last executing test programs:

2m1.401044291s ago: executing program 0 (id=17):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0xfffe}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_XFRM_DIR={0x5, 0x3, 0x1}, @NFTA_XFRM_SPNUM={0x8, 0x4, 0x1, 0x0, 0x6}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x15}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd4}}, 0x4000040)

2m0.310660223s ago: executing program 0 (id=19):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300000000008085000000c0000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_io_uring_setup(0x48be, &(0x7f0000001280)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000000), &(0x7f0000001180))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000a40)=@newsa={0x140, 0x10, 0x1, 0x0, 0x0, {{@in6=@remote, @in6=@remote, 0x0, 0xfff7, 0x2000, 0x1, 0x0, 0x0, 0x0, 0x3b, 0x0, 0xffffffffffffffff}, {@in=@rand_addr=0x64010102, 0x0, 0x32}, @in6=@loopback, {0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x4}, {0x800000000000, 0x4, 0x40000000}, {}, 0x70bd25, 0x3501, 0xa, 0x0, 0x1}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}, 0x45}}, @offload={0xc, 0x1c, {0x0, 0x2}}]}, 0x140}, 0x1, 0x0, 0x0, 0x4004000}, 0x4810)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1b, 0x4, 0x20, 0x1}, 0x50)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file0\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file5\x00', 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x50)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r6, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x24b9, &(0x7f00000011c0)={0x0, 0x7216, 0x40, 0x1, 0x1a3}, &(0x7f0000001140), &(0x7f0000001240))
pread64(r3, &(0x7f0000000080)=""/237, 0xed, 0x0)
openat$audio(0xffffffffffffff9c, 0x0, 0x40000000040201, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000380)="c1dfb061cd21d3084d94d3540800", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, 0x0, 0xc800)

1m56.813857372s ago: executing program 0 (id=24):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
sendmmsg$inet(r0, &(0x7f0000000340)=[{{&(0x7f0000000200)={0x2, 0x4e20, @local}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000400)='\b\x00\x00\x00(\x00\x00\x00', 0x8}], 0x1}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)="08000000001f009e", 0x8}, {0x0}], 0x2}}], 0x2, 0x4000)

1m56.530774887s ago: executing program 0 (id=30):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
sendmsg$AUDIT_USER_AVC(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x454}, 0x4004054)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
ioctl$SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat(0xffffffffffffffff, &(0x7f0000000040)='./cgroup\x00', 0x105800, 0x57)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000200)={<r3=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(r2, 0xc01064c1, &(0x7f0000000240)={r3})
syz_open_dev$vbi(&(0x7f00000001c0), 0x3, 0x2)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000000)={0x1}, 0x8)
r5 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r5, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r5, 0x0)
r6 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r6, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
write$binfmt_elf64(r6, &(0x7f0000000240)=ANY=[], 0x40000)
r7 = accept4$unix(r5, 0x0, 0x0, 0x80800)
recvmmsg(r7, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0}, 0x807}, {{0x0, 0x0, 0x0}, 0x1ff}], 0x2, 0x20022, 0x0)
recvfrom$unix(r7, &(0x7f00000008c0)=""/239, 0xf9, 0x42, 0x0, 0x4b)
setsockopt$sock_int(r4, 0x1, 0x21, &(0x7f0000000100), 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x18, 0xe, &(0x7f00000016c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0200000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe000000008500000009000000b700000000000000950000000000000000e154cd8445974b26c933f7ffffffffe40400000056bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f85db47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a05cbee30ff0000001989425f5d0b79f6584d0416d7c4bb9f547b328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c958559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7f9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c3157f00000000000000a06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c3630000000002232017810e743bdaf879946547dbf8b497af002000000cd1d00000020000000ef19349ee7f31abc11c800000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2c4af38ffb7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7ffff35e62f4eeee50e6dafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0eb3280e097585ab91d20baca005472b79d7b574a247f1d2fe45b3c4e93da3d51de646c10dd49944dc87c92fe8bad99ca332af00f191b66b6a6f732a91f0e2e9190e4b448da7de018c58e950767f9b320be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c52573d9308a13d115b43f8b1894c8fa8a14dc4810f61ae96bf704526a8919bc700002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb50409fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381ccc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4d8521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f78fbd8d31330d89069f9648a2ff93060fd2b0976cf2ec447c030931651dd315003b7a6a5433a2bb3c035fc6846abe389b25c988f0bbb889560ae99ec4b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3bca426a9b7d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4728288e78980c1184d8223edbccbf9258b7374e79a1f8bf3fb73cfd1e76982f3d899f71e4a9f0ba8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db00000000000001f915268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b7524642c248aa813edaa626f00000021f8547d393dabe616fbbde21c90be00b5a22671395c7a69c6dd4d022ffc97ddb6aa025131652d409da1d8cfc3d219d4b1c1b7b8170d7c33d91db2b73f7ae02485a209a2474b5d0790d05c01bec623056e4d3f4d3149373a28b26a15a1fcce73d57e6eaf7e6f315fe275ebc9ef7aeca277dde01dde724f419803a2172a7833ceab38d21ca4f1dea5e1f4d8824167b21dd289dd4e6ecfba9e163bdbc48e1e758ecde000006c06d4d551e81ee73459cf1c00000000000000000000628a663ed417be6ff5b172cba4a1ec629a39ec253c087b1e9ce84e25b8717ae8581bf28c16a8bbda8d69358e885ddf5387e419c64847b8953070cdefe7d6a35197638e929f8f3c005f9de3fe351def9ed5"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r8, 0x0, 0x62, 0x109, &(0x7f0000000140)="cb74445b7d4c0b24676c6c71ae37efcedaf40242309766deb4e793f90000000000000000dbc856cbc664650634231454ca2d8034c4ca29e0d99c3b6615e91835a600c08f989af45438a54981be310aad92ae545b1c961e5f3762a51fe4c736edec6f", &(0x7f0000000cc0)=""/265, 0xcb95, 0x0, 0xfb, 0xca, &(0x7f0000000980)="ffc4438e5c3081d0e133e812196ec0ed923733aa8b5aba32c8650e7a66d6136853773dfbc6226be13039e230d511f1ac50cc7811aac0400e4c833fedf842ae2918e6fddb550729246fcf4c0a01bc64989ea3985fb362751a83991bd56e761379caa64f6148893ff25f38d5cd6dd695bbf9ca709a9960e0e6b054d5e2239bcb7c0fb2ac66dc4c8f534e439ff20ccaf0d48a98c19c92a3b437a699350f49606d21a403f8c112c46fea5486bf367a854b0f6c1e563b656e4794f6793a08bb3656c391643f6df71d0255054368a938d38503d064da82d5dbf395ad47ed3932669168d324ed0f6de8360d499042ddc7d02b6c0772128257702bfe6d0971", &(0x7f00000007c0)="4c87fe555ceb79157b1e507ff4d3cc053321e42ae89f596427188b4877ab8f1776c0685784f1174c6401ecc1dd6e2a77bc79238f87ad9215a92ff203a30099e77c543e702b4a4438d358616381745f24f74e585498af129c4b173b242f445b08135f7fa40eb7ba78160ff4f0c80e1b324d0c234cb7f43a3ff9e9535dc16000c797113a039f4508a09144090000009f38a90a24f173b3e68377e4272950a80cfcd3aa6850e917bc7e57370060f5e6db941d67fc98a1e98103830b821657438325578d2af822dd4fc13ea7", 0x2, 0x0, 0x3ff}, 0x50)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000140)="24000000010006", 0x7)

1m51.873900045s ago: executing program 0 (id=37):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b9fcb0acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7ac07b37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c6fcf206883633cb143016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa9fd10ccd7c1b1a92bac529df981a6d30100e68555553625c0e91a51000000000000000000fe030f85b294f3ea1fce314a9dcefbe3b64e83c35c5e95734786ca78315793cc0e6e776d2ec07c55cd89541ec25e074e840287011cab538d79e1569df321282071d49a4dc5fb2d7da1d05249d0e153fd04aca2", @ANYRES8], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16, 0x0, 0xffffffffffffffff, 0xffffffffffffffc9}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x22, 0x0, &(0x7f0000000000)="06ff03076844268cb89e14f0080040e0ffff00febabec41177fb86dd1402e000030c", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

1m51.400044438s ago: executing program 0 (id=42):
r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setgroups(0x0, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a3200000000080041007369770014003300"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x1)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
modify_ldt$write(0x1, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r6 = syz_open_pts(r5, 0x0)
dup3(r5, r3, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x3)

1m35.761726847s ago: executing program 32 (id=42):
r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setgroups(0x0, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073797a3200000000080041007369770014003300"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x1)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)
modify_ldt$write(0x1, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r6 = syz_open_pts(r5, 0x0)
dup3(r5, r3, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x3)

22.77203869s ago: executing program 2 (id=273):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e7d, 0x2d5a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="000a05"], 0x0, 0x0, 0x0, 0x0}, 0x0)

22.559531002s ago: executing program 4 (id=275):
r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0xfc, 0x2, 0x4})
ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405668, &(0x7f0000000100)={0x0, 0x20, 0x2})

22.304606765s ago: executing program 4 (id=276):
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
pipe(&(0x7f0000000380))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000002480)={0x13, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x101002, 0x0)
ioctl$TIOCGSERIAL(r4, 0x541e, &(0x7f0000002fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
r5 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000040)={'sit0\x00', 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000730000007b1af8ff00000000bfa100000000000007018000f8ffffffb702000008000000b703000000000000850000000600000095000000000000002d55715f11e961d1fde85cda4c8aae3a0c64e30cd8655910b3eb2d1451a6bf4b04dc0af703f4c87963ba1424815f140290fb3f659193aea013d93e0b6dc8d41d9568a55e58cc6514e272e53a081168e74d7189f0e655f66e08f0e108968d80ea3cac636aa60bea16f5e27d5761f66d99ca89ad8cf4e13a2013988c4222d7cf1ff8682043d3d6076b20de6f1ea6691dcee8e86fa2109aa7898fe15f2c973463c482db5da9926d158ee55592221796e273ccf22a74e8dd3674739085015098b80e9842e81fb684b0047773b358f02338ba5950707984fb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r6 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='devtmpfs\x00', 0x2200892, 0x0)
pread64(r5, &(0x7f0000002240)=""/237, 0xed, 0x4eb)

22.2365995s ago: executing program 3 (id=277):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a6c000000060a0104000000000000000002000000400004803c0001800a0001006d617463680000002c000280140003002000000000000000030007116b61979e0c000100636c75737465720008000240000000000900010073797a30000000000900020073797a32"], 0x94}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

20.597712091s ago: executing program 3 (id=279):
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xfffffffd})
r0 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$KDGETLED(r0, 0x4b31, &(0x7f00000005c0))

20.596801426s ago: executing program 4 (id=280):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x1, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000700000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000800000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0xfffffef3, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x5562, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

19.962696031s ago: executing program 3 (id=281):
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000600)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}, 0x0, 0x0, 0x1b, 0x0, "61a1ed8439cde8054f2ada6fcd5fe76b933e8bb0ac60081e33dffa150835f7519d5f73b4e1d80eb4881a5b98cb9fb96d225d602392f816d0bdcc09b5063087117502d8c24f1fe97f61fd27a06d6a38a7"}, 0xd8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='%(,c\xbe\xfbL:', 0x0)
fsopen(&(0x7f0000000500)='exfat\x00', 0x1)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[], 0x48}}, 0x0)

18.688312938s ago: executing program 4 (id=282):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(r1, 0x4068aea3, &(0x7f0000000080)={0x80, 0x0, 0xfffffffffffffffc})

18.612041416s ago: executing program 3 (id=283):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWRULE={0x84, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x58, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x2}]}}}, {0x30, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_NAT_REG_PROTO_MIN={0x8, 0x5, 0x1, 0x0, 0x3}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_NAT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_NAT_REG_PROTO_MAX={0x8, 0x6, 0x1, 0x0, 0x14}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xac}}, 0x0)

18.500062357s ago: executing program 2 (id=284):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000cc0), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_TX_POWER(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000080)={0x20, r0, 0x1, 0x70bd2b, 0x25dfdbfa, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}}, 0x4000000)

18.139709601s ago: executing program 4 (id=285):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000200)={0x1, &(0x7f00000001c0)=[{0x6, 0x4, 0x6, 0x4}]}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000140)={@multicast, @empty, @void, {@ipv4={0x82e, @icmp={{0x5, 0x4, 0x0, 0x4, 0x30, 0x65, 0x0, 0xa2, 0x1, 0x0, @rand_addr=0x64010101, @remote}, @dest_unreach={0x3, 0xe, 0x0, 0x0, 0x6, 0x22, {0x5, 0x4, 0x3, 0x14, 0x801, 0x68, 0x1ce2, 0xd9, 0x4, 0x65c, @multicast1, @multicast2}}}}}}, 0x0)

18.11901761s ago: executing program 2 (id=286):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r1, 0x4068aea3, &(0x7f0000000180)={0xdf, 0x0, 0x1000000})

18.117584052s ago: executing program 3 (id=287):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001340)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x2bd}, @NFTA_CONNLIMIT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)

17.890495967s ago: executing program 2 (id=289):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffff7}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
set_mempolicy(0x8006, 0x0, 0x5)

17.791945595s ago: executing program 4 (id=290):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0xffffffffffffffff, 0x30bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1120}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x4}, @IFLA_VLAN_INGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c855}, 0x8000002)

17.758198359s ago: executing program 3 (id=291):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x891c, &(0x7f0000000080)={'xfrm0\x00', {0x2, 0x0, @empty}})

17.722413763s ago: executing program 2 (id=292):
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000600)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}, 0x0, 0x0, 0x1b, 0x0, "61a1ed8439cde8054f2ada6fcd5fe76b933e8bb0ac60081e33dffa150835f7519d5f73b4e1d80eb4881a5b98cb9fb96d225d602392f816d0bdcc09b5063087117502d8c24f1fe97f61fd27a06d6a38a7"}, 0xd8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='%(,c\xbe\xfbL:', 0x0)
fsopen(&(0x7f0000000500)='exfat\x00', 0x1)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[], 0x48}}, 0x0)

17.392037596s ago: executing program 1 (id=294):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
connect$netlink(r0, &(0x7f0000000300)=@kern={0x10, 0x0, 0x0, 0x1}, 0x5c)

16.433522768s ago: executing program 2 (id=295):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="1e030600bc"], 0xffdd)

16.388440971s ago: executing program 1 (id=296):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg(r0, &(0x7f00000036c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000001c80)="798e17a462", 0x5}, {&(0x7f00000001c0)="f046930fa55abd012495a5cfd6dadd38aefd099ef2872c528fba3a7ae77cf3e61d6b48c5316b2b89011110419e", 0xfffffff2}], 0x2, &(0x7f0000000780)=ANY=[@ANYBLOB="68000000000000003a0000000400000012331f3a8113e5e07fb96a48595b3351314fb24bdf97abcfe84a530ffb7d8215e5cbbf5a5154b278e958ff8532d2fc4fff64e77cb0c8bcd7663b222f3e5626bdab8b1e91264e309ecbc2bf397a79573fba00000000000000f8"], 0x160}}], 0x2, 0x20004840)

16.255964655s ago: executing program 1 (id=297):
unshare(0x28000600)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x6, &(0x7f0000000000)=0x100000001, 0x4)

16.201200295s ago: executing program 1 (id=298):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x46, &(0x7f00000002c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x2, 0x38, 0x0, 0x0, 0x2, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0xc2, 0x1, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x4, 0xd}, @mss={0x2, 0x4, 0x5df4}, @sack={0x5, 0x2}]}}}}}}}, 0x0)

15.98096452s ago: executing program 1 (id=299):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x4208, r0)

15.557358162s ago: executing program 1 (id=300):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101201, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x4020aeb2, &(0x7f0000000080)={0x0, 0x2000000, @pic={0x6, 0xf, 0x3, 0xf6, 0x1, 0x0, 0x0, 0x9, 0x7, 0x7, 0x0, 0x10, 0x5, 0x4, 0x10}})

2.283795598s ago: executing program 33 (id=291):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x891c, &(0x7f0000000080)={'xfrm0\x00', {0x2, 0x0, @empty}})

2.073809621s ago: executing program 34 (id=290):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0xffffffffffffffff, 0x30bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1120}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_EGRESS_QOS={0x4}, @IFLA_VLAN_INGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c855}, 0x8000002)

1.266868259s ago: executing program 35 (id=295):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="1e030600bc"], 0xffdd)

0s ago: executing program 36 (id=300):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101201, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x4020aeb2, &(0x7f0000000080)={0x0, 0x2000000, @pic={0x6, 0xf, 0x3, 0xf6, 0x1, 0x0, 0x0, 0x9, 0x7, 0x7, 0x0, 0x10, 0x5, 0x4, 0x10}})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.145' (ED25519) to the list of known hosts.
[   80.803511][ T5826] cgroup: Unknown subsys name 'net'
[   81.050610][ T5826] cgroup: Unknown subsys name 'cpuset'
[   81.106345][ T5826] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   82.857368][ T5826] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   86.829564][    T9] cfg80211: failed to load regulatory.db
[   86.966443][   T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   86.984721][   T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   86.986077][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   87.001696][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   87.003906][   T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   87.082151][ T5845] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   87.095097][ T5845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   87.096593][ T5845] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   87.097816][ T5845] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   87.098599][ T5845] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   87.136961][ T5158] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   87.143771][ T5158] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   87.161290][ T5158] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   87.162638][ T5158] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   87.163367][ T5158] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   87.176068][ T5158] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   87.177987][ T5850] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   87.186471][ T5850] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   87.189405][ T5850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   87.190847][ T5850] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   87.191307][ T5850] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   87.192521][ T5850] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   87.192946][ T5850] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   87.195166][ T5850] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   87.196946][ T5850] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   88.031469][ T5839] chnl_net:caif_netlink_parms(): no params data found
[   88.039434][ T5843] chnl_net:caif_netlink_parms(): no params data found
[   88.132065][ T5849] chnl_net:caif_netlink_parms(): no params data found
[   88.502837][ T5848] chnl_net:caif_netlink_parms(): no params data found
[   88.623046][ T5846] chnl_net:caif_netlink_parms(): no params data found
[   88.938471][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.939387][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.939744][ T5839] bridge_slave_0: entered allmulticast mode
[   88.941418][ T5839] bridge_slave_0: entered promiscuous mode
[   89.047247][ T5850] Bluetooth: hci0: command tx timeout
[   89.049328][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.049522][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.049686][ T5843] bridge_slave_0: entered allmulticast mode
[   89.052653][ T5843] bridge_slave_0: entered promiscuous mode
[   89.107057][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.107198][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.107654][ T5839] bridge_slave_1: entered allmulticast mode
[   89.110389][ T5839] bridge_slave_1: entered promiscuous mode
[   89.126114][ T5850] Bluetooth: hci1: command tx timeout
[   89.277225][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.277369][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.277541][ T5843] bridge_slave_1: entered allmulticast mode
[   89.280295][ T5843] bridge_slave_1: entered promiscuous mode
[   89.286797][ T5850] Bluetooth: hci2: command tx timeout
[   89.286904][ T5850] Bluetooth: hci3: command tx timeout
[   89.286974][ T5850] Bluetooth: hci4: command tx timeout
[   89.418676][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.418837][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.419010][ T5849] bridge_slave_0: entered allmulticast mode
[   89.421685][ T5849] bridge_slave_0: entered promiscuous mode
[   89.599270][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.599431][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.599956][ T5849] bridge_slave_1: entered allmulticast mode
[   89.601759][ T5849] bridge_slave_1: entered promiscuous mode
[   89.792350][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.866558][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.950260][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.110326][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.110617][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.110813][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.110991][ T5848] bridge_slave_0: entered allmulticast mode
[   90.113729][ T5848] bridge_slave_0: entered promiscuous mode
[   90.203147][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.539605][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.539706][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.539837][ T5848] bridge_slave_1: entered allmulticast mode
[   90.541320][ T5848] bridge_slave_1: entered promiscuous mode
[   90.650018][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.650279][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.650359][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.650468][ T5846] bridge_slave_0: entered allmulticast mode
[   90.651943][ T5846] bridge_slave_0: entered promiscuous mode
[   90.818074][ T5839] team0: Port device team_slave_0 added
[   90.887542][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.887684][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.887873][ T5846] bridge_slave_1: entered allmulticast mode
[   90.890572][ T5846] bridge_slave_1: entered promiscuous mode
[   90.893243][ T5843] team0: Port device team_slave_0 added
[   90.990643][ T5839] team0: Port device team_slave_1 added
[   91.125844][   T59] Bluetooth: hci0: command tx timeout
[   91.128674][ T5843] team0: Port device team_slave_1 added
[   91.131612][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.205927][   T59] Bluetooth: hci1: command tx timeout
[   91.225180][ T5849] team0: Port device team_slave_0 added
[   91.366077][   T59] Bluetooth: hci4: command tx timeout
[   91.366108][   T59] Bluetooth: hci3: command tx timeout
[   91.366128][   T59] Bluetooth: hci2: command tx timeout
[   91.380894][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.620947][ T5849] team0: Port device team_slave_1 added
[   91.627287][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.760734][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.760745][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.760758][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.860499][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.861461][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.861472][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.861495][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.958764][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.958779][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.958803][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.057480][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.057496][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.057518][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.143395][ T5848] team0: Port device team_slave_0 added
[   92.154697][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.154708][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.154721][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.260290][ T5848] team0: Port device team_slave_1 added
[   92.264238][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.264252][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.264266][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.267183][ T5846] team0: Port device team_slave_0 added
[   92.372119][ T5846] team0: Port device team_slave_1 added
[   92.798103][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.798118][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.798140][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.007543][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.007558][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.007580][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.013472][ T5839] hsr_slave_0: entered promiscuous mode
[   93.014430][ T5839] hsr_slave_1: entered promiscuous mode
[   93.029901][ T5843] hsr_slave_0: entered promiscuous mode
[   93.031177][ T5843] hsr_slave_1: entered promiscuous mode
[   93.032137][ T5843] debugfs: 'hsr0' already exists in 'hsr'
[   93.032247][ T5843] Cannot create hsr debugfs directory
[   93.102698][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.102713][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.102736][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.205839][ T5850] Bluetooth: hci0: command tx timeout
[   93.212953][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.212968][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.212991][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.226237][ T5849] hsr_slave_0: entered promiscuous mode
[   93.227496][ T5849] hsr_slave_1: entered promiscuous mode
[   93.228275][ T5849] debugfs: 'hsr0' already exists in 'hsr'
[   93.228296][ T5849] Cannot create hsr debugfs directory
[   93.285874][ T5850] Bluetooth: hci1: command tx timeout
[   93.445916][ T5850] Bluetooth: hci2: command tx timeout
[   93.445948][ T5850] Bluetooth: hci3: command tx timeout
[   93.445968][ T5850] Bluetooth: hci4: command tx timeout
[   94.006556][ T5848] hsr_slave_0: entered promiscuous mode
[   94.007721][ T5848] hsr_slave_1: entered promiscuous mode
[   94.008689][ T5848] debugfs: 'hsr0' already exists in 'hsr'
[   94.008712][ T5848] Cannot create hsr debugfs directory
[   94.231466][ T5846] hsr_slave_0: entered promiscuous mode
[   94.232265][ T5846] hsr_slave_1: entered promiscuous mode
[   94.232818][ T5846] debugfs: 'hsr0' already exists in 'hsr'
[   94.232837][ T5846] Cannot create hsr debugfs directory
[   95.296088][   T59] Bluetooth: hci0: command tx timeout
[   95.376401][   T59] Bluetooth: hci1: command tx timeout
[   95.396589][ T5839] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   95.461469][ T5839] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   95.505230][ T5839] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   95.526077][ T5850] Bluetooth: hci3: command tx timeout
[   95.526106][ T5850] Bluetooth: hci2: command tx timeout
[   95.526138][   T59] Bluetooth: hci4: command tx timeout
[   95.565197][ T5839] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   95.690417][ T5843] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   95.736570][ T5843] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   95.772666][ T5843] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   95.829730][ T5843] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   95.953258][ T5849] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   95.994453][ T5849] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   96.011691][ T5849] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   96.079480][ T5849] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   96.238578][ T5846] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   96.284957][ T5846] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   96.329987][ T5846] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   96.375438][ T5846] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   96.545760][ T5848] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   96.588677][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.589105][ T5848] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   96.652133][ T5848] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   96.691545][ T5848] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   96.809938][ T5839] 8021q: adding VLAN 0 to HW filter on device team0
[   96.863374][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.880534][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.880744][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.934079][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.934586][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.021153][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.033686][ T5843] 8021q: adding VLAN 0 to HW filter on device team0
[   97.082729][ T1124] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.082892][ T1124] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.144956][ T1124] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.145139][ T1124] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.193650][ T5849] 8021q: adding VLAN 0 to HW filter on device team0
[   97.246050][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.246301][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.281786][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.313772][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.313898][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.421657][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[   97.452361][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.486705][ T1432] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.486917][ T1432] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.557650][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.557873][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.659758][ T5848] 8021q: adding VLAN 0 to HW filter on device team0
[   97.738303][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.738518][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.788097][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.788237][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.842399][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.130747][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.296532][ T5839] veth0_vlan: entered promiscuous mode
[   98.377144][ T5839] veth1_vlan: entered promiscuous mode
[   98.419220][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.553030][ T5843] veth0_vlan: entered promiscuous mode
[   98.660398][ T5843] veth1_vlan: entered promiscuous mode
[   98.665463][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.735074][ T5839] veth0_macvtap: entered promiscuous mode
[   98.782925][ T5839] veth1_macvtap: entered promiscuous mode
[   98.809113][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.916951][ T5843] veth0_macvtap: entered promiscuous mode
[   98.939834][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.969947][ T5843] veth1_macvtap: entered promiscuous mode
[   98.999126][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.059896][ T5846] veth0_vlan: entered promiscuous mode
[   99.065581][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.100098][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.115629][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.129180][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.137376][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.161249][ T5846] veth1_vlan: entered promiscuous mode
[   99.223721][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.232563][ T5848] veth0_vlan: entered promiscuous mode
[   99.333209][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.341234][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.401200][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.431059][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.433992][ T5848] veth1_vlan: entered promiscuous mode
[   99.448721][ T5849] veth0_vlan: entered promiscuous mode
[   99.608496][ T5849] veth1_vlan: entered promiscuous mode
[   99.633911][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.633936][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.732997][ T5846] veth0_macvtap: entered promiscuous mode
[   99.786472][ T5846] veth1_macvtap: entered promiscuous mode
[   99.814306][   T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.814325][   T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.910528][ T1481] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.910546][ T1481] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.911862][ T5848] veth0_macvtap: entered promiscuous mode
[   99.968971][ T5848] veth1_macvtap: entered promiscuous mode
[  100.024139][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.056805][ T5849] veth0_macvtap: entered promiscuous mode
[  100.074751][   T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.074770][   T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.088142][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.121938][ T5849] veth1_macvtap: entered promiscuous mode
[  100.183432][ T1481] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.193997][ T1481] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.202678][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.214065][ T1481] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.252167][ T1481] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.292839][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.371433][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.416888][   T43] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.434668][   T43] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.525432][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.536614][   T43] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.625319][   T43] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.870753][ T5961] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7'.
[  101.631295][ T1404] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.650696][ T5965] (unnamed net_device) (uninitialized): up delay (2890) is not a multiple of miimon (100), value rounded to 2800 ms
[  101.765990][ T1404] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.804392][ T1404] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.886208][ T1404] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.322234][ T3606] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.322253][ T3606] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.950433][ T5979] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11'.
[  103.314998][ T1124] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.315017][ T1124] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.409202][   T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.409221][   T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.751382][ T3589] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.751403][ T3589] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.891203][ T1432] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.891221][ T1432] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.123461][ T1124] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.123482][ T1124] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.285797][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  104.286018][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  104.645750][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  105.217827][ T6005] netlink: 8 bytes leftover after parsing attributes in process `syz.0.19'.
[  105.286136][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  105.286186][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  105.749350][    C0] vkms_vblank_simulate: vblank timer overrun
[  106.365749][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  106.378202][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  106.378430][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  106.862832][    C0] vkms_vblank_simulate: vblank timer overrun
[  106.952943][    C0] vkms_vblank_simulate: vblank timer overrun
[  107.492322][    C0] vkms_vblank_simulate: vblank timer overrun
[  107.756684][    C0] vkms_vblank_simulate: vblank timer overrun
[  107.762861][ T5831] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  107.955807][ T5831] usb 3-1: Using ep0 maxpacket: 16
[  107.979833][ T5831] usb 3-1: config 0 has an invalid interface number: 4 but max is 1
[  107.979859][ T5831] usb 3-1: config 0 has an invalid interface number: 4 but max is 1
[  107.979876][ T5831] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  107.979896][ T5831] usb 3-1: config 0 has no interface number 0
[  107.979929][ T5831] usb 3-1: config 0 interface 4 has no altsetting 0
[  107.979946][ T5831] usb 3-1: config 0 interface 4 has no altsetting 1
[  107.979980][ T5831] usb 3-1: New USB device found, idVendor=eb1a, idProduct=2750, bcdDevice=e2.82
[  107.980001][ T5831] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.025702][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  108.240090][ T5831] usb 3-1: config 0 descriptor??
[  108.539556][ T5831] usb 3-1: can't set config #0, error -71
[  108.599607][ T5831] usb 3-1: USB disconnect, device number 2
[  109.139014][    C0] vkms_vblank_simulate: vblank timer overrun
[  109.564181][    C0] vkms_vblank_simulate: vblank timer overrun
[  109.852918][    C0] vkms_vblank_simulate: vblank timer overrun
[  109.943193][    C0] vkms_vblank_simulate: vblank timer overrun
[  109.981219][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  109.996370][    C0] vkms_vblank_simulate: vblank timer overrun
[  110.074999][    C0] vkms_vblank_simulate: vblank timer overrun
[  110.154002][    C0] vkms_vblank_simulate: vblank timer overrun
[  112.219326][ T6055] xfrm1: entered allmulticast mode
[  116.116359][ T6102] netlink: 780 bytes leftover after parsing attributes in process `syz.4.45'.
[  116.491000][   T59] Bluetooth: hci3: command tx timeout
[  117.172328][ T6106] input: syz1 as /devices/virtual/input/input5
[  120.414394][ T6121] syz.1.51 (6121) used greatest stack depth: 17896 bytes left
[  120.811153][ T6116] ttyS ttyS3: ldisc open failed (-12), clearing slot 3
[  123.739055][ T6142] trusted_key: syz.3.56 sent an empty control message without MSG_MORE.
[  123.792906][ T6137] program syz.2.55 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  123.887663][ T6150] netlink: 'syz.1.58': attribute type 3 has an invalid length.
[  123.887778][ T6150] netlink: 'syz.1.58': attribute type 3 has an invalid length.
[  123.887852][ T6150] netlink: 'syz.1.58': attribute type 3 has an invalid length.
[  123.887919][ T6150] netlink: 'syz.1.58': attribute type 3 has an invalid length.
[  123.889167][ T6150] netlink: 'syz.1.58': attribute type 3 has an invalid length.
[  123.889243][ T6150] netlink: 'syz.1.58': attribute type 3 has an invalid length.
[  123.889311][ T6150] netlink: 'syz.1.58': attribute type 3 has an invalid length.
[  123.889377][ T6150] netlink: 'syz.1.58': attribute type 3 has an invalid length.
[  123.889444][ T6150] netlink: 'syz.1.58': attribute type 3 has an invalid length.
[  123.889510][ T6150] netlink: 'syz.1.58': attribute type 3 has an invalid length.
[  126.128470][ T6169] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  130.425437][ T6196] fuse: Bad value for 'fd'
[  130.434535][ T6196] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  133.007895][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  133.010384][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  133.489322][ T6208] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[  138.455143][ T5845] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  138.486169][ T5845] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  138.488910][ T5845] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  138.497820][ T5845] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  138.498649][ T5845] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  140.502451][ T6238] Zero length message leads to an empty skb
[  140.611373][   T59] Bluetooth: hci5: command tx timeout
[  141.752461][ T6248] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[  142.646445][   T59] Bluetooth: hci5: command tx timeout
[  143.012579][ T6255] ubi31: attaching mtd0
[  143.017015][ T6255] ubi31: scanning is finished
[  143.017037][ T6255] ubi31: empty MTD device detected
[  144.017582][ T6255] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  144.306860][ T6263] capability: warning: `syz.3.87' uses deprecated v2 capabilities in a way that may be insecure
[  144.726427][   T59] Bluetooth: hci5: command tx timeout
[  147.293887][   T59] Bluetooth: hci5: command tx timeout
[  149.468029][ T1481] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.517869][   T37] audit: type=1326 audit(1757799960.193:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6292 comm="syz.1.97" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9bdf77eba9 code=0x0
[  151.500857][ T6313] Bluetooth: MGMT ver 1.23
[  152.308923][ T1481] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.931101][ T6335] loop2: detected capacity change from 0 to 7
[  153.041014][ T5209] Dev loop2: unable to read RDB block 7
[  153.041059][ T5209]  loop2: AHDI p2 p3
[  153.041090][ T5209] loop2: partition table partially beyond EOD, truncated
[  153.208457][    C0] vkms_vblank_simulate: vblank timer overrun
[  153.903892][    C0] vkms_vblank_simulate: vblank timer overrun
[  153.914411][ T6340] evm: overlay not supported
[  153.942956][ T5209] loop2: p2 size 150995456 extends beyond EOD, truncated
[  154.159439][    C0] vkms_vblank_simulate: vblank timer overrun
[  154.190044][ T1481] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.589444][ T6349] CUSE: unknown device info "�KJéH+ßãÛ¤2Lh¸änLþ1Õ`†CcÝòn§õ†îì8­¨×0º©®(À3Õ¶ië®â>f¡Çè_Ù®,�°
ð<Ö_e¤FÀÆ"
[  154.589498][ T6349] CUSE: unknown device info "3�ÜŸ•,²¥Ì˜õ"
[  154.589533][ T6349] CUSE: unknown device info "Jô©Ð2SZûü !e/ëÅúãõž‘­J½+-n´¸a4¼ßØÁDÿ|G$öó­5O~©q	´ƒ
[  154.589533][ T6349] f𳦧ìýzóÚXÁSAäx¡Ùjª½T¾Ç”¨åw—üæšxR�É�Q÷®(hÒ�j	pøVdY0¨Æ|M?2JÿúIšvö^
RÎ@´å"
[  154.589573][ T6349] CUSE: unknown device info "!ToÛ}Ý�&|L+U²®oæõϲ±„Ð"–¨FstVµ:׌E•gJºî‹ÂÁ<@cÁ”²ûŽ4ÊTáM˜M|©·š‚ô"
[  154.589607][ T6349] CUSE: DEVNAME unspecified
[  154.684487][    C0] vkms_vblank_simulate: vblank timer overrun
[  154.779432][   T37] audit: type=1326 audit(1757799965.353:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6346 comm="syz.2.112" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6dc385eba9 code=0x0
[  154.798015][    C0] vkms_vblank_simulate: vblank timer overrun
[  155.147316][ T5209] Dev loop2: unable to read RDB block 7
[  155.147347][ T5209]  loop2: AHDI p2 p3
[  155.147378][ T5209] loop2: partition table partially beyond EOD, truncated
[  155.147692][ T5209] loop2: p2 size 150995456 extends beyond EOD, truncated
[  155.209271][    C0] vkms_vblank_simulate: vblank timer overrun
[  155.277730][    C0] vkms_vblank_simulate: vblank timer overrun
[  155.564036][ T5983] udevd[5983]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  155.673217][ T6019] udevd[6019]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  155.902398][ T6363] random: crng reseeded on system resumption
[  157.434009][    C0] vkms_vblank_simulate: vblank timer overrun
[  157.948102][ T1481] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.372519][ T6210] chnl_net:caif_netlink_parms(): no params data found
[  164.070215][ T6412] netlink: 8 bytes leftover after parsing attributes in process `syz.2.133'.
[  164.070236][ T6412] netlink: 8 bytes leftover after parsing attributes in process `syz.2.133'.
[  164.995853][ T5919] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  165.192411][ T5919] usb 2-1: unable to get BOS descriptor or descriptor too short
[  165.193187][ T5919] usb 2-1: not running at top speed; connect to a high speed hub
[  165.194746][ T5919] usb 2-1: config 8 has an invalid interface number: 24 but max is 0
[  165.194768][ T5919] usb 2-1: config 8 has no interface number 0
[  165.194817][ T5919] usb 2-1: config 8 interface 24 altsetting 2 endpoint 0xE has invalid maxpacket 1535, setting to 64
[  165.194844][ T5919] usb 2-1: config 8 interface 24 altsetting 2 endpoint 0x85 has an invalid bInterval 0, changing to 10
[  165.194866][ T5919] usb 2-1: config 8 interface 24 altsetting 2 endpoint 0x85 has invalid wMaxPacketSize 0
[  165.194888][ T5919] usb 2-1: config 8 interface 24 has no altsetting 0
[  165.207055][ T5919] usb 2-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af
[  165.207084][ T5919] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.207103][ T5919] usb 2-1: Product: syz
[  165.207115][ T5919] usb 2-1: Manufacturer: syz
[  165.207128][ T5919] usb 2-1: SerialNumber: syz
[  165.257130][ T6424] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  165.425168][ T6210] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.428716][ T6210] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.438156][ T6210] bridge_slave_0: entered allmulticast mode
[  165.499249][ T6210] bridge_slave_0: entered promiscuous mode
[  165.574150][ T6210] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.574292][ T6210] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.574526][ T6210] bridge_slave_1: entered allmulticast mode
[  165.611460][ T6210] bridge_slave_1: entered promiscuous mode
[  165.737598][ T5919] vmk80xx 2-1:8.24: driver 'vmk80xx' failed to auto-configure device.
[  166.417298][ T5919] vmk80xx 2-1:8.24: probe with driver vmk80xx failed with error -22
[  166.591923][ T6450] vivid-000: kernel_thread() failed
[  166.735926][ T5919] usb 2-1: USB disconnect, device number 2
[  167.389300][ T6210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  167.500694][ T6210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  167.700987][ T6477] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  168.066327][ T1481] bridge_slave_1: left allmulticast mode
[  168.066663][ T1481] bridge_slave_1: left promiscuous mode
[  168.069863][ T1481] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.241136][ T1481] bridge_slave_0: left allmulticast mode
[  168.241168][ T1481] bridge_slave_0: left promiscuous mode
[  168.243801][ T1481] bridge0: port 1(bridge_slave_0) entered disabled state
[  168.787297][    C1] vkms_vblank_simulate: vblank timer overrun
[  170.288067][ T6506] IPv6: Can't replace route, no match found
[  170.720321][    C1] vkms_vblank_simulate: vblank timer overrun
[  171.428501][    C1] vkms_vblank_simulate: vblank timer overrun
[  171.658161][    C1] vkms_vblank_simulate: vblank timer overrun
[  172.066933][ T1481] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  172.131271][ T1481] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  172.150536][ T1481] bond0 (unregistering): Released all slaves
[  172.174898][ T1481] bond1 (unregistering): Released all slaves
[  172.250200][ T6210] team0: Port device team_slave_0 added
[  172.405250][ T6500] netlink: 28 bytes leftover after parsing attributes in process `syz.4.162'.
[  172.405277][ T6500] netlink: 28 bytes leftover after parsing attributes in process `syz.4.162'.
[  172.405293][ T6500] netlink: 24 bytes leftover after parsing attributes in process `syz.4.162'.
[  172.408540][ T6210] team0: Port device team_slave_1 added
[  174.434379][ T6210] batman_adv: batadv0: Adding interface: batadv_slave_0
[  174.434396][ T6210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.434516][ T6210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  174.517026][   T59] Bluetooth: hci2: Malformed LE Event: 0x1d
[  174.641523][ T6548] netlink: 148 bytes leftover after parsing attributes in process `syz.3.184'.
[  174.641546][ T6548] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[  174.658354][ T6210] batman_adv: batadv0: Adding interface: batadv_slave_1
[  174.658371][ T6210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  174.658394][ T6210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  174.676662][ T6554] netlink: 20 bytes leftover after parsing attributes in process `syz.2.187'.
[  174.939986][ T6562] validate_nla: 44 callbacks suppressed
[  174.940004][ T6562] netlink: 'syz.3.190': attribute type 10 has an invalid length.
[  174.980935][ T6566] netlink: 12 bytes leftover after parsing attributes in process `syz.2.193'.
[  175.501641][ T6576] netlink: 'syz.2.198': attribute type 11 has an invalid length.
[  175.501665][ T6576] netlink: 'syz.2.198': attribute type 11 has an invalid length.
[  175.501678][ T6576] netlink: 224 bytes leftover after parsing attributes in process `syz.2.198'.
[  175.671953][ T6562] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.674725][ T6562] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.724932][ T6562] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.725087][ T6562] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.727762][ T6562] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.727950][ T6562] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.781084][ T6562] team0: Port device bridge0 added
[  176.148474][   T37] audit: type=1326 audit(1757799986.863:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6583 comm="syz.4.202" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb6f3daeba9 code=0x0
[  176.610142][ T6210] hsr_slave_0: entered promiscuous mode
[  176.617697][ T6210] hsr_slave_1: entered promiscuous mode
[  176.618615][ T6210] debugfs: 'hsr0' already exists in 'hsr'
[  176.618638][ T6210] Cannot create hsr debugfs directory
[  177.072498][ T6593] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[  178.238292][ T6593] orangefs_mount: mount request failed with -4
[  178.506251][ T6604] netlink: 'syz.4.208': attribute type 1 has an invalid length.
[  178.506272][ T6604] netlink: 224 bytes leftover after parsing attributes in process `syz.4.208'.
[  178.785801][ T1481] hsr_slave_0: left promiscuous mode
[  178.838549][ T1481] hsr_slave_1: left promiscuous mode
[  178.841453][ T1481] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  178.841530][ T1481] batman_adv: batadv0: Removing interface: batadv_slave_0
[  178.890791][ T1481] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  178.890823][ T1481] batman_adv: batadv0: Removing interface: batadv_slave_1
[  179.141412][ T1481] veth1_macvtap: left promiscuous mode
[  179.141701][ T1481] veth0_macvtap: left promiscuous mode
[  179.142061][ T1481] veth1_vlan: left promiscuous mode
[  179.142394][ T1481] veth0_vlan: left promiscuous mode
[  182.836648][ T1481] team0 (unregistering): Port device team_slave_1 removed
[  183.047802][ T1481] team0 (unregistering): Port device team_slave_0 removed
[  185.561933][ T6635] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  185.648453][ T6640] netlink: 16 bytes leftover after parsing attributes in process `syz.3.222'.
[  185.661252][ T6640] netlink: 16 bytes leftover after parsing attributes in process `syz.3.222'.
[  185.987042][ T6634] netlink: 8 bytes leftover after parsing attributes in process `syz.1.220'.
[  185.987057][ T6634] netlink: 8 bytes leftover after parsing attributes in process `syz.1.220'.
[  187.844861][ T6672] process 'syz.1.238' launched './file2' with NULL argv: empty string added
[  188.067231][ T6672] Bluetooth: hci0: Opcode 0x080f failed: -22
[  188.922681][ T6671] syz.4.227: vmalloc error: size 5267456, failed to allocated page array size 10288, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  188.923051][ T6671] CPU: 0 UID: 0 PID: 6671 Comm: syz.4.227 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  188.923075][ T6671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  188.923094][ T6671] Call Trace:
[  188.923102][ T6671]  <TASK>
[  188.923111][ T6671]  dump_stack_lvl+0x189/0x250
[  188.923153][ T6671]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.923183][ T6671]  ? __pfx__printk+0x10/0x10
[  188.923204][ T6671]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  188.923227][ T6671]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  188.923250][ T6671]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  188.923274][ T6671]  warn_alloc+0x22e/0x3b0
[  188.923313][ T6671]  ? __pfx_warn_alloc+0x10/0x10
[  188.923352][ T6671]  ? __get_vm_area_node+0x2bc/0x350
[  188.923381][ T6671]  ? vc_do_resize+0x39b/0x1770
[  188.923412][ T6671]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  188.923465][ T6671]  ? __phys_addr+0xd3/0x180
[  188.923519][ T6671]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  188.923548][ T6671]  ? rcu_is_watching+0x15/0xb0
[  188.923582][ T6671]  ? vc_do_resize+0x39b/0x1770
[  188.923610][ T6671]  vzalloc_noprof+0xb2/0xf0
[  188.923638][ T6671]  ? vc_do_resize+0x39b/0x1770
[  188.923667][ T6671]  vc_do_resize+0x39b/0x1770
[  188.923706][ T6671]  ? __lock_acquire+0xab9/0xd20
[  188.923743][ T6671]  ? vt_ioctl+0x1c42/0x1f00
[  188.923771][ T6671]  ? __pfx_vc_do_resize+0x10/0x10
[  188.923819][ T6671]  vt_ioctl+0x1ca9/0x1f00
[  188.923851][ T6671]  ? __pfx_vt_ioctl+0x10/0x10
[  188.923875][ T6671]  ? __asan_memset+0x22/0x50
[  188.923896][ T6671]  ? smack_file_ioctl+0x24d/0x340
[  188.923921][ T6671]  ? __pfx_smack_file_ioctl+0x10/0x10
[  188.923955][ T6671]  ? __fget_files+0x3a6/0x420
[  188.923981][ T6671]  ? __fget_files+0x2a/0x420
[  188.924011][ T6671]  tty_ioctl+0x92c/0xde0
[  188.924032][ T6671]  ? __pfx_tty_ioctl+0x10/0x10
[  188.924051][ T6671]  __se_sys_ioctl+0xff/0x170
[  188.924076][ T6671]  do_syscall_64+0xfa/0x3b0
[  188.924094][ T6671]  ? lockdep_hardirqs_on+0x9c/0x150
[  188.924122][ T6671]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.924142][ T6671]  ? clear_bhb_loop+0x60/0xb0
[  188.924166][ T6671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.924186][ T6671] RIP: 0033:0x7fb6f3daeba9
[  188.924210][ T6671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.924226][ T6671] RSP: 002b:00007fb6f2016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  188.924246][ T6671] RAX: ffffffffffffffda RBX: 00007fb6f3ff5fa0 RCX: 00007fb6f3daeba9
[  188.924261][ T6671] RDX: 0000200000000000 RSI: 0000000000005609 RDI: 0000000000000003
[  188.924274][ T6671] RBP: 00007fb6f3e31e19 R08: 0000000000000000 R09: 0000000000000000
[  188.924287][ T6671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  188.924298][ T6671] R13: 00007fb6f3ff6038 R14: 00007fb6f3ff5fa0 R15: 00007ffc5f5356d8
[  188.924332][ T6671]  </TASK>
[  188.924343][ T6671] Mem-Info:
[  188.924355][ T6671] active_anon:259 inactive_anon:5862 isolated_anon:0
[  188.924355][ T6671]  active_file:5565 inactive_file:37601 isolated_file:0
[  188.924355][ T6671]  unevictable:768 dirty:277 writeback:0
[  188.924355][ T6671]  slab_reclaimable:11534 slab_unreclaimable:102006
[  188.924355][ T6671]  mapped:30200 shmem:2011 pagetables:1149
[  188.924355][ T6671]  sec_pagetables:0 bounce:0
[  188.924355][ T6671]  kernel_misc_reclaimable:0
[  188.924355][ T6671]  free:1334062 free_pcp:5531 free_cma:0
[  188.924409][ T6671] Node 0 active_anon:1036kB inactive_anon:23448kB active_file:22056kB inactive_file:150404kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:120800kB dirty:1104kB writeback:0kB shmem:6508kB kernel_stack:12712kB pagetables:4444kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  188.924457][ T6671] Node 1 active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  188.924500][ T6671] Node 0 DMA free:15344kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  188.924560][ T6671] lowmem_reserve[]: 0 2512 2513 2513 2513
[  188.924594][ T6671] Node 0 DMA32 free:1419780kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1032kB inactive_anon:23400kB active_file:21044kB inactive_file:150336kB unevictable:1536kB writepending:1104kB present:3129332kB managed:2572292kB mlocked:0kB bounce:0kB free_pcp:22112kB local_pcp:12388kB free_cma:0kB
[  188.924655][ T6671] lowmem_reserve[]: 0 0 1 1 1
[  188.924687][ T6671] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:48kB active_file:1012kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  188.924742][ T6671] lowmem_reserve[]: 0 0 0 0 0
[  188.924773][ T6671] Node 1 Normal free:3901124kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  188.924836][ T6671] lowmem_reserve[]: 0 0 0 0 0
[  188.924868][ T6671] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15344kB
[  188.925009][ T6671] Node 0 DMA32: 619*4kB (M) 709*8kB (UME) 449*16kB (UME) 253*32kB (UME) 42*64kB (UME) 12*128kB (UME) 4*256kB (UME) 25*512kB (UM) 16*1024kB (UM) 7*2048kB (UME) 329*4096kB (M) = 1419780kB
[  188.925164][ T6671] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  188.925264][ T6671] Node 1 Normal: 203*4kB (UME) 47*8kB (UME) 36*16kB (UME) 259*32kB (UME) 92*64kB (UME) 23*128kB (UME) 15*256kB (UME) 5*512kB (UME) 3*1024kB (UME) 1*2048kB (U) 945*4096kB (M) = 3901124kB
[  188.925424][ T6671] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  188.925441][ T6671] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  188.925457][ T6671] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  188.925473][ T6671] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  188.925489][ T6671] 45173 total pagecache pages
[  188.925500][ T6671] 0 pages in swap cache
[  188.925507][ T6671] Free swap  = 124996kB
[  188.925514][ T6671] Total swap = 124996kB
[  188.925522][ T6671] 2097051 pages RAM
[  188.925529][ T6671] 0 pages HighMem/MovableOnly
[  188.925535][ T6671] 422080 pages reserved
[  188.925542][ T6671] 0 pages cma reserved
[  190.085863][   T59] Bluetooth: hci0: command tx timeout
[  190.866767][ T6690] netlink: 4 bytes leftover after parsing attributes in process `syz.4.234'.
[  192.386547][ T6708] netlink: 8 bytes leftover after parsing attributes in process `syz.4.239'.
[  192.386572][ T6708] netlink: 8 bytes leftover after parsing attributes in process `syz.4.239'.
[  194.164760][ T6708] syz.4.239 (6708) used greatest stack depth: 17576 bytes left
[  194.367623][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  194.367693][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  194.534876][ T6727] =======================================================
[  194.534876][ T6727] WARNING: The mand mount option has been deprecated and
[  194.534876][ T6727]          and is ignored by this kernel. Remove the mand
[  194.534876][ T6727]          option from the mount to silence this warning.
[  194.534876][ T6727] =======================================================
[  194.762918][ T5845] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  194.783528][ T5845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  194.805090][ T5845] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  194.829003][ T6736] netlink: 'syz.1.255': attribute type 12 has an invalid length.
[  194.829026][ T6736] netlink: 9472 bytes leftover after parsing attributes in process `syz.1.255'.
[  194.836127][ T5845] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  194.836934][ T5845] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  195.380500][ T6742] Bluetooth: hci0: Opcode 0x080f failed: -22
[  196.003366][ T6753] warning: `syz.2.250' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  196.388332][ T6762] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[  196.668731][ T6766] netlink: 32 bytes leftover after parsing attributes in process `syz.1.254'.
[  196.896668][   T59] Bluetooth: hci1: command tx timeout
[  197.354178][ T6762] orangefs_mount: mount request failed with -4
[  197.446122][   T59] Bluetooth: hci0: command tx timeout
[  198.192786][ T6787] netlink: 72 bytes leftover after parsing attributes in process `syz.1.263'.
[  198.425978][ T5926] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  198.750073][ T5926] usb 3-1: Using ep0 maxpacket: 32
[  198.754431][ T5926] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[  198.774998][ T5926] usb 3-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  198.775027][ T5926] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.775047][ T5926] usb 3-1: Product: syz
[  198.775061][ T5926] usb 3-1: Manufacturer: syz
[  198.775074][ T5926] usb 3-1: SerialNumber: syz
[  198.896333][ T5926] usb 3-1: config 0 descriptor??
[  198.898522][ T6788] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  199.123614][   T59] Bluetooth: hci1: command tx timeout
[  199.257044][ T5926] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input6
[  200.532974][ T6062] usb 3-1: USB disconnect, device number 3
[  200.533064][    C0] usbtouchscreen 3-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  200.952724][ T5998] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  201.311655][   T59] Bluetooth: hci1: command tx timeout
[  201.328833][ T5998] usb 2-1: unable to get BOS descriptor or descriptor too short
[  201.335463][ T5998] usb 2-1: not running at top speed; connect to a high speed hub
[  201.358109][ T5998] usb 2-1: config 1 has an invalid interface number: 138 but max is 0
[  201.358136][ T5998] usb 2-1: config 1 has no interface number 0
[  201.358183][ T5998] usb 2-1: config 1 interface 138 has no altsetting 0
[  202.245431][ T6815] netlink: 60 bytes leftover after parsing attributes in process `syz.2.270'.
[  202.265266][ T5998] usb 2-1: New USB device found, idVendor=0cb8, idProduct=c90b, bcdDevice= d.ae
[  202.265296][ T5998] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.265316][ T5998] usb 2-1: Product: syz
[  202.265329][ T5998] usb 2-1: Manufacturer: syz
[  202.265343][ T5998] usb 2-1: SerialNumber: syz
[  202.678208][ T5998] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  202.805844][ T6062] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  202.955785][ T6062] usb 3-1: Using ep0 maxpacket: 16
[  202.975003][ T6732] chnl_net:caif_netlink_parms(): no params data found
[  202.995177][ T6062] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  202.995210][ T6062] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  202.995250][ T6062] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  202.995273][ T6062] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.015876][ T5998] usb 2-1: USB disconnect, device number 3
[  203.480286][   T59] Bluetooth: hci1: command tx timeout
[  203.525910][ T6062] usb 3-1: config 0 descriptor??
[  204.383939][ T6638] udevd[6638]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.138/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  205.012562][ T6062] savu 0003:1E7D:2D5A.0001: unknown main item tag 0x0
[  205.012605][ T6062] savu 0003:1E7D:2D5A.0001: unknown main item tag 0x0
[  205.012632][ T6062] savu 0003:1E7D:2D5A.0001: unknown main item tag 0x0
[  205.012660][ T6062] savu 0003:1E7D:2D5A.0001: unknown main item tag 0x0
[  205.012686][ T6062] savu 0003:1E7D:2D5A.0001: unknown main item tag 0x0
[  205.176846][ T6062] savu 0003:1E7D:2D5A.0001: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  205.396046][ T6062] usb 3-1: USB disconnect, device number 4
[  206.937387][ T6870] fido_id[6870]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  207.533174][  T171] bridge_slave_1: left allmulticast mode
[  207.533205][  T171] bridge_slave_1: left promiscuous mode
[  207.533441][  T171] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.657606][  T171] bridge_slave_0: left allmulticast mode
[  208.657645][  T171] bridge_slave_0: left promiscuous mode
[  208.657912][  T171] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.772743][ T5841] Bluetooth: hci4: command 0x0406 tx timeout
[  211.772967][ T5841] Bluetooth: hci3: command 0x0406 tx timeout
[  211.773109][ T5841] Bluetooth: hci2: command 0x0406 tx timeout
[  214.045694][    C0] sched: DL replenish lagged too much
[  224.517613][ T5158] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  224.542642][ T5158] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  224.544251][ T5158] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  224.545555][ T5158] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  224.568999][ T5158] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  224.681183][ T6934] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  224.711737][ T6934] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  224.713540][ T6934] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  224.714726][ T6934] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  224.738201][ T6934] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  225.583515][ T5841] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  225.646726][ T5841] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  225.649808][ T5841] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  225.651576][ T5841] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  225.652536][ T5841] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  226.070540][ T6940] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  226.094313][ T6940] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  226.111928][ T6940] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  226.113277][ T6940] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  226.114170][ T6940] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  228.455900][ T5841] Bluetooth: hci7: command tx timeout
[  230.485928][ T5841] Bluetooth: hci6: command tx timeout
[  230.486360][ T5841] Bluetooth: hci7: command tx timeout
[  230.486467][ T5841] Bluetooth: hci8: command tx timeout
[  230.486639][ T5841] Bluetooth: hci5: command tx timeout
[  232.565974][ T5841] Bluetooth: hci8: command tx timeout
[  232.566077][ T5841] Bluetooth: hci5: command tx timeout
[  232.566097][ T5841] Bluetooth: hci7: command tx timeout
[  232.566116][ T5841] Bluetooth: hci6: command tx timeout
[  234.645971][ T5158] Bluetooth: hci6: command tx timeout
[  234.646002][ T5158] Bluetooth: hci7: command tx timeout
[  234.646022][ T5158] Bluetooth: hci5: command tx timeout
[  234.646041][ T5158] Bluetooth: hci8: command tx timeout
[  236.725943][   T59] Bluetooth: hci5: command tx timeout
[  236.725975][   T59] Bluetooth: hci6: command tx timeout
[  236.726029][ T5841] Bluetooth: hci8: command tx timeout
[  252.009067][ T5841] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  252.029835][ T5841] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  252.031033][ T5841] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  252.032253][ T5841] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  252.033274][ T5841] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  254.094826][ T5841] Bluetooth: hci9: command tx timeout
[  255.778456][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  255.778530][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  256.165894][ T5841] Bluetooth: hci9: command tx timeout
[  258.245930][ T5841] Bluetooth: hci9: command tx timeout
[  260.326205][ T5841] Bluetooth: hci9: command tx timeout
[  287.140015][ T5845] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  287.166334][ T5845] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  287.170969][ T5845] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  287.172352][ T5845] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  287.173276][ T5845] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  287.302208][ T5841] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  287.325322][ T5841] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  287.356357][ T5841] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  287.365451][ T5841] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  287.377184][ T5841] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  287.671006][ T5158] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  287.700447][ T5158] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  287.702340][ T5158] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  287.716711][ T5158] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  287.755282][ T5158] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  287.763473][ T5158] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  287.794895][ T5841] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  287.828877][ T5158] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  287.830629][ T5158] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  287.831942][ T5158] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  289.285996][ T5845] Bluetooth: hci10: command tx timeout
[  289.446099][ T5845] Bluetooth: hci11: command tx timeout
[  289.846273][ T5845] Bluetooth: hci13: command tx timeout
[  289.926098][ T5845] Bluetooth: hci12: command tx timeout
[  291.366015][ T5845] Bluetooth: hci10: command tx timeout
[  291.528034][ T5845] Bluetooth: hci11: command tx timeout
[  291.933686][ T5845] Bluetooth: hci13: command tx timeout
[  292.006073][ T5845] Bluetooth: hci12: command tx timeout
[  293.446124][ T5845] Bluetooth: hci10: command tx timeout
[  293.605950][ T5845] Bluetooth: hci11: command tx timeout
[  294.006157][ T5845] Bluetooth: hci13: command tx timeout
[  294.086090][ T5845] Bluetooth: hci12: command tx timeout
[  295.525878][ T5845] Bluetooth: hci10: command tx timeout
[  295.685936][ T5845] Bluetooth: hci11: command tx timeout
[  296.086406][ T5845] Bluetooth: hci13: command tx timeout
[  296.166455][ T5845] Bluetooth: hci12: command tx timeout
[  313.359647][ T5158] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  313.383528][ T5158] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  313.395125][ T5158] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  313.406094][ T5158] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  313.407621][ T5158] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  315.446082][ T5845] Bluetooth: hci14: command tx timeout
[  317.212275][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  317.212351][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  317.525867][ T5845] Bluetooth: hci14: command tx timeout
[  319.606479][ T5845] Bluetooth: hci14: command tx timeout
[  321.685987][ T5158] Bluetooth: hci14: command tx timeout
[  334.656501][ T5845] Bluetooth: hci1: command 0x0406 tx timeout
[  346.195872][  T171] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  347.932584][ T5845] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  347.953501][ T5845] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  347.980518][ T5845] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  347.982526][ T5845] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  347.983843][ T5845] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  348.317424][ T5158] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  348.352173][ T5841] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  348.355271][ T5841] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  348.375517][ T5841] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  348.387950][ T5841] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  348.440789][ T5841] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  348.476733][ T5841] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  348.478930][ T5841] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  348.484817][ T5841] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  348.485637][ T5841] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  348.684626][ T5158] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1
[  348.710045][ T5158] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9
[  348.714349][ T5158] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9
[  348.716753][ T5158] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4
[  348.732183][ T5158] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2
[  350.166189][ T5841] Bluetooth: hci15: command tx timeout
[  350.485907][ T5841] Bluetooth: hci16: command tx timeout
[  350.566036][ T5841] Bluetooth: hci17: command tx timeout
[  350.806019][ T5841] Bluetooth: hci18: command tx timeout
[  352.246210][ T5841] Bluetooth: hci15: command tx timeout
[  352.565904][ T5841] Bluetooth: hci16: command tx timeout
[  352.646569][ T5841] Bluetooth: hci17: command tx timeout
[  352.886638][ T5841] Bluetooth: hci18: command tx timeout
[  354.326296][ T6934] Bluetooth: hci15: command tx timeout
[  354.645820][ T5841] Bluetooth: hci16: command tx timeout
[  354.725921][ T5841] Bluetooth: hci17: command tx timeout
[  354.966061][ T5841] Bluetooth: hci18: command tx timeout
[  355.141635][ T6940] Bluetooth: hci5: command 0x0406 tx timeout
[  355.141675][ T6940] Bluetooth: hci6: command 0x0406 tx timeout
[  355.141731][ T6934] Bluetooth: hci8: command 0x0406 tx timeout
[  355.155941][ T5841] Bluetooth: hci7: command 0x0406 tx timeout
[  356.406127][ T5841] Bluetooth: hci15: command tx timeout
[  356.735958][ T5841] Bluetooth: hci16: command tx timeout
[  356.806185][ T5841] Bluetooth: hci17: command tx timeout
[  357.046026][ T5841] Bluetooth: hci18: command tx timeout
[  362.425988][  T171] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  367.768158][   T38] INFO: task kworker/1:1:49 blocked for more than 143 seconds.
[  367.768183][   T38]       Not tainted syzkaller #0
[  367.768193][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  367.768201][   T38] task:kworker/1:1     state:D stack:20808 pid:49    tgid:49    ppid:2      task_flags:0x4208060 flags:0x00004000
[  367.768246][   T38] Workqueue: events_power_efficient crda_timeout_work
[  367.768285][   T38] Call Trace:
[  367.768291][   T38]  <TASK>
[  367.768304][   T38]  __schedule+0x16f3/0x4c20
[  367.768350][   T38]  ? __pfx___schedule+0x10/0x10
[  367.768377][   T38]  ? __pfx___schedule+0x10/0x10
[  367.768403][   T38]  ? preempt_schedule+0xae/0xc0
[  367.768438][   T38]  ? preempt_schedule_thunk+0x16/0x30
[  367.768463][   T38]  rt_mutex_schedule+0x77/0xf0
[  367.768481][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  367.768502][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  367.768541][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  367.768565][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  367.768586][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  367.768618][   T38]  ? crda_timeout_work+0x15/0x50
[  367.768666][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  367.768693][   T38]  ? crda_timeout_work+0x15/0x50
[  367.768716][   T38]  mutex_lock_nested+0x16a/0x1d0
[  367.768737][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  367.768761][   T38]  crda_timeout_work+0x15/0x50
[  367.768785][   T38]  process_scheduled_works+0xade/0x17b0
[  367.768837][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  367.768877][   T38]  worker_thread+0x8a0/0xda0
[  367.768926][   T38]  kthread+0x70e/0x8a0
[  367.768955][   T38]  ? __pfx_worker_thread+0x10/0x10
[  367.768976][   T38]  ? __pfx_kthread+0x10/0x10
[  367.769005][   T38]  ? __pfx_kthread+0x10/0x10
[  367.769031][   T38]  ret_from_fork+0x439/0x7d0
[  367.769057][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  367.769086][   T38]  ? __switch_to_asm+0x39/0x70
[  367.769102][   T38]  ? __switch_to_asm+0x33/0x70
[  367.769117][   T38]  ? __pfx_kthread+0x10/0x10
[  367.769143][   T38]  ret_from_fork_asm+0x1a/0x30
[  367.769177][   T38]  </TASK>
[  367.769187][   T38] INFO: task kworker/u8:3:57 blocked for more than 143 seconds.
[  367.769200][   T38]       Not tainted syzkaller #0
[  367.769209][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  367.769216][   T38] task:kworker/u8:3    state:D stack:20264 pid:57    tgid:57    ppid:2      task_flags:0x4208060 flags:0x00004000
[  367.769257][   T38] Workqueue: events_unbound linkwatch_event
[  367.769275][   T38] Call Trace:
[  367.769281][   T38]  <TASK>
[  367.769292][   T38]  __schedule+0x16f3/0x4c20
[  367.769331][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.769362][   T38]  ? __pfx___schedule+0x10/0x10
[  367.769405][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  367.769433][   T38]  rt_mutex_schedule+0x77/0xf0
[  367.769449][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  367.769470][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  367.769509][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  367.769532][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  367.769554][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  367.769587][   T38]  ? linkwatch_event+0xe/0x60
[  367.769611][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  367.769646][   T38]  ? linkwatch_event+0xe/0x60
[  367.769662][   T38]  mutex_lock_nested+0x16a/0x1d0
[  367.769680][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  367.769704][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  367.769728][   T38]  linkwatch_event+0xe/0x60
[  367.769744][   T38]  process_scheduled_works+0xade/0x17b0
[  367.769797][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  367.769837][   T38]  worker_thread+0x8a0/0xda0
[  367.769886][   T38]  kthread+0x70e/0x8a0
[  367.769914][   T38]  ? __pfx_worker_thread+0x10/0x10
[  367.769935][   T38]  ? __pfx_kthread+0x10/0x10
[  367.769966][   T38]  ? __pfx_kthread+0x10/0x10
[  367.769991][   T38]  ret_from_fork+0x439/0x7d0
[  367.770016][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  367.770044][   T38]  ? __switch_to_asm+0x39/0x70
[  367.770060][   T38]  ? __switch_to_asm+0x33/0x70
[  367.770076][   T38]  ? __pfx_kthread+0x10/0x10
[  367.770101][   T38]  ret_from_fork_asm+0x1a/0x30
[  367.770135][   T38]  </TASK>
[  367.770234][   T38] INFO: task dhcpcd:5504 blocked for more than 143 seconds.
[  367.770246][   T38]       Not tainted syzkaller #0
[  367.770255][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  367.770263][   T38] task:dhcpcd          state:D stack:21320 pid:5504  tgid:5504  ppid:5503   task_flags:0x400140 flags:0x00004002
[  367.770302][   T38] Call Trace:
[  367.770308][   T38]  <TASK>
[  367.770320][   T38]  __schedule+0x16f3/0x4c20
[  367.770371][   T38]  ? __pfx___schedule+0x10/0x10
[  367.770413][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  367.770440][   T38]  rt_mutex_schedule+0x77/0xf0
[  367.770458][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  367.770479][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  367.770518][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  367.770541][   T38]  ? rt_mutex_slowlock+0x1c[  367.770541][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  367.770563][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  367.770581][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.770615][   T38]  ? inet6_rtm_newaddr+0x5b7/0xd20
[  367.770659][   T38]  ? inet6_rtm_newaddr+0x5b7/0xd20
[  367.770679][   T38]  mutex_lock_nested+0x16a/0x1d0
[  367.770706][   T38]  inet6_rtm_newaddr+0x5b7/0xd20
[  367.770730][   T38]  ? is_bpf_text_address+0x26/0x2b0
[  367.770760][   T38]  ? __pfx_inet6_rtm_newaddr+0x10/0x10
[  367.770812][   T38]  ? __pfx_inet6_rtm_newaddr+0x10/0x10
[  367.770835][   T38]  rtnetlink_rcv_msg+0x7cc/0xb70
[  367.770857][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.770882][   T38]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  367.770904][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  367.770945][   T38]  netlink_rcv_skb+0x208/0x470
[  367.770967][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.770990][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  367.771014][   T38]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  367.771050][   T38]  ? netlink_deliver_tap+0x2e/0x1b0
[  367.771081][   T38]  netlink_unicast+0x846/0xa10
[  367.771113][   T38]  ? __pfx_netlink_unicast+0x10/0x10
[  367.771137][   T38]  ? netlink_sendmsg+0x642/0xb30
[  367.771157][   T38]  ? skb_put+0x11b/0x210
[  367.771187][   T38]  netlink_sendmsg+0x805/0xb30
[  367.771211][   T38]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  367.771239][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.771266][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.771290][   T38]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  367.771309][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.771334][   T38]  __sock_sendmsg+0x21c/0x270
[  367.771360][   T38]  ____sys_sendmsg+0x508/0x820
[  367.771385][   T38]  ? __pfx_____sys_sendmsg+0x10/0x10
[  367.771413][   T38]  ? import_iovec+0x74/0xa0
[  367.771439][   T38]  ___sys_sendmsg+0x21f/0x2a0
[  367.771461][   T38]  ? __pfx____sys_sendmsg+0x10/0x10
[  367.771520][   T38]  ? __pfx_vfs_read+0x10/0x10
[  367.771552][   T38]  __x64_sys_sendmsg+0x1a1/0x260
[  367.771573][   T38]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  367.771602][   T38]  ? __pfx_ksys_read+0x10/0x10
[  367.771620][   T38]  ? __task_pid_nr_ns+0x28/0x470
[  367.771656][   T38]  ? do_syscall_64+0xbe/0x3b0
[  367.771677][   T38]  do_syscall_64+0xfa/0x3b0
[  367.771693][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.771717][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.771735][   T38]  ? clear_bhb_loop+0x60/0xb0
[  367.771757][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.771782][   T38] RIP: 0033:0x7f54828f2407
[  367.771798][   T38] RSP: 002b:00007ffe0072cc40 EFLAGS: 00000202 ORIG_RAX: 000000000000002e
[  367.771816][   T38] RAX: ffffffffffffffda RBX: 00007f5482868740 RCX: 00007f54828f2407
[  367.771829][   T38] RDX: 0000000000000000 RSI: 00007ffe00740e20 RDI: 0000000000000004
[  367.771841][   T38] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  367.771851][   T38] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffe00751050
[  367.771863][   T38] R13: 00007f54828686c8 R14: 0000000000000048 R15: 00007ffe00740e20
[  367.771893][   T38]  </TASK>
[  367.771923][   T38] INFO: task kworker/0:5:5919 blocked for more than 143 seconds.
[  367.771936][   T38]       Not tainted syzkaller #0
[  367.771944][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  367.771952][   T38] task:kworker/0:5     state:D stack:20792 pid:5919  tgid:5919  ppid:2      task_flags:0x4208060 flags:0x00004000
[  367.771991][   T38] Workqueue: events switchdev_deferred_process_work
[  367.772009][   T38] Call Trace:
[  367.772015][   T38]  <TASK>
[  367.772027][   T38]  __schedule+0x16f3/0x4c20
[  367.772077][   T38]  ? __pfx___schedule+0x10/0x10
[  367.772124][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  367.772151][   T38]  rt_mutex_schedule+0x77/0xf0
[  367.772168][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  367.772189][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  367.772228][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  367.772251][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  367.772272][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  367.772305][   T38]  ? switchdev_deferred_process_work+0xe/0x20
[  367.772329][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  367.772356][   T38]  ? switchdev_deferred_process_work+0xe/0x20
[  367.772372][   T38]  mutex_lock_nested+0x16a/0x1d0
[  367.772391][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  367.772415][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  367.772439][   T38]  switchdev_deferred_process_work+0xe/0x20
[  367.772456][   T38]  process_scheduled_works+0xade/0x17b0
[  367.772508][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  367.772548][   T38]  worker_thread+0x8a0/0xda0
[  367.772574][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  367.772607][   T38]  ? __kthread_parkme+0x7b/0x200
[  367.772647][   T38]  kthread+0x70e/0x8a0
[  367.772676][   T38]  ? __pfx_worker_thread+0x10/0x10
[  367.772698][   T38]  ? __pfx_kthread+0x10/0x10
[  367.772728][   T38]  ? __pfx_kthread+0x10/0x10
[  367.772753][   T38]  ret_from_fork+0x439/0x7d0
[  367.772779][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  367.772808][   T38]  ? __switch_to_asm+0x39/0x70
[  367.772825][   T38]  ? __switch_to_asm+0x33/0x70
[  367.772841][   T38]  ? __pfx_kthread+0x10/0x10
[  367.772866][   T38]  ret_from_fork_asm+0x1a/0x30
[  367.772900][   T38]  </TASK>
[  367.772913][   T38] INFO: task kworker/u8:16:6299 blocked for more than 143 seconds.
[  367.772925][   T38]       Not tainted syzkaller #0
[  367.772934][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  367.772941][   T38] task:kworker/u8:16   state:D stack:23624 pid:6299  tgid:6299  ppid:2      task_flags:0x4208060 flags:0x00004000
[  367.772984][   T38] Workqueue: ipv6_addrconf addrconf_verify_work
[  367.773004][   T38] Call Trace:
[  367.773009][   T38]  <TASK>
[  367.773021][   T38]  __schedule+0x16f3/0x4c20
[  367.773058][   T38]  ? try_to_take_rt_mutex+0x840/0xb00
[  367.773090][   T38]  ? __pfx___schedule+0x10/0x10
[  367.773133][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  367.773160][   T38]  rt_mutex_schedule+0x77/0xf0
[  367.773178][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  367.773199][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  367.773237][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  367.773261][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  367.773283][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  367.773315][   T38]  ? addrconf_verify_work+0x19/0x30
[  367.773343][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  367.773368][   T38]  ? addrconf_verify_work+0x19/0x30
[  367.773387][   T38]  mutex_lock_nested+0x16a/0x1d0
[  367.773406][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  367.773434][   T38]  addrconf_verify_work+0x19/0x30
[  367.773453][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  367.773473][   T38]  process_scheduled_works+0xade/0x17b0
[  367.773525][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  367.773565][   T38]  worker_thread+0x8a0/0xda0
[  367.773614][   T38]  kthread+0x70e/0x8a0
[  367.773648][   T38]  ? __pfx_worker_thread+0x10/0x10
[  367.773669][   T38]  ? __pfx_kthread+0x10/0x10
[  367.773698][   T38]  ? __rcu_read_unlock+0x84/0xe0
[  367.773718][   T38]  ? __pfx_kthread+0x10/0x10
[  367.773744][   T38]  ret_from_fork+0x439/0x7d0
[  367.773769][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  367.773798][   T38]  ? __switch_to_asm+0x39/0x70
[  367.773814][   T38]  ? __switch_to_asm+0x33/0x70
[  367.773829][   T38]  ? __pfx_kthread+0x10/0x10
[  367.773855][   T38]  ret_from_fork_asm+0x1a/0x30
[  367.773887][   T38]  </TASK>
[  367.773896][   T38] INFO: task syz-executor:6732 blocked for more than 143 seconds.
[  367.773908][   T38]       Not tainted syzkaller #0
[  367.773917][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  367.773925][   T38] task:syz-executor    state:D stack:22632 pid:6732  tgid:6732  ppid:1      task_flags:0x400140 flags:0x00004004
[  367.773964][   T38] Call Trace:
[  367.773970][   T38]  <TASK>
[  367.773982][   T38]  __schedule+0x16f3/0x4c20
[  367.774025][   T38]  ? __kernel_text_address+0xd/0x40
[  367.774048][   T38]  ? __pfx___schedule+0x10/0x10
[  367.774090][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  367.774117][   T38]  rt_mutex_schedule+0x77/0xf0
[  367.774134][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  367.774155][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  367.774194][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  367.774218][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  367.774240][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  367.774258][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.774292][   T38]  ? rtnl_newlink+0x8db/0x1c70
[  367.774316][   T38]  ? safesetid_security_capable+0xa9/0x1a0
[  367.774339][   T38]  ? bpf_lsm_capable+0x9/0x20
[  367.774359][   T38]  ? security_capable+0x7e/0x2e0
[  367.774388][   T38]  ? rtnl_newlink+0x8db/0x1c70
[  367.774408][   T38]  mutex_lock_nested+0x16a/0x1d0
[  367.774434][   T38]  rtnl_newlink+0x8db/0x1c70
[  367.774465][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.774489][   T38]  ? __pfx_rtnl_newlink+0x10/0x10
[  367.774521][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.774611][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.774665][   T38]  ? __pfx_rtnl_newlink+0x10/0x10
[  367.774687][   T38]  rtnetlink_rcv_msg+0x7cc/0xb70
[  367.774713][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.774736][   T38]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  367.774758][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  367.774799][   T38]  netlink_rcv_skb+0x208/0x470
[  367.774820][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.774842][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  367.774867][   T38]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  367.774901][   T38]  ? netlink_deliver_tap+0x2e/0x1b0
[  367.774933][   T38]  netlink_unicast+0x846/0xa10
[  367.774964][   T38]  ? __pfx_netlink_unicast+0x10/0x10
[  367.774987][   T38]  ? netlink_sendmsg+0x642/0xb30
[  367.775008][   T38]  ? skb_put+0x11b/0x210
[  367.775037][   T38]  netlink_sendmsg+0x805/0xb30
[  367.775071][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.775103][   T38]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  367.775120][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.775145][   T38]  __sock_sendmsg+0x21c/0x270
[  367.775170][   T38]  __sys_sendto+0x3c7/0x520
[  367.775198][   T38]  ? __pfx___sys_sendto+0x10/0x10
[  367.775236][   T38]  ? blkcg_maybe_throttle_current+0x1a8/0xbc0
[  367.775275][   T38]  ? rcu_is_watching+0x15/0xb0
[  367.775306][   T38]  __x64_sys_sendto+0xde/0x100
[  367.775334][   T38]  do_syscall_64+0xfa/0x3b0
[  367.775350][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.775373][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.775391][   T38]  ? clear_bhb_loop+0x60/0xb0
[  367.775414][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.775431][   T38] RIP: 0033:0x7f2013af0a3c
[  367.775446][   T38] RSP: 002b:00007ffe8dda8920 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  367.775464][   T38] RAX: ffffffffffffffda RBX: 00007f2014864620 RCX: 00007f2013af0a3c
[  367.775477][   T38] RDX: 000000000000006c RSI: 00007f2014864670 RDI: 0000000000000003
[  367.775489][   T38] RBP: 0000000000000000 R08: 00007ffe8dda8974 R09: 000000000000000c
[  367.775500][   T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  367.775511][   T38] R13: 0000000000000000 R14: 00007f2014864670 R15: 0000000000000000
[  367.775540][   T38]  </TASK>
[  367.775550][   T38] INFO: task syz.4.290:6899 blocked for more than 143 seconds.
[  367.775561][   T38]       Not tainted syzkaller #0
[  367.775570][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  367.775578][   T38] task:syz.4.290       state:D stack:25912 pid:6899  tgid:6895  ppid:5849   task_flags:0x400140 flags:0x00004004
[  367.775620][   T38] Call Trace:
[  367.775631][   T38]  <TASK>
[  367.775642][   T38]  __schedule+0x16f3/0x4c20
[  367.965970][   T38]  ? __kernel_text_address+0xd/0x40
[  367.966005][   T38]  ? __pfx___schedule+0x10/0x10
[  367.966049][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  367.966077][   T38]  rt_mutex_schedule+0x77/0xf0
[  367.966095][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  367.966116][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  367.966155][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  367.966179][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  367.966201][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  367.966219][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.966254][   T38]  ? rtnl_newlink+0x8db/0x1c70
[  367.966279][   T38]  ? safesetid_security_capable+0xa9/0x1a0
[  367.966303][   T38]  ? bpf_lsm_capable+0x9/0x20
[  367.966324][   T38]  ? security_capable+0x7e/0x2e0
[  367.966352][   T38]  ? rtnl_newlink+0x8db/0x1c70
[  367.966372][   T38]  mutex_lock_nested+0x16a/0x1d0
[  367.966399][   T38]  rtnl_newlink+0x8db/0x1c70
[  367.966436][   T38]  ? __pfx_rtnl_newlink+0x10/0x10
[  367.966456][   T38]  ? migrate_enable+0x29c/0x3c0
[  367.966478][   T38]  ? reacquire_held_locks+0x127/0x1d0
[  367.966502][   T38]  ? __pfx_migrate_enable+0x10/0x10
[  367.966524][   T38]  ? __pfx_migrate_enable+0x10/0x10
[  367.966575][   T38]  ? __local_bh_enable+0x23f/0x3d0
[  367.966596][   T38]  ? reacquire_held_locks+0x127/0x1d0
[  367.966629][   T38]  ? __pfx___local_bh_enable+0x10/0x10
[  367.966659][   T38]  ? __local_bh_enable_ip+0x1b2/0x270
[  367.966681][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.966709][   T38]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  367.966729][   T38]  ? dev_hard_start_xmit+0x7f5/0x870
[  367.966748][   T38]  ? __dev_queue_xmit+0x26f/0x3b70
[  367.966774][   T38]  ? __dev_queue_xmit+0x26f/0x3b70
[  367.966792][   T38]  ? __dev_queue_xmit+0x26f/0x3b70
[  367.966813][   T38]  ? __dev_queue_xmit+0x1d3d/0x3b70
[  367.966838][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.966886][   T38]  ? __pfx_rtnl_newlink+0x10/0x10
[  367.966909][   T38]  rtnetlink_rcv_msg+0x7cc/0xb70
[  367.966936][   T38]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  367.966958][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  367.966978][   T38]  ? ref_tracker_free+0x61e/0x7c0
[  367.967004][   T38]  ? __asan_memcpy+0x40/0x70
[  367.967022][   T38]  ? __pfx_ref_tracker_free+0x10/0x10
[  367.967044][   T38]  ? __skb_clone+0x63/0x7a0
[  367.967072][   T38]  netlink_rcv_skb+0x208/0x470
[  367.967098][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  367.967123][   T38]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  367.967158][   T38]  ? netlink_deliver_tap+0x2e/0x1b0
[  367.967189][   T38]  netlink_unicast+0x846/0xa10
[  367.967221][   T38]  ? __pfx_netlink_unicast+0x10/0x10
[  367.967245][   T38]  ? netlink_sendmsg+0x642/0xb30
[  367.967266][   T38]  ? skb_put+0x11b/0x210
[  367.967294][   T38]  netlink_sendmsg+0x805/0xb30
[  367.967328][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.967360][   T38]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  367.967378][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.967402][   T38]  __sock_sendmsg+0x21c/0x270
[  367.967428][   T38]  ____sys_sendmsg+0x508/0x820
[  367.967452][   T38]  ? __pfx_____sys_sendmsg+0x10/0x10
[  367.967481][   T38]  ? import_iovec+0x74/0xa0
[  367.967506][   T38]  ___sys_sendmsg+0x21f/0x2a0
[  367.967526][   T38]  ? __pfx____sys_sendmsg+0x10/0x10
[  367.967583][   T38]  ? __fget_files+0x2a/0x420
[  367.967606][   T38]  ? __fget_files+0x3a6/0x420
[  367.967646][   T38]  __x64_sys_sendmsg+0x1a1/0x260
[  367.967668][   T38]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  367.967697][   T38]  ? rcu_is_watching+0x15/0xb0
[  367.967729][   T38]  ? do_syscall_64+0xbe/0x3b0
[  367.967750][   T38]  do_syscall_64+0xfa/0x3b0
[  367.967766][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.967789][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.967807][   T38]  ? clear_bhb_loop+0x60/0xb0
[  367.967830][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.967848][   T38] RIP: 0033:0x7fb6f3daeba9
[  367.967864][   T38] RSP: 002b:00007fb6f2016038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.967883][   T38] RAX: ffffffffffffffda RBX: 00007fb6f3ff5fa0 RCX: 00007fb6f3daeba9
[  367.967897][   T38] RDX: 0000000008000002 RSI: 0000200000000080 RDI: 0000000000000003
[  367.967909][   T38] RBP: 00007fb6f3e31e19 R08: 0000000000000000 R09: 0000000000000000
[  367.967920][   T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  367.967931][   T38] R13: 00007fb6f3ff6038 R14: 00007fb6f3ff5fa0 R15: 00007ffc5f5356d8
[  367.967962][   T38]  </TASK>
[  367.967974][   T38] INFO: task syz.3.291:6901 blocked for more than 143 seconds.
[  367.967987][   T38]       Not tainted syzkaller #0
[  367.967996][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  367.968005][   T38] task:syz.3.291       state:D stack:28968 pid:6901  tgid:6897  ppid:5839   task_flags:0x400140 flags:0x00004004
[  367.968051][   T38] Call Trace:
[  367.968057][   T38]  <TASK>
[  367.968068][   T38]  __schedule+0x16f3/0x4c20
[  367.968107][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.968138][   T38]  ? __pfx___schedule+0x10/0x10
[  367.968181][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  367.968208][   T38]  rt_mutex_schedule+0x77/0xf0
[  367.968226][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  367.968247][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  367.968286][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  367.968310][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  367.968332][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  367.968350][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.968383][   T38]  ? devinet_ioctl+0x323/0x1b50
[  367.968416][   T38]  ? safesetid_security_capable+0xa9/0x1a0
[  367.968441][   T38]  ? devinet_ioctl+0x323/0x1b50
[  367.968463][   T38]  mutex_lock_nested+0x16a/0x1d0
[  367.968489][   T38]  devinet_ioctl+0x323/0x1b50
[  367.968527][   T38]  ? __pfx_devinet_ioctl+0x10/0x10
[  367.968557][   T38]  ? get_user_ifreq+0x12c/0x180
[  367.968579][   T38]  inet_ioctl+0x3c0/0x4c0
[  367.968603][   T38]  ? __pfx_inet_ioctl+0x10/0x10
[  367.968653][   T38]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  367.968682][   T38]  sock_do_ioctl+0xd9/0x300
[  367.968706][   T38]  ? __pfx_sock_do_ioctl+0x10/0x10
[  367.968724][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.968750][   T38]  ? __asan_memset+0x22/0x50
[  367.968769][   T38]  ? smack_file_ioctl+0x24d/0x340
[  367.968795][   T38]  sock_ioctl+0x579/0x790
[  367.968818][   T38]  ? __pfx_sock_ioctl+0x10/0x10
[  367.968839][   T38]  ? __fget_files+0x2a/0x420
[  367.968861][   T38]  ? __fget_files+0x3a6/0x420
[  367.968883][   T38]  ? __fget_files+0x2a/0x420
[  367.968910][   T38]  ? bpf_lsm_file_ioctl+0x9/0x20
[  367.968930][   T38]  ? __pfx_sock_ioctl+0x10/0x10
[  367.968950][   T38]  __se_sys_ioctl+0xff/0x170
[  367.968973][   T38]  do_syscall_64+0xfa/0x3b0
[  367.968988][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.969012][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.969030][   T38]  ? clear_bhb_loop+0x60/0xb0
[  367.969052][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.969069][   T38] RIP: 0033:0x7ff1c56aeba9
[  367.969084][   T38] RSP: 002b:00007ff1c390e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  367.969101][   T38] RAX: ffffffffffffffda RBX: 00007ff1c58f5fa0 RCX: 00007ff1c56aeba9
[  367.969115][   T38] RDX: 0000200000000080 RSI: 000000000000891c RDI: 0000000000000003
[  367.969127][   T38] RBP: 00007ff1c5731e19 R08: 0000000000000000 R09: 0000000000000000
[  367.969138][   T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  367.969149][   T38] R13: 00007ff1c58f6038 R14: 00007ff1c58f5fa0 R15: 00007ffe2dfb0738
[  367.969180][   T38]  </TASK>
[  367.969187][   T38] INFO: task syz.2.295:6913 blocked for more than 143 seconds.
[  367.969199][   T38]       Not tainted syzkaller #0
[  367.969208][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  367.969216][   T38] task:syz.2.295       state:D stack:28264 pid:6913  tgid:6910  ppid:5846   task_flags:0x400040 flags:0x00004004
[  367.969259][   T38] Call Trace:
[  367.969265][   T38]  <TASK>
[  367.969277][   T38]  __schedule+0x16f3/0x4c20
[  367.969308][   T38]  ? stack_depot_save_flags+0x40/0x860
[  367.969341][   T38]  ? kasan_save_track+0x3e/0x80
[  367.969365][   T38]  ? __pfx___schedule+0x10/0x10
[  367.969408][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  367.969435][   T38]  rt_mutex_schedule+0x77/0xf0
[  367.969453][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  367.969473][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  367.969512][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  367.969536][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  367.969558][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  367.969576][   T38]  ? __lock_acquire+0xab9/0xd20
[  367.969617][   T38]  ? __tun_chr_ioctl+0x37d/0x1df0
[  367.969650][   T38]  ? __tun_chr_ioctl+0x37d/0x1df0
[  367.969665][   T38]  mutex_lock_nested+0x16a/0x1d0
[  367.969692][   T38]  __tun_chr_ioctl+0x37d/0x1df0
[  367.969716][   T38]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  367.969739][   T38]  ? __fget_files+0x2a/0x420
[  367.969760][   T38]  ? __fget_files+0x3a6/0x420
[  367.969782][   T38]  ? __fget_files+0x2a/0x420
[  367.969809][   T38]  ? bpf_lsm_file_ioctl+0x9/0x20
[  367.969829][   T38]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  367.969854][   T38]  __se_sys_ioctl+0xff/0x170
[  367.969877][   T38]  do_syscall_64+0xfa/0x3b0
[  367.969892][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.969916][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.969933][   T38]  ? clear_bhb_loop+0x60/0xb0
[  367.969955][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.969972][   T38] RIP: 0033:0x7f6dc385eba9
[  367.969986][   T38] RSP: 002b:00007f6dc1ac6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  367.970004][   T38] RAX: ffffffffffffffda RBX: 00007f6dc3aa5fa0 RCX: 00007f6dc385eba9
[  367.970017][   T38] RDX: 0000200000000040 RSI: 00000000400454ca RDI: 0000000000000003
[  367.970029][   T38] RBP: 00007f6dc38e1e19 R08: 0000000000000000 R09: 0000000000000000
[  367.970040][   T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  367.970051][   T38] R13: 00007f6dc3aa6038 R14: 00007f6dc3aa5fa0 R15: 00007ffd05206cb8
[  367.970082][   T38]  </TASK>
[  367.970117][   T38] 
[  367.970117][   T38] Showing all locks held in the system:
[  367.970125][   T38] 4 locks held by kworker/0:1/10:
[  367.970136][   T38]  #0: ffff88805c509138 ((wq_completion)wg-crypt-wg0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  367.970188][   T38]  #1: ffffc900000f7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  367.970246][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  367.970290][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  367.970335][   T38] 2 locks held by ksoftirqd/0/15:
[  367.970345][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  367.970389][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  367.970433][   T38] 4 locks held by pr/legacy/17:
[  367.970443][   T38] 7 locks held by rcuc/0/20:
[  367.970456][   T38] 1 lock held by khungtaskd/38:
[  367.970465][   T38]  #0: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  367.970508][   T38] 3 locks held by kworker/1:1/49:
[  367.970518][   T38]  #0: ffff888019899938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  367.970563][   T38]  #1: ffffc90000bb7bc0 ((crda_timeout).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  367.970612][   T38]  #2: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: crda_timeout_work+0x15/0x50
[  367.970662][   T38] 3 locks held by kworker/u8:3/57:
[  367.970672][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  367.970716][   T38]  #1: ffffc9000123fbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  367.970759][   T38]  #2: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  367.970805][   T38] 5 locks held by kworker/u8:6/171:
[  367.970824][   T38] 2 locks held by kworker/u8:9/1404:
[  367.970848][   T38] 6 locks held by kworker/u9:1/5158:
[  367.970858][   T38]  #0: ffff8880110be938 ((wq_completion)hci7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  367.970902][   T38]  #1: ffffc900100a7bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  367.970947][   T38]  #2: ffff888010fc8e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  367.970989][   T38]  #3: ffff888010fc80a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[  367.971036][   T38]  #4: ffffffff8ee3b058 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  367.971083][   T38]  #5: ffff888010883358 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  367.971136][   T38] 1 lock held by syslogd/5191:
[  367.971146][   T38]  #0: ffff8881499abd58 (&ei->socket.wq.wait){+.+.}-{3:3}, at: finish_wait+0xbf/0x1f0
[  367.971189][   T38] 3 locks held by klogd/5198:
[  367.971199][   T38] 1 lock held by udevd/5209:
[  367.971210][   T38] 1 lock held by dhcpcd/5504:
[  367.971220][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet6_rtm_newaddr+0x5b7/0xd20
[  367.971267][   T38] 2 locks held by getty/5597:
[  367.971276][   T38]  #0: ffff88823bf388a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  367.971325][   T38]  #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410
[  367.971370][   T38] 4 locks held by kworker/u9:4/5850:
[  367.971380][   T38]  #0: ffff88801132a138 ((wq_completion)hci8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  367.971424][   T38]  #1: ffffc90004c77bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  367.971469][   T38]  #2: ffff888010fcce80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  367.971511][   T38]  #3: ffff888010fcc0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[  367.971562][   T38] 3 locks held by kworker/0:5/5919:
[  367.971572][   T38]  #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  367.971622][   T38]  #1: ffffc900050e7bc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  367.971666][   T38]  #2: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[  367.971709][   T38] 3 locks held by kworker/1:6/5998:
[  367.971719][   T38]  #0: ffff888019899938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  367.971763][   T38]  #1: ffffc90005347bc0 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  367.971808][   T38]  #2: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0x95/0xf30
[  367.971856][   T38] 3 locks held by kworker/u8:16/6299:
[  367.971865][   T38]  #0: ffff88802fae2138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  367.971910][   T38]  #1: ffffc900046a7bc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  367.971955][   T38]  #2: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  367.972000][   T38] 2 locks held by syz-executor/6732:
[  367.972010][   T38]  #0: ffffffff8e43b7a0 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  367.972062][   T38]  #1: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  367.972106][   T38] 2 locks held by syz.4.290/6899:
[  367.972116][   T38]  #0: ffffffff8f1f3930 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  367.972166][   T38]  #1: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  367.972211][   T38] 1 lock held by syz.3.291/6901:
[  367.972221][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: devinet_ioctl+0x323/0x1b50
[  367.972268][   T38] 1 lock held by syz.2.295/6913:
[  367.972278][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x37d/0x1df0
[  367.972312][   T38] 1 lock held by syz.1.300/6923:
[  367.972321][   T38]  #0: ffffffff8d9ae730 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  367.972361][   T38] 4 locks held by kworker/0:9/6926:
[  367.972371][   T38] 1 lock held by syz-executor/6931:
[  367.972381][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.972422][   T38] 1 lock held by syz-executor/6932:
[  367.972432][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.972473][   T38] 1 lock held by syz-executor/6939:
[  367.972482][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.972523][   T38] 1 lock held by syz-executor/6942:
[  367.972533][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.972574][   T38] 2 locks held by kworker/0:10/6945:
[  367.972584][   T38] 1 lock held by syz-executor/6951:
[  367.972594][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.972641][   T38] 4 locks held by kworker/0:15/6960:
[  367.972651][   T38]  #0: ffff88805c50b938 ((wq_completion)wg-crypt-wg1#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  367.972700][   T38]  #1: ffffc90004557bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  367.972757][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  367.972801][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  367.972846][   T38] 1 lock held by syz-executor/6963:
[  367.972856][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.972897][   T38] 1 lock held by syz-executor/6964:
[  367.972907][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.972949][   T38] 1 lock held by syz-executor/6970:
[  367.972958][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.972999][   T38] 1 lock held by syz-executor/6971:
[  367.973010][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.973051][   T38] 1 lock held by syz-executor/6976:
[  367.973061][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.973102][   T38] 1 lock held by syz-executor/6986:
[  367.973112][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.973153][   T38] 1 lock held by syz-executor/6989:
[  367.973163][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.973204][   T38] 1 lock held by syz-executor/6990:
[  367.973214][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.973255][   T38] 1 lock held by syz-executor/6994:
[  367.973265][   T38]  #0: ffffffff8ecd3578 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  367.973307][   T38] 
[  367.973311][   T38] =============================================
[  367.973311][   T38] 
[  367.973331][   T38] NMI backtrace for cpu 1
[  367.973355][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  367.973402][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  367.973426][   T38] Call Trace:
[  367.973441][   T38]  <TASK>
[  367.973456][   T38]  dump_stack_lvl+0x189/0x250
[  367.973516][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  367.973540][   T38]  ? __pfx__printk+0x10/0x10
[  367.973571][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[  367.973596][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  367.973626][   T38]  ? __pfx__printk+0x10/0x10
[  367.973648][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  367.973672][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  367.973695][   T38]  watchdog+0xf93/0xfe0
[  367.973721][   T38]  ? watchdog+0x1de/0xfe0
[  367.973747][   T38]  kthread+0x70e/0x8a0
[  367.973775][   T38]  ? __pfx_watchdog+0x10/0x10
[  367.973795][   T38]  ? __pfx_kthread+0x10/0x10
[  367.973824][   T38]  ? __pfx_kthread+0x10/0x10
[  367.973849][   T38]  ret_from_fork+0x439/0x7d0
[  367.973872][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  367.973899][   T38]  ? __switch_to_asm+0x39/0x70
[  367.973915][   T38]  ? __switch_to_asm+0x33/0x70
[  367.973929][   T38]  ? __pfx_kthread+0x10/0x10
[  367.973954][   T38]  ret_from_fork_asm+0x1a/0x30
[  367.973986][   T38]  </TASK>
[  367.973993][   T38] Sending NMI from CPU 1 to CPUs 0:
[  367.974021][    C0] NMI backtrace for cpu 0
[  367.974038][    C0] CPU: 0 UID: 0 PID: 20 Comm: rcuc/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  367.974078][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  367.974099][    C0] RIP: 0010:unwind_next_frame+0x63a/0x2390
[  367.974129][    C0] Code: 48 89 d8 48 c1 e8 03 80 3c 28 00 74 08 48 89 df e8 9b e3 aa 00 48 8b 3b 48 85 ff 0f 84 5b 10 00 00 48 83 c7 10 e9 73 01 00 00 <83> fb 04 0f 84 7b 01 00 00 83 fb 05 0f 85 36 0c 00 00 48 8b 44 24
[  367.974141][    C0] RSP: 0018:ffffc90000196618 EFLAGS: 00000202
[  367.974154][    C0] RAX: ffffc9000019671d RBX: 0000000000000005 RCX: ffffffff8f84f048
[  367.974165][    C0] RDX: ffffffff902588c4 RSI: ffffffff902588c8 RDI: ffffffff8b6215a0
[  367.974176][    C0] RBP: dffffc0000000000 R08: 0000000000000009 R09: ffffffff8172c165
[  367.974187][    C0] R10: ffffc90000196738 R11: ffffffff81aaf310 R12: ffffffff902588c9
[  367.974198][    C0] R13: ffffc90000196738 R14: ffffc900001966e8 R15: ffffc90000196720
[  367.974209][    C0] FS:  0000000000000000(0000) GS:ffff8881268bd000(0000) knlGS:0000000000000000
[  367.974221][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  367.974232][    C0] CR2: 00007fef8d4d6d00 CR3: 000000000d7a6000 CR4: 00000000003526f0
[  367.974245][    C0] Call Trace:
[  367.974251][    C0]  <TASK>
[  367.974260][    C0]  ? unwind_next_frame+0xa5/0x2390
[  367.974279][    C0]  ? __netif_receive_skb+0x143/0x380
[  367.974298][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  367.974315][    C0]  arch_stack_walk+0x11c/0x150
[  367.974337][    C0]  ? __netif_receive_skb+0x143/0x380
[  367.974355][    C0]  stack_trace_save+0x9c/0xe0
[  367.974370][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  367.974384][    C0]  ? do_raw_spin_lock+0x121/0x290
[  367.974405][    C0]  kasan_save_track+0x3e/0x80
[  367.974421][    C0]  ? kasan_save_track+0x3e/0x80
[  367.974435][    C0]  ? __kasan_slab_alloc+0x6c/0x80
[  367.974451][    C0]  ? kmem_cache_alloc_node_noprof+0x14e/0x330
[  367.974469][    C0]  ? kmalloc_reserve+0xbd/0x290
[  367.974488][    C0]  ? __alloc_skb+0x142/0x2d0
[  367.974504][    C0]  ? synproxy_send_client_synack+0x16c/0xe20
[  367.974524][    C0]  ? nft_synproxy_eval_v4+0x36e/0x560
[  367.974538][    C0]  ? nft_synproxy_do_eval+0x345/0x570
[  367.974552][    C0]  ? nft_do_chain+0x409/0x1920
[  367.974565][    C0]  ? nft_do_chain_inet+0x25d/0x340
[  367.974579][    C0]  ? nf_hook_slow+0xc2/0x220
[  367.974596][    C0]  ? NF_HOOK+0x206/0x3a0
[  367.974613][    C0]  ? NF_HOOK+0x30c/0x3a0
[  367.974630][    C0]  ? __netif_receive_skb+0x143/0x380
[  367.974664][    C0]  ? kmalloc_reserve+0xbd/0x290
[  367.974684][    C0]  __kasan_slab_alloc+0x6c/0x80
[  367.974700][    C0]  ? kmalloc_reserve+0xbd/0x290
[  367.974718][    C0]  kmem_cache_alloc_node_noprof+0x14e/0x330
[  367.974739][    C0]  kmalloc_reserve+0xbd/0x290
[  367.974759][    C0]  __alloc_skb+0x142/0x2d0
[  367.974779][    C0]  synproxy_send_client_synack+0x16c/0xe20
[  367.974805][    C0]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  367.974824][    C0]  ? nft_log_eval+0x650/0xab0
[  367.974841][    C0]  ? synproxy_pernet+0x45/0x270
[  367.974865][    C0]  nft_synproxy_eval_v4+0x36e/0x560
[  367.974883][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  367.974900][    C0]  ? nf_ip_checksum+0x13c/0x510
[  367.974916][    C0]  nft_synproxy_do_eval+0x345/0x570
[  367.974934][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  367.974958][    C0]  nft_do_chain+0x409/0x1920
[  367.974979][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  367.975012][    C0]  nft_do_chain_inet+0x25d/0x340
[  367.975026][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  367.975040][    C0]  ? __lock_acquire+0xab9/0xd20
[  367.975063][    C0]  ? NF_HOOK+0x9a/0x3a0
[  367.975081][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  367.975096][    C0]  nf_hook_slow+0xc2/0x220
[  367.975117][    C0]  NF_HOOK+0x206/0x3a0
[  367.975135][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  367.975153][    C0]  ? NF_HOOK+0x9a/0x3a0
[  367.975169][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  367.975185][    C0]  ? ip_rcv_finish_core+0xda3/0x1c00
[  367.975205][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  367.975224][    C0]  ? skb_dst+0x4f/0xd0
[  367.975241][    C0]  ? ip_local_deliver+0x12a/0x1b0
[  367.975261][    C0]  NF_HOOK+0x30c/0x3a0
[  367.975279][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  367.975296][    C0]  ? NF_HOOK+0x9a/0x3a0
[  367.975313][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  367.975331][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  367.975354][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  367.975370][    C0]  __netif_receive_skb+0x143/0x380
[  367.975387][    C0]  ? rt_spin_unlock+0x65/0x80
[  367.975405][    C0]  ? process_backlog+0x27b/0x900
[  367.975422][    C0]  process_backlog+0x31e/0x900
[  367.975445][    C0]  __napi_poll+0xb3/0x540
[  367.975464][    C0]  net_rx_action+0x707/0xe00
[  367.975480][    C0]  ? arch_stack_walk+0x11c/0x150
[  367.975502][    C0]  ? ret_from_fork_asm+0x1a/0x30
[  367.975521][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  367.975540][    C0]  ? kvm_sched_clock_read+0x11/0x20
[  367.975563][    C0]  ? __pfx_sched_clock_cpu+0x10/0x10
[  367.975585][    C0]  handle_softirqs+0x22f/0x710
[  367.975606][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  367.975628][    C0]  __local_bh_enable_ip+0x179/0x270
[  367.975645][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  367.975670][    C0]  ? rcu_cpu_kthread+0x23e/0x1b50
[  367.975688][    C0]  ? rcu_cpu_kthread+0x23e/0x1b50
[  367.975704][    C0]  rcu_cpu_kthread+0xc3d/0x1b50
[  367.975725][    C0]  ? rcu_cpu_kthread+0x23e/0x1b50
[  367.975750][    C0]  ? __pfx_rcu_cpu_kthread+0x10/0x10
[  367.975770][    C0]  ? __lock_acquire+0xab9/0xd20
[  367.975787][    C0]  ? __pfx___schedule+0x10/0x10
[  367.975813][    C0]  ? schedule+0x91/0x360
[  367.975834][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  367.975851][    C0]  smpboot_thread_fn+0x53f/0xa60
[  367.975874][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  367.975895][    C0]  kthread+0x70e/0x8a0
[  367.975915][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  367.975932][    C0]  ? __pfx_kthread+0x10/0x10
[  367.975953][    C0]  ? __pfx_kthread+0x10/0x10
[  367.975973][    C0]  ret_from_fork+0x439/0x7d0
[  367.975991][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  367.976011][    C0]  ? __switch_to_asm+0x39/0x70
[  367.976024][    C0]  ? __switch_to_asm+0x33/0x70
[  367.976037][    C0]  ? __pfx_kthread+0x10/0x10
[  367.976056][    C0]  ret_from_fork_asm+0x1a/0x30
[  367.976078][    C0]  </TASK>
[  368.370810][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[  368.370832][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  368.370854][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  368.370864][   T38] Call Trace:
[  368.370871][   T38]  <TASK>
[  368.370878][   T38]  dump_stack_lvl+0x99/0x250
[  368.370908][   T38]  ? __asan_memcpy+0x40/0x70
[  368.370928][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  368.370951][   T38]  ? __pfx__printk+0x10/0x10
[  368.370982][   T38]  vpanic+0x281/0x750
[  368.371008][   T38]  ? __pfx_vpanic+0x10/0x10
[  368.371031][   T38]  ? preempt_schedule+0xae/0xc0
[  368.371056][   T38]  ? preempt_schedule_common+0x83/0xd0
[  368.371085][   T38]  panic+0xb9/0xc0
[  368.371107][   T38]  ? __pfx_panic+0x10/0x10
[  368.371132][   T38]  ? preempt_schedule_thunk+0x16/0x30
[  368.371159][   T38]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  368.371183][   T38]  watchdog+0xfd2/0xfe0
[  368.371210][   T38]  ? watchdog+0x1de/0xfe0
[  368.371237][   T38]  kthread+0x70e/0x8a0
[  368.371265][   T38]  ? __pfx_watchdog+0x10/0x10
[  368.371286][   T38]  ? __pfx_kthread+0x10/0x10
[  368.371315][   T38]  ? __pfx_kthread+0x10/0x10
[  368.371340][   T38]  ret_from_fork+0x439/0x7d0
[  368.371365][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  368.371392][   T38]  ? __switch_to_asm+0x39/0x70
[  368.371407][   T38]  ? __switch_to_asm+0x33/0x70
[  368.371422][   T38]  ? __pfx_kthread+0x10/0x10
[  368.371448][   T38]  ret_from_fork_asm+0x1a/0x30
[  368.371480][   T38]  </TASK>
[  368.371763][   T38] Kernel Offset: disabled