645][   T38] 5 locks held by kworker/0:2/994:
[  783.830654][   T38]  #0: ffff88805b136138 ((wq_completion)wg-kex-wg2#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  783.830702][   T38]  #1: ffffc900047ffbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  783.830761][   T38]  #2: ffff88805d178e90 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x38/0xbe0
[  783.830806][   T38]  #3: ffffffff8dac5728 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60
[  783.830849][   T38]  #4: ffff88801d2ca858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x19e/0x390
[  783.830894][   T38] 3 locks held by kworker/u8:8/1411:
[  783.830904][   T38] 3 locks held by kworker/u8:9/1471:
[  783.830915][   T38] 3 locks held by kworker/u8:10/1508:
[  783.830937][   T38] 1 lock held by kworker/R-krxrp/3435:
[  783.830947][   T38]  #0: ffffffff8d8527f8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0x88b/0xdd0
[  783.831003][   T38] 6 locks held by kworker/u8:13/4308:
[  783.831013][   T38]  #0: ffff88801a6f4138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  783.831059][   T38]  #1: ffffc9000ec1fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  783.831103][   T38]  #2: ffffffff8ecc6840 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[  783.831150][   T38]  #3: ffff8880301ad0d8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x10a/0x3d0
[  783.831194][   T38]  #4: ffff88805d3f1300 (&devlink->lock_key#14){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x11c/0x3d0
[  783.831239][   T38]  #5: ffffffff8ecd3738 (rtnl_mutex){+.+.}-{4:4}, at: nsim_destroy+0xe5/0x670
[  783.831281][   T38] 6 locks held by kworker/u9:1/5156:
[  783.831291][   T38]  #0: ffff88802577b938 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  783.831336][   T38]  #1: ffffc9001007fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  783.831382][   T38]  #2: ffff888027e28e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  783.831426][   T38]  #3: ffff888027e280a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[  783.831473][   T38]  #4: ffffffff8ee3b218 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  783.831520][   T38]  #5: ffff88802b293b58 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  783.831574][   T38] 3 locks held by udevd/5207:
[  783.831586][   T38] 3 locks held by crond/5581:
[  783.831596][   T38]  #0: ffffffff8e0b0a30 (tomoyo_ss){.+.+}-{0:0}, at: tomoyo_path_perm+0x1e3/0x4b0
[  783.831641][   T38]  #1: ffffffff8dac5728 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60
[  783.831683][   T38]  #2: ffff88801d2ca858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x19e/0x390
[  783.831724][   T38] 2 locks held by getty/5594:
[  783.831734][   T38]  #0: ffff88823bf340a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  783.831783][   T38]  #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410
[  783.831830][   T38] 2 locks held by syz-executor/5825:
[  783.831841][   T38] 3 locks held by syz-executor/5837:
[  783.831852][   T38] 5 locks held by kworker/1:3/5839:
[  783.831863][   T38] 7 locks held by kworker/u9:4/5844:
[  783.831873][   T38]  #0: ffff8880288a1138 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  783.831918][   T38]  #1: ffffc90004d67bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  783.831962][   T38]  #2: ffff88804c860e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  783.832011][   T38]  #3: ffff88804c8600a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[  783.832056][   T38]  #4: ffffffff8f0421d8 (uevent_sock_mutex){+.+.}-{4:4}, at: kobject_uevent_net_broadcast+0x281/0x560
[  783.832101][   T38]  #5: ffffffff8dac5728 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60
[  783.832143][   T38]  #6: ffff88801d2ca858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x19e/0x390
[  783.832186][   T38] 1 lock held by kworker/R-wg-cr/5875:
[  783.832197][   T38] 1 lock held by kworker/R-wg-cr/5877:
[  783.832207][   T38]  #0: ffffffff8d8527f8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0x88b/0xdd0
[  783.832252][   T38] 1 lock held by kworker/R-wg-cr/5880:
[  783.832263][   T38]  #0: ffffffff8d8527f8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0
[  783.832308][   T38] 1 lock held by kworker/R-wg-cr/5881:
[  783.832318][   T38]  #0: ffffffff8d8527f8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0
[  783.832369][   T38] 1 lock held by kworker/R-wg-cr/5883:
[  783.832380][   T38]  #0: ffffffff8d8527f8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: worker_attach_to_pool+0x2e/0x3a0
[  783.832425][   T38] 1 lock held by kworker/R-wg-cr/5888:
[  783.832436][   T38]  #0: ffffffff8d8527f8 (wq_pool_attach_mutex){+.+.}-{4:4}, at: rescuer_thread+0x88b/0xdd0
[  783.832481][   T38] 5 locks held by kworker/1:4/5889:
[  783.832491][   T38]  #0: ffff88805ac34138 ((wq_completion)wg-kex-wg1#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  783.832540][   T38]  #1: ffffc90005077bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  783.832598][   T38]  #2: ffff88805c860e90 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x38/0xbe0
[  783.832642][   T38]  #3: ffffffff8dac5728 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60
[  783.832684][   T38]  #4: ffff88801d2ca858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x19e/0x390
[  783.832726][   T38] 4 locks held by kworker/0:3/5908:
[  783.832736][   T38]  #0: ffff88805ac4ed38 ((wq_completion)wg-kex-wg0#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  783.832784][   T38]  #1: ffffc90005177bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  783.832843][   T38]  #2: ffff88805b0555f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x150/0x900
[  783.832887][   T38]  #3: ffff888010be4e20 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x4de/0x900
[  783.832932][   T38] 3 locks held by kworker/0:4/5916:
[  783.832943][   T38] 3 locks held by kworker/u8:14/6018:
[  783.832953][   T38]  #0: ffff88802fbbc138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  783.833003][   T38]  #1: ffffc900054d7bc0 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  783.833048][   T38]  #2: ffffffff8ecd3738 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x119/0x15a0
[  783.833091][   T38] 4 locks held by kworker/1:7/6519:
[  783.833103][   T38] 6 locks held by kworker/u8:3/8762:
[  783.833113][   T38] 4 locks held by kworker/1:1/9067:
[  783.833123][   T38] 2 locks held by kworker/1:5/9068:
[  783.833134][   T38] 1 lock held by syz-executor/9303:
[  783.833146][   T38] 9 locks held by syz-executor/9516:
[  783.833156][   T38]  #0: ffff888034638488 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x217/0xb40
[  783.833206][   T38]  #1: ffff88805d59f878 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540
[  783.833250][   T38]  #2: ffff8880260f74b8 (kn->active#53){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540
[  783.833299][   T38]  #3: ffffffff8e542e78 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: new_device_store+0x12c/0x6f0
[  783.833341][   T38]  #4: ffff888023fdd0d8 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x400
[  783.833382][   T38]  #5: ffff888021fac300 (&devlink->lock_key#16){+.+.}-{4:4}, at: nsim_drv_probe+0xc2/0xba0
[  783.833430][   T38]  #6: ffff88805cd8ae78 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: simple_start_creating+0x98/0x1e0
[  783.833482][   T38]  #7: ffffffff8dac5728 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60
[  783.833524][   T38]  #8: ffff88801d2ca858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x19e/0x390
[  783.833566][   T38] 3 locks held by syz-executor/9708:
[  783.833577][   T38]  #0: ffffffff8ecd3738 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x37d/0x1df0
[  783.833618][   T38]  #1: ffffffff8dac5728 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60
[  783.833660][   T38]  #2: ffff88801d2ca858 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0x19e/0x390
[  783.833701][   T38] 2 locks held by syz.2.996/9739:
[  783.833712][   T38] 5 locks held by dhcpcd-run-hook/9742:
[  783.833723][   T38] 4 locks held by kworker/0:0/9744:
[  783.833733][   T38]  #0: ffff88805ac4cd38 ((wq_completion)wg-kex-wg2#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  783.833783][   T38]  #1: ffffc90005467bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  783.833841][   T38]  #2: ffff88805b0515f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x150/0x900
[  783.833886][   T38]  #3: ffff888010be1928 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x582/0x900
[  783.833931][   T38] 
[  783.833935][   T38] =============================================
[  783.833935][   T38] 
[  783.833952][   T38] NMI backtrace for cpu 1
[  783.833977][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  783.834006][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  783.834017][   T38] Call Trace:
[  783.834024][   T38]  <TASK>
[  783.834032][   T38]  dump_stack_lvl+0x189/0x250
[  783.834060][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  783.834082][   T38]  ? __pfx__printk+0x10/0x10
[  783.834113][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[  783.834138][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  783.834162][   T38]  ? __pfx__printk+0x10/0x10
[  783.834186][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  783.834209][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  783.834233][   T38]  watchdog+0xf93/0xfe0
[  783.834260][   T38]  ? watchdog+0x1de/0xfe0
[  783.834286][   T38]  kthread+0x70e/0x8a0
[  783.834313][   T38]  ? __pfx_watchdog+0x10/0x10
[  783.834333][   T38]  ? __pfx_kthread+0x10/0x10
[  783.834361][   T38]  ? __pfx_kthread+0x10/0x10
[  783.834385][   T38]  ret_from_fork+0x439/0x7d0
[  783.834409][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  783.834436][   T38]  ? __switch_to_asm+0x39/0x70
[  783.834451][   T38]  ? __switch_to_asm+0x33/0x70
[  783.834465][   T38]  ? __pfx_kthread+0x10/0x10
[  783.834489][   T38]  ret_from_fork_asm+0x1a/0x30
[  783.834520][   T38]  </TASK>
[  783.834528][   T38] Sending NMI from CPU 1 to CPUs 0:
[  783.834558][    C0] NMI backtrace for cpu 0
[  783.834572][    C0] CPU: 0 UID: 0 PID: 20 Comm: rcuc/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  783.834589][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  783.834604][    C0] RIP: 0010:rcu_is_watching+0x55/0xb0
[  783.834626][    C0] Code: 2d 25 8d 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 dc 9c 78 00 48 c7 c3 18 74 f7 91 49 03 1e 48 89 d8 48 c1 e8 03 <42> 0f b6 04 38 84 c0 75 34 8b 03 65 ff 0d 19 28 51 10 74 11 83 e0
[  783.834640][    C0] RSP: 0018:ffffc900001978e8 EFLAGS: 00000802
[  783.834653][    C0] RAX: 1ffff11017106683 RBX: ffff8880b8833418 RCX: 9f1c1d43bd958600
[  783.834665][    C0] RDX: 0000000000000000 RSI: ffffffff8b621660 RDI: ffffffff8b621620
[  783.834676][    C0] RBP: ffffc900001979b8 R08: ffffffff8f1d6137 R09: 1ffffffff1e3ac26
[  783.834688][    C0] R10: dffffc0000000000 R11: fffffbfff1e3ac27 R12: dffffc0000000000
[  783.834700][    C0] R13: ffff88803c702f28 R14: ffffffff8d252d10 R15: dffffc0000000000
[  783.834712][    C0] FS:  0000000000000000(0000) GS:ffff8881268bc000(0000) knlGS:0000000000000000
[  783.834725][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  783.834736][    C0] CR2: 0000200000175030 CR3: 000000002789e000 CR4: 00000000003526f0
[  783.834750][    C0] Call Trace:
[  783.834756][    C0]  <TASK>
[  783.834763][    C0]  trace_irq_disable+0x37/0x110
[  783.834781][    C0]  _raw_spin_lock_irqsave+0x82/0xf0
[  783.834801][    C0]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  783.834821][    C0]  ? rcu_cpu_kthread+0x23e/0x1b50
[  783.834844][    C0]  debug_object_active_state+0xa4/0x260
[  783.834867][    C0]  ? rcu_cpu_kthread+0x23e/0x1b50
[  783.834885][    C0]  rcu_cpu_kthread+0xb6d/0x1b50
[  783.834907][    C0]  ? rcu_cpu_kthread+0x23e/0x1b50
[  783.834932][    C0]  ? __pfx_rcu_cpu_kthread+0x10/0x10
[  783.834951][    C0]  ? __lock_acquire+0xab9/0xd20
[  783.834970][    C0]  ? __pfx___schedule+0x10/0x10
[  783.834997][    C0]  ? schedule+0x91/0x360
[  783.835018][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  783.835036][    C0]  smpboot_thread_fn+0x53f/0xa60
[  783.835054][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  783.835074][    C0]  kthread+0x70e/0x8a0
[  783.835094][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  783.835111][    C0]  ? __pfx_kthread+0x10/0x10
[  783.835132][    C0]  ? __pfx_kthread+0x10/0x10
[  783.835151][    C0]  ret_from_fork+0x439/0x7d0
[  783.835170][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  783.835190][    C0]  ? __switch_to_asm+0x39/0x70
[  783.835203][    C0]  ? __switch_to_asm+0x33/0x70
[  783.835216][    C0]  ? __pfx_kthread+0x10/0x10
[  783.835243][    C0]  ret_from_fork_asm+0x1a/0x30
[  783.835265][    C0]  </TASK>
[  783.835558][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[  783.835571][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  783.835592][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  783.835602][   T38] Call Trace:
[  783.835609][   T38]  <TASK>
[  783.835616][   T38]  dump_stack_lvl+0x99/0x250
[  783.835640][   T38]  ? __asan_memcpy+0x40/0x70
[  783.835659][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  783.835682][   T38]  ? __pfx__printk+0x10/0x10
[  783.835713][   T38]  vpanic+0x281/0x750
[  783.835738][   T38]  ? __pfx_vpanic+0x10/0x10
[  783.835758][   T38]  ? __x2apic_send_IPI_mask+0x1e4/0x260
[  783.835778][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  783.835812][   T38]  panic+0xb9/0xc0
[  783.835834][   T38]  ? __pfx_panic+0x10/0x10
[  783.835859][   T38]  ? irq_work_queue+0xc3/0x140
[  783.835885][   T38]  ? nmi_trigger_cpumask_backtrace+0x234/0x300
[  783.835908][   T38]  watchdog+0xfd2/0xfe0
[  783.835934][   T38]  ? watchdog+0x1de/0xfe0
[  783.835960][   T38]  kthread+0x70e/0x8a0
[  783.835995][   T38]  ? __pfx_watchdog+0x10/0x10
[  783.836016][   T38]  ? __pfx_kthread+0x10/0x10
[  783.836043][   T38]  ? __pfx_kthread+0x10/0x10
[  783.836067][   T38]  ret_from_fork+0x439/0x7d0
[  783.836091][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  783.836118][   T38]  ? __switch_to_asm+0x39/0x70
[  783.836134][   T38]  ? __switch_to_asm+0x33/0x70
[  783.836150][   T38]  ? __pfx_kthread+0x10/0x10
[  783.836174][   T38]  ret_from_fork_asm+0x1a/0x30
[  783.836205][   T38]  </TASK>
[  783.836447][   T38] Kernel Offset: disabled