last executing test programs:

1m31.20276052s ago: executing program 1 (id=542):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886eb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0xd)
r2 = fcntl$dupfd(r1, 0x0, r1)
read$rfkill(r2, 0x0, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

1m30.874987914s ago: executing program 1 (id=547):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000880)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0200000002"], 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000e40)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a800000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@cgroup=r4, r3, 0x2, 0x6, 0x4000, @void, @value}, 0x10)

1m30.119676313s ago: executing program 1 (id=552):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000780)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000600), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000008c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000880), 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0xfffffffffffffffe, &(0x7f0000000100), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340), 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000700)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000006c0), 0x2}}, 0x20)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="06010000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)

1m28.832288554s ago: executing program 1 (id=554):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd(0x0)
r3 = eventfd(0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000380)={r2, 0x3, 0x2, r2})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r3, 0x1, 0x2, r2})
r4 = eventfd(0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000100)={r4, 0xfffffffd, 0x2, r3})

1m4.820400263s ago: executing program 3 (id=631):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000001300)={0x2c, &(0x7f0000001000)={0x0, 0x0, 0x4, "da3c8d23"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000640)={0x2c, &(0x7f00000003c0)={0x40, 0x16, 0x4, "9aef44da"}, 0x0, 0x0, 0x0, 0x0})

1m4.152836524s ago: executing program 1 (id=554):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd(0x0)
r3 = eventfd(0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000380)={r2, 0x3, 0x2, r2})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r3, 0x1, 0x2, r2})
r4 = eventfd(0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000100)={r4, 0xfffffffd, 0x2, r3})

1m1.371174394s ago: executing program 3 (id=637):
syz_open_dev$dri(&(0x7f0000000000), 0x2d1, 0x0)
socket(0x2a, 0x2, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000006c0)=ANY=[@ANYBLOB="120100002bd564084b0c00011e8a010203010902"], 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
socket(0x2, 0x80805, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000ff0100000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r3}, 0x10)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_MSRS(r5, 0xc048aeca, &(0x7f0000000580)=ANY=[@ANYRES16=r0])

56.907971747s ago: executing program 3 (id=644):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000440)='./file0\x00', &(0x7f00000003c0)='./file0/../file0/../file0/../file0\x00')

56.444312839s ago: executing program 3 (id=645):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000940))
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0, 0x10012, r2, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3)

53.091668757s ago: executing program 3 (id=653):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000780)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_G_CROP(r4, 0xc014563b, &(0x7f0000000140)={0x8, {0x400, 0x2, 0x0, 0xc}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=@framed={{0x18, 0x4}, [@printk={@d, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb1}}]}, &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000004c0)="45f9e8e5af9f7e488a1619ea0cd4902570249f1e29b175dfa0d3ae9be1933b972b835f966d432045a33e064403006bdb8ef95b90e76baae34f74778049ff8fa4a59adf7623aaddb922b32dbbfda740b88a07e87eb2cd97c0393db1036a1ec8a3", 0x60}, {&(0x7f0000000640)="c1c8a40034f2e641b62b4615ef30e1d8f253ab64e1889171265fae014ebfba6a9f6f4c0aad3ef3e1715fb4ead561a1eba0960796b212b55e48ab51408e89440fa105fc87976083a6320a3de4802e496032c306f80bd4363828012fb84222", 0x5e}, {&(0x7f0000000840)="739cf2e7f8db9aa08b619702ce9012e934e90fd67fc70eea0ee9f679c53400244018555f5f57d9b694aa912f885c028dffbd6db1735c29948cbd1f982713169aee8efbc34fad78ad2e7c75a02c11cb8bcad843b902dbb85b158c4ca5eb04eb050eee7bb913e755bbbafa7814d78c07941177724345cba268880d83a2c085f26ef454fe7a7e359267e4c03c6e737863d6a1c26ca33a494b229d35c425b73fe743293cb577e1c2fdb30def636609ef5ac57929f6d6e00f4acab3269bd1eae6c405efd6fa2dad5d46beafe087521e1ed9b3de51329796654d5e", 0xd8}], 0x3}}], 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendto$inet(r0, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000001380)={'#! ', '', [], 0xa, "7749905d65b5692f2475666e4db6188c5d2340455c957241f0f2de9807d65c2e32a9048cb340ffc25381f7955b91ace7605b1fdea205cd80afbd8b6e6b"}, 0x41)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
socket(0xa, 0x6, 0x0)

18.164456618s ago: executing program 0 (id=707):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open(0x0, 0x0, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x4000000400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
open(0x0, 0x60142, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x23, 0x0, &(0x7f0000000200))
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='io.stat\x00', 0x26e1, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r3, 0x6, 0x24, &(0x7f0000000000)=0x1, 0x4)
recvmmsg(r3, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x300, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040)}, 0x38)
ioctl$SIOCSIFHWADDR(r2, 0x8b19, &(0x7f0000000000)={'wlan1\x00', @random="0200002000"})

16.974084481s ago: executing program 0 (id=708):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r1, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4)
listen(r1, 0x0)
setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000000)=0x80000000, 0x4)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000000c0)={'tunl0\x00', 0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r2 = socket(0x10, 0x0, 0x0)
sendto(r2, &(0x7f0000000740), 0x0, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080))
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, 0x0, 0x0)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(r0, 0xffff)

11.988067864s ago: executing program 0 (id=710):
sched_setscheduler(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x1)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
unshare(0x8000000)
openat$sysfs(0xffffffffffffff9c, 0x0, 0xac802, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/power/image_size', 0x40042, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f00000001c0)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x0, 0x0, r1, &(0x7f00000000c0)}])
unshare(0x6a040000)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
dup(r3)
listen(0xffffffffffffffff, 0x0)
connect$bt_l2cap(r3, &(0x7f0000000140)={0x1f, 0x0, @none}, 0xe)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r4, 0xffffffff80000800, 0xee01, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe0})
socket$tipc(0x1e, 0x2, 0x0)

11.987410406s ago: executing program 4 (id=711):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f00000045c0)=""/102386, 0x18ff2}], 0x1, 0xb568, 0xfffffffd)
syz_emit_ethernet(0x7c, &(0x7f0000000680)=ANY=[], 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7fff, 0x2)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
r2 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$VIDIOC_TRY_ENCODER_CMD(r2, 0xc028564e, &(0x7f0000004580)={0x3, 0x1, [0x2, 0x3, 0x1, 0xfffffff4, 0x4, 0xffffffff, 0x10001]})
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
preadv2(r0, &(0x7f0000000000)=[{&(0x7f0000000080)=""/165, 0xa5}], 0x1, 0x0, 0x1, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes192\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001a40)=[{&(0x7f0000000200)=""/143, 0x8f}], 0x1}, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
socket$inet6_tcp(0xa, 0x1, 0x0)

11.391963141s ago: executing program 2 (id=712):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
prctl$PR_SET_MM(0x41555856, 0xf7354000, &(0x7f0000ffa000/0x3000)=nil)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8015)
chown(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)={0x18, 0x5a, 0x1, 0x0, 0x0, {}, [@nested={0x4, 0x5}]}, 0x18}}, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="08001e0000a38000"], 0x30}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000180)={0x5}, 0x10)
write(r5, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f0000000000000200020000", 0x1c)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)

11.155416156s ago: executing program 4 (id=713):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000d00)={0x0, @llc={0x1a, 0x104, 0x2, 0x40, 0x1, 0xd, @random="63a0b4829c7c"}, @hci={0x1f, 0x2, 0x3}, @generic={0x28, "19bfe1f6ea9fc8cbce608e82967a"}, 0x55, 0x0, 0x0, 0x0, 0x800, &(0x7f0000000cc0)='geneve0\x00', 0xfff, 0x4, 0xa})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f00000002c0)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020feffff7a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000000704000000000000b7040000100000206a0700fe000000008500000005000000b70000000a00000095000000000000000000c2c62f6004ad13aa957e2af5e49a53c2868f0399d909a63796c113a80c19aab9d607000000b6cd483be3f0d3253730e714c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766af540439fce41f144631ac262dcae18c3d1a1fbe96dc86035b44174f7c0620254ab6d285e6b343185089a0f119e31975e551558050800000000000000125d67857f290870093f38153608561a2128a79cce912d1f05de33ca20a9f5422bee8ca49166f6a587f2f593775afcd971efc5a972f757521b7b38ec273c2ad3e406f8c124f7dc1c4553229a69df4b2780e6da4420d71489fe383e0b5ce08b750502f2b8add8d2dddde19ac050537e973782b4053150580035fb2c579e1b0000000033d1ee8cab6d236f05b1f7b9f78fd5abfe033eb79f7a0b498366f5edfe311258016fbf47d9c85bf5325bf61419372be377022433e231fda262b20bb8b36de7b0e6c5ebfc5baec1ebe58d4af587d33e2935ad68da6e0fea5c21301f5d002b51a5b60fc741cb2c5d4cd5e896774f9293a6435558796d4a5043404ac6eafc8310fbcacca7f971b260fd06d4590ded8429fcd1c9a8dbbdedb32675388df363c0bc536e00448208b7c64f80cd7ddb402e1b2d675aaad92e183cef1eadc1661140fb567b55c729e8a1aca75277a5f0022b1e957ba737f10f1161c5ae6e2cc64072ff3b4e76084922242e63d4b7806e30f786cff147e4bc819060678319a0e5534f5a0db525e5c30000000000000000000000a63705b1a60525620acca06d57c055059df7651768310c9085c5f86be6ab819506961ad51f18b35fdc3fd4d0a0dbbdcd494ef168931f27748787bee95d739fef7ee67dd21c34647de82707e41d7db6d981a4fcf0bbd3d38ebb7a2489e28c6b28c0f74992ffb016b7766399555f3e6b538c2c862d17e53eaeb2036f9f0ab6e95e71bda4b5bbf53344264ad93bac1207b31d6e9c78181c"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = socket$kcm(0x11, 0x2, 0x300)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r1, 0x4)
syz_usb_connect$cdc_ecm(0x5, 0x69, &(0x7f0000000a00)=ANY=[@ANYBLOB="12010003000000402505a1a440002102030109025700010102002b0904000903020600020524060000052400ebff0c240f010700000004000000070524150e0007240a070103cb07240a040981060905810310dd06e901190582024000043d0509050302040002ce023dd8eb226e947fb932fe15ccba6f653c35a1aec2312a3b51f5e8f5643c64"], &(0x7f0000000980)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x0, 0xc, 0xa, 0x0, 0x8, 0x6}, 0x165, 0x0, 0x4, [{0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0xc04}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x82c}}, {0x4, &(0x7f00000008c0)=@lang_id={0x4, 0x3, 0x1809}}, {0x4c, &(0x7f0000000900)=ANY=[]}]})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f000000a300))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
getpid()
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_open_dev$sg(&(0x7f0000000280), 0x0, 0x0)
dup2(r4, r3)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x5, 0x401d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x10000)
mlock(&(0x7f0000a74000/0x1000)=nil, 0x1000)
userfaultfd(0x1)

10.283690409s ago: executing program 2 (id=714):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x6, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bc00000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, 0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000002c0)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d1d0b90c8997e6917226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67a4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e74afa52db1ac07f7cce47d5e8ce5b2806ff7171c64a689a", 0xdc}, {&(0x7f0000000f00)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df28a3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6edafd6c8461de7afec966f9c023ffe15c3c1caec8ff3ef304ed0ffedd061941d9d022b25a4b9632856295fee3a314f6c196d953bcaf1aff06d1", 0xfe}], 0x2}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000700)="acc841985992b79554acfc02163bb0fb2bb293e68702bb40b6b870bde5700d368744361ae9fce3a4ff6b", 0x2a}, {&(0x7f0000000740)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc487553859348d48e6fc", 0x2e}], 0x2}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000b80)="1ee88f78de7d57006d8ffa3f1d92c228a43f6c86558705d98691e6344fa3745cc92c1f80fc01a77c28bb77872fc4f9be9660", 0x32}, {&(0x7f0000001bc0)="5c89eeb1aa86c6f680f09cc1c1d4bc5fc6a067d295afd3aa97af3d777b81db48f9ceb270e506af840503c6fbf20760e4cd8df9c220cd0728585229123d5c61507d00561b8f1a15e64fa2779be424fdeff46058eaee7acfc80b2ae9840e9ac1e33ac8378c98695a08bdb8f2a756b1704c036e3b0ff2d1e9d397a82e24debd371e6855b7dc2dea47d57a9dfbf4fb2ccb3f975c3851c6b5399ab80c4ba95604f70a69674cfe820d82fb06b243625a8a9e4ee52e7c2ec4d63241fb00efd1a485a36dfb4a7dd573c6584c4afc55b3ff0a93509fe41aa0e8892c95ccad3e0435071aff78177e946cf231de4f389b695c5f49772b8abb6b88226fd4c2b0c57d47b98f2aa1b2ec38c4a97f3783023f04cdb380dd6a00d2fc63c932a9876863728e1fcb245109713c16375ffc68b041b86f737c41233cf2a05e51699db6a0e3c4b82b9ca613bea89cefd2ace608e361379b1aeefb75d0aa2db26dcddc9365a8c02f49af78aa6b41599fa501f9b96824bed5cff2028bb06f3852e69b3e58b659606b7ff7e282473701c95f1da7e742b76392f90a89c65577415c62e2b495027153030cf761b44eb1ce8816f14b71f4ecb066111dea78d77fa4b58bc3b27250a516cd5f90b3df608a06eca61970a028193f5ef07ab0cc90936633e4894831d5294011e1", 0x1de}], 0x2}}], 0x3, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x1e)

9.319309772s ago: executing program 2 (id=715):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {}, {0x2, 0x0, @rand_addr=0x64010102}, {0x2, 0x0, @empty}, 0x0, 0x0, 0x0, 0x0, 0x8000})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/power/image_size', 0x40042, 0x0)
io_setup(0x20, 0x0)
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
mknod$loop(0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90}, 0x0, 0x0, 0x0, 0x0})
r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
fcntl$notify(r2, 0x402, 0x29)
fcntl$notify(r1, 0x402, 0x10)
fcntl$notify(r2, 0x402, 0x5)
close_range(r1, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)

9.267502592s ago: executing program 1 (id=554):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd(0x0)
r3 = eventfd(0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000380)={r2, 0x3, 0x2, r2})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000080)={r3, 0x1, 0x2, r2})
r4 = eventfd(0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000100)={r4, 0xfffffffd, 0x2, r3})

8.810736991s ago: executing program 0 (id=716):
syz_open_dev$loop(&(0x7f0000000000), 0x4, 0x42202)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
getpgid(0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
shutdown(0xffffffffffffffff, 0x2)
futex(0x0, 0x0, 0x0, 0x0, &(0x7f0000048000), 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x5, &(0x7f0000000080)=0x6)
futex(0x0, 0x4, 0xffffffbe, &(0x7f0000000280)={0x77359400}, 0x0, 0x4000001)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$packet(0x11, 0x2, 0x300)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@gettaction={0x28, 0x5a, 0x1, 0x0, 0x0, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x80000000}]}, 0x28}}, 0x0)

8.711676275s ago: executing program 4 (id=717):
socket$alg(0x26, 0x5, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f00000007c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
prlimit64(0x0, 0xe, 0x0, 0x0)
chdir(0x0)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r4, 0x0, 0x2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r5 = syz_io_uring_setup(0x748d, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000000)=<r7=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r5, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
syz_io_uring_submit(r6, r7, &(0x7f00000003c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x20, 0x0, @fd_index, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000001000), 0x200)
io_uring_enter(r5, 0x27e2, 0x0, 0x0, 0x0, 0x0)

7.493721663s ago: executing program 4 (id=718):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000780)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_G_CROP(r4, 0xc014563b, &(0x7f0000000140)={0x8, {0x400, 0x2, 0x0, 0xc}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=@framed={{0x18, 0x4}, [@printk={@d, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb1}}]}, &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000004c0)="45f9e8e5af9f7e488a1619ea0cd4902570249f1e29b175dfa0d3ae9be1933b972b835f966d432045a33e064403006bdb8ef95b90e76baae34f74778049ff8fa4a59adf7623aaddb922b32dbbfda740b88a07e87eb2cd97c0393db1036a1ec8a376c919cdd0b40dbb899c07f1349c7a1113f57495c795bc7e38166a7bdef463457189549f4b13279fffd050bdfea3477a62d3edea8321a2e98c65330fe7199ca6bee7202aa5a5d56c4ed4c22dbb28cebcaec033c75eb78820ad1d8ceb6f90b5", 0xbf}, {&(0x7f0000000640)="c1c8a40034f2e641b62b4615ef30e1d8f253ab64e1889171265fae014ebfba6a9f6f4c0aad3ef3e1715fb4ead561a1eba0960796b212b55e48ab51408e89440fa105fc87976083a6320a3de4802e496032c306f80bd4363828012fb84222", 0x5e}, {&(0x7f0000000840)="739cf2e7f8db9aa08b619702ce9012e934e90fd67fc70eea0ee9f679c53400244018555f5f57d9b694aa912f885c028dffbd6db1735c29948cbd1f982713169aee8efbc34fad78ad2e7c75a02c11cb8bcad843b902dbb85b158c4ca5eb04eb050eee7bb913e755bbbafa7814d78c07941177724345cba268880d83a2c085f26ef454fe7a7e359267e4c03c6e737863d6a1c26ca33a494b229d35c425b73fe743293cb577e1c2fdb30def636609ef5ac57929f6d6e00f4acab3269bd1eae6c405efd6fa2dad5d46beafe087521e1ed9b3de51329796654d5e", 0xd8}], 0x3}}], 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0x1801, 0x4)
sendto$inet(r0, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d", 0x129, 0x40040, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000001380)={'#! ', '', [], 0xa, "7749905d65b5692f2475666e4db6188c5d2340455c957241f0f2de9807d65c2e32a9048cb340ffc25381f7955b91ace7605b1fdea205cd80afbd8b6e6b"}, 0x41)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
socket(0xa, 0x6, 0x0)

7.425004817s ago: executing program 2 (id=719):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
getdents(0xffffffffffffffff, 0xfffffffffffffffd, 0x58)
epoll_create1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, r0)
r3 = memfd_secret(0x0)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x21011, r3, 0x0)
remap_file_pages(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0)
r4 = openat$smackfs_relabel_self(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$smackfs_labels_list(r4, &(0x7f0000000040)=ANY=[], 0x2)

6.929979639s ago: executing program 0 (id=720):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0, 0x56, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
linkat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x800)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f00000001c0)="4459a3e11c14f1294f4406c7a341307a36d3a94eb54e82f6d6ca17a09c1a2b07b2c461209cf4cd5bf3eea36360595f9f453f53eb269bbf0a4150ec1510", 0x3d)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000440)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x5, 0x7, 0x9, 0x4, 0x19000, 0xffffffffffffffff, 0x100, '\x00', r5, r0, 0x3, 0x5, 0x9, 0x0, @value=r0, @void, @value}, 0x50)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x0, 0x0, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r6, <r8=>0xffffffffffffffff}, 0x0, &(0x7f00000000c0)=r7}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000a40)=ANY=[@ANYBLOB="1806000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendto$inet(r4, 0x0, 0x0, 0x200007fc, &(0x7f0000000180)={0x2, 0x4e23, @empty}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000004c0)="45f9e8e5af9f7e488a1619ea0cd4902570249f1e29b175dfa0d3ae9be1933b972b835f966d432045a33e064403006bdb8ef95b90e76baae34f74778049ff8fa4a59adf7623aaddb922b32dbbfda740b88a07e87eb2cd97c0393db1036a1ec8a376c919cdd0b40dbb899c07f1349c7a1113f57495c795bc7e38166a7bdef463457189549f4b13279fffd050bdfea3477a62d3edea8321a2e98c65330fe7199ca6bee7202aa5a5d56c4ed4c22dbb28cebc", 0xb0}, {&(0x7f0000000640)="c1c8a40034f2e641b62b4615ef30e1d8f253ab64e1889171265fae014ebfba6a9f6f4c0aad3ef3e1715fb4ead561a1eba0960796b212b55e48ab51408e", 0x3d}], 0x2}}], 0x1, 0x0)
sendto$inet(r4, &(0x7f0000000700)="09268a60fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88ff4f90b1a7511bf746bec66ba1fe92e8615fc3f7af9c3310b39cc2dc3616dcdfaebc65ca325fd99357ed9d11b266a7c88722db6e38df1089394f438cb9fbc08e62754c233cced4a4d4d05a3e5029a01298d3ee87d8a0803a2d26906f42f5b5aaf47d2752a8b23954f309cae13ef250cf76775ddfd153eef2b1a8458a3cb6dc764f19b41c8c61c7305a51a4bfa0c897c7c1f438a851222a5560c0e77b0b5934296bc6f28af87d651f7348a2ba2ca67f930cc655afe0220cbeb79a2a87bba6be2de3e756e674c405bcc51843b4cc75ff7ec38a34d1a2a61f0a1223e69484b5d922b5590758c33317df18c401ff910f9b3f0eaef8b9d928392097a025b0459", 0xfe6a, 0x40040, 0x0, 0xfffffffffffffe93)

6.07360475s ago: executing program 2 (id=721):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELRULE={0x20, 0x8, 0xa, 0x487, 0x0, 0x0, {0x7}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x68}}, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x70, @private2={0xfc, 0x2, '\x00', 0x1}, 0x4}, 0x1c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x0, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000540)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x401eb94)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r5, 0xc0045005, &(0x7f0000000000)=0x400)
ioctl$SNDCTL_DSP_SPEED(r5, 0x5008, 0x0)
syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r6=>0x0, 0x0)
syz_io_uring_submit(r6, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})

5.56038197s ago: executing program 3 (id=655):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cgroup.events\x00', 0x275a, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000140))
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x205})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)

4.81219462s ago: executing program 0 (id=722):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000140)=0x2)
ioctl$EVIOCGKEYCODE_V2(r0, 0x400445a0, &(0x7f0000000040)=""/255)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100800001)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x28001, 0x0, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7f, &(0x7f00000011c0)=""/4072, &(0x7f0000001180)=0xfe8)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYRESDEC=r0, @ANYRESOCT=r2, @ANYRES8=r0], 0x7)
r3 = syz_open_dev$cec(&(0x7f0000000680), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r3, 0xc05c6104, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="03c800397058abce57033f29eb6dc1f8b128a7537a3409329d374c891ea6f898ba2a0784b3781c59e6bd91a231a605e31d00"/61], 0x3d)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="02c9000a0006000500010842580e2a64adc9b138f92294bdeebc1ecb348ff152b7108cd561ee4d2c89f6f3bfa05c3f441bd20d1c6ba70e9ed467d5a2b8fd8f67e24d29b35829db02ea386f2b2bf9b81a0b4495877a1b5a2625e79bb29899f85cd07263597bb8ec3117c8e59fd935e3df6c7673feca56a9807ad8515d9bdb88cd8cbb8d6d5f8ba8055205a576717197c6c63a7eb9b71ca1ef176ba5aa73f8fa7bda01b1c8a997b9cbb31f7d6a43f2fd45becca37149c7e02c5e01010000f6edc52d9cd3a82bb77a32a3a7e54582bcff1cc806edd494027a79928ea546a9db2c7c67f6a8c456d8"], 0x20)
mknod$loop(&(0x7f00000000c0)='./file0\x00', 0x80, 0x0)
syz_open_dev$usbmon(&(0x7f0000000080), 0xf231, 0x4000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000001007100000000000100001307"], 0x0, 0x39, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r5 = io_uring_setup(0x497c, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4})
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x11, 0x0)
r6 = socket(0x23, 0x80805, 0x0)
listen(r6, 0x4)
close_range(r5, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))

4.40127643s ago: executing program 4 (id=723):
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xa0}, 0x1, 0x0, 0x0, 0x90}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000000)=0x800, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r2, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
sendmmsg(r0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r2)
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
r4 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$kcm(0x2, 0xa, 0x2)
write$tun(r4, &(0x7f0000001640)={@val, @void, @ipv6=@udp={0x7, 0x6, "c9e558", 0xd4, 0x11, 0x1, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, {[@fragment={0x32, 0x0, 0x9, 0x0, 0x0, 0x1b, 0x65}, @dstopts={0x6fd24f6b5d74fe2d, 0x4, '\x00', [@ra={0x5, 0x2, 0x3}, @enc_lim={0x4, 0x1, 0xa}, @calipso={0x7, 0x10, {0x2, 0x2, 0xa, 0x5, [0x1000]}}, @calipso={0x7, 0x8, {0x1, 0x0, 0xe, 0x8}}]}], {0x4e21, 0x4e21, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "cdb796f724179bd5112bbf459f3a5321645c68f4f4efde332e0a29a2315ae714", "24ee74f211e0297f872d086c325e8b83c6c7b845199349fd3af9712e21b75fb81362defc3316ea946d37e80d61671c5e", "6668e9580f7f4db0b898b04570bf9930522ec82c033a2c5711f1fe4e", {"5a4948a5110381ff423605a01cc46dbc", "9f10672f0ea1f30f52b32dfb6f924e63"}}}}}}, 0x100)
write$tun(r3, 0x0, 0xfce)
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r2, 0x0, r5, 0x0, 0x7, 0x0)
ioctl$int_in(r5, 0x5760, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(0xffffffffffffffff, 0x29, 0x37, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x8)
close(0xffffffffffffffff)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}], 0x1)
socket$nl_generic(0x10, 0x3, 0x10)

2.363374881s ago: executing program 2 (id=724):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc0109058903"], 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040efc"], 0xff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4002, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xbb}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xd, 0x1, 0x4, 0x6, 0x115, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, <r5=>0x0}, &(0x7f0000000280)=0x5)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000980)=0x7)
setuid(r5)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x11)
socket$inet6(0xa, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="043e110b"], 0xfc)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0)
syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)
accept4(r2, 0x0, &(0x7f0000000380), 0x800)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xc7, 0x3d, 0x8a, 0x8, 0x2770, 0x9120, 0x6c77, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x91, 0xb0, 0xe2}}]}}]}}, 0x0)

0s ago: executing program 4 (id=725):
iopl(0x3)
utime(0x0, 0x0)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
setsockopt$bt_BT_SNDMTU(r3, 0x112, 0xc, 0x0, 0x0)
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0)
r5 = socket$inet(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x10)
sendto$inet(r5, 0x0, 0x0, 0x8004, 0x0, 0x0)
sendmmsg$inet(r5, &(0x7f00000023c0)=[{{0x0, 0x0, &(0x7f0000000100)}}], 0x1, 0x53)
r6 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r4, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r6}, './file0\x00'})
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)

kernel console output (not intermixed with test programs):

 240.216860][ T6611] netlink: 201372 bytes leftover after parsing attributes in process `syz.0.259'.
[  240.281182][ T6613] syz.4.260 uses obsolete (PF_INET,SOCK_PACKET)
[  240.919610][ T6611] vivid-001: =================  START STATUS  =================
[  240.980820][ T6611] vivid-001: Radio HW Seek Mode: Bounded
[  240.986940][ T6611] vivid-001: Radio Programmable HW Seek: false
[  240.994266][ T6611] vivid-001: RDS Rx I/O Mode: Block I/O
[  241.006950][ T6611] vivid-001: Generate RBDS Instead of RDS: false
[  241.013651][ T6611] vivid-001: RDS Reception: true
[  241.018964][ T6611] vivid-001: RDS Program Type: 0 inactive
[  241.024969][ T6611] vivid-001: RDS PS Name:  inactive
[  241.030527][ T6611] vivid-001: RDS Radio Text:  inactive
[  241.036515][ T6611] vivid-001: RDS Traffic Announcement: false inactive
[  241.043698][ T6611] vivid-001: RDS Traffic Program: false inactive
[  241.050228][ T6611] vivid-001: RDS Music: false inactive
[  241.056435][ T6611] vivid-001: ==================  END STATUS  ==================
[  241.487991][ T6635] rtc_cmos 00:00: Alarms can be up to one day in the future
[  241.774295][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  241.796271][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  241.817211][   T11] bond0 (unregistering): Released all slaves
[  241.906422][ T6507] team0: Port device team_slave_0 added
[  241.999146][ T6507] team0: Port device team_slave_1 added
[  242.159191][ T6643] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  243.126597][ T6507] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.134226][ T6507] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.311099][ T6507] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.325121][ T6507] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.332889][ T6507] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.359679][ T6507] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  243.424259][ T6650] netlink: 'syz.4.264': attribute type 16 has an invalid length.
[  243.433454][ T6650] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.264'.
[  244.267769][   T11] hsr_slave_0: left promiscuous mode
[  244.290699][   T11] hsr_slave_1: left promiscuous mode
[  244.313286][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  244.338221][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  244.351099][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  244.358580][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  244.391250][   T11] veth1_macvtap: left promiscuous mode
[  244.396885][   T11] veth0_macvtap: left promiscuous mode
[  244.402789][   T11] veth1_vlan: left promiscuous mode
[  244.408144][   T11] veth0_vlan: left promiscuous mode
[  247.565437][ T5229] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  247.578566][ T5229] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  247.588711][ T5229] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  247.598832][ T5229] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  247.606730][ T5229] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  247.614655][ T5229] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  247.632683][   T11] team0 (unregistering): Port device team_slave_1 removed
[  247.723244][   T11] team0 (unregistering): Port device team_slave_0 removed
[  248.900733][ T6507] hsr_slave_0: entered promiscuous mode
[  248.922100][ T6507] hsr_slave_1: entered promiscuous mode
[  248.943379][ T6507] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  248.953580][ T6507] Cannot create hsr debugfs directory
[  249.079060][ T6690] VFS: could not find a valid V7 on nullb0.
[  249.112746][   T29] audit: type=1800 audit(249.071:38): pid=6690 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.4.272" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  249.404597][ T1184] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  249.691637][ T5229] Bluetooth: hci1: command tx timeout
[  249.923493][ T1184] usb 5-1: Using ep0 maxpacket: 32
[  250.049491][ T1184] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  250.246977][ T1184] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  250.374689][ T1184] usb 5-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  250.411960][ T1184] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.437197][ T1184] usb 5-1: config 0 descriptor??
[  250.486927][ T6490] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  250.546819][ T6490] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  250.558546][ T6490] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  250.572173][ T6490] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  250.867518][ T6708] evm: overlay not supported
[  251.678899][ T6507] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.765306][ T6669] chnl_net:caif_netlink_parms(): no params data found
[  251.772570][ T5229] Bluetooth: hci1: command tx timeout
[  251.947611][ T5267] usb 5-1: USB disconnect, device number 4
[  252.067423][ T6669] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.084386][ T6669] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.100405][ T6669] bridge_slave_0: entered allmulticast mode
[  252.107746][ T6669] bridge_slave_0: entered promiscuous mode
[  252.643201][ T6719] xt_CONNSECMARK: invalid mode: 0
[  252.657554][ T6507] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.679754][ T6669] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.688160][ T6669] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.700782][ T6669] bridge_slave_1: entered allmulticast mode
[  252.708893][ T6669] bridge_slave_1: entered promiscuous mode
[  252.758070][ T6507] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.851978][ T6507] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.874591][ T6669] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  252.905838][ T6669] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.887799][ T5229] Bluetooth: hci1: command tx timeout
[  253.924925][ T6669] team0: Port device team_slave_0 added
[  253.948500][ T6490] 8021q: adding VLAN 0 to HW filter on device bond0
[  254.899535][ T6669] team0: Port device team_slave_1 added
[  255.104484][   T11] bridge_slave_0: left allmulticast mode
[  255.110292][   T11] bridge_slave_0: left promiscuous mode
[  255.140684][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.187264][   T11] bridge_slave_1: left allmulticast mode
[  255.208768][   T11] bridge_slave_1: left promiscuous mode
[  255.216630][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.261173][   T11] bridge_slave_0: left allmulticast mode
[  255.268268][   T11] bridge_slave_0: left promiscuous mode
[  255.274745][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.855754][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  255.862327][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  256.072866][ T5229] Bluetooth: hci1: command tx timeout
[  260.634781][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  260.721701][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  260.910885][   T11] bond0 (unregistering): Released all slaves
[  261.636261][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  261.689346][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  261.726667][   T11] bond0 (unregistering): Released all slaves
[  261.855952][ T6669] batman_adv: batadv0: Adding interface: batadv_slave_0
[  261.884011][ T6669] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.921002][ T6669] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  261.934142][ T6669] batman_adv: batadv0: Adding interface: batadv_slave_1
[  261.941381][ T6669] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  261.969055][ T6669] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  262.339443][ T6507] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  262.403677][ T6669] hsr_slave_0: entered promiscuous mode
[  262.419526][ T6669] hsr_slave_1: entered promiscuous mode
[  262.426934][ T6669] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  262.434963][ T6669] Cannot create hsr debugfs directory
[  262.450073][ T6490] 8021q: adding VLAN 0 to HW filter on device team0
[  262.490815][ T6507] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  262.521532][ T1184] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  262.549878][ T6507] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  262.563265][ T6507] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  262.609826][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.617236][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  262.668123][ T5334] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.670789][ T5265] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  262.675334][ T5334] bridge0: port 2(bridge_slave_1) entered forwarding state
[  262.698453][ T1184] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[  262.709713][ T1184] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  262.722238][ T1184] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[  262.733134][ T1184] usb 1-1: config 1 has no interface number 0
[  262.741075][ T1184] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  262.751702][ T1184] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  262.765365][ T1184] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d6.01
[  262.776979][ T1184] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.797202][ T1184] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[  262.858981][ T5265] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[  262.871151][ T5265] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  262.884496][ T5265] usb 5-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[  262.918908][ T5265] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.937559][ T5265] usb 5-1: config 0 descriptor??
[  262.957218][ T5265] smsusb:smsusb_probe: board id=8, interface number 0
[  263.004026][ T1184] snd_usb_pod 1-1:1.1: invalid control EP
[  263.009825][ T1184] snd_usb_pod 1-1:1.1: cannot start listening: -22
[  263.010612][ T5265] smsusb:smsusb_probe: Device initialized with return code -19
[  263.028972][ T1184] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[  263.061821][ T1184] snd_usb_pod 1-1:1.1: probe with driver snd_usb_pod failed with error -22
[  263.091377][   T11] hsr_slave_0: left promiscuous mode
[  263.103157][   T11] hsr_slave_1: left promiscuous mode
[  263.111531][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  263.119809][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  263.128515][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  263.140696][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  263.160929][   T11] hsr_slave_0: left promiscuous mode
[  263.167626][   T11] hsr_slave_1: left promiscuous mode
[  263.175096][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  263.184541][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  263.193325][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  263.216847][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  264.232541][   T11] veth1_macvtap: left promiscuous mode
[  264.238128][   T11] veth0_macvtap: left promiscuous mode
[  264.251998][   T11] veth1_vlan: left promiscuous mode
[  264.323894][   T11] veth0_vlan: left promiscuous mode
[  265.291927][   T11] veth1_macvtap: left promiscuous mode
[  265.297745][   T11] veth0_macvtap: left promiscuous mode
[  265.577326][   T11] veth1_vlan: left promiscuous mode
[  265.680108][   T11] veth0_vlan: left promiscuous mode
[  265.731491][    T8] usb 5-1: USB disconnect, device number 5
[  267.081195][   T29] audit: type=1326 audit(267.058:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6834 comm="syz.4.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe50f7def9 code=0x7fc00000
[  267.294366][ T6837] input: syz1 as /devices/virtual/input/input6
[  267.944853][   T11] team0 (unregistering): Port device team_slave_1 removed
[  267.952557][   T29] audit: type=1326 audit(267.928:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6834 comm="syz.4.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe50f7def9 code=0x7fc00000
[  268.050947][   T11] team0 (unregistering): Port device team_slave_0 removed
[  268.241765][ T4608] Bluetooth: hci2: command 0x0406 tx timeout
[  269.666394][ T6842] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  270.886737][   T11] team0 (unregistering): Port device team_slave_1 removed
[  270.938820][   T11] team0 (unregistering): Port device team_slave_0 removed
[  271.458715][ T6669] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.610979][    T8] usb 1-1: USB disconnect, device number 5
[  272.465245][ T6669] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.647976][ T6507] 8021q: adding VLAN 0 to HW filter on device bond0
[  272.665533][ T6507] 8021q: adding VLAN 0 to HW filter on device team0
[  272.701695][ T6507] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  272.712288][ T6507] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  272.733754][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.741066][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  272.896540][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.903808][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  273.066956][ T6669] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.291138][ T6490] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  273.631582][ T6859] netlink: 4 bytes leftover after parsing attributes in process `syz.4.294'.
[  273.719026][ T6669] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.125209][ T6507] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.173782][   T29] audit: type=1800 audit(274.148:41): pid=6876 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.297" name="bus" dev="overlay" ino=144 res=0 errno=0
[  274.226656][ T6866] lo speed is unknown, defaulting to 1000
[  274.244065][ T6669] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  274.256017][   T29] audit: type=1800 audit(274.178:42): pid=6876 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.4.297" name="bus" dev="overlay" ino=144 res=0 errno=0
[  274.284830][ T6669] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  274.317940][ T6866] lo speed is unknown, defaulting to 1000
[  274.339196][ T6669] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  274.365706][ T6669] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  274.388936][ T6866] lo speed is unknown, defaulting to 1000
[  274.407627][ T6507] veth0_vlan: entered promiscuous mode
[  274.449734][ T6866] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  274.472693][ T6490] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.518529][ T6866] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  274.519347][ T6507] veth1_vlan: entered promiscuous mode
[  274.628581][ T6869] 9pnet_fd: p9_fd_create_tcp (6869): problem connecting socket to 127.0.0.1
[  274.674106][ T6507] veth0_macvtap: entered promiscuous mode
[  274.696322][ T6490] veth0_vlan: entered promiscuous mode
[  274.706467][ T6507] veth1_macvtap: entered promiscuous mode
[  274.747898][ T6866] lo speed is unknown, defaulting to 1000
[  274.767714][ T6490] veth1_vlan: entered promiscuous mode
[  274.774449][ T6866] lo speed is unknown, defaulting to 1000
[  274.783959][ T6669] 8021q: adding VLAN 0 to HW filter on device bond0
[  274.821847][ T6866] lo speed is unknown, defaulting to 1000
[  274.823410][ T6507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  274.855076][ T6507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.866524][ T6507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  274.877597][ T6507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.888343][ T6507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  274.900065][ T6507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.912694][ T6507] batman_adv: batadv0: Interface activated: batadv_slave_0
[  274.922697][ T6866] lo speed is unknown, defaulting to 1000
[  274.938096][ T6669] 8021q: adding VLAN 0 to HW filter on device team0
[  274.952392][ T6490] veth0_macvtap: entered promiscuous mode
[  274.977147][ T6507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  274.979926][ T6866] lo speed is unknown, defaulting to 1000
[  275.001676][ T6507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.013112][ T6507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  275.024553][ T6507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.034572][ T6507] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  275.045247][ T6507] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.057155][ T6507] batman_adv: batadv0: Interface activated: batadv_slave_1
[  275.241420][ T6490] veth1_macvtap: entered promiscuous mode
[  275.249319][ T6866] lo speed is unknown, defaulting to 1000
[  275.539332][ T5334] bridge0: port 1(bridge_slave_0) entered blocking state
[  275.546712][ T5334] bridge0: port 1(bridge_slave_0) entered forwarding state
[  276.262143][ T5334] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.269316][ T5334] bridge0: port 2(bridge_slave_1) entered forwarding state
[  276.327025][ T6507] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  276.357554][ T6507] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  276.520620][ T6507] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  276.531286][ T6507] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  277.754735][ T6490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  277.781886][ T6490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  277.814461][ T6490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  277.849173][ T6490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  277.862933][ T6490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  277.879274][ T6490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  277.905602][ T6490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  277.936599][ T6490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  277.968183][ T6490] batman_adv: batadv0: Interface activated: batadv_slave_0
[  278.061706][ T6490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  278.120697][ T6490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  278.155306][ T6490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  278.180781][ T6490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  278.199223][   T29] audit: type=1326 audit(278.168:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6895 comm="syz.0.302" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcfe377def9 code=0x0
[  278.200516][ T6490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  278.233849][ T6490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  278.244735][ T6490] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  278.256298][ T6490] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  278.286470][ T6490] batman_adv: batadv0: Interface activated: batadv_slave_1
[  278.366674][ T6669] 8021q: adding VLAN 0 to HW filter on device batadv0
[  278.454945][ T6490] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  278.470878][ T6490] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  278.487344][ T6490] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  278.496667][ T6490] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  278.561617][ T6338] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  278.562792][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  278.569802][ T6338] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  278.588171][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  278.785150][ T6669] veth0_vlan: entered promiscuous mode
[  279.386961][ T6669] veth1_vlan: entered promiscuous mode
[  279.475587][ T6669] veth0_macvtap: entered promiscuous mode
[  279.484935][ T6669] veth1_macvtap: entered promiscuous mode
[  279.500949][ T6669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.511861][ T6669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.522040][ T6669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.533072][ T6669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.543160][ T6669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.553915][ T6669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.563816][ T6669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.574656][ T6669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.584977][ T6669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  279.595563][ T6669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.607167][ T6669] batman_adv: batadv0: Interface activated: batadv_slave_0
[  279.620182][ T6669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  279.633969][ T6669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.644684][ T6669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  279.657185][ T6669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  279.680855][ T6669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  279.911120][ T6912] netlink: 68 bytes leftover after parsing attributes in process `syz.4.304'.
[  280.178623][ T6669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.189318][ T6669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.200794][ T6669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.211103][ T6669] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  280.221900][ T6669] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  280.272116][ T6669] batman_adv: batadv0: Interface activated: batadv_slave_1
[  280.396948][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  280.398219][ T6669] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  280.414557][ T6669] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  280.423354][ T6669] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  280.432520][ T6669] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  280.500150][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  280.535365][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  280.544804][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  282.058784][ T6918] lo speed is unknown, defaulting to 1000
[  283.126218][ T6942] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  283.159708][ T6942] loop2: detected capacity change from 0 to 7
[  283.268499][ T6942] Dev loop2: unable to read RDB block 7
[  283.274960][ T6942]  loop2: unable to read partition table
[  283.281187][ T6942] loop2: partition table beyond EOD, truncated
[  283.289232][ T6942] loop_reread_partitions: partition scan of loop2 (�被������� ) failed (rc=-5)
[  283.413231][    T8] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  283.428962][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  283.446515][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  283.450452][ T6338] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  283.466647][ T6338] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  283.624113][    T8] usb 2-1: Using ep0 maxpacket: 32
[  283.656899][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  283.716373][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  283.729669][    T8] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  283.844159][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.954594][    T8] usb 2-1: config 0 descriptor??
[  283.994562][ T6934] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  284.042049][    T8] hub 2-1:0.0: USB hub found
[  284.271119][    T8] hub 2-1:0.0: config failed, can't read hub descriptor (err -22)
[  284.476916][ T6956] netlink: 16126 bytes leftover after parsing attributes in process `syz.3.314'.
[  284.511438][ T5267] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  284.520821][ T6956] netlink: 183228 bytes leftover after parsing attributes in process `syz.3.314'.
[  284.611001][    T8] hid-generic 0003:046D:C314.0004: hidraw0: USB HID v8.00 Device [HID 046d:c314] on usb-dummy_hcd.1-1/input0
[  284.662854][ T5267] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  284.733900][ T5267] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  284.751947][ T5267] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  284.762020][ T5267] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  284.771237][ T5267] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.886276][ T5267] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  284.991756][ T5309] usb 2-1: USB disconnect, device number 8
[  285.807766][ T6819] udevd[6819]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  285.827224][ T5267] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -12
[  285.935536][ T6978] block nbd3: Device being setup by another task
[  285.987562][ T6975] lo speed is unknown, defaulting to 1000
[  286.090452][ T5309] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  286.280645][ T5309] usb 1-1: Using ep0 maxpacket: 32
[  286.921544][ T5309] usb 1-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=8a.0a
[  286.940429][ T5309] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  286.959062][ T6973] block nbd3: shutting down sockets
[  286.980952][ T5309] usb 1-1: Product: syz
[  286.996310][ T5309] usb 1-1: Manufacturer: syz
[  287.119667][ T5309] usb 1-1: SerialNumber: syz
[  287.252026][ T5309] usb 1-1: config 0 descriptor??
[  287.578865][ T5309] usb 1-1: USB disconnect, device number 6
[  288.115887][ T5309] usb 3-1: USB disconnect, device number 8
[  289.440618][ T5229] Bluetooth: hci5: command 0x0406 tx timeout
[  289.743655][ T7007] netlink: 'syz.1.328': attribute type 14 has an invalid length.
[  289.768798][ T7008] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  290.009459][ T7014] netlink: 4 bytes leftover after parsing attributes in process `syz.2.330'.
[  290.034138][ T7014] bridge_slave_1: left allmulticast mode
[  290.051727][ T7014] bridge_slave_1: left promiscuous mode
[  290.108320][ T7014] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.224102][ T7014] bridge_slave_0: left allmulticast mode
[  290.244042][ T7014] bridge_slave_0: left promiscuous mode
[  290.268956][ T7014] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.366504][ T5308] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  290.460781][ T5309] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  290.520506][ T5308] usb 1-1: Using ep0 maxpacket: 8
[  290.552561][ T5308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  290.570508][ T5308] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  290.602375][ T5308] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x3D, changing to 0xD
[  290.621752][ T5308] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 19, changing to 7
[  290.662282][ T5309] usb 4-1: Using ep0 maxpacket: 16
[  290.669424][ T5308] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a4, bcdDevice=9e.7e
[  290.687036][ T5308] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.695652][ T5308] usb 1-1: Product: syz
[  290.699958][ T5308] usb 1-1: Manufacturer: syz
[  290.704906][ T5308] usb 1-1: SerialNumber: syz
[  290.725610][ T5308] usb 1-1: config 0 descriptor??
[  290.730922][ T5309] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  290.741739][ T5309] usb 4-1: config 0 interface 0 has no altsetting 0
[  290.749317][ T5309] usb 4-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00
[  290.768869][ T5309] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.779566][ T5308] usbtest 1-1:0.0: couldn't get endpoints, -22
[  290.795204][ T5308] usbtest 1-1:0.0: probe with driver usbtest failed with error -22
[  290.839895][ T5309] usb 4-1: config 0 descriptor??
[  290.969384][ T5269] usb 1-1: USB disconnect, device number 7
[  291.263798][ T5309] kye 0003:0458:0138.0005: unknown main item tag 0x0
[  291.282143][ T5309] kye 0003:0458:0138.0005: unknown main item tag 0x0
[  291.288895][ T5309] kye 0003:0458:0138.0005: unexpected long global item
[  291.306707][ T5309] kye 0003:0458:0138.0005: parse failed
[  291.346828][ T5309] kye 0003:0458:0138.0005: probe with driver kye failed with error -22
[  291.862239][ T7035] afs: Unknown parameter 'dyl'
[  293.095452][ T5229] Bluetooth: hci5: Opcode 0x206a failed: -110
[  293.410476][ T5229] Bluetooth: hci5: command 0x0406 tx timeout
[  294.117603][ T5269] usb 4-1: USB disconnect, device number 8
[  295.686742][    T8] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  296.092399][    T8] usb 1-1: Using ep0 maxpacket: 16
[  296.131871][    T8] usb 1-1: New USB device found, idVendor=5752, idProduct=75b9, bcdDevice=ae.00
[  296.159526][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.231822][    T8] usb 1-1: Product: syz
[  296.236155][    T8] usb 1-1: Manufacturer: syz
[  296.292860][    T8] usb 1-1: SerialNumber: syz
[  296.321687][    T8] usb 1-1: config 0 descriptor??
[  296.339056][    T8] usb-storage 1-1:0.0: USB Mass Storage device detected
[  297.612669][ T7057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  297.668152][ T7057] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  298.038292][ T7064] program syz.4.345 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  298.686488][ T5230] Bluetooth: hci6: ACL packet for unknown connection handle 200
[  299.263103][ T7062] netlink: 88 bytes leftover after parsing attributes in process `syz.4.345'.
[  299.299579][ T7062] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.345'.
[  299.310438][ T7062] openvswitch: netlink: Tunnel attr 0 has unexpected len 13 expected 8
[  299.355279][ T7072] netlink: 60 bytes leftover after parsing attributes in process `syz.3.348'.
[  299.383123][ T5269] usb 1-1: USB disconnect, device number 8
[  300.511376][ T7086] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  300.695820][ T5230] Bluetooth: hci5: unexpected event 0x04 length: 14 > 10
[  301.139729][ T5230] Bluetooth: hci1: link tx timeout
[  301.154570][ T5230] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  302.128744][ T5229] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[  302.138235][ T5229] Bluetooth: hci6: Injecting HCI hardware error event
[  302.148489][ T4608] Bluetooth: hci6: hardware error 0x00
[  302.291969][ T5229] Bluetooth: hci1: link tx timeout
[  302.297158][ T5229] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  302.751118][ T5229] Bluetooth: hci5: command 0x0406 tx timeout
[  303.274239][ T5229] Bluetooth: hci1: command 0x0406 tx timeout
[  304.280517][    T8] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  304.311507][ T7143] netlink: 28 bytes leftover after parsing attributes in process `syz.4.369'.
[  304.347456][ T7143] netlink: 28 bytes leftover after parsing attributes in process `syz.4.369'.
[  304.430496][    T8] usb 3-1: Using ep0 maxpacket: 32
[  304.437731][    T8] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  304.489857][    T8] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  304.507499][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.515723][    T8] usb 3-1: Product: syz
[  304.519929][    T8] usb 3-1: Manufacturer: syz
[  304.524163][ T4608] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  304.524666][    T8] usb 3-1: SerialNumber: syz
[  304.560601][    T8] usb 3-1: bad CDC descriptors
[  304.941112][    T8] usb 3-1: USB disconnect, device number 9
[  306.991946][    T8] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  307.180892][    T8] usb 2-1: Using ep0 maxpacket: 32
[  307.188677][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  307.224665][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  307.308936][    T8] usb 2-1: New USB device found, idVendor=06cd, idProduct=0112, bcdDevice=d2.a2
[  307.334664][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.373175][    T8] usb 2-1: Product: syz
[  307.384215][    T8] usb 2-1: Manufacturer: syz
[  307.396721][    T8] usb 2-1: SerialNumber: syz
[  307.416069][    T8] usb 2-1: config 0 descriptor??
[  307.430795][    T8] keyspan 2-1:0.0: Keyspan 1 port adapter converter detected
[  307.459316][    T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 87
[  307.495561][    T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 7
[  307.521842][    T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 81
[  307.550509][    T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 1
[  307.558247][    T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 2
[  307.566783][ T1184] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  307.586908][    T8] keyspan 2-1:0.0: found no endpoint descriptor for endpoint 85
[  307.730492][ T1184] usb 5-1: Using ep0 maxpacket: 16
[  307.750043][ T1184] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  307.798672][ T1184] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  307.823532][ T1184] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.847696][ T1184] usb 5-1: Product: syz
[  307.857449][ T1184] usb 5-1: SerialNumber: syz
[  307.924850][ T1184] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  308.151619][ T1184] usb 5-1: USB disconnect, device number 6
[  309.190991][    T8] usb 2-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  309.218721][    T8] usb 2-1: USB disconnect, device number 9
[  309.471198][    T8] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  309.490824][    T8] keyspan 2-1:0.0: device disconnected
[  309.569300][ T7223] exFAT-fs (nullb0): invalid boot record signature
[  309.576393][ T7223] exFAT-fs (nullb0): failed to read boot sector
[  309.583229][ T7223] exFAT-fs (nullb0): failed to recognize exfat type
[  310.879254][ T7229] Illegal XDP return value 96 on prog  (id 145) dev N/A, expect packet loss!
[  312.085941][ T4608] Bluetooth: hci7: unexpected cc 0x203e length: 2 > 1
[  312.972793][ T7267] sp0: Synchronizing with TNC
[  314.649999][ T7292] netlink: 32 bytes leftover after parsing attributes in process `syz.3.429'.
[  314.769075][ T7293] exFAT-fs (nullb0): invalid boot record signature
[  314.775747][ T7293] exFAT-fs (nullb0): failed to read boot sector
[  314.782086][ T7293] exFAT-fs (nullb0): failed to recognize exfat type
[  314.903700][ T5265] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  315.100829][ T5265] usb 5-1: New USB device found, idVendor=0b48, idProduct=1006, bcdDevice=36.16
[  315.118843][ T5265] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.155740][ T5265] usb 5-1: Product: syz
[  315.180755][ T5265] usb 5-1: Manufacturer: syz
[  315.185444][ T5265] usb 5-1: SerialNumber: syz
[  315.230467][ T5309] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  315.272811][ T5265] usb 5-1: config 0 descriptor??
[  315.292753][ T5265] ttusb_dec_send_command: command bulk message failed: error -22
[  315.339811][ T5265] ttusb-dec 5-1:0.0: probe with driver ttusb-dec failed with error -22
[  315.429929][ T5309] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  315.458144][ T5309] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  315.502360][ T5309] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  315.514477][    T8] usb 5-1: USB disconnect, device number 7
[  315.560764][ T5309] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.591994][ T5309] usb 1-1: config 0 descriptor??
[  315.760933][ T5269] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  315.809516][    T8] usb 1-1: USB disconnect, device number 9
[  316.183549][ T4608] Bluetooth: hci7: Controller not accepting commands anymore: ncmd = 0
[  316.197259][ T4608] Bluetooth: hci7: Injecting HCI hardware error event
[  316.208047][ T5230] Bluetooth: hci7: hardware error 0x00
[  316.651973][ T5269] usb 2-1: Using ep0 maxpacket: 8
[  316.667368][ T5269] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  316.680492][ T5269] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  316.689123][ T5269] usb 2-1: Product: syz
[  316.693633][ T5269] usb 2-1: Manufacturer: syz
[  316.699462][ T5269] usb 2-1: SerialNumber: syz
[  316.707441][ T5269] usb 2-1: config 0 descriptor??
[  316.717324][ T5269] gspca_main: se401-2.14.0 probing 047d:5003
[  317.293011][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  317.299974][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  317.407041][ T5229] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  317.442863][ T5229] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  317.472852][ T7338] exFAT-fs (nullb0): invalid boot record signature
[  317.479482][ T7338] exFAT-fs (nullb0): failed to read boot sector
[  317.485903][ T7338] exFAT-fs (nullb0): failed to recognize exfat type
[  317.493528][ T5229] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  317.542805][ T5229] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  317.551751][ T5229] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  317.559238][ T5229] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  317.613122][ T5269] usb 2-1: reset high-speed USB device number 10 using dummy_hcd
[  317.698356][ T7336] lo speed is unknown, defaulting to 1000
[  317.958167][ T5269] usb 2-1: device firmware changed
[  317.967454][ T5269] gspca_se401: read req failed req 0x06 error -19
[  317.977529][ T5269] usb 2-1: USB disconnect, device number 10
[  318.052482][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.131834][ T5269] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  318.300658][ T4608] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  318.333003][ T5230] Bluetooth: hci7: Opcode 0x0c03 failed: -110
[  318.342528][ T5269] usb 2-1: Using ep0 maxpacket: 8
[  318.375225][ T5269] usb 2-1: string descriptor 0 read error: -22
[  318.483349][ T5269] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  318.707151][ T5269] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  318.897074][ T5269] usb 2-1: config 0 descriptor??
[  318.948015][ T5269] usb 2-1: can't set config #0, error -71
[  318.978749][ T5269] usb 2-1: USB disconnect, device number 11
[  319.015264][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.233126][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.294198][ T7336] chnl_net:caif_netlink_parms(): no params data found
[  319.391938][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.450592][ T5265] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  319.614018][ T5265] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  319.627960][ T5265] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  319.638438][ T5265] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  319.648405][ T5265] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.663209][ T7373] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  319.682382][ T5265] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  319.690558][ T5230] Bluetooth: hci3: command tx timeout
[  319.753348][ T7336] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.950905][ T7336] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.993538][ T7336] bridge_slave_0: entered allmulticast mode
[  320.102541][ T7336] bridge_slave_0: entered promiscuous mode
[  320.556003][ T5265] usb 5-1: USB disconnect, device number 8
[  320.637765][ T7336] bridge0: port 2(bridge_slave_1) entered blocking state
[  320.907508][ T7336] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.180641][ T7336] bridge_slave_1: entered allmulticast mode
[  321.334926][ T7336] bridge_slave_1: entered promiscuous mode
[  321.481655][ T7336] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  321.560113][ T7336] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  321.661155][ T7413] netlink: 48 bytes leftover after parsing attributes in process `syz.3.471'.
[  321.778644][ T5230] Bluetooth: hci3: command tx timeout
[  322.297621][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  322.310517][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  322.325664][   T12] bond0 (unregistering): Released all slaves
[  322.351741][ T7336] team0: Port device team_slave_0 added
[  322.359587][ T7426] netlink: 'syz.0.473': attribute type 29 has an invalid length.
[  322.398428][ T7429] netlink: 3 bytes leftover after parsing attributes in process `syz.4.474'.
[  322.424894][ T7429] 0�X���: renamed from caif0
[  322.474461][ T7429] 0�X���: entered allmulticast mode
[  322.494683][ T7429] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  322.550476][ T7336] team0: Port device team_slave_1 added
[  322.567841][ T7431] netlink: 'syz.0.473': attribute type 29 has an invalid length.
[  322.723790][ T7439] netlink: 32 bytes leftover after parsing attributes in process `syz.0.477'.
[  322.998398][ T7336] batman_adv: batadv0: Adding interface: batadv_slave_0
[  323.021169][ T7336] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  323.047126][    C0] vkms_vblank_simulate: vblank timer overrun
[  323.117944][ T7336] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  323.144123][ T7452] exFAT-fs (nullb0): invalid boot record signature
[  323.152710][ T7452] exFAT-fs (nullb0): failed to read boot sector
[  323.154849][ T7336] batman_adv: batadv0: Adding interface: batadv_slave_1
[  323.158977][ T7452] exFAT-fs (nullb0): failed to recognize exfat type
[  323.224608][ T7336] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  323.250601][    C0] vkms_vblank_simulate: vblank timer overrun
[  323.480781][ T7336] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  323.850991][ T5230] Bluetooth: hci3: command tx timeout
[  324.442110][   T12] hsr_slave_0: left promiscuous mode
[  324.558687][   T12] hsr_slave_1: left promiscuous mode
[  324.590865][ T5230] Bluetooth: hci2: unexpected cc 0x042f length: 181 > 7
[  324.598025][ T5230] Bluetooth: hci2: unexpected event for opcode 0x042f
[  324.630738][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  324.638212][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  324.720231][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  324.760528][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  324.875509][   T12] veth1_macvtap: left promiscuous mode
[  324.904253][   T12] veth0_macvtap: left promiscuous mode
[  324.909956][   T12] veth1_vlan: left promiscuous mode
[  324.949595][   T12] veth0_vlan: left promiscuous mode
[  325.141440][    T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  325.310849][    T9] usb 4-1: Using ep0 maxpacket: 8
[  325.328123][    T9] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  325.342472][    T9] usb 4-1: config 0 has no interface number 0
[  325.360471][    T9] usb 4-1: config 0 interface 1 altsetting 0 has an endpoint descriptor with address 0xFE, changing to 0x8E
[  325.385165][    T9] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  325.401637][    T9] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  325.419665][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.445964][    T9] usb 4-1: config 0 descriptor??
[  325.485905][    T9] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  325.802990][ T5309] usb 4-1: USB disconnect, device number 9
[  325.832544][ T5309] iowarrior 4-1:0.1: I/O-Warror #0 now disconnected
[  325.942702][ T5230] Bluetooth: hci3: command tx timeout
[  326.008993][   T12] team0 (unregistering): Port device team_slave_1 removed
[  326.059539][   T12] team0 (unregistering): Port device team_slave_0 removed
[  326.588672][ T7494] ALSA: mixer_oss: invalid OSS volume 'Units'
[  326.594879][ T7494] ALSA: mixer_oss: invalid OSS volume 'Max'
[  326.601345][ T7494] ALSA: mixer_oss: invalid OSS volume 'Max'
[  326.759171][ T7476] netlink: 8 bytes leftover after parsing attributes in process `syz.4.487'.
[  326.772115][ T7476] netlink: 108 bytes leftover after parsing attributes in process `syz.4.487'.
[  326.904746][ T7336] hsr_slave_0: entered promiscuous mode
[  326.954564][ T7336] hsr_slave_1: entered promiscuous mode
[  328.953196][ T5265] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  329.020425][    T9] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  329.130600][ T5265] usb 5-1: Using ep0 maxpacket: 16
[  329.142201][ T5265] usb 5-1: config 0 has no interfaces?
[  329.149839][ T5265] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  329.161241][ T5265] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  329.169568][ T5265] usb 5-1: Product: syz
[  329.187094][ T5265] usb 5-1: Manufacturer: syz
[  329.195290][    T9] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  329.205341][    T9] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  329.243540][    T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  329.254576][ T5265] usb 5-1: SerialNumber: syz
[  329.264345][    T9] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  329.299791][ T5265] r8152-cfgselector 5-1: Unknown version 0x0000
[  329.312150][ T5265] r8152-cfgselector 5-1: config 0 descriptor??
[  329.319087][    T9] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  329.337941][    T9] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  329.363335][    T9] usb 4-1: Product: syz
[  329.394215][    T9] usb 4-1: Manufacturer: syz
[  329.423708][    T9] cdc_wdm 4-1:1.0: skipping garbage
[  329.436935][    T9] cdc_wdm 4-1:1.0: skipping garbage
[  329.449272][ T7336] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  329.464858][    T9] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  329.471385][    T9] cdc_wdm 4-1:1.0: Unknown control protocol
[  329.479987][ T7336] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  329.498164][ T7336] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  329.514143][ T7336] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  329.615211][ T7336] 8021q: adding VLAN 0 to HW filter on device bond0
[  329.641920][ T7336] 8021q: adding VLAN 0 to HW filter on device team0
[  329.645944][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  329.655376][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  329.661746][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  329.668409][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  329.674581][    C1] hrtimer: interrupt took 28833551 ns
[  329.679006][ T7336] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  329.680051][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  329.680072][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  329.680292][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  329.690698][ T7336] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  329.697031][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  329.714799][ T5309] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  329.720312][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  329.740421][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  329.745615][ T6699] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.746709][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  329.753599][ T6699] bridge0: port 1(bridge_slave_0) entered forwarding state
[  329.760087][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  329.772322][ T6699] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.773555][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  329.780485][ T6699] bridge0: port 2(bridge_slave_1) entered forwarding state
[  329.787039][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  329.801197][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  329.807845][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  329.814156][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  329.820787][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  329.827189][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  329.833847][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  329.883457][ T5309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  329.883732][ T1184] usb 4-1: USB disconnect, device number 10
[  329.894482][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  329.907853][ T5309] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  329.965875][ T5309] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  329.994000][ T5309] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.024727][ T5309] usb 2-1: config 0 descriptor??
[  330.184824][ T7336] 8021q: adding VLAN 0 to HW filter on device batadv0
[  330.286425][ T7336] veth0_vlan: entered promiscuous mode
[  330.316555][ T7336] veth1_vlan: entered promiscuous mode
[  330.376719][ T7336] veth0_macvtap: entered promiscuous mode
[  330.399377][ T7336] veth1_macvtap: entered promiscuous mode
[  330.436000][ T7336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.453378][ T7336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.466725][ T5309] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0
[  330.475159][ T5309] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0
[  330.479336][ T7336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.502876][ T5309] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0D8C:0022.0006/input/input8
[  330.515523][ T5265] r8152-cfgselector 5-1: USB disconnect, device number 9
[  330.527274][ T7336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.551610][ T7336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.579900][ T5309] cm6533_jd 0003:0D8C:0022.0006: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0
[  330.595260][ T7336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.638511][ T7336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.659468][ T7336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.695959][ T7336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.730988][ T7336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.769257][ T7336] batman_adv: batadv0: Interface activated: batadv_slave_0
[  330.804023][ T5265] usb 2-1: USB disconnect, device number 12
[  330.817773][ T7336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  330.867130][ T7336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.898650][ T7336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  330.919076][ T7336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.929293][ T7336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  330.985971][ T7336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.045738][ T7336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  331.082575][ T7336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.092646][ T7336] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  331.108915][ T7336] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.123414][ T7336] batman_adv: batadv0: Interface activated: batadv_slave_1
[  331.151944][ T7336] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  331.530050][ T7336] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  331.738995][ T7336] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  331.786150][ T7336] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  332.250649][ T1184] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  332.288918][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  332.321193][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  332.396446][ T1112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  332.400430][ T1184] usb 5-1: Using ep0 maxpacket: 8
[  332.412434][ T1184] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  332.424759][ T1184] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  332.441860][ T1112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  332.460072][ T1184] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  332.528136][ T1184] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  332.556179][ T1184] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  332.627442][ T1184] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.870091][ T1184] usb 5-1: GET_CAPABILITIES returned 0
[  332.900966][ T1184] usbtmc 5-1:16.0: can't read capabilities
[  333.122233][ T5265] usb 5-1: USB disconnect, device number 10
[  333.630440][ T1184] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  333.792439][ T1184] usb 4-1: config 1 interface 0 has no altsetting 0
[  333.803908][ T1184] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  333.822471][ T1184] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  333.847092][ T1184] usb 4-1: Product: syz
[  333.858709][ T1184] usb 4-1: Manufacturer: syz
[  333.872378][ T1184] usb 4-1: SerialNumber: syz
[  334.544147][ T1184] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 11 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  334.865761][    C1] usblp0: nonzero write bulk status received: -71
[  334.873938][ T5265] usb 4-1: USB disconnect, device number 11
[  335.451294][ T7650] usblp0: removed
[  339.472471][ T6699] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.727816][ T6699] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.852541][ T4608] Bluetooth: hci2: command 0x0406 tx timeout
[  339.869794][ T6699] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.962447][ T6699] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.010608][ T5268] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  340.014725][ T4608] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  340.032414][ T4608] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  340.042572][ T4608] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  340.051858][ T4608] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  340.059606][ T4608] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  340.067143][ T4608] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  340.130419][ T1184] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  340.158074][ T6699] bridge_slave_1: left allmulticast mode
[  340.164031][ T6699] bridge_slave_1: left promiscuous mode
[  340.169928][ T6699] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.177109][ T5268] usb 1-1: Using ep0 maxpacket: 8
[  340.185296][ T5268] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  340.209446][ T5268] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  340.219971][ T6699] bridge_slave_0: left allmulticast mode
[  340.229866][ T6699] bridge_slave_0: left promiscuous mode
[  340.234618][ T5268] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.236278][ T6699] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.276920][ T5268] usb 1-1: config 0 descriptor??
[  340.312777][ T1184] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  340.336492][ T1184] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  340.365094][ T1184] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  340.384056][ T1184] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  340.413976][ T1184] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  340.424021][ T1184] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.449776][ T1184] usb 3-1: config 0 descriptor??
[  340.499435][ T5268] iowarrior 1-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  340.870226][ T1184] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  340.890246][ T1184] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  340.899173][ T1184] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  340.992933][ T6699] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  341.019802][ T1184] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  341.027793][ T1184] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  341.060113][ T1184] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[  341.258359][ T1184] plantronics 0003:047F:FFFF.0007: hiddev1,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  341.288263][ T1184] usb 3-1: USB disconnect, device number 10
[  341.304458][ T6699] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  341.685495][ T5296] usb 1-1: USB disconnect, device number 10
[  341.699416][ T6699] bond0 (unregistering): Released all slaves
[  341.741940][ T5296] iowarrior 1-1:0.0: I/O-Warror #0 now disconnected
[  341.759639][ T7755] lo speed is unknown, defaulting to 1000
[  342.090732][ T4608] Bluetooth: hci1: command tx timeout
[  342.122522][ T7755] chnl_net:caif_netlink_parms(): no params data found
[  343.197892][ T6699] hsr_slave_0: left promiscuous mode
[  343.213338][ T6699] hsr_slave_1: left promiscuous mode
[  343.468172][ T6699] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  343.548380][ T6699] batman_adv: batadv0: Removing interface: batadv_slave_0
[  343.683010][ T6699] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  343.835416][ T6699] batman_adv: batadv0: Removing interface: batadv_slave_1
[  344.026431][ T7814] loop9: detected capacity change from 0 to 7
[  344.048752][ T7814]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  344.059014][ T6699] veth1_macvtap: left promiscuous mode
[  344.068648][ T7814] loop9: partition table partially beyond EOD, truncated
[  344.068976][ T6699] veth0_macvtap: left promiscuous mode
[  344.083219][ T6699] veth1_vlan: left promiscuous mode
[  344.088849][ T6699] veth0_vlan: left promiscuous mode
[  344.095444][ T7814] loop9: p1 size 1139518251 extends beyond EOD, truncated
[  344.171700][ T4608] Bluetooth: hci1: command tx timeout
[  344.215893][ T6974] udevd[6974]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory
[  344.362532][ T5264] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  344.569133][ T5264] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  344.622726][ T5264] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  344.673558][ T5264] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  344.720788][ T5264] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.838712][ T7819] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  344.905170][ T5264] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  345.130656][ T5268] usb 1-1: USB disconnect, device number 11
[  345.165471][ T7825] netlink: 32 bytes leftover after parsing attributes in process `syz.4.574'.
[  345.581640][ T6699] team0 (unregistering): Port device team_slave_1 removed
[  345.646318][ T6699] team0 (unregistering): Port device team_slave_0 removed
[  346.265075][ T4608] Bluetooth: hci1: command tx timeout
[  346.333401][ T7755] bridge0: port 1(bridge_slave_0) entered blocking state
[  346.341470][ T7755] bridge0: port 1(bridge_slave_0) entered disabled state
[  346.348869][ T7755] bridge_slave_0: entered allmulticast mode
[  346.357191][ T7755] bridge_slave_0: entered promiscuous mode
[  346.441884][ T7755] bridge0: port 2(bridge_slave_1) entered blocking state
[  346.472166][ T7755] bridge0: port 2(bridge_slave_1) entered disabled state
[  346.479843][ T7755] bridge_slave_1: entered allmulticast mode
[  346.535863][ T7755] bridge_slave_1: entered promiscuous mode
[  347.191295][ T7850] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  347.191936][ T7755] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  347.268476][ T7755] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  347.476796][ T7853] bond1: entered promiscuous mode
[  347.482417][ T7853] bond1: entered allmulticast mode
[  347.488961][ T7853] 8021q: adding VLAN 0 to HW filter on device bond1
[  347.598296][ T7755] team0: Port device team_slave_0 added
[  348.340777][ T4608] Bluetooth: hci1: command tx timeout
[  349.731949][ T7755] team0: Port device team_slave_1 added
[  349.779362][ T7879] netlink: 16 bytes leftover after parsing attributes in process `syz.2.584'.
[  349.873156][ T7880] netlink: 'syz.4.585': attribute type 4 has an invalid length.
[  349.909521][ T7882] netlink: 'syz.4.585': attribute type 4 has an invalid length.
[  350.044102][ T7755] batman_adv: batadv0: Adding interface: batadv_slave_0
[  350.064115][ T7755] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  350.104830][ T7755] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  350.139373][ T7755] batman_adv: batadv0: Adding interface: batadv_slave_1
[  350.152226][ T7755] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  350.196016][ T7755] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  350.334374][ T7755] hsr_slave_0: entered promiscuous mode
[  350.355674][ T7755] hsr_slave_1: entered promiscuous mode
[  350.392344][ T7755] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  350.411063][ T7755] Cannot create hsr debugfs directory
[  350.420636][ T1184] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  350.590954][ T1184] usb 3-1: Using ep0 maxpacket: 8
[  350.598383][ T1184] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  350.633153][ T1184] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  350.661988][ T1184] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  350.696053][ T1184] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  350.760840][ T1184] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  350.793291][ T1184] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.343007][ T1184] usb 3-1: GET_CAPABILITIES returned 0
[  351.356315][ T1184] usbtmc 3-1:16.0: can't read capabilities
[  351.373537][ T7927] 9pnet_fd: p9_fd_create_tcp (7927): problem connecting socket to 127.0.0.1
[  351.693191][ T5296] usb 3-1: USB disconnect, device number 11
[  353.267162][ T7755] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  353.328587][ T7755] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  353.369439][ T7755] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  353.418727][ T7755] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  353.420960][ T5309] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  353.580936][ T5265] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  353.610310][ T5309] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  353.616851][ T7755] 8021q: adding VLAN 0 to HW filter on device bond0
[  353.643388][ T5309] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  353.662278][ T7991] netlink: 'syz.3.609': attribute type 4 has an invalid length.
[  353.671280][ T5309] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  353.681044][ T5309] usb 3-1: Product: syz
[  353.682736][ T7755] 8021q: adding VLAN 0 to HW filter on device team0
[  353.691418][ T5309] usb 3-1: Manufacturer: syz
[  353.700969][ T5309] usb 3-1: SerialNumber: syz
[  353.712604][ T6699] bridge0: port 1(bridge_slave_0) entered blocking state
[  353.719835][ T6699] bridge0: port 1(bridge_slave_0) entered forwarding state
[  353.744087][ T5265] usb 5-1: Using ep0 maxpacket: 32
[  353.761335][ T6699] bridge0: port 2(bridge_slave_1) entered blocking state
[  353.768498][ T6699] bridge0: port 2(bridge_slave_1) entered forwarding state
[  353.810762][ T5265] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  353.839256][ T5265] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  353.887264][ T5265] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  353.908889][ T5265] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  353.931971][ T5265] usb 5-1: config 0 interface 0 has no altsetting 0
[  353.968645][ T5265] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  353.985371][ T5265] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  354.011043][ T5265] usb 5-1: Product: syz
[  354.015307][ T5265] usb 5-1: Manufacturer: syz
[  354.051181][ T5265] usb 5-1: SerialNumber: syz
[  354.061986][ T5265] usb 5-1: config 0 descriptor??
[  354.089618][ T5265] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  354.107950][ T5265] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  354.202292][ T8001] syzkaller0: entered allmulticast mode
[  354.257147][ T8001] syzkaller0 (unregistering): left allmulticast mode
[  354.353251][ T5309] cdc_ncm 3-1:1.0: failed GET_NTB_PARAMETERS
[  354.362657][ T5309] cdc_ncm 3-1:1.0: bind() failure
[  354.363129][ T7755] 8021q: adding VLAN 0 to HW filter on device batadv0
[  354.373886][ T5309] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  354.392993][ T5309] cdc_ncm 3-1:1.1: bind() failure
[  354.471555][ T7755] veth0_vlan: entered promiscuous mode
[  354.517408][ T7755] veth1_vlan: entered promiscuous mode
[  354.591999][ T7755] veth0_macvtap: entered promiscuous mode
[  355.052517][ T7755] veth1_macvtap: entered promiscuous mode
[  355.307622][ T7755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  355.338472][ T7755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.359655][ T7755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  355.370866][ T7755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.381044][ T7755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  355.391725][ T7755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.401811][ T7755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  355.412406][ T7755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.422364][ T7755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  355.432912][ T7755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.446245][ T7755] batman_adv: batadv0: Interface activated: batadv_slave_0
[  355.461597][ T7755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  355.472760][ T7755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.493547][ T7755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  355.506084][ T7755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.516036][ T7755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  355.527105][ T7755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.537193][ T7755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  355.547891][ T7755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.559101][ T7755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  355.570195][ T7755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.581446][ T7755] batman_adv: batadv0: Interface activated: batadv_slave_1
[  355.629967][ T7755] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  355.639568][ T7755] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  355.658301][ T7755] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  355.679597][ T7755] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  356.686858][ T1184] usb 3-1: USB disconnect, device number 12
[  359.537722][ T8013] ldusb 5-1:0.0: Couldn't submit HID_REQ_SET_REPORT -110
[  359.773757][ T5309] usb 5-1: USB disconnect, device number 11
[  359.787248][ T5309] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  362.030953][ T5309] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  362.243886][ T5309] usb 3-1: Using ep0 maxpacket: 32
[  362.551966][ T5309] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  362.566037][ T5309] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  362.610428][ T5309] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  362.625440][ T5309] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.653543][ T5309] usb 3-1: config 0 descriptor??
[  362.692016][ T5309] hub 3-1:0.0: USB hub found
[  362.840196][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  362.851498][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  362.891863][ T5309] hub 3-1:0.0: 1 port detected
[  362.963290][  T955] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  362.993818][  T955] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  363.390562][ T5308] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  363.495442][    T9] hub 3-1:0.0: activate --> -90
[  363.550633][ T5308] usb 4-1: Using ep0 maxpacket: 32
[  363.558449][ T5308] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  363.581160][ T5308] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  363.602746][ T5308] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  363.623083][ T5308] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  363.644540][ T5308] usb 4-1: config 0 descriptor??
[  363.658824][ T5308] hub 4-1:0.0: USB hub found
[  363.862573][  T955] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.877525][ T5308] hub 4-1:0.0: 1 port detected
[  364.012274][ T5309] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  364.074379][  T955] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.191100][ T5309] usb 1-1: Using ep0 maxpacket: 8
[  364.212753][ T5309] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  364.240533][ T5309] usb 1-1: config 179 has no interface number 0
[  364.247002][ T5309] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  364.303137][ T5309] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  364.307618][ T1184] usb 3-1: USB disconnect, device number 13
[  364.314947][    T9] usb 3-1-port1: cannot reset (err = -71)
[  364.326903][  T955] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.345645][ T5309] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  364.358630][    T9] usb 3-1-port1: Cannot enable. Maybe the USB cable is bad?
[  364.374371][ T5309] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  364.392278][    T9] usb 3-1-port1: attempt power cycle
[  364.398129][ T5309] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  364.416852][ T5309] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.436080][ T8103] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  364.511455][ T5308] hub 4-1:0.0: activate --> -90
[  364.586674][  T955] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.718318][ T5308] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input10
[  364.925519][ T5308] usb 1-1: USB disconnect, device number 12
[  364.925580][    C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  364.925633][    C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  365.013045][ T5308] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  365.094615][ T5230] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  365.105817][ T5230] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  365.116753][ T5230] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  365.126510][ T5230] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  365.180308][ T5230] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  365.190618][ T5230] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  365.276667][  T955] bridge_slave_1: left allmulticast mode
[  365.294292][  T955] bridge_slave_1: left promiscuous mode
[  365.315254][  T955] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.379256][  T955] bridge_slave_0: left allmulticast mode
[  365.400714][  T955] bridge_slave_0: left promiscuous mode
[  365.406504][  T955] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.526617][ T5265] usb 4-1-port1: over-current condition
[  365.551607][ T4608] Bluetooth: hci5: unexpected event for opcode 0x080f
[  365.568712][ T5265] usb 4-1-port1: config error
[  365.738904][ T5264] usb 4-1: USB disconnect, device number 12
[  367.417222][ T4608] Bluetooth: hci1: command tx timeout
[  368.343136][ T8144] coredump: 340(syz.0.636): written to core: VMAs: 37, size 92528640; core: 71787674 bytes, pos 92536832
[  369.479910][ T4608] Bluetooth: hci1: command tx timeout
[  369.620518][ T5230] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  369.629910][ T5230] Bluetooth: hci5: Injecting HCI hardware error event
[  369.638767][ T4608] Bluetooth: hci5: hardware error 0x00
[  370.250678][ T5264] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  371.137298][   T29] audit: type=1326 audit(372.106:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8173 comm="syz.3.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9b17def9 code=0x7ffc0000
[  371.158046][    C0] vkms_vblank_simulate: vblank timer overrun
[  371.279727][   T29] audit: type=1326 audit(372.146:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8173 comm="syz.3.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9b17def9 code=0x7ffc0000
[  371.313770][   T29] audit: type=1326 audit(372.146:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8173 comm="syz.3.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f8b9b17def9 code=0x7ffc0000
[  371.532161][ T5230] Bluetooth: hci1: command tx timeout
[  371.998493][ T4608] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  372.045226][   T29] audit: type=1326 audit(372.156:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8173 comm="syz.3.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9b17def9 code=0x7ffc0000
[  372.112475][   T29] audit: type=1326 audit(372.156:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8173 comm="syz.3.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9b17def9 code=0x7ffc0000
[  372.133730][   T29] audit: type=1326 audit(372.156:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8173 comm="syz.3.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7f8b9b17def9 code=0x7ffc0000
[  372.209677][   T29] audit: type=1326 audit(372.156:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8173 comm="syz.3.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9b17def9 code=0x7ffc0000
[  372.284940][   T29] audit: type=1326 audit(372.166:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8173 comm="syz.3.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f8b9b17def9 code=0x7ffc0000
[  372.380556][   T29] audit: type=1326 audit(372.166:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8173 comm="syz.3.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b9b17def9 code=0x7ffc0000
[  372.430055][   T29] audit: type=1326 audit(372.166:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8173 comm="syz.3.644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f8b9b17def9 code=0x7ffc0000
[  372.598603][  T955] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  372.615575][  T955] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  372.633909][  T955] bond0 (unregistering): Released all slaves
[  372.675435][ T8127] lo speed is unknown, defaulting to 1000
[  372.747789][ T8170] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  372.761431][ T8170] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  372.786034][ T8170] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  372.831452][ T8170] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  372.894875][ T8170] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  372.919853][ T8170] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  372.927379][ T8170] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  372.948608][ T8170] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  374.525888][ T5268] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  374.813460][ T4608] Bluetooth: hci2: command 0x0406 tx timeout
[  374.819876][ T5230] Bluetooth: hci3: command 0x0c1a tx timeout
[  374.980530][ T5230] Bluetooth: hci1: command 0x0c1a tx timeout
[  375.008254][  T955] hsr_slave_0: left promiscuous mode
[  375.203022][  T955] hsr_slave_1: left promiscuous mode
[  375.328313][  T955] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  375.360776][  T955] batman_adv: batadv0: Removing interface: batadv_slave_0
[  375.420987][ T5268] usb 5-1: Using ep0 maxpacket: 32
[  375.433444][  T955] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  375.455242][  T955] batman_adv: batadv0: Removing interface: batadv_slave_1
[  375.477853][ T5268] usb 5-1: config 0 has no interfaces?
[  375.557942][ T5268] usb 5-1: New USB device found, idVendor=1d6f, idProduct=0010, bcdDevice=5a.a7
[  375.661962][ T5268] usb 5-1: New USB device strings: Mfr=151, Product=2, SerialNumber=3
[  375.855341][ T5268] usb 5-1: Product: syz
[  375.945422][ T5268] usb 5-1: Manufacturer: syz
[  376.017957][ T5268] usb 5-1: SerialNumber: syz
[  376.062156][ T5268] usb 5-1: config 0 descriptor??
[  376.121223][  T955] veth1_macvtap: left promiscuous mode
[  376.127163][  T955] veth0_macvtap: left promiscuous mode
[  376.163859][  T955] veth1_vlan: left promiscuous mode
[  376.191940][  T955] veth0_vlan: left promiscuous mode
[  376.191942][ T5268] usb 5-1: USB disconnect, device number 12
[  377.402274][ T5230] Bluetooth: hci3: command 0x0c1a tx timeout
[  377.408422][ T5230] Bluetooth: hci1: command 0x0c1a tx timeout
[  377.607972][ T4608] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  377.657428][ T4608] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  377.818276][ T4608] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  378.868193][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  378.876461][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  378.932969][ T4608] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  378.970526][ T4608] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  379.190730][ T4608] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  379.450497][ T5230] Bluetooth: hci1: command 0x0c1a tx timeout
[  379.456861][ T5230] Bluetooth: hci3: command 0x0c1a tx timeout
[  379.463065][ T5265] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  380.272243][ T5265] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  380.282937][ T5265] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  380.299298][ T5265] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  380.319508][ T5265] usb 3-1: config 0 interface 0 has no altsetting 0
[  380.327869][ T5265] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  380.338819][ T5265] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  380.367886][ T5265] usb 3-1: config 0 interface 0 has no altsetting 0
[  380.383057][ T5265] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  380.404875][ T5265] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  380.438562][ T5265] usb 3-1: config 0 interface 0 has no altsetting 0
[  380.449314][ T5265] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  380.463182][ T5265] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  380.487753][ T5265] usb 3-1: config 0 interface 0 has no altsetting 0
[  380.499288][ T5265] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  380.518134][ T5265] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  380.529341][ T5265] usb 3-1: config 0 interface 0 has no altsetting 0
[  380.554157][ T5265] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  380.563191][ T5265] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  380.574393][ T5265] usb 3-1: config 0 interface 0 has no altsetting 0
[  380.594210][ T5265] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  380.617247][ T5265] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  380.628599][ T5265] usb 3-1: config 0 interface 0 has no altsetting 0
[  380.648307][ T5265] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  380.661203][ T5265] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  380.676136][  T955] team0 (unregistering): Port device team_slave_1 removed
[  380.706942][ T5265] usb 3-1: config 0 interface 0 has no altsetting 0
[  380.735223][ T5265] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  380.745393][ T5265] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  380.757385][  T955] team0 (unregistering): Port device team_slave_0 removed
[  380.758507][ T5265] usb 3-1: Product: syz
[  380.782545][ T5265] usb 3-1: Manufacturer: syz
[  380.793099][ T5265] usb 3-1: SerialNumber: syz
[  380.808781][ T5265] usb 3-1: config 0 descriptor??
[  380.841444][ T5265] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0
[  381.093873][ T5269] usb 3-1: USB disconnect, device number 18
[  381.102117][ T5269] yurex 3-1:0.0: USB YUREX #0 now disconnected
[  381.300557][ T4608] Bluetooth: hci4: command tx timeout
[  382.219521][ T8283] netlink: 8 bytes leftover after parsing attributes in process `syz.4.667'.
[  382.230381][ T8283] netlink: 32 bytes leftover after parsing attributes in process `syz.4.667'.
[  382.336931][ T8251] lo speed is unknown, defaulting to 1000
[  382.843903][ T8127] chnl_net:caif_netlink_parms(): no params data found
[  383.370840][ T4608] Bluetooth: hci4: command tx timeout
[  383.524051][ T8127] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.595432][ T8127] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.633107][ T8127] bridge_slave_0: entered allmulticast mode
[  383.691799][ T8127] bridge_slave_0: entered promiscuous mode
[  383.754843][ T8127] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.762729][ T8127] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.771004][ T8127] bridge_slave_1: entered allmulticast mode
[  383.782337][ T8127] bridge_slave_1: entered promiscuous mode
[  384.176116][ T8127] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  384.333845][ T8127] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  384.596358][  T955] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.976653][ T8127] team0: Port device team_slave_0 added
[  385.010477][ T5308] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  385.091168][  T955] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.193174][ T8251] chnl_net:caif_netlink_parms(): no params data found
[  385.231643][ T5308] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  385.236221][ T8127] team0: Port device team_slave_1 added
[  385.260630][ T5308] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  385.281761][ T5308] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  385.344410][ T5308] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.402346][ T8318] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  385.435023][ T5308] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  385.450525][ T4608] Bluetooth: hci4: command tx timeout
[  385.663419][  T955] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.812436][ T8127] batman_adv: batadv0: Adding interface: batadv_slave_0
[  385.829845][ T8127] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  385.900310][ T8127] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  385.925091][ T8127] batman_adv: batadv0: Adding interface: batadv_slave_1
[  385.941482][ T8127] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  385.986495][ T8127] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  386.176988][  T955] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.590469][ T8127] hsr_slave_0: entered promiscuous mode
[  386.597003][ T8127] hsr_slave_1: entered promiscuous mode
[  386.610554][ T8127] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  386.623062][ T8127] Cannot create hsr debugfs directory
[  387.550413][ T4608] Bluetooth: hci4: command tx timeout
[  387.648251][ T8338] ALSA: mixer_oss: invalid OSS volume ''
[  387.656104][ T8338] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  388.443810][ T8251] bridge0: port 1(bridge_slave_0) entered blocking state
[  388.460705][ T8251] bridge0: port 1(bridge_slave_0) entered disabled state
[  388.468010][ T8251] bridge_slave_0: entered allmulticast mode
[  388.507122][ T8251] bridge_slave_0: entered promiscuous mode
[  388.606264][ T8251] bridge0: port 2(bridge_slave_1) entered blocking state
[  388.618831][ T8251] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.639738][ T8251] bridge_slave_1: entered allmulticast mode
[  388.662169][ T8251] bridge_slave_1: entered promiscuous mode
[  388.798861][ T8251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  389.426245][ T8251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  389.465054][ T1184] usb 5-1: USB disconnect, device number 13
[  392.534313][ T8380] loop4: detected capacity change from 0 to 7
[  392.571187][ T8380] Buffer I/O error on dev loop4, logical block 0, async page read
[  392.579293][ T8380] Buffer I/O error on dev loop4, logical block 0, async page read
[  392.621414][ T8380] Buffer I/O error on dev loop4, logical block 0, async page read
[  392.648129][  T955] bridge_slave_1: left allmulticast mode
[  392.654327][  T955] bridge_slave_1: left promiscuous mode
[  392.660872][  T955] bridge0: port 2(bridge_slave_1) entered disabled state
[  392.680504][ T8380] Buffer I/O error on dev loop4, logical block 0, async page read
[  392.694472][  T955] bridge_slave_0: left allmulticast mode
[  392.700176][  T955] bridge_slave_0: left promiscuous mode
[  392.716470][ T8380] Buffer I/O error on dev loop4, logical block 0, async page read
[  392.726480][ T8380] Buffer I/O error on dev loop4, logical block 0, async page read
[  392.735590][ T8380] Buffer I/O error on dev loop4, logical block 0, async page read
[  392.752048][ T8380] ldm_validate_partition_table(): Disk read failed.
[  392.752375][  T955] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.830549][ T8380] Buffer I/O error on dev loop4, logical block 0, async page read
[  392.865442][ T8380] Buffer I/O error on dev loop4, logical block 0, async page read
[  393.037219][ T8380] Buffer I/O error on dev loop4, logical block 0, async page read
[  393.070539][ T8380] Dev loop4: unable to read RDB block 0
[  393.076308][ T8380]  loop4: unable to read partition table
[  393.200640][ T5308] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  393.818546][ T8380] loop4: partition table beyond EOD, truncated
[  393.990368][ T5308] usb 5-1: Using ep0 maxpacket: 16
[  394.008622][ T8380] loop_reread_partitions: partition scan of loop4 (�被x������ڬ��dƤ����ݡ�����
[  394.008622][ T8380] 
) failed (rc=-5)
[  394.048845][ T5308] usb 5-1: config 0 has an invalid interface number: 214 but max is 0
[  394.078797][ T5308] usb 5-1: config 0 has no interface number 0
[  394.897649][ T5308] usb 5-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  394.916986][ T5308] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.926070][ T5308] usb 5-1: Product: syz
[  394.930685][ T5308] usb 5-1: Manufacturer: syz
[  394.935479][ T5308] usb 5-1: SerialNumber: syz
[  394.959850][ T5308] usb 5-1: config 0 descriptor??
[  395.374326][  T955] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  395.386444][  T955] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  395.398645][  T955] bond0 (unregistering): Released all slaves
[  395.532725][  T955] bond1 (unregistering): Released all slaves
[  395.625708][ T8413] syz.2.684 (8413): attempted to duplicate a private mapping with mremap.  This is not supported.
[  395.733278][ T8251] team0: Port device team_slave_0 added
[  395.750497][ T8409] vlan2: entered promiscuous mode
[  395.913771][ T8251] team0: Port device team_slave_1 added
[  396.497049][ T8251] batman_adv: batadv0: Adding interface: batadv_slave_0
[  396.513865][ T8251] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  396.555877][ T8251] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  396.629887][ T8251] batman_adv: batadv0: Adding interface: batadv_slave_1
[  396.641147][ T8251] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  396.830500][ T8251] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  397.720142][  T955] hsr_slave_0: left promiscuous mode
[  397.778778][  T955] hsr_slave_1: left promiscuous mode
[  398.695150][  T955] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  398.735997][  T955] batman_adv: batadv0: Removing interface: batadv_slave_0
[  398.830758][ T8439] ALSA: seq fatal error: cannot create timer (-16)
[  399.701335][  T955] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  399.729301][  T955] batman_adv: batadv0: Removing interface: batadv_slave_1
[  400.124778][ T5296] usb 5-1: USB disconnect, device number 14
[  400.246555][  T955] veth1_macvtap: left promiscuous mode
[  400.252729][  T955] veth0_macvtap: left promiscuous mode
[  400.258656][  T955] veth1_vlan: left promiscuous mode
[  400.286318][  T955] veth0_vlan: left promiscuous mode
[  403.083980][  T955] team0 (unregistering): Port device team_slave_1 removed
[  403.147151][  T955] team0 (unregistering): Port device team_slave_0 removed
[  403.876237][ T8469] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.696'.
[  403.912449][ T8251] hsr_slave_0: entered promiscuous mode
[  403.944497][ T8251] hsr_slave_1: entered promiscuous mode
[  403.958183][ T8251] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  403.968707][ T8251] Cannot create hsr debugfs directory
[  404.995774][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  404.995795][   T29] audit: type=1326 audit(405.956:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8476 comm="syz.0.698" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcfe377def9 code=0x0
[  405.177432][ T8127] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  405.972853][ T8127] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  406.006844][ T8127] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  406.154277][ T8127] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  410.765411][ T8127] 8021q: adding VLAN 0 to HW filter on device bond0
[  410.914289][ T8127] 8021q: adding VLAN 0 to HW filter on device team0
[  410.941424][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  410.948639][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  410.999143][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  411.006380][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  411.026082][ T8251] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  411.036350][ T8251] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  411.052309][ T8251] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  411.078337][ T8251] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  411.127965][ T8517] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  411.201954][ T8517] kvm: pic: level sensitive irq not supported
[  411.205046][ T8517] kvm: pic: non byte read
[  411.234162][ T8517] kvm: pic: level sensitive irq not supported
[  411.234266][ T8517] kvm: pic: non byte read
[  411.275106][ T8517] kvm: pic: level sensitive irq not supported
[  411.275207][ T8517] kvm: pic: non byte read
[  411.460914][ T8251] 8021q: adding VLAN 0 to HW filter on device bond0
[  411.558237][ T8251] 8021q: adding VLAN 0 to HW filter on device team0
[  411.603300][ T6699] bridge0: port 1(bridge_slave_0) entered blocking state
[  411.610517][ T6699] bridge0: port 1(bridge_slave_0) entered forwarding state
[  411.680933][ T1112] bridge0: port 2(bridge_slave_1) entered blocking state
[  411.688338][ T1112] bridge0: port 2(bridge_slave_1) entered forwarding state
[  411.849913][ T8127] 8021q: adding VLAN 0 to HW filter on device batadv0
[  415.395612][ T8127] veth0_vlan: entered promiscuous mode
[  415.437882][ T8127] veth1_vlan: entered promiscuous mode
[  415.539323][ T8127] veth0_macvtap: entered promiscuous mode
[  415.594513][ T8127] veth1_macvtap: entered promiscuous mode
[  415.766091][ T8127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  415.777020][ T8127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.787078][ T8127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  415.797932][ T8127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.810565][ T8127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  415.821136][ T8127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.831339][ T8127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  415.842136][ T8127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  415.855471][ T8127] batman_adv: batadv0: Interface activated: batadv_slave_0
[  415.983019][ T8127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  416.000342][ T8127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  416.026634][ T8127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  416.060657][ T8127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  416.100352][ T8127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  416.130423][ T8127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  416.155336][ T8127] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  416.213051][ T8127] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  416.235741][ T8127] batman_adv: batadv0: Interface activated: batadv_slave_1
[  416.256979][ T8127] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  416.285906][ T8127] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  416.332686][ T8127] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  416.395905][ T8127] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  416.487388][ T8571] lo speed is unknown, defaulting to 1000
[  416.509457][ T8251] 8021q: adding VLAN 0 to HW filter on device batadv0
[  417.027349][ T6338] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  417.038247][ T6338] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  417.072159][ T8251] veth0_vlan: entered promiscuous mode
[  417.090603][ T5267] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  417.133203][ T8251] veth1_vlan: entered promiscuous mode
[  417.176260][ T8251] veth0_macvtap: entered promiscuous mode
[  417.203314][ T5925] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  417.227429][ T8251] veth1_macvtap: entered promiscuous mode
[  417.234370][ T5925] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  417.262517][ T5267] usb 5-1: unable to get BOS descriptor or descriptor too short
[  417.310020][ T8251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  417.327175][ T8251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.337531][ T5267] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  417.348408][ T5267] usb 5-1: config 1 interface 0 altsetting 9 has an endpoint descriptor with address 0x24, changing to 0x4
[  417.360136][ T8251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  417.371493][ T5267] usb 5-1: config 1 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  417.384509][ T8251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.394626][ T5267] usb 5-1: config 1 interface 0 has no altsetting 0
[  417.401435][ T8251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  417.419038][ T8251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.434576][ T8251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  417.459900][ T8251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.470934][ T8251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  417.481573][ T8251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.492511][ T5267] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  417.522452][ T5267] usb 5-1: New USB device strings: Mfr=33, Product=2, SerialNumber=3
[  417.542447][ T8251] batman_adv: batadv0: Interface activated: batadv_slave_0
[  417.560372][ T5267] usb 5-1: Product: ᠉
[  417.564692][ T5267] usb 5-1: Manufacturer: syz
[  417.573387][ T8251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  417.596557][ T8251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.610626][ T8251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  417.633923][ T8251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.670459][ T8251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  417.681416][ T8251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.700446][ T8251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  417.713608][ T8251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.836356][ T8251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  417.858266][ T8591] capability: warning: `syz.4.713' uses deprecated v2 capabilities in a way that may be insecure
[  417.890528][ T8251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  417.907612][ T8251] batman_adv: batadv0: Interface activated: batadv_slave_1
[  418.473797][ T5267] usb 5-1: bad CDC descriptors
[  418.541039][ T8251] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  418.561300][ T5267] usb 5-1: USB disconnect, device number 15
[  418.590412][ T8251] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  418.666091][ T8251] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  418.719922][ T8251] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  418.852719][  T955] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  419.182000][ T1112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  419.194977][ T1112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  419.264568][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  419.297458][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  420.477549][ T8630] netlink: 'syz.0.716': attribute type 2 has an invalid length.
[  420.546037][  T955] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.133144][ T5230] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  423.144286][ T5230] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  423.155713][ T5230] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  423.168413][ T5230] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  423.356452][ T5230] Bluetooth: hci2: SCO packet for unknown connection handle 200
[  423.358429][ T5230] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  423.374898][ T5230] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  423.421310][ T5230] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  423.444511][  T955] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.700524][    T9] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  423.872530][    T9] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  423.925665][    T9] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  423.966835][    T9] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  424.013441][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.065718][ T8666] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  424.148751][    T9] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  425.450536][ T5229] Bluetooth: hci1: command tx timeout
[  425.860563][    T9] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  426.050543][    T9] usb 3-1: Using ep0 maxpacket: 16
[  426.074823][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  426.096360][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  426.125173][    T9] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  426.156355][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  426.197687][    T9] usb 3-1: config 0 descriptor??
[  426.452214][ T5229] Bluetooth: hci3: unexpected event for opcode 0x0000
[  426.752200][ T5229] Bluetooth: hci3: Malformed LE Event: 0x0b
[  426.962142][ T8713] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  427.609350][ T5229] Bluetooth: hci1: command tx timeout
[  427.640302][ T8713] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  427.785029][ T5308] usb 1-1: USB disconnect, device number 13
[  427.804229][    T9] hid (null): report_id 0 is invalid
[  427.845378][    T9] hid-generic 0003:0158:0100.0008: unknown main item tag 0x1
[  427.939946][    T9] hid-generic 0003:0158:0100.0008: unexpected long global item
[  427.999084][  T955] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  428.017112][    T9] hid-generic 0003:0158:0100.0008: probe with driver hid-generic failed with error -22
[  428.039895][ T8693] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  428.087060][ T8721] No control pipe specified
[  428.104560][ T8693] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  428.230273][    C1] sched: DL replenish lagged too much
[  428.467745][ T8656] lo speed is unknown, defaulting to 1000
[  428.488065][ T8710] sp0: Synchronizing with TNC
[  428.639971][ T8711] Falling back ldisc for ptm0.
[  428.673107][ T5296] usb 3-1: USB disconnect, device number 19
[  428.853634][  T955] bridge_slave_1: left allmulticast mode
[  428.861376][  T955] bridge_slave_1: left promiscuous mode
[  428.868784][  T955] bridge0: port 2(bridge_slave_1) entered disabled state
[  428.915197][  T955] bridge_slave_0: left allmulticast mode
[  428.927386][  T955] bridge_slave_0: left promiscuous mode
[  428.937680][  T955] bridge0: port 1(bridge_slave_0) entered disabled state
[  429.690497][ T5229] Bluetooth: hci1: command tx timeout
[  430.490864][ T5229] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  430.499818][ T5229] Bluetooth: hci3: Injecting HCI hardware error event
[  430.511471][ T5230] Bluetooth: hci3: hardware error 0x00
[  431.770565][ T5229] Bluetooth: hci1: command tx timeout
[  432.570460][ T5230] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  440.192033][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  440.198394][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  483.266489][ T5229] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  483.290646][ T5229] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  483.299179][ T5229] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  483.330982][ T5229] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  483.339364][ T5229] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  483.347393][ T5229] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  483.541072][ T5230] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  483.586726][ T5230] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  483.595815][ T5230] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  483.605350][ T5230] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  483.613725][ T5230] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  483.621467][ T5230] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  483.780720][ T5229] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  483.795976][ T5229] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  483.804372][ T5229] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  483.820120][ T5229] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  483.828557][ T5229] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  483.836212][ T5229] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  483.975263][ T5230] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  483.985251][ T5230] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  483.995050][ T5230] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  484.004023][ T5230] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  484.028656][ T5230] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  484.037751][ T5230] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  484.338901][ T5229] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  484.349065][ T5229] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  484.357870][ T5229] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  484.366262][ T5229] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  484.376020][ T5229] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  484.383858][ T5229] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  485.450570][ T5229] Bluetooth: hci6: command tx timeout
[  485.690688][ T5229] Bluetooth: hci7: command tx timeout
[  485.948481][ T5229] Bluetooth: hci8: command tx timeout
[  486.090635][ T5229] Bluetooth: hci9: command tx timeout
[  486.490628][ T5229] Bluetooth: hci10: command tx timeout
[  487.531346][ T5229] Bluetooth: hci6: command tx timeout
[  487.770466][ T5229] Bluetooth: hci7: command tx timeout
[  488.010584][ T5229] Bluetooth: hci8: command tx timeout
[  488.170543][ T5229] Bluetooth: hci9: command tx timeout
[  488.570492][ T5229] Bluetooth: hci10: command tx timeout
[  489.610382][ T5229] Bluetooth: hci6: command tx timeout
[  489.850707][ T5229] Bluetooth: hci7: command tx timeout
[  490.090780][ T5229] Bluetooth: hci8: command tx timeout
[  490.250349][ T5229] Bluetooth: hci9: command tx timeout
[  490.650581][ T5229] Bluetooth: hci10: command tx timeout
[  491.691539][ T5229] Bluetooth: hci6: command tx timeout
[  491.937462][ T5229] Bluetooth: hci7: command tx timeout
[  492.170504][ T5229] Bluetooth: hci8: command tx timeout
[  492.330368][ T5229] Bluetooth: hci9: command tx timeout
[  492.740651][ T5229] Bluetooth: hci10: command tx timeout
[  498.469952][  T955] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  498.509812][  T955] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  498.532446][  T955] bond0 (unregistering): Released all slaves
[  498.764585][ T8745] lo speed is unknown, defaulting to 1000
[  501.617707][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  501.640367][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  543.768991][ T5230] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  543.798446][ T5230] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  543.807549][ T5230] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  543.820969][ T5230] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  543.828770][ T5230] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  543.836269][ T5230] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  544.328140][ T5229] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  544.339552][ T5229] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  544.348842][ T5229] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  544.357235][ T5229] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  544.365415][ T5229] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  544.373156][ T5229] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  544.767354][ T5230] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  544.777767][ T5230] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  544.786866][ T5230] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  544.797336][ T5230] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  544.820599][ T5230] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  544.837871][ T5230] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  544.942662][ T5230] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  544.953300][ T5230] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  544.961708][ T5230] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  544.971724][ T5230] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  544.979655][ T5230] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  544.987566][ T5230] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  545.103049][ T5229] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  545.113357][ T5229] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  545.123564][ T5229] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  545.135447][ T5229] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  545.143574][ T5229] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  545.152067][ T5229] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  545.930459][ T5229] Bluetooth: hci1: command tx timeout
[  546.410551][ T5229] Bluetooth: hci2: command tx timeout
[  546.890521][ T5229] Bluetooth: hci3: command tx timeout
[  547.050922][ T5229] Bluetooth: hci4: command tx timeout
[  547.210404][ T5229] Bluetooth: hci11: command tx timeout
[  548.010590][ T5229] Bluetooth: hci1: command tx timeout
[  548.492144][ T5229] Bluetooth: hci2: command tx timeout
[  548.970536][ T5229] Bluetooth: hci3: command tx timeout
[  549.130488][ T5229] Bluetooth: hci4: command tx timeout
[  549.290332][ T5229] Bluetooth: hci11: command tx timeout
[  550.090380][ T5229] Bluetooth: hci1: command tx timeout
[  550.570431][ T5229] Bluetooth: hci2: command tx timeout
[  551.050531][ T5229] Bluetooth: hci3: command tx timeout
[  551.210697][ T5229] Bluetooth: hci4: command tx timeout
[  551.370445][ T5229] Bluetooth: hci11: command tx timeout
[  552.170665][ T5229] Bluetooth: hci1: command tx timeout
[  552.650403][ T5229] Bluetooth: hci2: command tx timeout
[  553.130487][ T5229] Bluetooth: hci3: command tx timeout
[  553.290742][ T5229] Bluetooth: hci4: command tx timeout
[  553.450452][ T5229] Bluetooth: hci11: command tx timeout
[  563.054029][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  563.070016][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  605.522823][   T55] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  605.532927][ T8788] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  605.541624][ T8788] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  605.552004][ T8788] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  605.560053][ T8788] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  605.567661][ T8788] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  606.095790][ T8782] Bluetooth: hci7: command 0x0406 tx timeout
[  606.102370][ T8782] Bluetooth: hci8: command 0x0406 tx timeout
[  606.108449][ T8788] Bluetooth: hci6: command 0x0406 tx timeout
[  606.379702][ T5229] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  606.395709][ T5229] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  606.404378][ T5229] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  606.440433][ T5229] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  606.450762][ T5229] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  606.460724][ T5229] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  606.561071][ T5229] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  606.573978][ T5229] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  606.582900][ T5229] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  606.591424][ T5229] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  606.620312][ T5229] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  606.630770][ T5229] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  606.718182][ T4608] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  606.729328][ T4608] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  606.742684][ T4608] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  606.751121][ T4608] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  606.758837][ T4608] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[  606.770665][ T4608] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  606.864076][ T5229] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  606.874750][ T5229] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  606.885598][ T5229] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  606.894991][ T5229] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  606.905436][ T5229] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3
[  606.918039][ T5229] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  607.610506][ T4608] Bluetooth: hci12: command tx timeout
[  608.570657][ T4608] Bluetooth: hci13: command tx timeout
[  608.730725][ T4608] Bluetooth: hci14: command tx timeout
[  608.810485][ T4608] Bluetooth: hci15: command tx timeout
[  608.970733][ T4608] Bluetooth: hci16: command tx timeout
[  609.690382][ T4608] Bluetooth: hci12: command tx timeout
[  610.650480][ T4608] Bluetooth: hci13: command tx timeout
[  610.810779][ T4608] Bluetooth: hci14: command tx timeout
[  610.890358][ T4608] Bluetooth: hci15: command tx timeout
[  611.050662][ T4608] Bluetooth: hci16: command tx timeout
[  611.220382][ T8792] Bluetooth: hci9: command 0x0406 tx timeout
[  611.227897][ T4608] Bluetooth: hci10: command 0x0406 tx timeout
[  611.770532][ T5229] Bluetooth: hci12: command tx timeout
[  612.730532][ T5229] Bluetooth: hci13: command tx timeout
[  612.890786][ T5229] Bluetooth: hci14: command tx timeout
[  612.970412][ T5229] Bluetooth: hci15: command tx timeout
[  613.130514][ T5229] Bluetooth: hci16: command tx timeout
[  613.850356][ T5229] Bluetooth: hci12: command tx timeout
[  614.810463][ T5229] Bluetooth: hci13: command tx timeout
[  614.980907][ T5229] Bluetooth: hci14: command tx timeout
[  615.050555][ T5229] Bluetooth: hci15: command tx timeout
[  615.210620][ T5229] Bluetooth: hci16: command tx timeout
[  624.495910][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  624.502426][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  660.970623][   T30] INFO: task kworker/u8:5:955 blocked for more than 143 seconds.
[  660.978515][   T30]       Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  661.013921][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  661.070416][   T30] task:kworker/u8:5    state:D stack:20344 pid:955   tgid:955   ppid:2      flags:0x00004000
[  661.160320][   T30] Workqueue: netns cleanup_net
[  661.165184][   T30] Call Trace:
[  661.168492][   T30]  <TASK>
[  661.260202][   T30]  __schedule+0x1843/0x4ae0
[  661.264910][   T30]  ? __pfx___schedule+0x10/0x10
[  661.269818][   T30]  ? __pfx_lock_release+0x10/0x10
[  661.340270][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  661.380394][   T30]  ? kthread_data+0x52/0xd0
[  661.384991][   T30]  ? schedule+0x90/0x320
[  661.389279][   T30]  ? wq_worker_sleeping+0x66/0x240
[  661.460098][   T30]  ? schedule+0x90/0x320
[  661.464706][   T30]  schedule+0x14b/0x320
[  661.468948][   T30]  schedule_preempt_disabled+0x13/0x30
[  661.540174][   T30]  __mutex_lock+0x6a7/0xd70
[  661.544870][   T30]  ? __mutex_lock+0x52a/0xd70
[  661.579764][   T30]  ? ieee80211_unregister_hw+0x55/0x2c0
[  661.606163][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  661.630763][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  661.636747][   T30]  ? rcu_is_watching+0x15/0xb0
[  661.677877][   T30]  ieee80211_unregister_hw+0x55/0x2c0
[  661.690207][   T30]  mac80211_hwsim_del_radio+0x2c4/0x4c0
[  661.695845][   T30]  ? __pfx_mac80211_hwsim_del_radio+0x10/0x10
[  661.745906][   T30]  hwsim_exit_net+0x5c1/0x670
[  661.773888][   T30]  ? __pfx_hwsim_exit_net+0x10/0x10
[  661.779200][   T30]  ? __ip_vs_dev_cleanup_batch+0x239/0x260
[  661.817395][   T30]  cleanup_net+0x802/0xcc0
[  661.834302][   T30]  ? __pfx_cleanup_net+0x10/0x10
[  661.839368][   T30]  ? process_scheduled_works+0x976/0x1850
[  661.880192][   T30]  process_scheduled_works+0xa63/0x1850
[  661.885869][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  661.920373][   T30]  ? assign_work+0x364/0x3d0
[  661.925052][   T30]  worker_thread+0x870/0xd30
[  661.929716][   T30]  ? __kthread_parkme+0x169/0x1d0
[  661.958470][   T30]  ? __pfx_worker_thread+0x10/0x10
[  661.969015][   T30]  kthread+0x2f0/0x390
[  661.984957][   T30]  ? __pfx_worker_thread+0x10/0x10
[  662.003777][   T30]  ? __pfx_kthread+0x10/0x10
[  662.008442][   T30]  ret_from_fork+0x4b/0x80
[  662.030103][   T30]  ? __pfx_kthread+0x10/0x10
[  662.047660][   T30]  ret_from_fork_asm+0x1a/0x30
[  662.087992][   T30]  </TASK>
[  662.107548][   T30] INFO: task kworker/u8:6:1112 blocked for more than 144 seconds.
[  662.127372][   T30]       Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0
[  662.141515][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  662.168187][   T30] task:kworker/u8:6    state:D stack:22384 pid:1112  tgid:1112  ppid:2      flags:0x00004000
[  662.207261][   T30] Workqueue: ipv6_addrconf addrconf_dad_work
[  662.227228][   T30] Call Trace:
[  662.230686][   T30]  <TASK>
[  662.233671][   T30]  __schedule+0x1843/0x4ae0
[  662.238243][   T30]  ? __pfx___schedule+0x10/0x10
[  662.270394][   T30]  ? __pfx_lock_release+0x10/0x10
[  662.282638][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  662.299169][   T30]  ? kthread_data+0x52/0xd0
[  662.310381][   T30]  ? schedule+0x90/0x320
[  662.314786][   T30]  ? wq_worker_sleeping+0x66/0x240
[  662.320041][   T30]  ? schedule+0x90/0x320
[  662.356570][   T30]  schedule+0x14b/0x320
[  662.368019][   T30]  schedule_preempt_disabled+0x13/0x30
[  662.386370][   T30]  __mutex_lock+0x6a7/0xd70
[  662.400345][   T30]  ? mark_lock+0x9a/0x360
[  662.404744][   T30]  ? __mutex_lock+0x52a/0xd70
[  662.409470][   T30]  ? addrconf_dad_work+0xd0/0x16f0
[  662.440197][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  662.445336][   T30]  addrconf_dad_work+0xd0/0x16f0
[  662.470599][   T30]  ? __pfx_addrconf_dad_work+0x10/0x10
[  662.476142][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  662.503834][   T30]  ? process_scheduled_works+0x976/0x1850
[  662.509660][   T30]  process_scheduled_works+0xa63/0x1850
[  662.539704][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  662.560211][   T30]  ? assign_work+0x364/0x3d0
[  662.564893][   T30]  worker_thread+0x870/0xd30
[  662.569547][   T30]  ? __kthread_parkme+0x169/0x1d0
[  662.607551][   T30]  ? __pfx_worker_thread+0x10/0x10
[  662.627588][   T30]  kthread+0x2f0/0x390
[  662.646758][   T30]  ? __pfx_worker_thread+0x10/0x10
[  662.653135][   T30]  ? __pfx_kthread+0x10/0x10
[  662.657811][   T30]  ret_from_fork+0x4b/0x80
[  662.684414][   T30]  ? __pfx_kthread+0x10/0x10
[  662.689088][   T30]  ret_from_fork_asm+0x1a/0x30
[  662.716514][   T30]  </TASK>
[  662.719720][   T30] INFO: task dhcpcd:4882 blocked for more than 145 seconds.
[  662.751881][   T30]       Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0
[  662.759993][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  662.802679][   T30] task:dhcpcd          state:D stack:22504 pid:4882  tgid:4882  ppid:1      flags:0x00000002
[  662.836507][   T30] Call Trace:
[  662.839862][   T30]  <TASK>
[  662.850218][   T30]  __schedule+0x1843/0x4ae0
[  662.854819][   T30]  ? __pfx___schedule+0x10/0x10
[  662.880299][   T30]  ? __pfx_lock_release+0x10/0x10
[  662.885445][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  662.907742][   T30]  ? schedule+0x90/0x320
[  662.926693][   T30]  schedule+0x14b/0x320
[  662.937823][   T30]  schedule_preempt_disabled+0x13/0x30
[  662.950418][   T30]  __mutex_lock+0x6a7/0xd70
[  662.955014][   T30]  ? __mutex_lock+0x52a/0xd70
[  662.987939][   T30]  ? vlan_ioctl_handler+0x112/0x9d0
[  662.996751][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  663.018061][   T30]  ? __might_fault+0xc6/0x120
[  663.037262][   T30]  vlan_ioctl_handler+0x112/0x9d0
[  663.042440][   T30]  ? sock_ioctl+0x661/0x8e0
[  663.046996][   T30]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[  663.094037][   T30]  ? __asan_memset+0x23/0x50
[  663.107579][   T30]  ? smack_file_ioctl+0x29e/0x3a0
[  663.120353][   T30]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[  663.125982][   T30]  sock_ioctl+0x680/0x8e0
[  663.149987][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  663.163692][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  663.168624][   T30]  __se_sys_ioctl+0xf9/0x170
[  663.187291][   T30]  do_syscall_64+0xf3/0x230
[  663.200305][   T30]  ? clear_bhb_loop+0x35/0x90
[  663.205072][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.240282][   T30] RIP: 0033:0x7fb693e6dd49
[  663.244790][   T30] RSP: 002b:00007ffd74ce86d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  663.276448][   T30] RAX: ffffffffffffffda RBX: 000055e63baca8a0 RCX: 00007fb693e6dd49
[  663.299848][   T30] RDX: 00007ffd74ce86e0 RSI: 0000000000008982 RDI: 0000000000000011
[  663.327339][   T30] RBP: 0000000000000002 R08: 0000000000000008 R09: 0000000000000000
[  663.344087][   T30] R10: 00007ffd74cf8d60 R11: 0000000000000246 R12: 00007ffd74ce86e0
[  663.367406][   T30] R13: 00007ffd74ce87a0 R14: 000055e63baca8a0 R15: 000055e63bc40fa0
[  663.390389][   T30]  </TASK>
[  663.398747][   T30] INFO: task kworker/u8:8:5334 blocked for more than 145 seconds.
[  663.424235][   T30]       Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0
[  663.448406][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  663.470991][   T30] task:kworker/u8:8    state:D stack:19056 pid:5334  tgid:5334  ppid:2      flags:0x00004000
[  663.498093][   T30] Workqueue: events_unbound linkwatch_event
[  663.518396][   T30] Call Trace:
[  663.525851][   T30]  <TASK>
[  663.528952][   T30]  __schedule+0x1843/0x4ae0
[  663.556272][   T30]  ? __pfx___schedule+0x10/0x10
[  663.566364][   T30]  ? __pfx_lock_release+0x10/0x10
[  663.587173][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  663.596860][   T30]  ? kthread_data+0x52/0xd0
[  663.613185][   T30]  ? schedule+0x90/0x320
[  663.617504][   T30]  ? wq_worker_sleeping+0x66/0x240
[  663.657363][   T30]  ? schedule+0x90/0x320
[  663.661755][   T30]  schedule+0x14b/0x320
[  663.665975][   T30]  schedule_preempt_disabled+0x13/0x30
[  663.693582][   T30]  __mutex_lock+0x6a7/0xd70
[  663.698269][   T30]  ? __mutex_lock+0x52a/0xd70
[  663.722436][   T30]  ? linkwatch_event+0xe/0x60
[  663.727206][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  663.757276][   T30]  ? process_scheduled_works+0x976/0x1850
[  663.779661][   T30]  linkwatch_event+0xe/0x60
[  663.788968][   T30]  process_scheduled_works+0xa63/0x1850
[  663.806375][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  663.825822][   T30]  ? assign_work+0x364/0x3d0
[  663.842549][   T30]  worker_thread+0x870/0xd30
[  663.847248][   T30]  ? __kthread_parkme+0x169/0x1d0
[  663.875322][   T30]  ? __pfx_worker_thread+0x10/0x10
[  663.890214][   T30]  kthread+0x2f0/0x390
[  663.894446][   T30]  ? __pfx_worker_thread+0x10/0x10
[  663.899607][   T30]  ? __pfx_kthread+0x10/0x10
[  663.933837][   T30]  ret_from_fork+0x4b/0x80
[  663.938348][   T30]  ? __pfx_kthread+0x10/0x10
[  663.959037][   T30]  ret_from_fork_asm+0x1a/0x30
[  663.977117][   T30]  </TASK>
[  663.980369][   T30] INFO: task syz-executor:8739 blocked for more than 146 seconds.
[  664.020187][   T30]       Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0
[  664.028051][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  664.077362][   T30] task:syz-executor    state:D stack:24128 pid:8739  tgid:8739  ppid:1      flags:0x00004006
[  664.118000][   T30] Call Trace:
[  664.129178][   T30]  <TASK>
[  664.147285][   T30]  __schedule+0x1843/0x4ae0
[  664.170382][   T30]  ? __pfx___schedule+0x10/0x10
[  664.175319][   T30]  ? __pfx_lock_release+0x10/0x10
[  664.217961][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  664.227887][   T30]  ? schedule+0x90/0x320
[  664.269157][   T30]  schedule+0x14b/0x320
[  664.273456][   T30]  schedule_preempt_disabled+0x13/0x30
[  664.278962][   T30]  __mutex_lock+0x6a7/0xd70
[  664.310221][   T30]  ? __mutex_lock+0x52a/0xd70
[  664.336792][   T30]  ? ib_get_eth_speed+0x153/0x800
[  664.359407][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  664.387104][   T30]  ? _raw_spin_unlock+0x28/0x50
[  664.405384][   T30]  ? ib_device_get_netdev+0x153/0x3b0
[  664.425110][   T30]  ib_get_eth_speed+0x153/0x800
[  664.460263][   T30]  ? __pfx_ib_get_eth_speed+0x10/0x10
[  664.465759][   T30]  siw_query_port+0x4a/0x440
[  664.490474][   T30]  ? ib_query_port+0x351/0x7d0
[  664.496118][   T30]  ib_setup_port_attrs+0x299/0x2440
[  664.530321][   T30]  ? device_add+0xa6a/0xbf0
[  664.534955][   T30]  ? __pfx_ib_setup_port_attrs+0x10/0x10
[  664.580403][   T30]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  664.586496][   T30]  ? device_add+0x460/0xbf0
[  664.626959][   T30]  add_one_compat_dev+0x51a/0x710
[  664.647271][   T30]  rdma_dev_init_net+0x1f1/0x280
[  664.670291][   T30]  ? __pfx_rdma_dev_init_net+0x10/0x10
[  664.676026][   T30]  ops_init+0x31e/0x590
[  664.720237][   T30]  ? lockdep_init_map_type+0xa1/0x910
[  664.748962][   T30]  setup_net+0x287/0x9e0
[  664.767121][   T30]  ? __pfx_down_read_killable+0x10/0x10
[  664.800365][   T30]  ? __pfx_setup_net+0x10/0x10
[  664.806072][   T30]  copy_net_ns+0x33f/0x570
[  664.838775][   T30]  create_new_namespaces+0x425/0x7b0
[  664.860449][   T30]  unshare_nsproxy_namespaces+0x124/0x180
[  664.866261][   T30]  ksys_unshare+0x619/0xc10
[  664.904940][   T30]  ? __pfx_ksys_unshare+0x10/0x10
[  664.910054][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  664.950351][   T30]  ? do_syscall_64+0x100/0x230
[  664.955220][   T30]  __x64_sys_unshare+0x38/0x40
[  664.960042][   T30]  do_syscall_64+0xf3/0x230
[  665.007487][   T30]  ? clear_bhb_loop+0x35/0x90
[  665.039449][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  665.060227][   T30] RIP: 0033:0x7f450577f6f7
[  665.064715][   T30] RSP: 002b:00007ffc95765018 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[  665.117557][   T30] RAX: ffffffffffffffda RBX: 00007f4505935f40 RCX: 00007f450577f6f7
[  665.160230][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[  665.168286][   T30] RBP: 00007f4505936a38 R08: 0000000000000000 R09: 0000000000000000
[  665.213427][   T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c
[  665.247859][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  665.260211][   T30]  </TASK>
[  665.268462][   T30] INFO: task syz-executor:8742 blocked for more than 147 seconds.
[  665.290301][   T30]       Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0
[  665.297645][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  665.337699][   T30] task:syz-executor    state:D stack:24128 pid:8742  tgid:8742  ppid:1      flags:0x00004006
[  665.368353][   T30] Call Trace:
[  665.384075][   T30]  <TASK>
[  665.387083][   T30]  __schedule+0x1843/0x4ae0
[  665.410417][   T30]  ? __pfx___schedule+0x10/0x10
[  665.415367][   T30]  ? __pfx_lock_release+0x10/0x10
[  665.438346][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  665.459661][   T30]  ? schedule+0x90/0x320
[  665.524382][   T30]  schedule+0x14b/0x320
[  665.528637][   T30]  schedule_preempt_disabled+0x13/0x30
[  665.540611][   T30]  __mutex_lock+0x6a7/0xd70
[  665.545701][   T30]  ? __mutex_lock+0x52a/0xd70
[  665.557910][   T30]  ? register_nexthop_notifier+0x84/0x290
[  665.565418][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  665.576785][   T30]  ? __asan_memset+0x23/0x50
[  665.583008][   T30]  register_nexthop_notifier+0x84/0x290
[  665.588624][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  665.600548][   T30]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  665.606955][   T30]  ? __pfx_register_nexthop_notifier+0x10/0x10
[  665.622288][   T30]  ? __asan_memset+0x23/0x50
[  665.626959][   T30]  ops_init+0x31e/0x590
[  665.638907][   T30]  ? lockdep_init_map_type+0xa1/0x910
[  665.646321][   T30]  setup_net+0x287/0x9e0
[  665.657261][   T30]  ? __pfx_down_read_killable+0x10/0x10
[  665.665187][   T30]  ? __pfx_setup_net+0x10/0x10
[  665.670032][   T30]  copy_net_ns+0x33f/0x570
[  665.682216][   T30]  create_new_namespaces+0x425/0x7b0
[  665.687671][   T30]  unshare_nsproxy_namespaces+0x124/0x180
[  665.700248][   T30]  ksys_unshare+0x619/0xc10
[  665.704856][   T30]  ? __pfx_ksys_unshare+0x10/0x10
[  665.709950][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  665.725922][   T30]  ? do_syscall_64+0x100/0x230
[  665.734625][   T30]  __x64_sys_unshare+0x38/0x40
[  665.739464][   T30]  do_syscall_64+0xf3/0x230
[  665.747664][   T30]  ? clear_bhb_loop+0x35/0x90
[  665.758619][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  665.767638][   T30] RIP: 0033:0x7f401457f6f7
[  665.786813][   T30] RSP: 002b:00007ffeda78b558 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[  665.799299][   T30] RAX: ffffffffffffffda RBX: 00007f4014735f40 RCX: 00007f401457f6f7
[  665.812311][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[  665.826027][   T30] RBP: 00007f4014736a38 R08: 0000000000000000 R09: 0000000000000000
[  665.838568][   T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c
[  665.852384][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  665.870262][   T30]  </TASK>
[  665.873418][   T30] INFO: task syz-executor:8745 blocked for more than 148 seconds.
[  665.891795][   T30]       Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0
[  665.899156][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  665.916626][   T30] task:syz-executor    state:D stack:21728 pid:8745  tgid:8745  ppid:1      flags:0x00004004
[  665.930939][   T30] Call Trace:
[  665.934276][   T30]  <TASK>
[  665.937273][   T30]  __schedule+0x1843/0x4ae0
[  665.950920][   T30]  ? __pfx___schedule+0x10/0x10
[  665.956411][   T30]  ? __pfx_lock_release+0x10/0x10
[  665.969766][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  665.976390][   T30]  ? schedule+0x90/0x320
[  665.986820][   T30]  schedule+0x14b/0x320
[  665.992508][   T30]  schedule_preempt_disabled+0x13/0x30
[  665.998024][   T30]  __mutex_lock+0x6a7/0xd70
[  666.011207][   T30]  ? __mutex_lock+0x52a/0xd70
[  666.015970][   T30]  ? rtnl_newlink+0xab7/0x20a0
[  666.027133][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  666.035451][   T30]  ? __asan_memset+0x23/0x50
[  666.040107][   T30]  ? nla_strscpy+0x113/0x180
[  666.052465][   T30]  rtnl_newlink+0xab7/0x20a0
[  666.057611][   T30]  ? rtnl_newlink+0x431/0x20a0
[  666.070766][   T30]  ? rtnl_newlink+0x431/0x20a0
[  666.075621][   T30]  ? __pfx_rtnl_newlink+0x10/0x10
[  666.089420][   T30]  ? __pfx___mutex_trylock_common+0x10/0x10
[  666.098247][   T30]  ? __pfx_lock_release+0x10/0x10
[  666.110449][   T30]  ? __pfx_rtnl_newlink+0x10/0x10
[  666.115550][   T30]  rtnetlink_rcv_msg+0x73f/0xcf0
[  666.128755][   T30]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  666.135537][   T30]  ? __lock_acquire+0x1384/0x2050
[  666.147906][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  666.153769][   T30]  netlink_rcv_skb+0x1e3/0x430
[  666.159089][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  666.170199][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  666.179595][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  666.189168][   T30]  netlink_unicast+0x7f6/0x990
[  666.200082][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  666.205484][   T30]  ? __virt_addr_valid+0x183/0x530
[  666.218056][   T30]  ? __check_object_size+0x48e/0x900
[  666.223778][   T30]  netlink_sendmsg+0x8e4/0xcb0
[  666.228613][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  666.240213][   T30]  ? __might_fault+0xaa/0x120
[  666.244971][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  666.258403][   T30]  __sock_sendmsg+0x221/0x270
[  666.263974][   T30]  __sys_sendto+0x398/0x4f0
[  666.268953][   T30]  ? __pfx___sys_sendto+0x10/0x10
[  666.281778][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  666.287046][   T30]  ? blkcg_maybe_throttle_current+0x1ab/0xb80
[  666.299923][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  666.306328][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  666.319901][   T30]  __x64_sys_sendto+0xde/0x100
[  666.326295][   T30]  do_syscall_64+0xf3/0x230
[  666.338565][   T30]  ? clear_bhb_loop+0x35/0x90
[  666.345847][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  666.356801][   T30] RIP: 0033:0x7fc509d7fd8c
[  666.371626][   T30] RSP: 002b:00007ffe06d912b0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  666.386923][   T30] RAX: ffffffffffffffda RBX: 00007fc50aa64620 RCX: 00007fc509d7fd8c
[  666.397058][   T30] RDX: 000000000000003c RSI: 00007fc50aa64670 RDI: 0000000000000003
[  666.411352][   T30] RBP: 0000000000000000 R08: 00007ffe06d91304 R09: 000000000000000c
[  666.419377][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  666.437960][   T30] R13: 0000000000000000 R14: 00007fc50aa64670 R15: 0000000000000000
[  666.448963][   T30]  </TASK>
[  666.458944][   T30] INFO: task syz-executor:8749 blocked for more than 148 seconds.
[  666.469079][   T30]       Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0
[  666.483697][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  666.496752][   T30] task:syz-executor    state:D stack:24128 pid:8749  tgid:8749  ppid:1      flags:0x00004006
[  666.510180][   T30] Call Trace:
[  666.513511][   T30]  <TASK>
[  666.516487][   T30]  __schedule+0x1843/0x4ae0
[  666.528232][   T30]  ? __pfx___schedule+0x10/0x10
[  666.533591][   T30]  ? __pfx_lock_release+0x10/0x10
[  666.538683][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  666.550668][   T30]  ? schedule+0x90/0x320
[  666.554995][   T30]  schedule+0x14b/0x320
[  666.559199][   T30]  schedule_preempt_disabled+0x13/0x30
[  666.573089][   T30]  __mutex_lock+0x6a7/0xd70
[  666.578107][   T30]  ? xas_find_marked+0xf5d/0x10e0
[  666.589710][   T30]  ? __mutex_lock+0x52a/0xd70
[  666.597409][   T30]  ? add_one_compat_dev+0x10d/0x710
[  666.608847][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  666.616569][   T30]  ? xa_find+0x36c/0x420
[  666.625882][   T30]  ? __pfx_down_read+0x10/0x10
[  666.633327][   T30]  add_one_compat_dev+0x10d/0x710
[  666.638401][   T30]  ? fs_reclaim_acquire+0x93/0x140
[  666.655954][   T30]  rdma_dev_init_net+0x1f1/0x280
[  666.661355][   T30]  ? __pfx_rdma_dev_init_net+0x10/0x10
[  666.666880][   T30]  ops_init+0x31e/0x590
[  666.681049][   T30]  ? lockdep_init_map_type+0xa1/0x910
[  666.686991][   T30]  setup_net+0x287/0x9e0
[  666.695581][   T30]  ? __pfx_down_read_killable+0x10/0x10
[  666.705044][   T30]  ? __pfx_setup_net+0x10/0x10
[  666.709908][   T30]  copy_net_ns+0x33f/0x570
[  666.717138][   T30]  create_new_namespaces+0x425/0x7b0
[  666.728657][   T30]  unshare_nsproxy_namespaces+0x124/0x180
[  666.737075][   T30]  ksys_unshare+0x619/0xc10
[  666.746703][   T30]  ? __pfx_ksys_unshare+0x10/0x10
[  666.755621][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  666.767692][   T30]  ? do_syscall_64+0x100/0x230
[  666.775750][   T30]  __x64_sys_unshare+0x38/0x40
[  666.786594][   T30]  do_syscall_64+0xf3/0x230
[  666.793870][   T30]  ? clear_bhb_loop+0x35/0x90
[  666.798773][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  666.810182][   T30] RIP: 0033:0x7f287817f6f7
[  666.814652][   T30] RSP: 002b:00007ffe99135518 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[  666.846844][   T30] RAX: ffffffffffffffda RBX: 00007f2878335f40 RCX: 00007f287817f6f7
[  666.856501][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[  666.871982][   T30] RBP: 00007f2878336a38 R08: 0000000000000000 R09: 0000000000000000
[  666.887382][   T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c
[  666.899727][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  666.910454][   T30]  </TASK>
[  666.913535][   T30] INFO: task syz-executor:8753 blocked for more than 149 seconds.
[  666.929503][   T30]       Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0
[  666.937258][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  666.950432][   T30] task:syz-executor    state:D stack:24128 pid:8753  tgid:8753  ppid:1      flags:0x00004006
[  666.969958][   T30] Call Trace:
[  666.976683][   T30]  <TASK>
[  666.979669][   T30]  __schedule+0x1843/0x4ae0
[  666.990588][   T30]  ? __pfx___schedule+0x10/0x10
[  666.995836][   T30]  ? __pfx_lock_release+0x10/0x10
[  667.009391][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  667.015313][   T30]  ? schedule+0x90/0x320
[  667.019612][   T30]  schedule+0x14b/0x320
[  667.030188][   T30]  schedule_preempt_disabled+0x13/0x30
[  667.035710][   T30]  __mutex_lock+0x6a7/0xd70
[  667.048149][   T30]  ? __mutex_lock+0x52a/0xd70
[  667.053503][   T30]  ? register_nexthop_notifier+0x84/0x290
[  667.067763][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  667.073363][   T30]  ? __asan_memset+0x23/0x50
[  667.078497][   T30]  register_nexthop_notifier+0x84/0x290
[  667.092631][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  667.098511][   T30]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  667.109757][   T30]  ? __pfx_register_nexthop_notifier+0x10/0x10
[  667.120466][   T30]  ? __asan_memset+0x23/0x50
[  667.125148][   T30]  ops_init+0x31e/0x590
[  667.129366][   T30]  ? lockdep_init_map_type+0xa1/0x910
[  667.140839][   T30]  setup_net+0x287/0x9e0
[  667.145146][   T30]  ? __pfx_down_read_killable+0x10/0x10
[  667.160191][   T30]  ? __pfx_setup_net+0x10/0x10
[  667.165052][   T30]  copy_net_ns+0x33f/0x570
[  667.169522][   T30]  create_new_namespaces+0x425/0x7b0
[  667.180202][   T30]  unshare_nsproxy_namespaces+0x124/0x180
[  667.188961][   T30]  ksys_unshare+0x619/0xc10
[  667.198335][   T30]  ? __pfx_ksys_unshare+0x10/0x10
[  667.207588][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  667.219907][   T30]  ? do_syscall_64+0x100/0x230
[  667.227884][   T30]  __x64_sys_unshare+0x38/0x40
[  667.237696][   T30]  do_syscall_64+0xf3/0x230
[  667.246037][   T30]  ? clear_bhb_loop+0x35/0x90
[  667.255782][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  667.265600][   T30] RIP: 0033:0x7f53ba77f6f7
[  667.270110][   T30] RSP: 002b:00007fff7b9a1e98 EFLAGS: 00000202 ORIG_RAX: 0000000000000110
[  667.288149][   T30] RAX: ffffffffffffffda RBX: 00007f53ba935f40 RCX: 00007f53ba77f6f7
[  667.302035][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[  667.315233][   T30] RBP: 00007f53ba936a38 R08: 0000000000000000 R09: 0000000000000000
[  667.329450][   T30] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[  667.340472][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  667.348532][   T30]  </TASK>
[  667.371386][   T30] 
[  667.371386][   T30] Showing all locks held in the system:
[  667.379171][   T30] 1 lock held by khungtaskd/30:
[  667.393677][   T30]  #0: ffffffff8e937ee0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  667.408174][   T30] 3 locks held by kworker/u9:0/55:
[  667.419368][   T30]  #0: ffff88807ee5a148 ((wq_completion)hci3){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  667.438031][   T30]  #1: ffffc9000120fd00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  667.460238][   T30]  #2: ffff88805fa6cd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400
[  667.481718][   T30] 4 locks held by kworker/u8:5/955:
[  667.486985][   T30]  #0: ffff88801baeb148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  667.506009][   T30]  #1: ffffc9000412fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  667.519630][   T30]  #2: ffffffff8fcaccd0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  667.535384][   T30]  #3: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2c0
[  667.556915][ T8782] Bluetooth: hci3: command 0x0406 tx timeout
[  667.564637][ T8782] Bluetooth: hci1: command 0x0406 tx timeout
[  667.571573][ T8782] Bluetooth: hci2: command 0x0406 tx timeout
[  667.577640][ T8782] Bluetooth: hci4: command 0x0406 tx timeout
[  667.583880][ T8782] Bluetooth: hci11: command 0x0406 tx timeout
[  667.601140][   T30] 3 locks held by kworker/u8:6/1112:
[  667.606866][   T30]  #0: ffff88802e2f1148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  667.626961][   T30]  #1: ffffc9000483fd00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  667.641517][   T30]  #2: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[  667.658073][   T30] 5 locks held by kworker/u9:1/4608:
[  667.663722][   T30]  #0: ffff88803513e148 ((wq_completion)hci2){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  667.680215][   T30]  #1: ffffc9000e177d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  667.704148][   T30]  #2: ffff888078590d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400
[  667.721184][   T30]  #3: ffff888078590078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x1ea/0xde0
[  667.738133][   T30]  #4: ffffffff8fe25fa8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_failed+0x15d/0x300
[  667.748321][   T30] 2 locks held by dhcpcd/4882:
[  667.761514][   T30]  #0: ffffffff8fc9e2e8 (vlan_ioctl_mutex){+.+.}-{3:3}, at: sock_ioctl+0x661/0x8e0
[  667.779106][   T30]  #1: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: vlan_ioctl_handler+0x112/0x9d0
[  667.790338][   T30] 2 locks held by getty/4983:
[  667.795520][   T30]  #0: ffff88814b64c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  667.813698][   T30]  #1: ffffc90002efe2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  667.828436][   T30] 6 locks held by kworker/u9:6/5229:
[  667.838760][   T30]  #0: ffff88803c269148 ((wq_completion)hci4){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  667.853490][   T30]  #1: ffffc900022cfd00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  667.884990][   T30]  #2: ffff88804fdc8d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400
[  667.896489][   T30]  #3: ffff88804fdc8078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x1ea/0xde0
[  667.910261][   T30]  #4: ffffffff8fe25fa8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_failed+0x15d/0x300
[  667.928577][   T30]  #5: ffffffff8e93d478 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  667.941452][   T30] 5 locks held by kworker/u9:7/5230:
[  667.946786][   T30]  #0: ffff888078cd0148 ((wq_completion)hci11){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  667.967116][   T30]  #1: ffffc90003b67d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  667.982736][   T30]  #2: ffff888068a48d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400
[  668.000522][   T30]  #3: ffff888068a48078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x1ea/0xde0
[  668.020481][   T30]  #4: ffffffff8fe25fa8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_failed+0x15d/0x300
[  668.039182][   T30] 8 locks held by kworker/1:4/5264:
[  668.044798][   T30] 3 locks held by kworker/0:5/5308:
[  668.050059][   T30]  #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  668.070483][   T30]  #1: ffffc900043bfd00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  668.090184][   T30]  #2: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[  668.108605][   T30] 3 locks held by kworker/u8:8/5334:
[  668.114676][   T30]  #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  668.134473][   T30]  #1: ffffc900044cfd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  668.154741][   T30]  #2: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  668.171825][   T30] 1 lock held by syz.0.306/6927:
[  668.176832][   T30]  #0: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: netdev_run_todo+0x7b2/0x1000
[  668.192749][   T30] 2 locks held by syz-executor/7336:
[  668.198102][   T30]  #0: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  668.211624][   T30]  #1: ffffffff8e93d478 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  668.228741][   T30] 5 locks held by syz-executor/8739:
[  668.236871][   T30]  #0: ffffffff8fcaccd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  668.255131][   T30]  #1: ffffffff8fa29570 (devices_rwsem){++++}-{3:3}, at: rdma_dev_init_net+0x198/0x280
[  668.268729][   T30]  #2: ffffffff8fa29730 (rdma_nets_rwsem){++++}-{3:3}, at: rdma_dev_init_net+0x1e6/0x280
[  668.284232][   T30]  #3: ffff88802f7a8f38 (&device->compat_devs_mutex){+.+.}-{3:3}, at: add_one_compat_dev+0x10d/0x710
[  668.300375][   T30]  #4: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: ib_get_eth_speed+0x153/0x800
[  668.317912][   T30] 2 locks held by syz-executor/8742:
[  668.325198][   T30]  #0: ffffffff8fcaccd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  668.340282][   T30]  #1: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  668.359365][   T30] 1 lock held by syz-executor/8745:
[  668.364961][   T30]  #0: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_newlink+0xab7/0x20a0
[  668.380182][   T30] 4 locks held by syz-executor/8749:
[  668.387862][   T30]  #0: ffffffff8fcaccd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  668.401590][   T30]  #1: ffffffff8fa29570 (devices_rwsem){++++}-{3:3}, at: rdma_dev_init_net+0x198/0x280
[  668.419611][   T30]  #2: ffffffff8fa29730 (rdma_nets_rwsem){++++}-{3:3}, at: rdma_dev_init_net+0x1e6/0x280
[  668.431619][   T30]  #3: ffff88802f7a8f38 (&device->compat_devs_mutex){+.+.}-{3:3}, at: add_one_compat_dev+0x10d/0x710
[  668.450063][   T30] 2 locks held by syz-executor/8753:
[  668.455883][   T30]  #0: ffffffff8fcaccd0 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  668.470180][   T30]  #1: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  668.487507][   T30] 1 lock held by syz-executor/8765:
[  668.498178][   T30]  #0: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  668.517073][   T30] 1 lock held by syz-executor/8772:
[  668.524321][   T30]  #0: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  668.540488][   T30] 1 lock held by syz-executor/8774:
[  668.545755][   T30]  #0: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  668.561794][   T30] 1 lock held by syz-executor/8776:
[  668.568418][   T30]  #0: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  668.584385][   T30] 1 lock held by syz-executor/8778:
[  668.589644][   T30]  #0: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  668.604540][   T30] 1 lock held by syz-executor/8783:
[  668.609811][   T30]  #0: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  668.626875][   T30] 5 locks held by kworker/u9:4/8792:
[  668.635216][   T30]  #0: ffff8880892da948 ((wq_completion)hci1){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  668.651323][   T30]  #1: ffffc900031c7d00 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  668.671566][   T30]  #2: ffff88802a798d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_cmd_sync_work+0x1ec/0x400
[  668.687909][   T30]  #3: ffff88802a798078 (&hdev->lock){+.+.}-{3:3}, at: hci_abort_conn_sync+0x1ea/0xde0
[  668.699287][   T30]  #4: ffffffff8fe25fa8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_failed+0x15d/0x300
[  668.717885][   T30] 1 lock held by syz-executor/8793:
[  668.723509][   T30]  #0: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  668.742995][   T30] 1 lock held by syz-executor/8795:
[  668.748241][   T30]  #0: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  668.763330][   T30] 1 lock held by syz-executor/8797:
[  668.768575][   T30]  #0: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  668.783353][   T30] 1 lock held by syz-executor/8799:
[  668.788599][   T30]  #0: ffffffff8fcb97c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  668.808353][   T30] 
[  668.815926][   T30] =============================================
[  668.815926][   T30] 
[  668.842842][   T30] NMI backtrace for cpu 0
[  668.847249][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0
[  668.857447][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  668.867538][   T30] Call Trace:
[  668.870869][   T30]  <TASK>
[  668.873915][   T30]  dump_stack_lvl+0x241/0x360
[  668.878811][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  668.884056][   T30]  ? __pfx__printk+0x10/0x10
[  668.888698][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  668.893685][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  668.899176][   T30]  ? _printk+0xd5/0x120
[  668.903367][   T30]  ? __pfx__printk+0x10/0x10
[  668.908009][   T30]  ? __wake_up_klogd+0xcc/0x110
[  668.912900][   T30]  ? __pfx__printk+0x10/0x10
[  668.917530][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  668.922599][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  668.928644][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  668.934665][   T30]  watchdog+0xff4/0x1040
[  668.938947][   T30]  ? watchdog+0x1ea/0x1040
[  668.943407][   T30]  ? __pfx_watchdog+0x10/0x10
[  668.948141][   T30]  kthread+0x2f0/0x390
[  668.952240][   T30]  ? __pfx_watchdog+0x10/0x10
[  668.956968][   T30]  ? __pfx_kthread+0x10/0x10
[  668.961593][   T30]  ret_from_fork+0x4b/0x80
[  668.966049][   T30]  ? __pfx_kthread+0x10/0x10
[  668.970662][   T30]  ret_from_fork_asm+0x1a/0x30
[  668.975565][   T30]  </TASK>
[  668.979580][   T30] Sending NMI from CPU 0 to CPUs 1:
[  668.985458][    C1] NMI backtrace for cpu 1
[  668.985473][    C1] CPU: 1 UID: 0 PID: 5269 Comm: kworker/1:8 Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0
[  668.985494][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  668.985507][    C1] Workqueue: events nsim_dev_trap_report_work
[  668.985539][    C1] RIP: 0010:rcu_is_watching+0x5a/0xb0
[  668.985561][    C1] Code: f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 ac b1 80 00 48 c7 c3 98 7e 03 00 49 03 1e 48 89 d8 48 c1 e8 03 42 0f b6 04 38 <84> c0 75 22 8b 03 65 ff 0d 11 3f 89 7e 74 10 83 e0 04 c1 e8 02 5b
[  668.985583][    C1] RSP: 0018:ffffc90000a17b68 EFLAGS: 00000802
[  668.985598][    C1] RAX: 0000000000000000 RBX: ffff8880b8737e98 RCX: ffffffff819c79cc
[  668.985612][    C1] RDX: 0000000000000000 RSI: ffffffff8c6009a0 RDI: ffffffff8c600960
[  668.985625][    C1] RBP: ffffc90000a17c50 R08: ffffffff901b562f R09: 1ffffffff2036ac5
[  668.985640][    C1] R10: dffffc0000000000 R11: fffffbfff2036ac6 R12: dffffc0000000000
[  668.985653][    C1] R13: 1ffff92000142f7c R14: ffffffff8e2fba58 R15: dffffc0000000000
[  668.985667][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  668.985683][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  668.985696][    C1] CR2: 000000110c2fc3b7 CR3: 000000000e734000 CR4: 00000000003506f0
[  668.985712][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  668.985722][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  668.985734][    C1] Call Trace:
[  668.985740][    C1]  <NMI>
[  668.985748][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  668.985767][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  668.985795][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  668.985811][    C1]  ? nmi_handle+0x2a/0x5a0
[  668.985837][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  668.985867][    C1]  ? nmi_handle+0x14f/0x5a0
[  668.985884][    C1]  ? nmi_handle+0x2a/0x5a0
[  668.985903][    C1]  ? rcu_is_watching+0x5a/0xb0
[  668.985921][    C1]  ? default_do_nmi+0x63/0x160
[  668.985940][    C1]  ? exc_nmi+0x123/0x1f0
[  668.985957][    C1]  ? end_repeat_nmi+0xf/0x53
[  668.985983][    C1]  ? trace_irq_disable+0x2c/0x120
[  668.986005][    C1]  ? rcu_is_watching+0x5a/0xb0
[  668.986036][    C1]  ? rcu_is_watching+0x5a/0xb0
[  668.986055][    C1]  ? rcu_is_watching+0x5a/0xb0
[  668.986072][    C1]  </NMI>
[  668.986078][    C1]  <IRQ>
[  668.986085][    C1]  trace_irq_disable+0x3b/0x120
[  668.986105][    C1]  __local_bh_enable_ip+0x106/0x200
[  668.986128][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  668.986148][    C1]  ? ip6t_do_table+0x205/0x18a0
[  668.986168][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  668.986193][    C1]  ? ip6t_do_table+0x205/0x18a0
[  668.986211][    C1]  ip6t_do_table+0x1687/0x18a0
[  668.986233][    C1]  ? ip6t_do_table+0x205/0x18a0
[  668.986260][    C1]  ? __pfx_ip6t_do_table+0x10/0x10
[  668.986282][    C1]  ? nf_nat_ipv6_local_fn+0x30d/0x3c0
[  668.986311][    C1]  ? __pfx_ip6t_do_table+0x10/0x10
[  668.986327][    C1]  nf_hook_slow+0xc3/0x220
[  668.986347][    C1]  ? __ip6_local_out+0x4dc/0x800
[  668.986370][    C1]  __ip6_local_out+0x6fa/0x800
[  668.986395][    C1]  ? __pfx___ip6_local_out+0x10/0x10
[  668.986420][    C1]  ? __pfx_dst_output+0x10/0x10
[  668.986442][    C1]  ? ip6_route_output_flags+0x30/0x610
[  668.986462][    C1]  ? ip6_route_output_flags+0x499/0x610
[  668.986483][    C1]  ip6_local_out+0x26/0x70
[  668.986507][    C1]  synproxy_send_tcp_ipv6+0x568/0x7c0
[  668.986531][    C1]  ? __pfx_synproxy_send_tcp_ipv6+0x10/0x10
[  668.986558][    C1]  ? __pfx___alloc_skb+0x10/0x10
[  668.986582][    C1]  ? skb_put+0x114/0x1f0
[  668.986606][    C1]  synproxy_send_client_synack_ipv6+0x7d0/0xc30
[  668.986634][    C1]  ? __pfx_synproxy_send_client_synack_ipv6+0x10/0x10
[  668.986658][    C1]  ? synproxy_pernet+0x45/0x270
[  668.986681][    C1]  nft_synproxy_do_eval+0x739/0xa60
[  668.986705][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  668.986726][    C1]  ? validate_chain+0x11e/0x5920
[  668.986747][    C1]  ? __pfx_validate_chain+0x10/0x10
[  668.986770][    C1]  nft_do_chain+0x4ad/0x1da0
[  668.986791][    C1]  ? mark_lock+0x9a/0x360
[  668.986809][    C1]  ? nf_nat_inet_fn+0xa30/0xd10
[  668.986834][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  668.986871][    C1]  ? nf_nat_ipv6_fn+0x2cb/0x3e0
[  668.986900][    C1]  ? __pfx_nf_nat_ipv6_fn+0x10/0x10
[  668.986946][    C1]  nft_do_chain_inet+0x418/0x6b0
[  668.986969][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  668.986990][    C1]  ? nf_nat_ipv6_local_in+0x1cd/0x620
[  668.987020][    C1]  ? __pfx_nf_nat_ipv6_local_in+0x10/0x10
[  668.987060][    C1]  ? __pfx_rhashtable_lookup_fast+0x10/0x10
[  668.987099][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  668.987120][    C1]  nf_hook_slow+0xc3/0x220
[  668.987139][    C1]  ? __pfx_ip6_input_finish+0x10/0x10
[  668.987163][    C1]  ? __pfx_ip6_input_finish+0x10/0x10
[  668.987187][    C1]  NF_HOOK+0x29e/0x450
[  668.987213][    C1]  ? NF_HOOK+0x9a/0x450
[  668.987235][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  668.987260][    C1]  ? __pfx_ip6_input_finish+0x10/0x10
[  668.987286][    C1]  ? ip6_rcv_finish_core+0x1fb/0x410
[  668.987313][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  668.987336][    C1]  NF_HOOK+0x3a4/0x450
[  668.987358][    C1]  ? skb_orphan+0xae/0xd0
[  668.987384][    C1]  ? NF_HOOK+0x9a/0x450
[  668.987406][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  668.987431][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  668.987458][    C1]  ? __pfx_ipv6_rcv+0x10/0x10
[  668.987482][    C1]  __netif_receive_skb+0x1ea/0x650
[  668.987502][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  668.987527][    C1]  ? __pfx___netif_receive_skb+0x10/0x10
[  668.987545][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  668.987571][    C1]  ? __pfx_lock_release+0x10/0x10
[  668.987597][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  668.987624][    C1]  process_backlog+0x662/0x15b0
[  668.987646][    C1]  ? process_backlog+0x33b/0x15b0
[  668.987670][    C1]  ? __pfx_process_backlog+0x10/0x10
[  668.987688][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  668.987715][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  668.987744][    C1]  __napi_poll+0xcb/0x490
[  668.987763][    C1]  net_rx_action+0x89b/0x1240
[  668.987793][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  668.987813][    C1]  ? __pfx_tmigr_handle_remote+0x10/0x10
[  668.987860][    C1]  handle_softirqs+0x2c5/0x980
[  668.987886][    C1]  ? do_softirq+0x11b/0x1e0
[  668.987909][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  668.987936][    C1]  do_softirq+0x11b/0x1e0
[  668.987958][    C1]  </IRQ>
[  668.987963][    C1]  <TASK>
[  668.987970][    C1]  ? __pfx_do_softirq+0x10/0x10
[  668.987992][    C1]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  668.988019][    C1]  ? rcu_is_watching+0x15/0xb0
[  668.988039][    C1]  __local_bh_enable_ip+0x1bb/0x200
[  668.988062][    C1]  ? nsim_dev_trap_report_work+0x75d/0xaa0
[  668.988088][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  668.988111][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  668.988133][    C1]  ? nsim_dev_trap_report_work+0x6a7/0xaa0
[  668.988173][    C1]  nsim_dev_trap_report_work+0x75d/0xaa0
[  668.988205][    C1]  ? process_scheduled_works+0x976/0x1850
[  668.988228][    C1]  process_scheduled_works+0xa63/0x1850
[  668.988264][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  668.988291][    C1]  ? assign_work+0x364/0x3d0
[  668.988315][    C1]  worker_thread+0x870/0xd30
[  668.988342][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  668.988363][    C1]  ? __kthread_parkme+0x169/0x1d0
[  668.988389][    C1]  ? __pfx_worker_thread+0x10/0x10
[  668.988411][    C1]  kthread+0x2f0/0x390
[  668.988427][    C1]  ? __pfx_worker_thread+0x10/0x10
[  668.988449][    C1]  ? __pfx_kthread+0x10/0x10
[  668.988472][    C1]  ret_from_fork+0x4b/0x80
[  668.988496][    C1]  ? __pfx_kthread+0x10/0x10
[  668.988528][    C1]  ret_from_fork_asm+0x1a/0x30
[  668.988562][    C1]  </TASK>
[  669.838930][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  669.845840][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0
[  669.856109][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  669.866277][   T30] Call Trace:
[  669.869759][   T30]  <TASK>
[  669.872725][   T30]  dump_stack_lvl+0x241/0x360
[  669.877455][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  669.882708][   T30]  ? __pfx__printk+0x10/0x10
[  669.887333][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  669.893366][   T30]  ? vscnprintf+0x5d/0x90
[  669.897723][   T30]  panic+0x349/0x880
[  669.901658][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  669.907931][   T30]  ? __pfx_panic+0x10/0x10
[  669.912381][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  669.917783][   T30]  ? __irq_work_queue_local+0x137/0x410
[  669.923386][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  669.928813][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  669.935082][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  669.941274][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  669.947458][   T30]  watchdog+0x1033/0x1040
[  669.951841][   T30]  ? watchdog+0x1ea/0x1040
[  669.956303][   T30]  ? __pfx_watchdog+0x10/0x10
[  669.961030][   T30]  kthread+0x2f0/0x390
[  669.965134][   T30]  ? __pfx_watchdog+0x10/0x10
[  669.969853][   T30]  ? __pfx_kthread+0x10/0x10
[  669.974475][   T30]  ret_from_fork+0x4b/0x80
[  669.979015][   T30]  ? __pfx_kthread+0x10/0x10
[  669.983639][   T30]  ret_from_fork_asm+0x1a/0x30
[  669.988456][   T30]  </TASK>
[  669.991884][   T30] Kernel Offset: disabled
[  669.996214][   T30] Rebooting in 86400 seconds..