last executing test programs:

14.286045445s ago: executing program 4 (id=43):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_sctp(0x2, 0x400000000001, 0x84)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000990ebc6409e9706dc1ccad8818e131080022c76cad599a39588931b29548d26e51b3fe852c"], 0x48)
r2 = syz_io_uring_setup(0x2ddd, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f0000000380)=<r3=>0x0)
syz_io_uring_setup(0x5e2, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0xffffffff}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(r2, 0xa3d, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)={0x34, r0, 0x1, 0x0, 0x0, {{0xa}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_KEY={0x18, 0x50, 0x0, 0x1, [@NL80211_KEY_DEFAULT={0x4}, @NL80211_KEY_IDX={0x5}, @NL80211_KEY_DEFAULT_TYPES={0x8, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}]}]}, 0x34}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000001e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0xb, 0x4, 0x0, 0x2, 0x2c, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp_prespec={0x44, 0x4, 0xc0, 0x3, 0xe}, @timestamp_prespec={0x44, 0x4, 0x9c, 0x3, 0x8}, @noop, @noop, @noop, @end, @rr={0x7, 0xb, 0x0, [@loopback, @loopback]}]}}}}})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$audio1(0xffffffffffffff9c, 0x0, 0x248080, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_uring_setup(0xbc9, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f000041f000/0x1000)=nil, 0x1000, 0x4000002, 0x50030, 0xffffffffffffffff, 0x0)
syz_open_dev$admmidi(0x0, 0x3, 0x200000)
ioctl$SNDCTL_SEQ_PANIC(0xffffffffffffffff, 0x5100)
r7 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$nci(r7, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000580)=ANY=[@ANYBLOB="1201000101b30c0000a7b57c3a550000000100000000010000040009040000000802500064cc51a727945a119eb31fa064eb45114ee77a77a06e1a76b08c5e33b12e8f73314d9bddfdad115ff2b99f3e3919f214c40768028163579a5b90ddf64dd8da7090ac3df0667ee04d3b2ea98c297f7cb1a99395c374b5d9fb417f8a2513380e8660fa5b1a4d0141201f927f91a6a1d25165568217d48cc09e54b0ac832402c4cc25c3e7151f7ea9bcb173bd0231118d116126bc3965fffcb666da9b185c3c3314b820027fe55e6c6c73878247659da862fce4f5c2bc4b52824d68d32f59a906b2f11c8b27c858bd10a2653279"], 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000040), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r8, 0x0)
select(0x20000048, &(0x7f0000000040), 0x0, &(0x7f00000000c0), &(0x7f0000000100))
sendmsg$NFT_BATCH(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="1400000010000100000000000000007fff00000a94000000060a0b0400000000000000000200000068000480640001800900010068617368000000005400028008000340000000ab08000140240000010800024000000017080004400000000608000640000004e60800064000000004080002400000001108000640fffff22c080006400000000308000240000000150900010073797a30000000000900020073797a32"], 0xbc}}, 0x90)

13.206583495s ago: executing program 3 (id=49):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a80)=ANY=[@ANYBLOB="84010000", @ANYRES16=r3, @ANYBLOB="010000000000000000002100000008000300", @ANYRES32=r4, @ANYBLOB="08007d80040002000600eb00fcff0000d4007d8053000200a53b3277c8f0413dec14dd9815d653ec35781c51f89229db8affaa69c77923c23c83225eb5e2f0e524d3c4f54da105a6dc0741cc2b8b9ea497c5301aa6903c81e4f7411c8bfadea1f1357a4b34940a00400002"], 0x184}}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e0000006600816657bb97c9269de9aaec8488040f0000004cb9cca7480ef402000000e3bd6efb0105000000000a", 0x2e}], 0x1, 0x0, 0x0, 0xc9e}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000019000100000000000000000000000000000000000000000000000000fe8000000000000000833449155bf3c2640000000000000002000010"], 0xb8}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="380000004900010000000000000000000a000700", @ANYRES32=0x0, @ANYBLOB="000000000800020000000000140001"], 0x38}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=ANY=[@ANYRES64=r0], 0x188}}, 0x0)

12.880869569s ago: executing program 3 (id=52):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x882)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)={0x34, 0x0, 0x8, 0x401, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @icmpv6}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}]}, 0x34}}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000e80)={0x14, 0x1, 0x8, 0x301}, 0x14}}, 0x0)
recvmmsg(r1, &(0x7f00000020c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r2 = syz_io_uring_setup(0x4072, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x2, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x1})
r5 = syz_open_procfs(0x0, &(0x7f0000000b00)='cmdline\x00')
read$FUSE(r5, &(0x7f0000000b40)={0x2020}, 0x2020)
read$FUSE(r5, &(0x7f00000030c0)={0x2020}, 0x2020)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)=@newtfilter={0x400, 0x2c, 0x10, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x1, 0x3}, {0xd}, {0x9, 0x6}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x3d0, 0x2, [@TCA_CGROUP_EMATCHES={0x4}, @TCA_CGROUP_ACT={0x3c8, 0x1, [@m_gact={0x184, 0x1d, 0x0, 0x0, {{0x9}, {0xd0, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x5, 0x1, 0x0, 0xb0c, 0x5}}, @TCA_GACT_PARMS={0x18, 0x2, {0x7, 0x100, 0x3, 0x8, 0x269}}, @TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x6, 0x4, 0xe, 0x10000000}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x19a0, 0x6}}, @TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x3, 0x0, 0x7ff, 0x2ba155dd}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x1364, 0x4}}, @TCA_GACT_PARMS={0x18, 0x2, {0x686, 0x3, 0x3, 0x8, 0x2}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x261, 0x3}}, @TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x89, 0x2, 0xfffffff9, 0x200}}, @TCA_GACT_PARMS={0x18, 0x2, {0x7, 0x7, 0x7, 0x3ff, 0xb6}}]}, {0x89, 0x6, "1610e39c90edc7ffd3742bce00a31af1550cb5e95de34fce0b4a5d106d745cd539cf68bfee8cba81996040a8ef745ed66467ecaf40aa3fa3965c4ac4935debc867a4bfd6f3de5f38ff4574c572cd641ed9040fa47a2bcc6c9b628a98856cbefefae5db0a9451efa54e630926f8e755dbfdc518e483f6c31caf3e82ed98df1879c08ad75e0d"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_xt={0xfc, 0x4, 0x0, 0x0, {{0x7}, {0x30, 0x2, 0x0, 0x1, [@TCA_IPT_HOOK={0x8, 0x2, 0x2}, @TCA_IPT_TABLE={0x24, 0x1, 'raw\x00'}]}, {0xa5, 0x6, "db532e06c6efa8339c332f33fa9a182924e4d352f0d763cbfe3da672ac216a5d6bc2db9a566013575c5de34d34fedc66f8b387da8c163b1230fc4311cebf79ab2edee3f0c42fa9cc1c777ec373f65bc790bdda20c4aa36b66368b6cd8a8ac28c8deb2aa51f9f34585dd786779999f1c716e9adf88064f856a8828ddfa11b3d24c62628cd2a94a66b8c7109febfa3dd57fdf3f91320fcb7f14238fe32f6291a9792"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_simple={0x50, 0x2, 0x0, 0x0, {{0xb}, {0x10, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0xb, 0x3, 'pimreg\x00'}]}, {0x15, 0x6, "7ffff4e74646d5b4a62cdcb30aef797e39"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_mirred={0xf4, 0x2, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x5, 0x2, 0x4, 0x2, 0x3}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0xb5bc, 0xffffffffdffffff3, 0x1, 0x100}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xf1a2, 0x3ff, 0x1, 0x4, 0x5}, 0x2}}]}, {0x66, 0x6, "af8ed9a251b69563129288c22e34ea01a87099b7ff39debf681db7110282d1d9567b424f9318499e2250614b17b3ae6706e7f4263d9e5bff66f1f2b31de69363888a161f17149830c3303743986f109f5efbe7b73d357fd05223703c66ff4168f88a"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x400}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)

12.670667602s ago: executing program 3 (id=54):
r0 = io_uring_setup(0x497c, &(0x7f00000001c0)={0x0, 0x0, 0x1})
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x2, &(0x7f00000011c0)=[{0x54}, {0x6}]})
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000cc0)={0x1, @pix_mp={0x0, 0x0, 0xb5315258}})
syz_usb_connect(0x3, 0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000440)=0x82, 0x49)
r4 = socket$kcm(0x29, 0x5, 0x0)
getsockopt$kcm_KCM_RECV_DISABLE(r4, 0x119, 0x1, 0x0, 0x1ce0ef95c5c0bdc8)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r5 = socket(0x840000000002, 0x3, 0xff)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, <r6=>0x0}, &(0x7f0000000140)=0xc)
setresgid(r6, 0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
recvmsg(r3, 0x0, 0x120)
mkdirat(r2, &(0x7f0000000000)='./file0\x00', 0xc2)
close_range(r0, 0xffffffffffffffff, 0x0)

11.958240913s ago: executing program 1 (id=55):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f000200000009b6a6ad0505020000fcffff0905"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, &(0x7f0000000780)={0x34, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x20, 0x1, 0x1, 0x1}, 0x0})
syz_usb_control_io(r1, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(0xffffffffffffffff, 0xc02c5341, &(0x7f0000000180)={0x7ff800})
ioctl$EVIOCGMASK(r2, 0x5b03, 0x0)
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x8000, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{0xffffffffffffffff, <r4=>0xffffffffffffffff}, &(0x7f0000000080), 0x0}, 0x20)
r5 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
ioctl$VIDIOC_S_EDID(r5, 0xc0285629, &(0x7f0000000500)={0x0, 0x3, 0x4, '\x00', &(0x7f0000000000)=0x3})
r6 = socket(0x10, 0x2, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = getpid()
r9 = syz_pidfd_open(r8, 0x0)
setns(r9, 0x2e020000)
r10 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0xed68acab7944edb0, 0x12)
sendmsg$NFT_BATCH(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="1400000010000100000b0000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a320000000034030000090a030000000000000000000700000208000f40000000050800064000000000e80109802c000280400102802c0001800800014000007fff080001400000ffff0800014000000004080001400000007f08000140000000202c00018008000140000000070800014080000001080001400000000208000140ffff0001080001400000000924000180080001400000928908000140000000010800014000007a1c08000140000000092c000180080001400000000108000140000046100800014000000002080001400000000808000140000000072c0001800800014000000008080001400000000708000140000000060800014000000fff0800014000000000240001800800014000000009080001400000000008000140000001010800014000000f5a24000180080001400000000908000140000000b60800014000000200080001400000000914000180080001400000000108000140000000830c00018008000140fffffffc08000140878bb02e08000140000000ca0800014000000005600002800c0001800800014000002f7c340001801c00018008000140000001000800014000000009080001400000000610001180090001006d6574610000000008000c400000000653ff0c40000000660800074000000022eb000d40a7b30bbbdbb75b03b3bf156674c8b7fda524961cdb2ea5625cafb3a69c0e868f70be1c89b4d968c275574270c9b2267af086becf91e249a573b05520ab986cac5cb3ea7b5d46a75e2463f9fb512ab126a451bed3b09b942e22f5662738e61607852e9af18152493d8bdab414382c5f249cc75250fc786c960648e4c59a239ace9e6fc9a0af1eef3d1af0aeb6cd4f26b6bd98f267a9fb78cbd2921c9bb740902256ad4caf77c45d160c4177fbb6f12e2cd47a4e3e4414a6a939d6913677c8640653faf72671b43138f02991bb6243e78da3fe8f22959d27a6b9c9775209a369e94f1ed53a5aa09e000c0010400000000000000002080005400000002d140000001100010000000000000000000000000a"], 0x3a8}}, 0x0)
r11 = openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x143e82, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r11, 0x40045010, &(0x7f00000000c0))
r12 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
r13 = fcntl$dupfd(r9, 0x0, r12)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r13, 0x40505330, &(0x7f00000000c0)={0x80})
sendmsg$unix(r6, &(0x7f00000006c0)={&(0x7f0000000e80)=@abs={0x1, 0x0, 0x4e1f}, 0x6e, &(0x7f0000000600)=[{&(0x7f0000000300)="0547dae9baf4fdce97a75217dcc68f1aab", 0x11}], 0x1, &(0x7f0000000f00)=ANY=[@ANYRESOCT=r6, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000002400000000007f304cee56ea0277aec772699abe6c87736b63c3d4f226a6575c2bfa3213b65ca4689769", @ANYRES16=r13, @ANYRES32=r5, @ANYRES16=r10, @ANYRES32, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32, @ANYRES32=r0, @ANYRES32=<r14=>r4, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES64=r13, @ANYRES32, @ANYRES32=<r15=>r4, @ANYRES32=r5, @ANYRES32, @ANYRES32=<r16=>r5, @ANYRES32=r13, @ANYBLOB="f54b1a5a234ccfb100"/26, @ANYRES32=r11, @ANYRES32=r0, @ANYRES32, @ANYRES32=r4, @ANYRES32, @ANYRES32, @ANYBLOB="2a97bf40b2b1aa406e"], 0xc8, 0x40000}, 0x6008010)
r17 = syz_usb_connect(0x0, 0x41, &(0x7f0000000880)=ANY=[@ANYRESHEX=r0, @ANYRESHEX=r6, @ANYRES32=r11, @ANYBLOB="06f18f3b78a826bd7cdf17807b411f1446818a307d64ef7491b8bae6dabcb43984cadede56743070a8b63ef64e50dc42503b837373065cc719a60607317f18a5ca8df7d502", @ANYRESOCT, @ANYRES64=r14, @ANYRESOCT, @ANYRES16=r15], 0x0)
syz_usb_control_io$hid(r17, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r17, 0x0, &(0x7f00000003c0)={0x1c, &(0x7f0000000280)=ANY=[@ANYBLOB='\x00\x00\x00@\x00\x00'], 0x0, 0x0})
keyctl$instantiate(0xc, 0x0, &(0x7f0000001000)=ANY=[@ANYBLOB='new default user:syz 0-004', @ANYRES32=r16], 0x2a, 0x0)
syz_usb_connect$uac1(0x6, 0xe8, &(0x7f0000000d40)=ANY=[@ANYBLOB="12011003000000406b1d01014000010203010702d60003010500100904000000010100000a24010002090201020324040202060101049e080009fbef4106060c24070303001e2104687c1b0924060303010200fb09240306090603064f0904010000010200000904010101010200000c2402010402c7065619dd39090501090000fcfdb7072501410c009f0904020000010200000904021301010200000c24020102030a068569ba9e072401050905000c2402020900080008e1628f0e2402024000020002f66e25cb490d2402010204060518ff392998090582090002a18a40072501030c010000000000007fef1987c5536dacdae416c02f2d7efe1722041bf8eb944b36016a8672a0696371b7b39f35d703dd353a669ff5627342e2485a4e1573cb4864a6653d7c5bf6f5af5dc8a9e04f48d785e2090d57501e98b601"], &(0x7f0000000600)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x250, 0x7, 0x2c, 0x2, 0x20, 0x8}, 0x3e, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050f3e000424100a0506000100000f02090ef27ff65e102c816f003000ff0000c00000c03fff00cf0000000f000000003f000003100b0710020002ff030b10010821004b07010005"], 0x6, [{0x100, &(0x7f0000000400)=ANY=[@ANYBLOB="00032f37d775980236070ec00c832c8f5996486feed7e9dc211c1bcff09535534c78c3a550d286044e215b0bde64642390d9e89ad02903ab416b0326e378f9127998dc157a80e5b887b3a427ecabad71c6101654908570e75c31dc23786135f5d7c91b57a9b831eab528d87c1055ac841923613c973b7537e8025db4a261e274caec3beffd38536985db553e9f0f647a983491eedac586ff7a19a6ea22233288078621e70498ecbf7e5b3cf779a43dc51d362e9a68ee32b74802b0a5367a6cec769e6c07840ec7026a78a54dffbee9a605d343b57e7b2750e0ea7a848df9c358336cb28e39ec738da8739e27c49c4a81cdded6ac1d3c97cb877b6ee24909555f"]}, {0x4, &(0x7f00000000c0)=@lang_id={0x4, 0x3, 0x42c}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x1404}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0xf8ff}}, {0xe5, &(0x7f0000000500)=ANY=[@ANYBLOB="e50354a99f4156bf800995caf81bb08974fbbff937ef9e9e286b8c81a28c0b5d64c5121ebecd18add51f458520f4471f70caf99253a5b7ef924802b824cba1a9837753dd52fd45ab4a48090f2be5a00dd5a2507cfa913456e3030000000000000008f5a217e354c7d8bb044a66cb0e0346b3f51ed6ecaf04cdb9fa9d04ebb1e2a5b470277096ddb8ee2d62f7f1b5fd46f538a5fbe2ae033c333b6c9416ea99be393dc3c971f46f6fac3ae65b2266c4b20342fbcb8d622ae59851c28573ae38cd9f1596fb997919bc8a85fb104bd7a2d2a42d45e491a05972c941eb4d3c"]}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x1404}}]})

11.299161662s ago: executing program 4 (id=58):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000a80)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x38, 0x4, 0x0, 0x0, 0xe0, 0x1fff, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x4, 0x0, 0x0, 0x9}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0x0, [{@private=0xa0100fe, 0x40}, {@multicast1}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x658}, {@broadcast}, {@remote}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev={0xac, 0x14, 0x14, 0x44}}, {@remote}, {@multicast2}, {@private=0xa010121, 0x1ff}, {@rand_addr=0x64010101, 0x4000000}, {@broadcast, 0x5231}, {@multicast2}]}, @timestamp_addr={0x44, 0x2c, 0x88, 0x1, 0x6, [{@remote, 0x604}, {@loopback, 0x8}, {@empty, 0xffff8483}, {@multicast2, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}]}, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @local, @multicast1]}, @rr={0x7, 0x13, 0x0, [@loopback, @multicast1, @private=0xa010102, @remote]}]}}}}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TCSETSW2(0xffffffffffffffff, 0x5432, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x0, 0x0, @thr={0x0, 0x0}}, 0x0)
mremap(&(0x7f0000580000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f00007ff000/0x2000)=nil)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ftruncate(0xffffffffffffffff, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000003c0)={'syz0\x00', {0x0, 0x0, 0x0, 0x400}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x4000, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], [0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x3d, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x1]}, 0x45c)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0x0)
r3 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r3, 0xc0305710, &(0x7f0000000040)={0x1, 0xff, 0x1f})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
read$midi(r3, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010400000000000000000100000008000240000000020900010073797a3000000000140000001100"], 0x50}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

11.152798774s ago: executing program 4 (id=60):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000140)={@in6={{0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}}, 0x0, 0x0, 0x44, 0x0, "e541bd3d3aa6a2d875e9671e8abcb31c134f3a9db8f52e1f54fe6e079f35ac63186c7244fc3b3801e79b8e5545b90f2dbec29f15cec2fd7e55d0345bce05c13ed90158fbdeb70322ea3188f81890e3db"}, 0xd8)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000400)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @broadcast}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x8, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "b196e7eae64e5277a4c8fee8899020ae"}]}}}}}}}, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0xc, {"a2e3ad214fc752f91b231a0987f70e06d038e7ff7fc6e5539b3272078b089b3b08384b090890e0878f0e1ac6e7049b334c959b669a240d5b67f3988f7ef3195201c0ffe8d17870000000001b1b5d500f0d30090936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb199f6b76383709d8f5c55432a909fda039aec54a1238580f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82999ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad0f765cf60bd0ba2f3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b599d0efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x98)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000200)={0x0, 0x0, 0x5, {0x5, 0x0, "a8c6df"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, &(0x7f0000000380)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0)
unshare(0x2010080)
openat$tun(0xffffffffffffff9c, 0x0, 0x183400, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
getsockopt$EBT_SO_GET_ENTRIES(r4, 0x0, 0x81, &(0x7f0000000200)={'nat\x00', 0x0, 0x3, 0x0, [0x2, 0x7, 0x7, 0xffffffffffffffff, 0x64a, 0x5], 0x0, 0x0, 0x0}, &(0x7f00000003c0)=0x78)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xa, &(0x7f00000000c0)=0x2, 0x4)
setsockopt$packet_tx_ring(r5, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x2}, 0x1c)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000040), 0x10)
sendmsg$can_bcm(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000001bbb8389a46eb722", @ANYRES64], 0x80}}, 0x85)
syz_emit_ethernet(0xc7, &(0x7f0000000640)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "010448", 0x91, 0x3a, 0xff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], @ndisc_na={0x88, 0x0, 0x0, 0x0, '\x00', @remote, [{0x2, 0xf, "36dad83aea8df15d20889b6a4b488367e6c6cba5844d6d576950aae4e0af85d7922746edc7abaa7b25516c034d4b8474b922a5df0be178ccb65ae4eaabef5f63a5df9cc8e9b0c9fef787cb50058e6375665a79abec0a2808518db033c86bb7e1be26e4ef08f20bfb122d51786403c40883d6626b35a9ee"}]}}}}}}, 0x0)
syz_usb_control_io(r0, &(0x7f0000001780)={0x2c, 0x0, &(0x7f00000014c0)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0, 0x0}, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000001040)=0x20, 0x4)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="000312000000"], 0x0, 0x0}, 0x0)

10.085317766s ago: executing program 0 (id=66):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x9d, 0xea, 0x78, 0x40, 0x18b4, 0xfffb, 0xdc7b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1, 0x0, 0x0, 0xa0, 0x1f, 0x71}}]}}]}}, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet(r1, &(0x7f0000001f80)=[{{&(0x7f0000000000)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f0000000040)=[{&(0x7f0000001340)="d60cd8", 0x3}], 0x1}}], 0x1, 0x4000041)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000008c0)={0x1c, &(0x7f0000000000)={0x0, 0x0, 0x1, "01"}, 0x0, 0x0})

9.586523967s ago: executing program 3 (id=67):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
arch_prctl$ARCH_GET_FS(0x1003, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='environ\x00')
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
syz_usb_connect$printer(0x6, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x10, 0x60, 0xb, [{{0x9, 0x4, 0x0, 0xfa, 0x81, 0x7, 0x1, 0x2, 0x8, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0xd, 0x8, 0x1a}}, [{{0x9, 0x5, 0x82, 0x2, 0x62f, 0x4, 0xc, 0x3f}}]}}}]}}]}}, &(0x7f0000000240)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x250, 0x9f, 0x4, 0x2, 0xff, 0x3}, 0x5, &(0x7f00000001c0)={0x5, 0xf, 0x5}, 0x2, [{0xa1, &(0x7f0000000380)=@string={0xa1, 0x3, "85d1b286e0cdfae0174fa269cc88073c28f8a0a6019d855313207452c7ac78ab472b1f86908c6661a381fd3e661e7635cc3f4c39075b96b3a81484c4bef7834fe533136f43a4331bfbe36b4ee69a720c7f46467f2a9d48d2b7eb31ce03a6f4e67b4e3056f5022b788111050506d7e19ce9d3e6133615d40f0d110a647f5c7f8cf485a9a569ddbfe65ad82dbe64a7d4322cd537b20fad1e42b78f6211ba7d81"}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x3801}}]})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10)
r2 = syz_io_uring_setup(0x222c, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000340)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0})
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x200000000000011, 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="380000005500e501000000000000000007000000", @ANYRES32=r5, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="00000000ff"], 0x38}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r6, 0x0, 0x18, &(0x7f0000000000)=0xffffff7f, 0x4)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10)
io_uring_enter(r2, 0x54, 0x0, 0xf, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) (async)
socket$pppl2tp(0x18, 0x1, 0x1) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, r0, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) (async)
arch_prctl$ARCH_GET_FS(0x1003, 0x0) (async)
syz_open_procfs(0x0, &(0x7f0000000040)='environ\x00') (async)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000002505a1a440000102030109025c0002010000000904000001a3f45747d649f9a30105240000000d240f8100000000000000000006241a0000000905810300000000000904010000020d00000904010102020d000009058202000000000009050302"], 0x0) (async)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0) (async)
syz_usb_connect$printer(0x6, 0x36, &(0x7f0000000140)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x10, 0x60, 0xb, [{{0x9, 0x4, 0x0, 0xfa, 0x81, 0x7, 0x1, 0x2, 0x8, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0xd, 0x8, 0x1a}}, [{{0x9, 0x5, 0x82, 0x2, 0x62f, 0x4, 0xc, 0x3f}}]}}}]}}]}}, &(0x7f0000000240)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x250, 0x9f, 0x4, 0x2, 0xff, 0x3}, 0x5, &(0x7f00000001c0)={0x5, 0xf, 0x5}, 0x2, [{0xa1, &(0x7f0000000380)=@string={0xa1, 0x3, "85d1b286e0cdfae0174fa269cc88073c28f8a0a6019d855313207452c7ac78ab472b1f86908c6661a381fd3e661e7635cc3f4c39075b96b3a81484c4bef7834fe533136f43a4331bfbe36b4ee69a720c7f46467f2a9d48d2b7eb31ce03a6f4e67b4e3056f5022b788111050506d7e19ce9d3e6133615d40f0d110a647f5c7f8cf485a9a569ddbfe65ad82dbe64a7d4322cd537b20fad1e42b78f6211ba7d81"}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x3801}}]}) (async)
syz_open_dev$char_usb(0xc, 0xb4, 0x0) (async)
bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) (async)
syz_io_uring_setup(0x222c, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100), &(0x7f0000000280)) (async)
syz_io_uring_submit(r3, r4, &(0x7f0000000340)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x6, 0x0, 0x0}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x200000000000011, 0x2, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="380000005500e501000000000000000007000000", @ANYRES32=r5, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB="00000000ff"], 0x38}, 0x1, 0x0, 0x0, 0x4040}, 0x0) (async)
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
setsockopt$inet_int(r6, 0x0, 0x18, &(0x7f0000000000)=0xffffff7f, 0x4) (async)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) (async)
io_uring_enter(r2, 0x54, 0x0, 0xf, 0x0, 0x0) (async)

8.530625696s ago: executing program 1 (id=70):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x42342, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_sctp(0x2, 0x5, 0x84)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x7, &(0x7f00000001c0), 0x4)
vmsplice(r0, 0x0, 0x0, 0x0)
mmap(&(0x7f00002f0000/0x2000)=nil, 0x2000, 0x1000000, 0x4008032, 0xffffffffffffffff, 0x4d4fe000)
socket$xdp(0x2c, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f0000000040))
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r6, 0x0, 0x48b, &(0x7f0000002700)={0x1, 'virt_wifi0\x00'}, 0x18)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f00000009c0)={0x1a8, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0xffffffffffffffbc}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_STRSET_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_STRSET_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x80, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x5}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x7}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x6}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x50, 0x2, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x8}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x2}, @ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}]}, @ETHTOOL_A_STRSET_HEADER={0x4}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x4}, 0x4)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x6020c0, 0x0)
ioctl$TUNSETTXFILTER(r8, 0x400454d1, 0x0)

8.274934441s ago: executing program 0 (id=71):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x500, &(0x7f00000001c0)={&(0x7f0000000340)={0x30, r1, 0x5, 0x4, 0x3, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

7.9654255s ago: executing program 0 (id=72):
r0 = socket(0x2, 0x80805, 0x0)
listen(r0, 0x5)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)}], 0x1, 0x0)

7.858065216s ago: executing program 0 (id=73):
open$dir(&(0x7f00000042c0)='./file1\x00', 0x4240, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @private=0xa010102}, 0x10)
mount$fuse(0x0, &(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), 0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000500000000000000", @ANYRES32, @ANYBLOB="040000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="05000000050000000200"/28], 0x50)
r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100), 0x50000, 0x0)
r4 = open(&(0x7f00000000c0)='./file0\x00', 0x40c2, 0x0)
write(r4, &(0x7f0000002200)="bb8f9f640903127a53527c6fbfe65d43b0e0586f2d40c7e7df58cac83420e83662d6e39bb6d5430622431454eedeeaee423d8f210bc3525fa7927c18d5fbc91ab13c2041136047d8da9375934d00f325499bfe7712208d387d41c31821c2a22d1325b556528e9b790b74053d1ed631c6ec8126d37c87216173138c00cef396868029af5b76bebac5e38b74d8bbc6ae66b6e202b6d505710377710ea7d43edf00e1a4c1c670bb4c263ce777da81abdd5ba5a5c82f67232f9b4d6f21b2e6afa8b38e4642b0daa2acbc0478d89b88e8b2094d4248855e5e81992e60be3afff0f3c3799350615489a901a659abdeca0c615a622ebf64175f990320e0356d4a11ed62eff72b709c23dd65942e8b534d7d775d370c1e435654a2634e6ee3649c4c3bcbe39e866f1eb9972af1a9cef42e701798a53dc92a242aadbac343e1765cf8ea5665e22deda69777e52b1e9e5d3edc022256939e1eee013448294911139d5b9c6241049fecdf9b31f4cdf6cff65d71b5071ef70e1798347c8846aa5b905e83050e3e606986ed3f603d18c5cdeb11cda1ce3abddea9376231af130e19fc7601ec1ab8cb5a7de9e2174547f18225b09a54fc8720dbb91eb69c1be88e601c3c9df4f2758f39a5151951b9c6dbb419ffd783a34c9fad10f201b8724d31865e2fc1fcf48db2be713053b43a0e3943c1e2b08e8a26e946c439d891db2a80b5ffa054bc8d0177d3214056250c61a537d2ec7630fb90395df2cd6aa9c5e573365db580520bdc3f1c6b2be992e1516a4b810a11935dc780699e461d9715f70c6d103ff49bf168f3cff4c0d0d6ba5671fcd2975450b0e1a3474139cb0f2d3476fcd87a8bccbeb2f5f8a821017b879aa5b9d1fafa9f4c429a74cd2da782114d97bf031746a817dd0293c4eddc3a9ecb5afe496f4971474ccd827449409f07cf94dda2e7dbe8520b5afff10a7e3b0b4289a167fc692635b5b7426d9e771b95860b09a3e752c867213c772e48ba30a78feecc7ff26e63e1749c62b52d377ac5cc52db830c965e04ccfcfb24ceacc69cfdc2094124dd27b2d68f699476a2562bab1de117ffc2b0702ee8b0b77f85fecec3a25b37ab7eb06232c9a73b4470f1727c82581d81942abf42d3ea37957927ad3dbd0ebe46678a9f4d25c47acaac83c14210a54b71fed40df017e2be27f01e3e6ea3ea381ca14efd202858e6535ad4f79a8cdf47e385b740a70c14e3651731a45cc0ca4a56f2e903cad0384efcc364caf67e09551d35c682ebc90a9286c4d274ba1b8ced742ede4e55a62db7ef9a96fde2add05b41599fd72a79ba280cc125cb266ef21b7eeafe3ee6aa78eef33fc66454549c3ec298cb683a55a32208cf6ce88b560166159d59e65f30540f62c5437652ea7f2a02f87ca242dd2250f58e75938a9a3ded51ae6598c2aba53287ff5cdaab17be7f4310f8e07e310d52778de79e1c2e4391b254be38910aa1cf6e1ca0e75d24be97d59f7025f16c6fbd549529b74e319c58f50438765ef0e3dc394eeb75dec41b3d80435b17520c97f5cd7ee692fb86d188fb0089fbf737dc1b96b9cc49be23a38a8cd92e5075f349993d7866369dd25eccbe1481477a05fee14e0edd1617921d7fcaa8fdc642e63b64388fa5b63442ff1466b1938d02546750b01ed9c980282ccbe10f204741249aed88c555ed6fdf7f68af9209807a71bbf4f31bef5a4223466da74ba8b034df529aef6ec6610a0d25973961e50e02af22d0ca8be1b9804a5918acbdb536e8f2f441ec9d640ed15133ee747440c86fc4526c9195954528673d25c8390170f3c19cb0b0c30b9e634c7ebae96946ae97c19eabca92226da925d22be37abbe0740938ea899ec42fd529a3b1063981e4c154219df5cf5af60a29b5a8ee530905725a14b28900eae937e705401ba8f632a7bca00d9724a992afdc9ed14aac71b8e3a7ee5ca095888feb195b4e083c3b611a1c2f8d092febe3b9f5f0df61e8d3c31a643c935b76bc1ad4265164e755484beb06610510bc51e8c6da8d71123bbe83a5e4128f41cf5c486d6a60496c300c406f990bee485cbdef794f2663ee66d2b18d8e55210c25c04b1a0c6d9c5f904e72806d2d4f5e5439bcdf146343cdffe4d0d70d42a9959cff9bd50c37cd478b0b0add16aae4dc839b46bca2ac7547144b6a422aed5e2db661bcb31a82bc0fc678e71a6cb090ef772860f3008b4152b5d281033be4a77b367baec3ab8ce7c83c601b11c8199bafcd15161a5454a6a982dbc3c2e3a5172b6a63e4904817075754eccbb0188c9cb2e5da9600f567485014887463b40f189b7ec3c5c0f36d502509e402c285765c78417ce6b3aab130ee79622dcd8ada842233e73a14554ee5e4995e32b3fe4075e247eb9bdeef64d1a7436c9b5782fb2f84f74e4c6e976289729c37b5bb8200a9480d181a6b11f5ec229b818134b8334967ae935ac1d81be4776fae4cb68b6fa330e93bd8de388b38455d569159bcd166df030a6dfedf28caf4608de7243f5df2c76f6680c301d819dc67d24d2f780432a931700a253b0a5b075195c6dbfd1fe17a1c11a3dffa872a07b877adc66d069fffb6d8326e1998c5a337c3d530250cae335ceffcf81dc438a47e73490d050a053813dbe6674e42c91ae94b4a88144f36adc1b08b4bcd6ddf4058c4e08d4dc83d5fbd843ee27eaf50b297c220350260d9abbeeb6deb921e50cae0ea590cfb6f00fb3c71520f565bb769705e2481ef27cf537d29f163c9fe3d39ed9fd18dc8b0c976cd302283e430807a9d751357f89092532d89fe280c69ad36e3541b5da9dea13fd19d0434c760fe295dfd9b9e63453c7853914c50b1b77ccd4b33c8b1f31fcb1aec040ffe2f9d728d8ea84297bac2e22230ebd1488c503b05b2e433cc37ce9fc123b7d3eb244b4549e9a841e73b664c8f6621ea5a4c9ff9c1da032255311f2c063a682baf4c97e7ba552bf71af4bd64f43872b846d15c65c487089be272cfa24a33f8c50930ea0bc4b089505fb8e97ded0e7e64a5ce897da6b940df4c3dddb8b4871d773f6ebf02058518c55c19aadb0f266caf18777ae68d2bfcfb2225961fcd10538ba664fd053a443320072707533ab761b9397bd0559126b84fe9196463ae50633017ea2d80940311d9c867102b1017f34af1965d8eb61be616a0d40656e2bbb750aee6f74f788c8acb2578e8686f5f8da6a19e979c152b7ee7c7f16902120588e2ff630144b5f929ffc593e946d9717c5968aa16c2d73d689fb5cce117acda3e23e5e0116de1cb6bddfa1a84cefb22c1e2c3753017696f27b9aec5d44f15411247643b84dd4410e784b4eb5b9c68fea671976f9b51c6526e2ddb40659611b0b3bcc7e249c77396fdb8c864ea9318f9de7fd3936fcbdc732c2f8b9556ec9afeb15d5e2df890351d66074d53dddc6e8dba8c91d733623ac95a49eb69c7de37ff2364ccddb01f6500750a012c2acf32a9f6bbd9e92d17ef858fbc", 0x9a0)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000440)={'batadv_slave_1\x00', <r7=>0x0})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f00000004c0)={'tunl0\x00', &(0x7f0000000480)={'syztnl0\x00', r7, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @multicast2}}}})
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001300)=0xffffffffffffffff, 0x4)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001680)={0x6, 0x14, &(0x7f00000013c0)=ANY=[@ANYBLOB="b7080000000000007b8af8ff00000000b7080000010400007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000085100000a50000001100fe05912096228a62ee00", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000018430000feffffff0000000000000000"], &(0x7f0000001480)='GPL\x00', 0x7, 0xcb, &(0x7f00000014c0)=""/203, 0x41000, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000001600)={0x4, 0x0, 0x7, 0x9}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000001640)=[{0x5, 0x4, 0xd}, {0x0, 0x2, 0xc, 0xb}, {0x4, 0x2, 0xf, 0x8}], 0x10, 0x4, @void, @value}, 0x94)
r10 = bpf$ITER_CREATE(0x21, &(0x7f0000001740)={r0}, 0x8)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001780)={0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001840)={{0x1, <r12=>0xffffffffffffffff}, &(0x7f00000017c0), &(0x7f0000001800)}, 0x20)
r13 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001880)='/proc/key-users\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001940)={0x1, 0x18, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x163, 0x0, 0x0, 0x0, 0x9}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@btf_id={0x18, 0x6, 0x3, 0x0, 0x4}, @alu={0x4, 0x0, 0x3, 0x9, 0x2, 0x40, 0xffffffffffffffff}, @map_fd={0x18, 0x5, 0x1, 0x0, r3}, @map_fd={0x18, 0x5, 0x1, 0x0, r4}, @alu={0x7, 0x0, 0xb, 0x1, 0x6, 0x18, 0xfffffffffffffff0}, @alu={0x7, 0x1, 0x0, 0x3, 0x0, 0xffffffffffffffe0, 0x19}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x1000, &(0x7f0000000300)=""/4096, 0x40f00, 0x1, '\x00', r7, @fallback, r8, 0x8, &(0x7f0000001340)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000001380)={0x4, 0x10, 0x9, 0x8}, 0x10, 0xffffffffffffffff, r9, 0x4, &(0x7f00000018c0)=[r10, r11, r12, 0x1, r13], &(0x7f0000001900)=[{0x5, 0x5, 0x6, 0xc}, {0x3, 0x5, 0x6, 0x7}, {0x1, 0x5, 0x4, 0x7}, {0x4, 0x2, 0x3, 0x3}], 0x10, 0xffffffff, @void, @value}, 0x94)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="33000000060000000000000000000000010000000000000005000000000000000a"], 0x33)

7.582766309s ago: executing program 0 (id=74):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0xc}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0xffff}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x28, 0x6, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x9c}}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0)

7.443282144s ago: executing program 1 (id=75):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0xcc, 0x65, 0x8, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xffe0, 0xd}}, [@TCA_CHAIN={0x8, 0xb, 0xba41}, @filter_kind_options=@f_u32={{0x8}, {0x2c, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x67}, @TCA_U32_HASH={0x8, 0x2, 0xdb87}, @TCA_U32_CLASSID={0x8, 0x1, {0x5, 0xe}}, @TCA_U32_DIVISOR={0x8, 0x4, 0x84}, @TCA_U32_HASH={0x8, 0x2, 0x5}]}}, @filter_kind_options=@f_bpf={{0x8}, {0x64, 0x2, [@TCA_BPF_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x6, 0x4, 0x80000001, 0xee31, 0x7, {0xf9, 0x2, 0x8, 0x1ff, 0x7, 0x4}, {0x5, 0x1, 0x1, 0x4, 0x4, 0x2}, 0x1, 0x1, 0x7fff}}]}, @TCA_BPF_FD={0x8}, @TCA_BPF_POLICE={0xc, 0x2, [@TCA_POLICE_RESULT={0x8, 0x5, 0x6}]}, @TCA_BPF_OPS={{0x6}, {0x4}}]}}]}, 0xcc}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x7e}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0xb00}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) (fail_nth: 3)

7.400425506s ago: executing program 0 (id=76):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x400017e)
r1 = inotify_init1(0x0)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r3, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f0000000440)={0x1, 0x20000006})
ioctl$SNDRV_TIMER_IOCTL_START(r2, 0x54a0)
close_range(r1, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r4, 0x4030ae7b, &(0x7f0000000040)={0xfffffffffffffffe, 0xfffffff7, 0xffff, 0x100000000000})
r5 = socket$netlink(0x10, 0x3, 0x4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000000)={'team0\x00', <r7=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2002}, [@IFLA_IFNAME={0x14, 0x3, 'bond0\x00'}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x3c}}, 0x0)
ioctl$sock_SIOCBRDELBR(r5, 0x89a2, &(0x7f0000000000)='bridge0\x00')
r8 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x4000, 0x0)
r9 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r9, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r8, 0xc1105517, &(0x7f0000000140)={{0x8, 0x5, 0x1ff, 0x9, 'syz1\x00', 0x3}, 0x4, 0x2, 0xffa00000, r9, 0x4, 0x0, 'syz0\x00', &(0x7f00000000c0)=['team0\x00', '-\x00', '/dev/kvm\x00', '%\x00'], 0x13})

7.358167004s ago: executing program 4 (id=77):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000040)=0x1c, 0x4)
sendmsg$netlink(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)={0x1c, 0x1e, 0x723, 0x0, 0x0, "", [@nested={0xc, 0xa9, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}]}]}, 0x1c}], 0x1, 0x0, 0x0, 0x24008015}, 0x20040010) (fail_nth: 6)

6.554497282s ago: executing program 1 (id=79):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x1de)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x89e1, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000540)=[{&(0x7f0000000280)=""/8}], 0x7, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)=ANY=[], 0x20)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0)
write$binfmt_aout(r3, &(0x7f0000000380)=ANY=[], 0x20)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$BTRFS_IOC_GET_DEV_STATS(r1, 0x400454d8, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r5, 0xc1105511, &(0x7f0000000380)={{0x0, 0x0, 0x0, 0x0, '\x00', 0x40}, 0x20000000, 0x0, 0x2, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
splice(r3, &(0x7f0000000040), 0xffffffffffffffff, 0x0, 0x808, 0x0)
socket$netlink(0x10, 0x3, 0xa)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket(0x10, 0x2, 0x3)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x4001, 0x3, 0x240, 0x118, 0xb, 0x148, 0x0, 0x148, 0x1a8, 0x242, 0x240, 0x1a8, 0x215, 0x3, 0x0, {[{{@ip={@remote, @empty, 0x0, 0x0, 'geneve1\x00', 'ipvlan0\x00'}, 0x0, 0xd0, 0x118, 0x0, {0xff0f000000000000}, [@common=@inet=@socket1={{0x28, 'socket\x00', 0x2}}, @common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0xfffffffd}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x9, 'syz0\x00', {0x6}}}}, {{@uncond, 0xec010000, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
r7 = syz_open_dev$evdev(&(0x7f0000000300), 0x3, 0x482041)
syz_usb_disconnect(r7)
r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0)
syz_usb_ep_write(r8, 0x81, 0x0, 0x0)
ioctl$EVIOCRMFF(r7, 0x4004550f, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b36"], 0x0)
write$sequencer(0xffffffffffffffff, &(0x7f00000004c0)=ANY=[@ANYRES32=r2], 0x8)

6.545481264s ago: executing program 4 (id=81):
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x10, 0x2, 0x401, 0x2, 0xc, 0xffffffffffffffff, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = socket$nl_route(0x10, 0x3, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x2040, 0x0)
ioctl$TCSETS2(r1, 0x402c542b, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r2, 0xc05064a7, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000007c0), 0x0, 0x5, 0x0, 0x0, r3})
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x90)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f000049c000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r6, 0x4008ae93, &(0x7f0000000640)=0x1)
ioctl$KVM_SET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xff, 0xff, 0x2, '\x00', 0x8})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r8=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="5801000010000100"/20, @ANYRES32=r8, @ANYBLOB="41400600000000000400140034011680340001800c0007"], 0x158}}, 0x0)
syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0xfda053a64f212df3, 0x1345, 0x3008, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x8, 0x20, 0x10, [{{0x9, 0x4, 0x0, 0x4, 0x1, 0x3, 0x1, 0x1, 0x4, {0x9, 0x21, 0x5, 0x2, 0x1, {0x22, 0xa48}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x6, 0x5, 0x5}}, [{{0x9, 0x5, 0x2, 0x3, 0x10, 0x9, 0x10, 0xe}}]}}}]}}]}}, &(0x7f00000005c0)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x201, 0x10, 0x4, 0xc, 0x10, 0x6}, 0xe3, &(0x7f0000000680)={0x5, 0xf, 0xe3, 0x6, [@wireless={0xb, 0x10, 0x1, 0x2, 0x91, 0x2, 0x6, 0x8, 0x1}, @generic={0x60, 0x10, 0x2, "c593256844e56529133e87c14bcab1f0bd3539a61ec5dde0c8093fe6649f5e4afd7123bd0b423aac637015e719430f4b8b060cb9062a5e6e3281df8d1fe786451a840710c3a3699cb2c7115f0d2c7c5cf2beae83c58ab33e6687d7713c"}, @ssp_cap={0x14, 0x10, 0xa, 0x8, 0x2, 0xe, 0x0, 0x5, [0xff60c0, 0x224e2db53f623efe]}, @ssp_cap={0x24, 0x10, 0xa, 0xf8, 0x6, 0x7, 0xf00, 0x797, [0xc0c0, 0xff0000, 0x1fec00f, 0x37, 0xff0030, 0x3f00]}, @generic={0x38, 0x10, 0xd, "5a6d95fea0b149e14c7867451bbbb7fdd4afa5f125de5b47309449edacf9a4b7b4c98a724304a3cc4ce2be55a512a94d7b5c754335"}, @ptm_cap={0x3}]}, 0x7, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x340a}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x44b}}, {0x5a, &(0x7f0000000380)=@string={0x5a, 0x3, "008469a5b90990bdaae2290952a20125936302e0333be095ef16e3544309ffa55781bc26dd034a21c05d7d246960d07a9a1ea999427de673af4dc1039f1fd0cfcf55280998ffedba6a41424939da5e71e4ed5c8615bdb9e3"}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x446}}, {0x23, &(0x7f0000000480)=@string={0x23, 0x3, "dfbb908760c7ab4d9c5f6d765ef3f2d366a844d5c935afb0efc26e82b86fb818e2"}}, {0x2, &(0x7f0000000580)=@string={0x2}}]})

6.32109617s ago: executing program 3 (id=82):
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002680)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f00000003c0)="a4e5b02d1c7ffa7b68b5c942445bc327fb0283ec570f6b01c1a767b1b8acab91febb0760616d1e163fd58bcd74265405868f9299f0cbeb2d33c1d3bb97901a77f03d4af07dffc18482e604d26d48977724b274d9e046320dabcf3c71b6ab25cbb7605166c53f0d652bc08c6735fde42e69b31f589199aba1028e9b6ead6dd49db6259f5204ab946ab1d638db9fc0a2a3c9d245da78c300e9db57a87fa4015a3b841477616fb87111671981a5f6cb841503465f4c9a29e914a5826df91b2c1d0d130ff6e2ffd9589417d587ed3aa5ebb7c73af9ea33fc8ce2263514d7aea795c68e4f55389fc263ca28d515032b37e9ab6b9e0f4cc2f7e50c5856280989c0fc0ecb4a16b2417bee0606394ee20a76d64be08900eedf5ab1a004e382ba526ac9cce3b915a5a35ae7e93f3d10591f921f8503683451cbf8137d7564f0b2acc5f11df1629892ab7c926a97f66f02641287f950f0ac756c6d3377452fb5b495bc706c3f5b4b2e23ca1a2b84adb79ca73acce8d377a4d99c8f56b6f6b956dfb458e8eb96aa50cec11a90da84c9b6bb867c98d69a69ed5b4fbb069864a92ea9c9e885b21ccb120df669d4c9fd29e81ab3763001c1485be5d82cf46dd87c9ad36612f57b3ace8173a8dd455214f6cfab2cb7894a7f5d6bc08ef8e697ae86d076ba5a291b1fdee071b73c525c6de0e78580d7c6156a8f7b7fc4e236fb0d6aff75e10629fdc99d1ab3cfcb9b03f64653ecc8bb5b69eb57f90ce92cc30c6e3eb06fa984805cb35c841fad9f72b26cbc993dcb6bed925b0201f9ba482b7f9797f02441f9a5f36a285b8728b883fbc23c34eadca443f0a611b08034bb4896b8fad7f4357a032bde001dc8f467e99c2c0f72fa1059e36c6fc348a33e8eccdbd2ec5f6f4853cccaa3dbd70547bba6968c8187cb05095d6f7a29434099ac48c49b58854e4ba0f48813e4596a5b1140887f697b9bf2615fa96490a5f25328768099399a9fc6d942e86112af2024e5911f2d64e4cfd04a405e2f5a27120c547e48e1af647d19015540701faf706c2263976de6616f365cfef3ed64b85834b7252eb3165f8c86db134a2ae2f0ea3735f49d148f10f640661b2d4329eab4dcb9e04186643f6f18e5c96f79e139f8e541c1dbe2f62bea14953b4896ac46b81c3a8298e7819448e461317ce2b13aa0bc1e135355ad9a1c5c2ba410917a751d7e0dc4db52eb46bdaad9b20f3bbcc4f2fb23c24ed006dce16b0bc6e4b5deeffd22a607ed7fafc9c464d925c7268468ebfe25770b18e3457e0268d8cf32d82ca3fd5a391bfa7c333490f6264fd213bcefbd2b17dfbb0a5ae961d3994478bf5ac6d88e8986b8351d105862cd9f05b0bfc8bd6d54fb2d50d642da92c1165f06ec4baf7a9c87d984439927b835d7087f28e82d9d2e0312986beaf9b1d7efa95d7bff2c72bbc7419b902b58bb0f1bbf0071aec1098122579b301302b7ddd49385c7c9172ba3cc1aae62760836e156fbc59c9292220cf437550f6c27a23049cce5a2c8f1cbd86f61b26ce5453db05a26771efdf46e96ef78cf061520aa769b0b5d30ff83f31920be55227b2385286eaeac2d44e91a10bb22a5d80e7906439d6635c9ae1fbe30318c80758665eb68794039fe9d9d945874aa18ec942f526b81ca277e223329a50fa209088677a75c43f88e5f555b8156fc572f6710d8d4e6cd608294f0ab05c2d0d992ff8f6365ff784596874f2dc12ab6952a2f2d693ccf3d624d53fd56894826e78dc01f95a65d65f1370c330755112809604f48a28528b0004cc0c1957561ca5b97e6b68bed39ead403c8d6116cfb3a30bc37828cb76573ab65f2c4d738891a5cf23bf6ed449f3fe743a5ebaea84bd031fe7e32c1499510b123d7a9e6116beea49cd2286e7ce2a0687c560eeb55634655c322a34243319dbfdecf53b5199c4905d85c8cf133f5a17dfc48683578902eafcf4b63e13fb36c9798610afec95b961f6215f1f44275bd7ea02daeefe09a1227b86a891ba133ff2686f11ad71f2d40f53f61d0f561ce4d3305c83a41467dfabc3c2664b21cb8edbe6dabde62205ca8e79eec12ea8ae3228a25758f136d5492d6b6736a9b2a49b4563494aaf535afa9655eef94078f04f5c1cb385123ce95610a2d0bc2886e76903d1eda0a8e40710ba53d94df3ec8d4fac4bc3c7dedad541cd5b580478a2432b2aa2fcaa0649bf2b46f4ecd90e55a576a236b2daf322b33b76b32341589ae5aff45d48e55664a3025557497a6ebf6219d90da0b044615157d860f87cbd9466c8cfee47c8281a61ca4e2e6ee7a5e515ef19e308c915c363bf3e536ec5e44ce08892645c55f94d844abdd11455499c396af31342af32d0bbe93eb2ecf3c93258b41a220681f7ac84ffbc5939eb0c7cbfb59764484e5886e0fa50ffb55817b6cfcdaab64054b2d5a673b4fdeb849eadb8a6699ebb295f973db7f4ec0ac65182d284a5753d3954e439ee0124c3dd95603a389ee54d1313f4da95ac251f31fe77211ce1c3fee6c7bc8de376b12b4836ae4b26e1e9d73368be43cc93a0c4e6cb42596357d58ade783af7d2eaed445e4ac899c7749327ef8618f5187df9f7b37ccb497bab8776984397a521b442b51cabce7144c37520896aa77733a85a4bd3a2b13a721ea509ca17aa8df71156cc612b91330418fc6ba8eee7ce04d611a687a32c4c50a5690f564c9e65197e6212dd9a3e30eefcccc307407e0a975aa5b43069d2ed447d209dd110598f9622fbe573db976c5f4bef82f5474dd0ea5bfe736e0f3f969bb38469839ff24b7157e6b8846b4710d7ad7f3cc3ac3be89160b9b429a899d4722fefaf6b05e540afae163b1a1a88deba6ea8501c375e856c5997dd6587a8a02c910df6ea9516c8d9e9a2422e980b5c044d4e57a2fb3f8c39a749176669f22d270dbca7cd656e88d2467271e38f79748205af3e8c154d74253e5223fe00ef53df3acdddc732d1139b6e6ce3382c7d0aa5885f1c98c53cedc5c4850eed9393277516a125c96d61b8319771a83fb02ff0e6cde27ce894ecfc4b42695b45037ebc6db705a661e29e031509b2eaa4dd48a2fe9768440278ffd9dbdca1a36b788fee353c45b2197be3805feea42012efdbecc6521dd0e24271a16", 0x8a7}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e03002a000b05d25a806c8c6f94f90424fc601100077a0a000312050282c137153e370e0c1180fc0b0c200300", 0x33fe0}], 0x1}, 0x0)

6.169118024s ago: executing program 3 (id=84):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
r2 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r2, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @local}}, 0x24)
sendmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000001880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=""/17, 0x11}, 0x2}], 0x1, 0x10002, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000400)={&(0x7f0000000280), 0xc, &(0x7f0000000540)={&(0x7f0000001340)={0x1288, 0x0, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x38, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xffffffff80000001}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xffff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xf}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8}]}, @TIPC_NLA_NODE={0xac, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_NODE_ID={0x7c, 0x3, "c592296fa819e292ef1c2c99cf130d9833437213b86392561362edb51d92282cfc0bf4d71e40ebf036e54948197821d695b07a4f635ac69c1345cb6f3606917b8858a51ccbe97fc95eb3d3f93405830ad814be0ddf44027d23bcc69e008858c0e6dae7d20a71bf8b0b3bcde072a4e9fbf765319854c872fb"}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xa14d}, @TIPC_NLA_NODE_ID={0xb, 0x3, "6a2a3894a8b11c"}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_MEDIA={0x4c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x4}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2000012}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x400}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}]}, @TIPC_NLA_NODE={0x111c, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x46, 0x4, {'gcm(aes)\x00', 0x1e, "77c5bf9e6da0ed25fdcd77d93a89a8776b1075439220d11baabad974390a"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x5}, @TIPC_NLA_NODE_ID={0x1004, 0x3, "a7bd9265bf8dad80bd951b64431712b6766b00b30bb81952b08af235f427fc52b692f0959fe5f2f0b65c288d8081df36e81265f96aca9394a24837209c5a17d4abf0fce1bfa1eec1e0a9ae1528e1b2839fcc93e63a1c46b536cbeb6c89557087e99ff099d491f51f61267a37701684806d1925f227523a369b448933e0748aaac73cf0deba0a88d991835bddb3e35af78d3372b0d13f2394594a5971ba2067586566e3ad5d4fadc8ddef5c763e9ed91b0c1a154485ef000a9eff4a2d667f121b66da1c2980720e0002a2fc51b6589268958245cbeeb02fef5c4435fa34c5718c5f0e5c8fd2bf1bf1dd6e111535512a4602051f3c5db3ed8800429628684ed201cdfdc5d1564b96b4714aa9baedee35b397220df5bf8529c1c58805516bd4939a0f1b88cc9d8b8277058383273a7831d467749fcfdaa26215ac7dfa2915d842c611d0e5706a2a569fd06f28a9c586560e3adc8951a9319d5b9ca58465bf6b78512497853fef1fd328207dff8dd9302a77f213d8854186ade4bfb0d539f074806dccd61bdd3d4206743864b93992f3a9655230777494914ebf96c8f4ab1a882d39591650b0cb4ee700fb80ec79a378e6c0c7c8025e1f9dcef67704d9c845b522b30d98186484d089474fbca5041f74fb1d544ce65cd7c85f6edff7dfa2ba865cc2df5b42e4388f9e54ed2abb0f34be6de9f86f849f21f390369c9848854f3fd7c8863d59701b8648fcd0d491b2e66e8734d3d75c3016d3a2bf9b3388d4ca7cf4dce9fef1e254751fd7943668e14933a07887f5d465549e4cc4ef4ca6c7b94d37c4e0eb6ec0674e3fb7f7b7531fce1a9a4bb4c4e64515e8b6570071e4f608e36dfecccc4248de57b25af1b80ac77dd122eebc254b91f7097284b213b3f4b5d582e00ae2a8776a33766440e73e55bacfab698032cf85a8d1d7a8bd6f855693a9c854564e12361683522f6944dd1c8dcc0bcc05ecfd8acc11041ecbe7ec75cf13ffcf60b861d7ef15bd301cf23c49deca358fcc338a3fb6be07248bd9f08678aa1fc359442aa0665fa2f0f13ad49385147de9f5520b13235c23f79f479c762f9b16d34fdb1de1efcfbb6d25f80e8724295be4e29b81df5f1b90e7fb1a02f831f98aee0ff001dca325d3a56298843e2d5ce58a5f2ecae09384647c1bc9309ca6bbbfff87e385a6246f902a330162dc19e39439ca0028cc7454d740fa8ddfbb6da11b68487a953c90ab9c27a2a92bd1e43d970420d9c202ce081877e3f709759b106c310945f1e81c7a817807363aee6ce7a9ea55a9b28319cc4923e23b10532efd96bc3965a33ab0fe70a818e6194adceab80231e0a0bb68b4deefd5edaa9d88051d30648b2ceca9a03a259bcb75c5a5f98bf1e2383da25d9dfa7ce0f22b2cbd5f380265e711c782bd323f8945128379220f71f4d0b9bf32b51e39b9e6e6ef1bb34dd7004502d6620a5c1f788bc03fee165cde9b52393d7fbec53372ffc0543c46dc697cfb0006b0e963e0a3a01f216d2d16de3bf54cd8a50293b29c413a3ec58a1ec5e5a213027031d952a7d7d8655a13a4b86f0b83a69ab4a62cc27b86b11cf0ac1a7724704353bd51a7148b40c62af5d6ef40a5abab0f336b385a2a7ef64ed91a810311bc1777eedfacad4bd853a83c89f327deaa4687693e71c4aefef33ca3ab8ad5c46a19d2598440db365bdf6dc9484a801fabb92266557019fcdc222e49e884cf74297e131a0fd0a8dfb5276faaf4da55af1c24f51c24ed384fbf2a9a28da95d48bb0a7d6d4023b641e47e6fc68c8b835356db9985a65f0af0e9ca62d427766c00607d04285e5887e960374bc278053c4fdcfcfe86629280664008f52eee5bd96fc2929523ceee226ae489f1f72d5a89d063bb7c4b70eeeb9942798cc8cf170236696b33848f285ed71d5c05343731417f0b6365e93297899434e080171e6f3938ced72755622cc25d102aada78d58fb6f903cf5fe4a44cc2178372bfb5e4e5df41824ed0e3d8ced0df69ab5233637aafcdf24f9bdc6bfb75dee77e0e683c10d7ac84ceb617937172278b17d7d0dd758afd91de6ea9997ecebbf2c981893291c5155c3c65be8ef71945cec160c54e085d9276f8872b92f2c7b1555138dbdcfe1f4697399e77942c23723d2b114312303e860fca741ff8e477757276e39225011ed96f1db709027dd6c8597890e544a94760c270842175ba7628348b7ad957e4def0ea796f228bc4f47c2aa689dde0c8f5d39e87c64db9cfd451da06fe57753b90aecebd74f7f69734cc17a1badcfee540dc25c9685681ab6cd361f173a01a735a19c71841bbb2a10359833d1e5d4f8246cdc96c303b8a94cbe6253ff1b7e1518ab7ffb3b9c2c448ede139f19fd6931fdb2c1a2850649675100b1d2e3571f8481dc3d06281742e12d24d434292b221ab1c5a531f835c4455edf8d8a80883eb5499fb41e49bbf51ae090e811cbe5778723770c16c6fd1f7e922983c1c9a7a46511a1aa9eee666d7403ea004fe8ec2ce03dcca8c1ea2dce859da216679cfbdcde8f4a99fe123f860d31ad254e0402cdda521ca9392830c791c7ab3eb87c27869141d70dfd58a94f11d9a2b50a3366eb4ad93fa14e095940fc413b3a7c4cf6473b454a57b745cc8891dee1c37d76fc710ab71fd676717dae7a5a6d07244e33142bfeb48ad674f4ddfff426f471d18f3f3df712ae9b07f6ae4b90604e9d52b041ae67e6ff61ca81f1db042148544b2c7607e58c56ec36bc7b17edc1479057d9046b78671df527043ea83e7e5cb7172a9860f39d3f92ff6aaecc755205645b379a6b53809cdc975a5296927efa3b320dd13a14d9dcba1c8400b14c68d8041d1a33d58b4b9be924f489fc7c88b448f50fef5f61f0c6944ca51614c1f251e1267cad3a6b061984236354d5a8066383d49ac3358e685870d8abd762e8e0c9bd66972bea2bb7d06f8501104936248744b4d1181c7a6946866001d86b9cfef7d897f126cd4f32a33b35729c0333650dfb808e194b13a6370ef9454ac009260921b6a94c82e85e01a1e701957be6e0049032a28db8920adb83189c408552877fac1f770d7d2d05ba359d30b2fd83630ab73b30bcc10ba1df6bc6962eef2011d1b849c2803f02d2783e2bb625fe64bf4b634e17c768794ab3a48a9f1ef565648d63f118d1de02901ec3aeba94cf021d85d74a203fbec820176fe04ff39f4504c2f956b022f9d584c5184648d88f9f5ff7e201765c31884cfe10ff7e5beafd3e6ba7a00494612b9f06febb8f863349a6367b0c58876ef0004801c9f7a8b3b53580e40c13500cd53286a23ccdb6c7f3c10295a2de2e5f5137ce976ca48fa262b9e640fc694639be14f824fcdd75dc459d3ee0b4b4e16489e8049d68f3f829b549dcaae76d6ca885ad94493e7f428c7d2e740d248473aeaf818729e2bea35d17159870c7b943cf8fa008343c57ae2a281791a302fab1d6bcce53b39ede3cf428cddf57ad726c021b635925385f37fdc0e39f48a4bacd474ee948e9abca20805b7bd399966243c61d041128a9688f132c59e65ee33056c8f0a12b16ca4cf6252f40bae8978bde97a5b791e1e1d22af7c09d691e25ccb818763c710bd4b160b650e6f04fcb15e1c498a64215252e169a5949e572c23875880e6b31f6595a5c0b954f0a81b2a6b3daef9cdcdf5c1c8e4b22af60c2f1ed4d64e6a1ec93263d8f0320dbd52fbfd6a3a99aed20f38be6a10c2b26f2db50dbb8b82a84b944ca02f247cea78e656d61ef4c6a936c37f0bdd9903028dda145aa92eb10ee2e7cf515d23b7d46dbdaa4506eaf567ff11c3af307d971ae6a5d51dfc5be38c626784604c34b192fe029a429c7f119500989363ae1606936b96fd5b6bd8fa84262526a732f3123da1555e1f14da595409b3ffb41461770501c063c141ad5c0f88729b4e9edd1aa9c05f5c5f0bd83ceaae6c8577d3a899829f7e629445cda497523588800b14b199245a2d0a5fbcaeafe6a9cb1faafc5759c4a4e67927e5b0f4c5acca444237c0ee6ade69b941688281d2ed0a0ee195e291b2654b1e2558c0b06fccd2f5fbbd34ff5a8c77324d722f9bbca22ebfecd2e5328bde6a61c182bf6890e1061e7d19e3a96cea2efe54ce457217364c450463bfe05229abde4d0ef5cb2a5262f99718ed5b10ce9c495b7682d97806b4abbedd5fc8fec8eb8c2afbfe725175dc0baa56a9367ff66b6980983d320fb2345bbe118e84800a4ee859e51d91ded628d2e6496ba35e190cd426f433d4c9ba0c1bd0f9c5f97d749da659ffd372c7a7dfeaeae6d3d18d0d3cf7fd39a75c92cc381630405e93c4f08f087d76a42126e859684716347677195688556684da2aa6bb7b00e822eb8eafa6d9ded3aa433e80666e27b0b314925d0a0ab589b5f1074f42533574fd5e5459116f26d07395333e92da713489ed403bde08089fb439ce8ee9f4a577c60a903ce842b3d5d5f6ab79ee44cb51e05537878fc87d0a0d238ae334e78823ae8200980db557d4b5f8927cccf106bdb8b0886d53171cfc08c3981f142bdd4a43e46740ed711fa9e1a1a3ab6a8c9bf1ea1d1afac555c7c3aad0818a34461b6d091963340427f4034088c65c5263803bfb066bd7e16ddc208e54545de2056ce94bf97e7274b603d70316bb980b693e87ce33b728b9a3914f66d3838b570f678200ba76632b3953e0c60ac3172c854be2d35d965e332b878e0ba5bab94b077f4daaa00d7575c1614febaaff514ded6e1225c441edcebbb43828b4f73d357bd09fb6b4d5f61e4bb811983e64a39de1304f1dbdbdb1b91d4763bb2201b8b666830ab6296ba2d024d6ad37066f570ff5085710eb65be4748ff6284bba07798984022aaa4f91d01b7ae2effd2cf5527761f4811196069524f1ed95687e69c8aae87e84f6a15d38c786fdcac778f6a150fe811499e70df723ae44f449d43d16b565e812375fb845b87d8872c3bb287a8b160ff167503913258f6397657bf13a156c63f1b4d3017b52e7bd2ebb9a7b7577a1e59455cc81bbbcf2d85b17c1c6f43ca469e4fccfba2b5e39f90c2b7485f97026610b87fb0e1ccacd19113d5bcf872eb96d9665468e4468c11a51fea7ce28c3151ebf108ba19499cb69524b4640b6c1de7340ca238de9428ba88aaf05cd6271f61a37043c212ee1c85606e2b0a9dbace228fe3e1ae4db93693eb84e10a5b21fe7db7812d42c12b258a5a8761ad2ad210dd2b429e9a0b98251ca9a5c23c07e6c048f4373d020428b6406420072112a85ceb1da6667372d87820916f89c67877fbe210d58fa6f4db941823167b06785fba87af1cdada5821260fba46f017311537a73fd65bfd8b4cd992e5aab61ee76f30d50e81160e11478a2dab3108d38c05a8147eefa3bb832ed22b849583d9bce234c4623ead9db58cdb780e26542786fcdebb30bc69c7c1f87ca7496043417da6b36f6f291bb4b509c1b0121ada310f5cf32692e0d22b495123aca0fa74485ee8f81b9de4707a2ed04c73baabdf4c7075aba5b668c4cbf2822578205b2d7cb3e58fa1625ee6a7ee4b41fd4c6b3242372206b0f5ec793fe17941c49f913f9b5563a14b27588ea2b8838d75750586b2fa18412302f0838c69c64c5d455e9c007182b65ffea80d33214fe0c8d9a285abbef3d9ac08da64172c8f1fdbdbb370427ddffa05983a40327718b2414f2a85d2166d6811979a819921a121889476e667afca555a52e3d078fe43fb0891b77a0c455d8e79e628e18060606564843318a55e3a8c9063e9057747fc9eafd8fc24eeeecbca460d01ae8c10ef702abdac"}, @TIPC_NLA_NODE_ID={0x64, 0x3, "dfa6b8ee2248d003d48513caea2e06b285e52dace70efffa2669d9eed366223342e010e9e178cdf59859a12b9fd8075260faac8b36fdfdd22436c84f903abc4af583636680d622b63ad8a48d13b54ca059e20fc8739a1dd21122272bb522b8e0"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x401}, @TIPC_NLA_NODE_KEY={0x4b, 0x4, {'gcm(aes)\x00', 0x23, "8c3d2f12a8ec543a22992a6a911e18ff752fa42862209181d50835ba732891e45acf42"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x1bf}]}, @TIPC_NLA_SOCK={0x28, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xff}]}]}, 0x1288}, 0x1, 0x0, 0x0, 0x44000882}, 0x810)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0xfffd, 0x0, 0x0, 0xfff7f038}, {0x6}]}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup(0x30d0, &(0x7f00000000c0))
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r5, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "ce8869e61c037ea6", "c0f8070000001aeefece1c83a6f8a5e5", 'Ol<8', "9f00009ff5843cfd"}, 0x28)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
sendmsg$NL80211_CMD_UPDATE_FT_IES(r4, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x44, r6, 0x8, 0x70bd21, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x9, 0x1c}}}}, [@NL80211_ATTR_MDID={0x6}, @NL80211_ATTR_IE={0xc, 0x2a, [@mesh_chsw={0x76, 0x6, {0x7f, 0x1, 0x25, 0xcc3}}]}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x4}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x7ff}]}, 0x44}, 0x1, 0x0, 0x0, 0x8c3bc31b807f22ab}, 0x0)
write$binfmt_script(r5, &(0x7f0000001300), 0x8f)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000240)=0x40)
writev(r5, &(0x7f0000000040)=[{&(0x7f0000000300)='\"', 0x1}], 0x1)

6.065509609s ago: executing program 2 (id=85):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (async)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) (async)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000140)={'ip6_vti0\x00', &(0x7f00000000c0)={'ip6_vti0\x00', <r2=>0x0, 0x4, 0x1, 0x0, 0x9b, 0x8, @mcast2, @local, 0x80, 0x7800, 0xffff, 0x9ab6}}) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0x1, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x7, 0x6, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x2b, &(0x7f0000000300)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x6d, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000680)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000640)={&(0x7f0000000540)={0xd8, r1, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x40011}, 0x1001) (async)
pipe2(&(0x7f00000006c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x80800)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000700)={@dev={0xfe, 0x80, '\x00', 0x25}, 0x808, 0x0, 0x0, 0x1, 0x987d, 0xc740}, 0x20)
setsockopt$inet6_MCAST_MSFILTER(r5, 0x29, 0x30, &(0x7f0000000740)={0x0, {{0xa, 0x4e22, 0x5, @empty, 0x7}}, 0x1, 0x2, [{{0xa, 0x4e22, 0x3, @dev={0xfe, 0x80, '\x00', 0x28}, 0x80}}, {{0xa, 0x4e22, 0x1, @remote, 0x5a}}]}, 0x190)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000940), r0)
sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000a00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x24, r7, 0x200, 0xfff, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4044040}, 0x85) (async)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000a40)=<r8=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, r8, 0x1fc171309a0c724e, &(0x7f0000000a80)) (async)
sendmsg$nl_route(r0, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0xafd84090929e7d07}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)=@RTM_NEWNSID={0x1c, 0x58, 0x4, 0x70bd2a, 0x25dfdbfb, {}, [@NETNSA_NSID={0x8, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000810)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000bc0)={0x8000, {{0xa, 0x4e20, 0x4, @empty, 0x1ff}}, 0x0, 0x3, [{{0xa, 0x4e24, 0x5, @private0, 0x51b1}}, {{0xa, 0x4e21, 0x8, @ipv4={'\x00', '\xff\xff', @multicast2}, 0x1}}, {{0xa, 0x4e24, 0x86, @dev={0xfe, 0x80, '\x00', 0x1a}, 0xf}}]}, 0x210)
get_mempolicy(&(0x7f0000000e00), &(0x7f0000000e40), 0x5, &(0x7f0000ffb000/0x2000)=nil, 0x4)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000ec0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000e80), 0x13f, 0x3}}, 0x20)
socket$inet6(0xa, 0x1, 0x200000) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000f80)={{r0, <r9=>0xffffffffffffffff}, &(0x7f0000000f00), &(0x7f0000000f40)='%pi6   \x00'}, 0x20)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r5, 0x8983, &(0x7f0000000fc0)={0x0, 'erspan0\x00', {0x3}, 0x6}) (async)
ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000001000)=0x8001) (async)
syz_open_procfs(r8, &(0x7f0000001040)='net/ip_tables_targets\x00') (async)
getpeername$tipc(r0, &(0x7f0000001080)=@name, &(0x7f00000010c0)=0x10) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$kcm(r5, &(0x7f0000001680)={&(0x7f0000001100)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x80}, 0x80, &(0x7f0000001600)=[{&(0x7f0000001180)="89797c357be588089e0c5b172abbc6f953665df87bce38d2ed7478099db2", 0x1e}, {&(0x7f00000011c0)="ef1c1ba334738dce4111f1db72d00524903dac9f6c2ac8d3c0caf5a23e7eba371a4d9b6d3e0efdd0786473906df7f5de62b5103385127e1f7f95fa1650769169e7a1fc6a8fa83fbfe39313e9d9c593285f0b34bfde3a7dbbc1a83b5905d1c83b81a7a8425cec07d26a7ac2b1643ab01bb2ff2aa941f424ed83a03479716963ef0bd5ffc76a617b0175ef96373a1e5646620eae01f1569564e42ba6314a", 0x9d}, {&(0x7f0000001280)="194a08484f8630435abc6c7bf721bf00300b46ba6b40652420425cca280521dd144981633c06d96cec0fe18472d4a4c12d1de398b93256343e9c2db7e8bf12e2c1d1aa33f19f23d12940a8405b8401cc806ebfc87a4e187fc99e088028e06671c9c2b9fba0e423fd045d777d04691cd3fe3a9b080a2683ae670da830bd38a0ae9e6a864172d0d08a8dd75d78b2faa906e98b42d4db884b7c4482633d16522e454918f988fb891e8f5f6455dfa24dd58dbf91dde28f964560e6b6b03d706f6e7948611df7ef674afb0c0446111ab72e687a1eff311e330be14e9dd79bc7d30533d1", 0xe1}, {&(0x7f0000001380)="6f8aa7bbca555234ae0932765e7235479e2f6902146c40fd39b0600b1908646bacffb8ab2f7c1af0d06dd4955365429612b892f73a63f0753a06ae57ee8d927eeb7b16e1aa85989668021de124609f1fdb22323a2057c8c818725409f477225c0b1a727f6d660affdc859937b7484829d909cab8a75888286c65badc3b6fc9b7709b2c25bfda36a986b9138d1559f64f9bd78e52b0639ddfc2cbbdf38b4f08c8acafdef91a3e91e3dc03c8191099d8c9c1d87612dbe7eb9cfbd18323831e06285ce42657d75bac1e0310a594a24293c8c0cd7792086901074b9eeac5a9db", 0xde}, {&(0x7f0000001480)="1d648671d792220e7693ffb7f5008a21b83a0ac502a68490d4ef49b6168b3d3f1b038446c22e4593bcb267e9e28a9bf0eda92750c46ca2aa3f7319175addc4f0ddef4c9627561ac3cdd9bf174dc742a52aba79546b", 0x55}, {&(0x7f0000001500)="99a9553cfba89e821a8afc72fc1455afeb2160561837d47210689a82dfff0900cbf128b6242809815723a829b78e02e66fb8b718a37813b2a07e56aa149755007067b281bf9198b0094d247514d480492c65eae8822a34f7d6bf4d681ca55eaea89728d697bd325574447a6291e80fb4668cea116fe8c2fa03e41c9547f67aa2eee68aeabacdca69e5a9a05384284721fd9e039143e681777563eff5e0dbd5ff6a826e565c3d33ade4cb7bef7fe606706871e9ff45e43f38d9cbcc941a084f5baf24", 0xc2}], 0x6}, 0x4000004) (async)
write$P9_RGETLOCK(r5, &(0x7f00000016c0)={0x34, 0x37, 0x1, {0x2, 0x0, 0x8, r8, 0x16, 'net/ip_tables_targets\x00'}}, 0x34) (async)
setsockopt$inet6_tcp_int(r6, 0x6, 0x1b, &(0x7f0000001700)=0x7bb, 0x4)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f00000019c0)={&(0x7f0000001740)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001980)={&(0x7f0000001780)={0x1fc, 0x32, 0x0, 0x70bd29, 0x25dfdbfb, {0x9}, [@typed={0x8, 0xb2, 0x0, 0x0, @pid=r8}, @nested={0x155, 0x43, 0x0, 0x1, [@generic="af65d22b5a0082096f816233cbf3dc6d825283a047d3ff3b269dd233e4a6d4339e50f9dcac94acdcd9d9725bfa571da39a23ca2c89628e13f797c84dabd90b3b377bdf8d5fa9d12d5bfd39080d90ef16d2e50b26fde45323c835cb4307f84bd1051eafcec0762b015c5ef6db21474cede26fa3b3c803553c56a43e13ab2b539ca184728dadefaddb", @typed={0x6c, 0x7f, 0x0, 0x0, @binary="723c1d32fe1721bf666fe3faeac9241f0dc4c639b73aff7a6ce1d612419bc88e2b98da1d09d54208e79408411cf75b77beed864b59aa78b15ca42837f05f6a8579958c06921f87beb350cce4a019a8e4c7016d2942b5c062d8bedb3f73859cbb39faa858d96caf4e"}, @generic="d20ab2d952f440e0b17f37f07830d81d612d406f3ac08824db467d945ac32d671af6474367eea85c63cc94b021581365cd5cf6c012c6c25c9d90f12ddcf0023f708a380a263cce2f86", @typed={0x8, 0x124, 0x0, 0x0, @fd=r9}, @typed={0xc, 0x56, 0x0, 0x0, @u64=0xffffffffffffffff}]}, @generic="98bcb0dcd84f7f88c86dd7abad017c46580f1f18910358931e581ec544bcf21f3f6c558c4fcab5e4c32161509d3c4e941958b1abdc0e447e9d47a09e0eb0256740f7791e19ea9b0d26ed9ad69cec3fc82df61111ccc29c6a673ebab9", @typed={0x4, 0xd1}, @generic="c7643e68a27593623a9698bcb803919d7fe2863566b9b4d9bd1d78e3ee1a9b10466255ad8df2"]}, 0x1fc}}, 0x4)

5.856061067s ago: executing program 2 (id=86):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0xff1f, &(0x7f00000003c0)={&(0x7f00000004c0)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)

5.666761029s ago: executing program 2 (id=87):
r0 = socket$inet6(0xa, 0x80002, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004580)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00)'], 0x28}}], 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0xf00, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

5.658687667s ago: executing program 1 (id=88):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = fsopen(&(0x7f0000000400)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000540)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f0000000240)='sockfs\x00', 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000140), 0x3, 0x2)
ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058560f, &(0x7f0000000340)=@userptr={0x0, 0xa, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "7c2eaabb"}, 0x0, 0x2, {0x0}})
dup2(0xffffffffffffffff, 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x4000001)
r4 = syz_usb_connect(0x3, 0x36, &(0x7f0000000900)={{0x12, 0x1, 0x110, 0x4f, 0xd5, 0xa6, 0x10, 0x694, 0x1, 0xb1fc, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x2, 0xff, 0x7, 0x40, 0xa, [{{0x9, 0x4, 0x2f, 0x80, 0x1, 0x9b, 0x1, 0x55, 0x9, [], [{{0x9, 0x5, 0x4, 0x0, 0x3ff, 0x1, 0xd8, 0x8}}]}}, {{0x9, 0x4, 0xda, 0x8, 0x0, 0xbb, 0xc2, 0xc}}]}}]}}, 0x0)
mbind(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3, 0x0, 0xc36b, 0x2)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x2, &(0x7f0000000780)='\x8d\"', &(0x7f0000000440)="dc", 0x1)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='\xd1S{O', &(0x7f0000000080)='\x1e\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000001600)='\xcfD\xbc\xbf\x95@\xd6j\a$\x1d\x14\xb7!\x8b\xff\xdc\x83\xc5$\xb3\xecr\xe4G:\x93\xdfj\x96\x7f\x03\xe5\x94\x04[\x02\xa9[>\xf9\x9c\x83@\x1e\x99\xcah\x85\xb8\xbeSAk\xf4\xb6 \xdf\xa0P\x18\x19\xae\x8c\x9a\x19mm\r<|\xe8\x9e\xa0x\x84p2\xf9\xe2\xed\xb0\f\x7f;\xf6J18G\x84c\x88\x9d{\xf4~\xdby\xe1\xdf\x1a\xae\xd6ez\xe5\xa8\xe1\'', &(0x7f0000000180)=';\xad~\xee', 0x0)
syz_usb_control_io$cdc_ncm(r4, &(0x7f00000004c0)={0x14, &(0x7f0000000640)={0x0, 0x36, 0xb9, {0xb9, 0x24, "62c1626f1234a58971a32f70b57e155eb23b72670fa0dae4d84cea2e83b143c273481631e84eeaaac328a5176f80bc02833b7d5135a7ce6421b3523e3f7c18ce8325ce71fdcb7497766e65d12f2b8ef16c80fcb30fdc5e1e558681ebf3c142f0dfd3993cb9f64e33b175a97fd79d300115a6bb8f1386bd66433c7d07b130e5a3b6f902ea433a3c1b5d982eae30513b06cb1aff242f3b986d780dc6ef7ba85bd606fe3d2ed2be59775d9ad320c5a9f9a2000c5325c56f89"}}, &(0x7f0000000480)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000a40)={0x44, &(0x7f00000007c0)={0x0, 0x13, 0xc3, "4f2c86722f34ec4aabbf483aca6804f0eb6254cff5bd1b5a65b3d69a63b63c68c87d8660370915ff39caf9f5d497c21a13cff613afb09876469ece01387686ba766a0a332e7d159a52d6d53cd9ce221ae6b2c94f1bedb1fe9f67e9946e034c77ff628f9da545c72c3a1d241053c1436aa8231e9680bcc87f1986871548078bbc330f9990480c15b7d2c3c33ec82dce1ded7b189650ab3870b9f722d9ee0d925e5aaaf64d1869f4b567929636dd5c9a01c1651b59d5cf97814ff34ed3f2f2e1c186a9de"}, &(0x7f0000000700)={0x0, 0xa, 0x1}, &(0x7f0000000740)={0x0, 0x8, 0x1, 0x7}, &(0x7f00000008c0)={0x20, 0x80, 0x1c, {0xfffd, 0x9c7f, 0x5, 0xfffb, 0xa, 0x6, 0x9, 0x9, 0x8, 0x400, 0x800, 0x3ee3}}, &(0x7f0000000940)={0x20, 0x85, 0x4, 0xe}, &(0x7f0000000980)={0x20, 0x83, 0x2}, &(0x7f00000009c0)={0x20, 0x87, 0x2, 0x4}, &(0x7f0000000a00)={0x20, 0x89, 0x2, 0x2}})
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000280)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f00000000c0)='dE\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000500)='\x00', &(0x7f0000000600)='\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000001ec0)='\\$#[\\/\x00\xd5\xd4^\xa7\xe4\xd4\x1f.yh\x18\xb8s\xe6\f\xaf*4\xe1\xa1e\x04%f\x8f\xde\x91\x04\xbb\xc8\x17\x15\xa4\xf0\x00\x15w\x00\x00\xed\xdd}\x00\x18\xf3\xde\n\xbe\x91\xc4\xc5\xe6\xd3o\xaau\xf34\t\x9d\x80rg\xbc\xee\x96p\x18\x9e(h\xeb\xd9\xde\xa6\xfc\x8e\xe3,\xae\xa8\xf0\x82y\x91\x1c{\x85 \xc7P\xa3\x9c\x06\xc1\xd3\x92\xcd\xcc\x17\xb2}\x13:\xbbh\"%;\b\x7f\x91\x8a\xa5Z\x92~<\xfe3\x19\xdcVJ\f\xd1\x89d\xf9N\xbd\x92\x86\xa2\xa8\xc0:\x1f\n\xc9\x8eUO\x8e\xea\x99\xe1\xbe%Y\x9eH#\xa4\x9d5\xa88m6\x89kE\xce\xc3\aBW\xec_\xea_\x81\xbe\x86~\x84F\xa9\xcd\xba\xfb\xd8\x8f\x01\x81~\x9c#\r\x87\xcf\x19\xb9\xbd \xcb\xff\x88io\xb0\xb1\xa0B\x8cI\x82+\xc4\xcf\xf4!+\x16v\xb6\x8a\xb7k}\x1d\xf2\x1c\x00\x8f\xd7\x84R\x12\xed){SM[\xe6g6\xfeF\x1dJ\x83', &(0x7f0000000380)='\xbd\x10\xe2\n\xc4\xa8\xa8?\a\x9e@O<\xf4s\x85~X\x85\xdc\x11\x04a\xf8\xa6f\x96nB\x02\x10+C$\f\xb3\xcc\xed\"M\xb6 V\xc5\x9a\x11o^\xda\xc8', 0x0)
close(r2)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000240)="b00000001a007f029e78f6030f7a0a762353bfb89fd8c902317bab30f89f080aaaaeb9d8091c815dcf03e14e877733fff4fe20a5be870f576b162e7de2d02673e789a4950c9cdc206e086fd0dc8ca9afcd9d522ac78876a4595146add31b35355848794ca3f8b38aef1e114ab9fb0200000000000000a3b0c81c6f8144e74fe13b80ca46c1a6c04ad73c9d44b605f900"/158, 0x9e}, {&(0x7f00000001c0)="68cabf2dfb58fc0af787a8ffff0200258f00", 0x12}], 0x2}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

5.38071427s ago: executing program 2 (id=89):
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x80045530, &(0x7f0000000200)=""/228)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000000c0)={0x0, &(0x7f00000000c0)}) (async)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) (async)
syz_io_uring_setup(0x24fa, &(0x7f0000000380)={0x0, 0x0, 0x108, 0x1}, 0x0, 0x0) (async)
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x40000000000)
ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0286415, &(0x7f0000000080)={&(0x7f0000ffd000/0x1000)=nil, 0x5}) (async)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000006f0200000000000000000200"]) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000b40), 0x20000, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r4, 0xc004ae02, &(0x7f00000006c0)=ANY=[@ANYBLOB="03797f000000000000000cdc199a391bedb99fcaa6dfc064e6cb745ec35b94906357cb1708ef320f520ac7c49b3670e2e78db6faa5517af25cefc55942e067c416e77546f8254ffe24928479d73c8292ea708164ff9eb794eb413b3af62aa1b794dcb4b03c8c1627e90eea9c98110ac0c1d7988548724781f79d7a3b93eae9ac69f600447cad7f9bcb9f41f5ffd60d9db6dbe38a7685f7615bb6378a263fbf6246aa23ee461ca4f2a9fa7e78c657d96008113663761d10744c6675c29bcdca59066b9c2cb2e3feeeaa148e809cfd00000000000000001300", @ANYBLOB="6c3dcb5d29b44725d68217183c4f23215af41b4f78d22badad8087ec1c12f20278ae536fa44fcfc09d3cb6e5bb909a7be5271f1000c2feb11599e952d9ce4cca367f258805a1ef794148fe7ac9b98e148df931dca670ad7beeba72a78fcd6c4738160d96d00eea77a066614c9cb4ecc612ed05e0c1e1ac3dd94c867760bc72cc6da83e37d91762467b8fb3"]) (async)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
alarm(0x5)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) (async)
r6 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_misc(r7, &(0x7f0000000040), 0xe09) (async)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f00000002c0)={r7, 0xfffffffc, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0) (async)
r8 = fcntl$dupfd(r0, 0x406, r5)
write$sndseq(r8, 0x0, 0xf)

5.206655106s ago: executing program 4 (id=90):
r0 = socket$inet6(0xa, 0x3, 0xff)
sendmsg$inet6(r0, &(0x7f0000000000)={&(0x7f00000000c0)={0xa, 0x0, 0xfffffff8, @mcast2}, 0x1c, 0x0}, 0x810)
socket$packet(0x11, 0x2, 0x300)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
ioctl$int_in(r1, 0x5452, &(0x7f0000000140)=0x4)
umount2(&(0x7f0000000000)='./file0\x00', 0xa)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x101000)
syz_open_dev$video4linux(&(0x7f00000000c0), 0x7, 0x0)
socket$packet(0x11, 0x2, 0x300)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/wakeup_count', 0x2c0, 0x102)
openat$vnet(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x4, 0xe7142)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/18, @ANYRES32, @ANYBLOB="01000000000000001c0012000c"], 0x3c}}, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000000)={'ip6gretap0\x00', &(0x7f0000000080)=@ethtool_rxnfc={0x2f, 0x0, 0x0, {0x0, @sctp_ip4_spec={@loopback, @empty}, {0x0, @random="496e8a70920f"}, @esp_ip6_spec={@mcast1, @private0}, {0x0, @local}}}})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x64, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x1, 0x0, 0x0, {[@sack={0x5, 0x2}, @generic={0x2, 0x2}]}}}}}}}, 0x0)

4.817905649s ago: executing program 2 (id=91):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f00000010c0)=0x5, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f00000000c0)=0x7f, 0x4)
sendmmsg$inet6(r1, &(0x7f0000004880)=[{{&(0x7f0000000380)={0xa, 0x4e22, 0x0, @mcast2={0xff, 0x2, '\x00', 0xa}, 0x9}, 0x1c, &(0x7f0000000540)=[{&(0x7f00000003c0)="a4de72125546e5787c4a6b", 0xb}, {&(0x7f0000000000)="5ccacfca73232105a1cf544386166b794c8f07b35cec0fa0a2c6fa906ed54b26a5052dccf358ad7860470734b3861b34cea08382bea307b9efb230a0df32f567283f1e87acd322d56bd0a50126ddfc0c093c1979e0a6044e4a77485a34868fa44a3f792b90b2ec445e0df38f7cd8792b7ec4912999", 0x75}], 0x2}}], 0x1, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/cgroups\x00', 0x0, 0x0)

197.825995ms ago: executing program 1 (id=92):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x40000, 0x0, {{0x1e, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0x0, 0x0, 0x0, [0x401, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x34, 0xc0, 0x3, 0x0, [{@multicast1, 0x5}, {@dev, 0x659}, {@broadcast, 0x8000}, {@empty}, {@multicast1, 0xffd200}, {@private=0xfffffffd}]}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x4, [{@private=0xa010101}]}, @noop, @noop, @lsrr={0x83, 0xb, 0x0, [@private, @rand_addr]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0xa, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r7=>0x0})
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_KEY(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)={0x38, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_KEY_IDX={0x5}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "4ff5677c1a"}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}]}, 0x38}}, 0x0)
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x34, 0x0, 0x1, 0x0, 0x0, {0x10}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW={0x8}]}, 0x34}}, 0x0)

0s ago: executing program 2 (id=93):
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000040)={0x1, 0x1}, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f0000000180)={0x80, 0x0, 0xc8, 0x2})
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, 0x0)
write$USERIO_CMD_REGISTER(r0, &(0x7f00000001c0)={0x0, 0x8}, 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r3=>0x0})
r4 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r4, &(0x7f0000000000)={0x1d, r3}, 0x10)
setsockopt$CAN_RAW_FILTER(r4, 0x65, 0x1, &(0x7f0000000040)=[{{0x1, 0x0, 0x0, 0x1}, {0x2, 0x1, 0x1}}, {{0x3, 0x0, 0x1}, {0x4, 0x1, 0x1}}, {{0x2}, {0x0, 0x0, 0x0, 0x1}}], 0x18)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r5, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(r5, 0x65, 0x1, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
write$USERIO_CMD_SEND_INTERRUPT(r0, &(0x7f00000000c0)={0x2, 0x4}, 0x2)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.22' (ED25519) to the list of known hosts.
[   66.577651][ T5216] cgroup: Unknown subsys name 'net'
[   66.670750][ T5216] cgroup: Unknown subsys name 'cpuset'
[   66.679335][ T5216] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   68.268383][ T5216] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   70.542718][ T5232] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   70.551572][ T5232] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   70.559788][ T5238] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   70.561342][ T5232] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   70.568099][ T5238] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   70.575629][ T5232] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   70.584075][ T5238] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   70.589625][ T5232] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   70.602978][ T5232] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   70.611419][ T5232] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   70.619462][ T5238] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   70.631994][ T5238] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   70.633226][ T5242] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   70.649733][ T5238] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   70.649737][ T5242] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   70.656716][ T5241] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   70.657455][ T5241] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   70.665383][ T5238] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   70.679033][ T5241] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   70.686419][ T5238] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   70.693505][ T5241] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   70.700404][ T5238] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   70.707105][ T5241] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   70.713711][ T5238] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   70.720450][ T5241] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   70.729499][ T5238] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   70.734316][ T5241] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   70.742907][ T5238] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   70.756901][ T5241] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   70.772990][ T5241] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   71.280761][ T5243] chnl_net:caif_netlink_parms(): no params data found
[   71.299518][ T5244] chnl_net:caif_netlink_parms(): no params data found
[   71.317133][ T5247] chnl_net:caif_netlink_parms(): no params data found
[   71.418523][ T5246] chnl_net:caif_netlink_parms(): no params data found
[   71.455063][ T5248] chnl_net:caif_netlink_parms(): no params data found
[   71.531296][ T5243] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.540910][ T5243] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.548653][ T5243] bridge_slave_0: entered allmulticast mode
[   71.555545][ T5243] bridge_slave_0: entered promiscuous mode
[   71.573328][ T5244] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.580930][ T5244] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.592043][ T5244] bridge_slave_0: entered allmulticast mode
[   71.599041][ T5244] bridge_slave_0: entered promiscuous mode
[   71.606906][ T5244] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.609913][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[   71.614004][ T5244] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.626584][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[   71.627688][ T5244] bridge_slave_1: entered allmulticast mode
[   71.640601][ T5244] bridge_slave_1: entered promiscuous mode
[   71.665379][ T5243] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.672842][ T5243] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.680997][ T5243] bridge_slave_1: entered allmulticast mode
[   71.688232][ T5243] bridge_slave_1: entered promiscuous mode
[   71.739580][ T5247] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.750522][ T5247] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.757920][ T5247] bridge_slave_0: entered allmulticast mode
[   71.764708][ T5247] bridge_slave_0: entered promiscuous mode
[   71.806185][ T5247] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.817899][ T5247] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.825482][ T5247] bridge_slave_1: entered allmulticast mode
[   71.833062][ T5247] bridge_slave_1: entered promiscuous mode
[   71.854025][ T5244] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.887442][ T5246] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.894714][ T5246] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.903267][ T5246] bridge_slave_0: entered allmulticast mode
[   71.910984][ T5246] bridge_slave_0: entered promiscuous mode
[   71.920966][ T5243] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.932372][ T5243] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.952883][ T5247] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.964952][ T5244] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.992771][ T5246] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.001735][ T5246] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.011926][ T5246] bridge_slave_1: entered allmulticast mode
[   72.020636][ T5246] bridge_slave_1: entered promiscuous mode
[   72.037984][ T5247] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.064466][ T5248] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.071630][ T5248] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.079327][ T5248] bridge_slave_0: entered allmulticast mode
[   72.086208][ T5248] bridge_slave_0: entered promiscuous mode
[   72.103553][ T5243] team0: Port device team_slave_0 added
[   72.128508][ T5244] team0: Port device team_slave_0 added
[   72.137713][ T5247] team0: Port device team_slave_0 added
[   72.144584][ T5248] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.152014][ T5248] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.159835][ T5248] bridge_slave_1: entered allmulticast mode
[   72.166749][ T5248] bridge_slave_1: entered promiscuous mode
[   72.183527][ T5243] team0: Port device team_slave_1 added
[   72.211546][ T5246] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.223120][ T5244] team0: Port device team_slave_1 added
[   72.231445][ T5247] team0: Port device team_slave_1 added
[   72.279981][ T5243] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.287333][ T5243] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.313755][ T5243] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.328911][ T5246] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.358497][ T5248] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.370392][ T5248] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.380471][ T5243] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.388104][ T5243] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.416734][ T5243] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.449445][ T5244] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.456454][ T5244] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.482736][ T5244] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.494860][ T5247] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.502305][ T5247] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.528772][ T5247] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.562821][ T5246] team0: Port device team_slave_0 added
[   72.569558][ T5244] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.576985][ T5244] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.603103][ T5244] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.619664][ T5247] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.626952][ T5247] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.653190][ T5247] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   72.678261][ T5248] team0: Port device team_slave_0 added
[   72.685913][ T5248] team0: Port device team_slave_1 added
[   72.693010][ T5246] team0: Port device team_slave_1 added
[   72.787050][ T5243] hsr_slave_0: entered promiscuous mode
[   72.793475][ T5243] hsr_slave_1: entered promiscuous mode
[   72.802400][ T5248] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.810069][ T5235] Bluetooth: hci1: command tx timeout
[   72.810851][ T5248] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.815819][ T5235] Bluetooth: hci4: command tx timeout
[   72.841924][ T5241] Bluetooth: hci0: command tx timeout
[   72.847365][ T5235] Bluetooth: hci2: command tx timeout
[   72.856699][ T5248] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.873936][ T5246] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.881041][ T5246] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.907543][ T5235] Bluetooth: hci3: command tx timeout
[   72.912681][ T5246] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   72.935976][ T5244] hsr_slave_0: entered promiscuous mode
[   72.942453][ T5244] hsr_slave_1: entered promiscuous mode
[   72.948852][ T5244] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   72.957289][ T5244] Cannot create hsr debugfs directory
[   72.963809][ T5248] batman_adv: batadv0: Adding interface: batadv_slave_1
[   72.971139][ T5248] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.997361][ T5248] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.009752][ T5246] batman_adv: batadv0: Adding interface: batadv_slave_1
[   73.016925][ T5246] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.043171][ T5246] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   73.062463][ T5247] hsr_slave_0: entered promiscuous mode
[   73.068973][ T5247] hsr_slave_1: entered promiscuous mode
[   73.074976][ T5247] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   73.082679][ T5247] Cannot create hsr debugfs directory
[   73.240947][ T5246] hsr_slave_0: entered promiscuous mode
[   73.248329][ T5246] hsr_slave_1: entered promiscuous mode
[   73.254449][ T5246] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   73.262681][ T5246] Cannot create hsr debugfs directory
[   73.282141][ T5248] hsr_slave_0: entered promiscuous mode
[   73.289026][ T5248] hsr_slave_1: entered promiscuous mode
[   73.295182][ T5248] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   73.303078][ T5248] Cannot create hsr debugfs directory
[   73.588050][ T5244] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   73.615996][ T5244] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   73.628181][ T5244] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   73.651053][ T5244] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   73.700134][ T5243] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   73.719026][ T5243] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   73.739937][ T5243] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   73.764528][ T5243] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   73.788026][ T5247] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   73.819617][ T5247] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   73.832121][ T5247] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   73.856472][ T5247] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   73.917872][ T5244] 8021q: adding VLAN 0 to HW filter on device bond0
[   73.951804][ T5248] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   73.965747][ T5248] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   73.986303][ T5248] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   74.017705][ T5244] 8021q: adding VLAN 0 to HW filter on device team0
[   74.025334][ T5248] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   74.051389][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.058734][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.122503][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.129679][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.150588][ T5246] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   74.162500][ T5246] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   74.175546][ T5243] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.191825][ T5246] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   74.203612][ T5246] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   74.260232][ T5243] 8021q: adding VLAN 0 to HW filter on device team0
[   74.299026][ T3037] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.306159][ T3037] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.335484][ T3037] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.342666][ T3037] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.398866][ T5247] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.484413][ T5247] 8021q: adding VLAN 0 to HW filter on device team0
[   74.511171][ T5248] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.540440][ T5244] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.550890][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.558109][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.610472][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.617682][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.649940][ T5248] 8021q: adding VLAN 0 to HW filter on device team0
[   74.679153][ T5246] 8021q: adding VLAN 0 to HW filter on device bond0
[   74.710134][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.717328][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.744401][ T5243] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.758620][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.765767][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.799295][ T5246] 8021q: adding VLAN 0 to HW filter on device team0
[   74.815725][ T5247] 8021q: adding VLAN 0 to HW filter on device batadv0
[   74.828608][ T5244] veth0_vlan: entered promiscuous mode
[   74.859691][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.866911][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   74.886766][ T5235] Bluetooth: hci0: command tx timeout
[   74.887165][ T4622] Bluetooth: hci2: command tx timeout
[   74.892210][ T5235] Bluetooth: hci4: command tx timeout
[   74.897693][ T5241] Bluetooth: hci1: command tx timeout
[   74.923231][ T5244] veth1_vlan: entered promiscuous mode
[   74.934770][ T3037] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.941992][ T3037] bridge0: port 2(bridge_slave_1) entered forwarding state
[   74.967199][ T5235] Bluetooth: hci3: command tx timeout
[   74.976100][ T5243] veth0_vlan: entered promiscuous mode
[   74.996268][ T5248] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.035731][ T5243] veth1_vlan: entered promiscuous mode
[   75.060933][ T5247] veth0_vlan: entered promiscuous mode
[   75.095611][ T5247] veth1_vlan: entered promiscuous mode
[   75.120804][ T5244] veth0_macvtap: entered promiscuous mode
[   75.138408][ T5244] veth1_macvtap: entered promiscuous mode
[   75.182942][ T5243] veth0_macvtap: entered promiscuous mode
[   75.209111][ T5243] veth1_macvtap: entered promiscuous mode
[   75.231490][ T5244] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.242111][ T5247] veth0_macvtap: entered promiscuous mode
[   75.255220][ T5247] veth1_macvtap: entered promiscuous mode
[   75.285389][ T5243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.297169][ T5243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.310245][ T5243] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.321397][ T5246] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.332633][ T5244] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.343711][ T5244] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.353415][ T5244] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.363903][ T5244] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.373047][ T5244] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.397697][ T5243] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.408518][ T5243] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.419654][ T5243] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.449009][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.461102][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.471843][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.483448][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.494877][ T5247] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.504461][ T5248] veth0_vlan: entered promiscuous mode
[   75.522595][ T5243] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.532556][ T5243] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.542658][ T5243] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.552157][ T5243] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.563906][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.574851][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.585063][ T5247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.596401][ T5247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.609977][ T5247] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.659199][ T5248] veth1_vlan: entered promiscuous mode
[   75.704138][ T5247] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   75.713842][ T5247] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   75.722870][ T5247] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   75.732142][ T5247] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.798623][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.810783][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.834463][ T5246] veth0_vlan: entered promiscuous mode
[   75.855081][ T5248] veth0_macvtap: entered promiscuous mode
[   75.890433][ T5248] veth1_macvtap: entered promiscuous mode
[   75.906099][ T1065] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.921583][ T5246] veth1_vlan: entered promiscuous mode
[   75.926891][ T1065] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.941733][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.950506][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.024154][ T5248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.037829][ T5248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.048279][ T5248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.058908][ T5248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.069223][ T5248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.080259][ T5248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.098941][ T5244] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   76.099197][ T5248] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.140707][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.155185][ T5248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.171747][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.182240][ T5248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.205942][ T5248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.232671][ T5248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.243884][ T5248] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.254537][   T29] audit: type=1800 audit(1729116599.831:2): pid=5286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.5" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[   76.262283][ T5248] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.290501][ T5248] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.320812][ T5286] tipc: Started in network mode
[   76.325842][ T5286] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[   76.356237][ T5286] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   76.368940][ T5246] veth0_macvtap: entered promiscuous mode
[   76.384260][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.392760][ T5248] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.402293][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.416793][ T5248] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.425642][ T5248] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.454356][ T5248] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.546350][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.558060][ T5246] veth1_macvtap: entered promiscuous mode
[   76.609148][ T5292] FAULT_INJECTION: forcing a failure.
[   76.609148][ T5292] name failslab, interval 1, probability 0, space 0, times 1
[   76.622273][ T5292] CPU: 1 UID: 0 PID: 5292 Comm: syz.4.7 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[   76.632764][ T5292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   76.642977][ T5292] Call Trace:
[   76.646296][ T5292]  <TASK>
[   76.649270][ T5292]  dump_stack_lvl+0x241/0x360
[   76.654020][ T5292]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.659356][ T5292]  ? __pfx__printk+0x10/0x10
[   76.664008][ T5292]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[   76.670139][ T5292]  ? __pfx___might_resched+0x10/0x10
[   76.675489][ T5292]  should_fail_ex+0x3b0/0x4e0
[   76.680228][ T5292]  should_failslab+0xac/0x100
[   76.684955][ T5292]  ? __alloc_skb+0x1c3/0x440
[   76.689570][ T5292]  kmem_cache_alloc_node_noprof+0x71/0x320
[   76.695405][ T5292]  __alloc_skb+0x1c3/0x440
[   76.699871][ T5292]  ? __pfx___alloc_skb+0x10/0x10
[   76.704849][ T5292]  ? netlink_autobind+0xd6/0x2f0
[   76.709805][ T5292]  ? netlink_autobind+0x2b0/0x2f0
[   76.714852][ T5292]  netlink_sendmsg+0x638/0xcb0
[   76.719642][ T5292]  ? __pfx_netlink_sendmsg+0x10/0x10
[   76.724951][ T5292]  ? aa_sock_msg_perm+0x91/0x160
[   76.729914][ T5292]  ? __pfx_netlink_sendmsg+0x10/0x10
[   76.735226][ T5292]  __sock_sendmsg+0x221/0x270
[   76.739932][ T5292]  ____sys_sendmsg+0x52a/0x7e0
[   76.744727][ T5292]  ? __pfx_____sys_sendmsg+0x10/0x10
[   76.750039][ T5292]  __sys_sendmsg+0x292/0x380
[   76.754649][ T5292]  ? __pfx___sys_sendmsg+0x10/0x10
[   76.759791][ T5292]  ? __pfx_vfs_write+0x10/0x10
[   76.764587][ T5292]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   76.770938][ T5292]  ? do_syscall_64+0x100/0x230
[   76.775722][ T5292]  ? do_syscall_64+0xb6/0x230
[   76.780416][ T5292]  do_syscall_64+0xf3/0x230
[   76.784944][ T5292]  ? clear_bhb_loop+0x35/0x90
[   76.789640][ T5292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.795569][ T5292] RIP: 0033:0x7ff728d7dff9
[   76.800011][ T5292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.819667][ T5292] RSP: 002b:00007ff7287ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   76.828139][ T5292] RAX: ffffffffffffffda RBX: 00007ff728f35f80 RCX: 00007ff728d7dff9
[   76.836130][ T5292] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[   76.844119][ T5292] RBP: 00007ff7287ff090 R08: 0000000000000000 R09: 0000000000000000
[   76.852211][ T5292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   76.860218][ T5292] R13: 0000000000000000 R14: 00007ff728f35f80 R15: 00007ff72905fa28
[   76.868316][ T5292]  </TASK>
[   76.886926][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.941999][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.955131][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.971922][ T5235] Bluetooth: hci4: command tx timeout
[   76.973021][ T4622] Bluetooth: hci2: command tx timeout
[   76.977674][ T5235] Bluetooth: hci1: command tx timeout
[   76.987473][ T5234] Bluetooth: hci0: command tx timeout
[   76.994423][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.004946][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.014886][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.025487][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.036177][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.047904][ T5234] Bluetooth: hci3: command tx timeout
[   77.053392][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.065778][ T5246] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.096117][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.110467][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.120380][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.133033][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.143073][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.154842][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.157315][ T5274] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   77.169584][ T5246] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.189736][ T5246] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.203719][ T5246] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.243705][ T3037] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.251933][ T3037] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.270805][ T5246] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.281226][ T5246] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.290848][ T5246] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.299728][ T5246] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.347091][ T5274] usb 2-1: Using ep0 maxpacket: 16
[   77.365560][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.373792][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.387115][ T5274] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[   77.400629][ T5274] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[   77.403921][ T5300] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   77.435875][ T5274] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[   77.457862][ T5274] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   77.464031][ T5300] FAULT_INJECTION: forcing a failure.
[   77.464031][ T5300] name failslab, interval 1, probability 0, space 0, times 0
[   77.465912][ T5274] usb 2-1: Product: syz
[   77.479330][ T5300] CPU: 1 UID: 0 PID: 5300 Comm: syz.3.4 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[   77.490106][ T5274] usb 2-1: Manufacturer: syz
[   77.493420][ T5300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   77.502292][ T5274] usb 2-1: SerialNumber: syz
[   77.508052][ T5300] Call Trace:
[   77.508067][ T5300]  <TASK>
[   77.508078][ T5300]  dump_stack_lvl+0x241/0x360
[   77.508112][ T5300]  ? __pfx_dump_stack_lvl+0x10/0x10
[   77.508138][ T5300]  ? __pfx__printk+0x10/0x10
[   77.508162][ T5300]  ? __kmalloc_cache_noprof+0x44/0x2c0
[   77.508196][ T5300]  ? __pfx___might_resched+0x10/0x10
[   77.544407][ T5300]  should_fail_ex+0x3b0/0x4e0
[   77.546469][ T5274] usb 2-1: config 0 descriptor??
[   77.549129][ T5300]  should_failslab+0xac/0x100
[   77.549166][ T5300]  ? ip_set_create+0x330/0x1900
[   77.549189][ T5300]  __kmalloc_cache_noprof+0x6c/0x2c0
[   77.549227][ T5300]  ip_set_create+0x330/0x1900
[   77.549255][ T5300]  ? trace_raw_output_contention_end+0x3a/0xd0
[   77.549291][ T5300]  ? __pfx_ip_set_create+0x10/0x10
[   77.549311][ T5300]  ? trace_contention_end+0x3c/0x120
[   77.549367][ T5300]  ? nfnetlink_rcv_msg+0x225/0x1180
[   77.595596][ T5300]  nfnetlink_rcv_msg+0xbec/0x1180
[   77.600647][ T5300]  ? nfnetlink_rcv_msg+0x225/0x1180
[   77.605880][ T5300]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   77.611380][ T5300]  ? __netlink_deliver_tap+0x54d/0x7c0
[   77.616866][ T5300]  ? netlink_deliver_tap+0x19d/0x1b0
[   77.622165][ T5300]  ? netlink_unicast+0x7c4/0x990
[   77.627122][ T5300]  ? netlink_sendmsg+0x8e4/0xcb0
[   77.632071][ T5300]  ? __sock_sendmsg+0x221/0x270
[   77.636945][ T5300]  ? ____sys_sendmsg+0x52a/0x7e0
[   77.641903][ T5300]  ? __sys_sendmsg+0x292/0x380
[   77.646692][ T5300]  ? do_syscall_64+0xf3/0x230
[   77.651482][ T5300]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.657588][ T5300]  netlink_rcv_skb+0x1e3/0x430
[   77.662370][ T5300]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   77.667854][ T5300]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   77.673175][ T5300]  ? apparmor_capable+0x13b/0x1b0
[   77.678227][ T5300]  ? bpf_lsm_capable+0x9/0x10
[   77.682939][ T5300]  ? security_capable+0x7e/0x2d0
[   77.687906][ T5300]  nfnetlink_rcv+0x297/0x2ab0
[   77.692606][ T5300]  ? __pfx___local_bh_enable_ip+0x10/0x10
[   77.698387][ T5300]  ? __dev_queue_xmit+0x2da/0x3ed0
[   77.703579][ T5300]  ? __dev_queue_xmit+0x171d/0x3ed0
[   77.708796][ T5300]  ? kasan_save_track+0x51/0x80
[   77.713760][ T5300]  ? do_syscall_64+0xf3/0x230
[   77.718674][ T5300]  ? __pfx_nfnetlink_rcv+0x10/0x10
[   77.723798][ T5300]  ? __dev_queue_xmit+0x2da/0x3ed0
[   77.728939][ T5300]  ? __pfx___dev_queue_xmit+0x10/0x10
[   77.734341][ T5300]  ? ref_tracker_free+0x643/0x7e0
[   77.739388][ T5300]  ? __asan_memcpy+0x40/0x70
[   77.743992][ T5300]  ? __pfx_ref_tracker_free+0x10/0x10
[   77.749406][ T5300]  ? netlink_deliver_tap+0x2e/0x1b0
[   77.754622][ T5300]  ? skb_clone+0x240/0x390
[   77.759062][ T5300]  ? __pfx_lock_release+0x10/0x10
[   77.764116][ T5300]  ? __netlink_deliver_tap+0x77e/0x7c0
[   77.769630][ T5300]  ? netlink_deliver_tap+0x2e/0x1b0
[   77.774846][ T5300]  netlink_unicast+0x7f6/0x990
[   77.779727][ T5300]  ? __pfx_netlink_unicast+0x10/0x10
[   77.785030][ T5300]  ? __virt_addr_valid+0x183/0x530
[   77.790158][ T5300]  ? __check_object_size+0x48e/0x900
[   77.795465][ T5300]  netlink_sendmsg+0x8e4/0xcb0
[   77.800253][ T5300]  ? __pfx_netlink_sendmsg+0x10/0x10
[   77.805558][ T5300]  ? aa_sock_msg_perm+0x91/0x160
[   77.810523][ T5300]  ? __pfx_netlink_sendmsg+0x10/0x10
[   77.815831][ T5300]  __sock_sendmsg+0x221/0x270
[   77.820536][ T5300]  ____sys_sendmsg+0x52a/0x7e0
[   77.825328][ T5300]  ? __pfx_____sys_sendmsg+0x10/0x10
[   77.830728][ T5300]  __sys_sendmsg+0x292/0x380
[   77.835339][ T5300]  ? __pfx___sys_sendmsg+0x10/0x10
[   77.840477][ T5300]  ? __pfx_vfs_write+0x10/0x10
[   77.845272][ T5300]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   77.851637][ T5300]  ? do_syscall_64+0x100/0x230
[   77.856424][ T5300]  ? do_syscall_64+0xb6/0x230
[   77.861120][ T5300]  do_syscall_64+0xf3/0x230
[   77.865639][ T5300]  ? clear_bhb_loop+0x35/0x90
[   77.870337][ T5300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.876254][ T5300] RIP: 0033:0x7ffa95f7dff9
[   77.880687][ T5300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.900309][ T5300] RSP: 002b:00007ffa96cf0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   77.908741][ T5300] RAX: ffffffffffffffda RBX: 00007ffa96135f80 RCX: 00007ffa95f7dff9
[   77.916728][ T5300] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004
[   77.924711][ T5300] RBP: 00007ffa96cf0090 R08: 0000000000000000 R09: 0000000000000000
[   77.932695][ T5300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   77.940692][ T5300] R13: 0000000000000000 R14: 00007ffa96135f80 R15: 00007ffa9625fa28
[   77.948697][ T5300]  </TASK>
[   78.038326][ T5274] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[   78.048109][ T5274] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[   78.061851][ T3037] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.102685][ T3037] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.206018][ T1119] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.227714][ T5309] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   78.259052][ T1119] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.569188][ T5274] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[   78.577419][ T5274] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[   79.049182][ T5234] Bluetooth: hci0: command tx timeout
[   79.052358][ T5235] Bluetooth: hci1: command tx timeout
[   79.054678][ T5234] Bluetooth: hci2: command tx timeout
[   79.060046][ T4622] Bluetooth: hci4: command tx timeout
[   79.129023][ T5234] Bluetooth: hci3: command tx timeout
[   79.223725][   T29] audit: type=1326 audit(1729116602.801:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   79.234742][ T5274] em28xx 2-1:0.0: Unknown AC97 audio processor detected!
[   79.269400][   T29] audit: type=1326 audit(1729116602.801:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   79.292858][   T29] audit: type=1326 audit(1729116602.801:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   79.328555][   T29] audit: type=1326 audit(1729116602.801:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   79.358651][   T29] audit: type=1326 audit(1729116602.801:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   79.381385][   T29] audit: type=1326 audit(1729116602.811:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   79.471931][   T29] audit: type=1326 audit(1729116603.061:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   79.497134][   T29] audit: type=1326 audit(1729116603.061:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   79.660989][ T5359] FAULT_INJECTION: forcing a failure.
[   79.660989][ T5359] name failslab, interval 1, probability 0, space 0, times 0
[   79.674339][ T5274] em28xx 2-1:0.0: couldn't setup AC97 register 2
[   79.683102][ T5274] em28xx 2-1:0.0: couldn't setup AC97 register 4
[   79.697056][ T5280] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   79.710721][   T29] audit: type=1326 audit(1729116603.281:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5360 comm="syz.4.24" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff728d7dff9 code=0x0
[   79.710781][ T5274] em28xx 2-1:0.0: couldn't setup AC97 register 6
[   79.746770][ T5359] CPU: 0 UID: 0 PID: 5359 Comm: syz.0.23 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[   79.757338][ T5359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   79.767416][ T5359] Call Trace:
[   79.770717][ T5359]  <TASK>
[   79.773686][ T5359]  dump_stack_lvl+0x241/0x360
[   79.778393][ T5359]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.783607][ T5359]  ? __pfx__printk+0x10/0x10
[   79.788217][ T5359]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[   79.794265][ T5359]  ? __pfx___might_resched+0x10/0x10
[   79.799604][ T5359]  should_fail_ex+0x3b0/0x4e0
[   79.804323][ T5359]  should_failslab+0xac/0x100
[   79.809025][ T5359]  ? __alloc_skb+0x1c3/0x440
[   79.813629][ T5359]  kmem_cache_alloc_node_noprof+0x71/0x320
[   79.819466][ T5359]  __alloc_skb+0x1c3/0x440
[   79.823902][ T5359]  ? __pfx___alloc_skb+0x10/0x10
[   79.828850][ T5359]  ? register_lock_class+0x102/0x980
[   79.834165][ T5359]  ? register_lock_class+0x102/0x980
[   79.839477][ T5359]  __ip_append_data+0x2e35/0x41d0
[   79.844546][ T5359]  ? __pfx_raw_getfrag+0x10/0x10
[   79.849510][ T5359]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   79.855860][ T5359]  ? __pfx___ip_append_data+0x10/0x10
[   79.861256][ T5359]  ? __pfx_ipv4_mtu+0x10/0x10
[   79.865958][ T5359]  ? ip_setup_cork+0x4ae/0x8b0
[   79.870784][ T5359]  ip_append_data+0x14c/0x190
[   79.875587][ T5359]  ? __pfx_raw_getfrag+0x10/0x10
[   79.880551][ T5359]  raw_sendmsg+0x1a53/0x2490
[   79.885186][ T5359]  ? __pfx_raw_sendmsg+0x10/0x10
[   79.890158][ T5359]  ? aa_sk_perm+0x96d/0xab0
[   79.894858][ T5359]  ? __pfx_aa_sk_perm+0x10/0x10
[   79.899734][ T5359]  ? inet_sendmsg+0x330/0x390
[   79.904444][ T5359]  __sock_sendmsg+0x1a6/0x270
[   79.909147][ T5359]  ____sys_sendmsg+0x52a/0x7e0
[   79.913933][ T5359]  ? __pfx_____sys_sendmsg+0x10/0x10
[   79.919244][ T5359]  __sys_sendmsg+0x292/0x380
[   79.923856][ T5359]  ? __pfx___sys_sendmsg+0x10/0x10
[   79.928995][ T5359]  ? __pfx_vfs_write+0x10/0x10
[   79.933795][ T5359]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   79.940232][ T5359]  ? do_syscall_64+0x100/0x230
[   79.945104][ T5359]  ? do_syscall_64+0xb6/0x230
[   79.949796][ T5359]  do_syscall_64+0xf3/0x230
[   79.954324][ T5359]  ? clear_bhb_loop+0x35/0x90
[   79.959019][ T5359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.964960][ T5359] RIP: 0033:0x7fe6aff7dff9
[   79.969389][ T5359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.989114][ T5359] RSP: 002b:00007fe6b0e17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.997554][ T5359] RAX: ffffffffffffffda RBX: 00007fe6b0135f80 RCX: 00007fe6aff7dff9
[   80.005549][ T5359] RDX: 0000000000000000 RSI: 0000000020001000 RDI: 0000000000000003
[   80.013539][ T5359] RBP: 00007fe6b0e17090 R08: 0000000000000000 R09: 0000000000000000
[   80.021524][ T5359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.029534][ T5359] R13: 0000000000000000 R14: 00007fe6b0135f80 R15: 00007fe6b025fa28
[   80.037555][ T5359]  </TASK>
[   80.049499][ T5274] em28xx 2-1:0.0: couldn't setup AC97 register 54
[   80.059161][ T5274] em28xx 2-1:0.0: couldn't setup AC97 register 56
[   80.077738][ T5274] usb 2-1: USB disconnect, device number 2
[   80.178012][ T5280] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[   80.196741][ T5280] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.262151][ T5280] usb 3-1: config 0 descriptor??
[   80.302955][ T5280] gspca_main: STV06xx-2.14.0 probing 046d:0870
[   80.596736][ T5284] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   80.606619][ T5304] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   80.656873][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   80.696642][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   80.723834][ T5351] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   80.747593][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   80.748887][ T5351] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   80.801738][ T5284] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   80.817665][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   80.826831][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   80.846634][ T5304] usb 1-1: New USB device found, idVendor=0547, idProduct=2727, bcdDevice=c8.d3
[   80.870727][ T5304] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.885791][ T5284] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[   80.905549][ T5304] usb 1-1: Product: syz
[   80.926734][ T5304] usb 1-1: Manufacturer: syz
[   80.942245][ T5284] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   80.966616][ T5304] usb 1-1: SerialNumber: syz
[   80.985519][ T5304] usb 1-1: config 0 descriptor??
[   80.990692][ T5284] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   80.999448][ T5284] usb 5-1: SerialNumber: syz
[   81.083809][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   81.094319][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   81.136588][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[   81.152198][ T5384] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   81.196759][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   81.208134][    T0] NOHZ tick-stop error: local softirq work is pending, handler #108!!!
[   81.241610][ T5304] cdc_subset 1-1:0.0: probe with driver cdc_subset failed with error -22
[   81.382118][   T29] kauditd_printk_skb: 29 callbacks suppressed
[   81.382140][   T29] audit: type=1326 audit(1729116604.971:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   81.436400][   T29] audit: type=1326 audit(1729116604.971:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   81.444774][ T5307] usb 1-1: USB disconnect, device number 2
[   81.469439][ T5284] usb 5-1: 0:2 : does not exist
[   81.486772][ T5329] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   81.557806][   T29] audit: type=1326 audit(1729116605.051:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   81.566100][ T5284] usb 5-1: USB disconnect, device number 2
[   81.582541][   T29] audit: type=1326 audit(1729116605.051:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   81.645947][ T5245] udevd[5245]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   81.672769][ T5329] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   81.676352][   T29] audit: type=1326 audit(1729116605.051:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   81.693342][ T5329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   81.721714][   T29] audit: type=1326 audit(1729116605.051:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   81.729229][ T5329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   81.744942][   T29] audit: type=1326 audit(1729116605.071:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   81.756984][ T5304] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   81.792763][ T5329] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   81.807880][   T29] audit: type=1326 audit(1729116605.071:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   81.810868][ T5329] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   81.840598][   T29] audit: type=1326 audit(1729116605.111:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   81.846958][ T5329] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.875704][ T5329] usb 2-1: config 0 descriptor??
[   81.883441][ T5384] raw-gadget.4 gadget.1: fail, usb_ep_enable returned -22
[   81.956717][   T29] audit: type=1326 audit(1729116605.121:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5350 comm="syz.2.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe38837dff9 code=0x7ffc0000
[   81.992717][ T5304] usb 4-1: too many configurations: 65, using maximum allowed: 8
[   82.085869][ T5304] usb 4-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[   82.146048][ T5304] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.228680][ T5280] gspca_stv06xx: I2C: Read error writing address: -71
[   82.254105][ T5280] usb 3-1: USB disconnect, device number 2
[   82.289122][ T5391] netlink: 'syz.0.31': attribute type 11 has an invalid length.
[   82.317030][ T5391] netlink: 256 bytes leftover after parsing attributes in process `syz.0.31'.
[   82.372841][ T5329] plantronics 0003:047F:FFFF.0001: unknown main item tag 0xd
[   82.399089][ T5329] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[   82.440771][ T5329] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[   82.611022][ T5282] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   82.620687][ T5388] xt_bpf: check failed: parse error
[   82.685827][ T5384] netlink: 8 bytes leftover after parsing attributes in process `syz.1.29'.
[   82.714051][ T5388] netlink: 80 bytes leftover after parsing attributes in process `syz.3.30'.
[   82.742466][ T5284] usb 2-1: USB disconnect, device number 3
[   82.778528][ T5282] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[   82.805912][ T5282] usb 1-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[   82.822440][ T5304] usb 4-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[   82.835887][ T5304] usb 4-1: No valid video chain found.
[   82.836007][ T5282] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.853768][ T5304] usb 4-1: USB disconnect, device number 2
[   82.883212][ T5282] usb 1-1: config 0 descriptor??
[   82.936669][ T5329] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[   83.108296][ T5329] usb 5-1: config 1 interface 0 has no altsetting 0
[   83.123449][ T5329] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice=2b.40
[   83.123486][ T5329] usb 5-1: New USB device strings: Mfr=161, Product=65, SerialNumber=37
[   83.123512][ T5329] usb 5-1: Product: syz
[   83.123533][ T5329] usb 5-1: Manufacturer: syz
[   83.123552][ T5329] usb 5-1: SerialNumber: syz
[   83.216313][ T5282] usb 1-1: USB disconnect, device number 3
[   83.363845][ T5329] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[   83.367814][ T5281] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   83.427276][ T5329] usb 5-1: USB disconnect, device number 3
[   83.454301][ T5329] usblp0: removed
[   83.561779][ T5418] FAULT_INJECTION: forcing a failure.
[   83.561779][ T5418] name failslab, interval 1, probability 0, space 0, times 0
[   83.575182][ T5281] usb 3-1: Using ep0 maxpacket: 16
[   83.580555][ T5418] CPU: 0 UID: 0 PID: 5418 Comm: syz.3.40 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[   83.591103][ T5418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   83.601258][ T5418] Call Trace:
[   83.604581][ T5418]  <TASK>
[   83.607531][ T5418]  dump_stack_lvl+0x241/0x360
[   83.612314][ T5418]  ? __pfx_dump_stack_lvl+0x10/0x10
[   83.617554][ T5418]  ? __pfx__printk+0x10/0x10
[   83.622175][ T5418]  ? __kmalloc_node_noprof+0xb7/0x440
[   83.627574][ T5418]  ? __pfx___might_resched+0x10/0x10
[   83.632891][ T5418]  should_fail_ex+0x3b0/0x4e0
[   83.637631][ T5418]  should_failslab+0xac/0x100
[   83.642460][ T5418]  __kmalloc_node_noprof+0xdf/0x440
[   83.647691][ T5418]  ? __kvmalloc_node_noprof+0x72/0x190
[   83.653176][ T5418]  __kvmalloc_node_noprof+0x72/0x190
[   83.658486][ T5418]  xt_alloc_table_info+0x3d/0xa0
[   83.663451][ T5418]  do_ip6t_set_ctl+0xba0/0x1270
[   83.668338][ T5418]  ? __pfx___might_resched+0x10/0x10
[   83.673661][ T5418]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[   83.678970][ T5418]  ? __pfx_lock_release+0x10/0x10
[   83.684302][ T5418]  ? __mutex_unlock_slowpath+0x21d/0x750
[   83.689981][ T5418]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   83.695999][ T5418]  ? aa_sk_perm+0x96d/0xab0
[   83.700529][ T5418]  ? __pfx_aa_sk_perm+0x10/0x10
[   83.705401][ T5418]  nf_setsockopt+0x295/0x2c0
[   83.710011][ T5418]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   83.715939][ T5418]  do_sock_setsockopt+0x3af/0x720
[   83.721003][ T5418]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   83.726592][ T5418]  ? __fget_files+0x29/0x470
[   83.731225][ T5418]  ? __fget_files+0x3f3/0x470
[   83.735927][ T5418]  ? __fget_files+0x29/0x470
[   83.740545][ T5418]  __sys_setsockopt+0x1a2/0x250
[   83.745421][ T5418]  __x64_sys_setsockopt+0xb5/0xd0
[   83.750463][ T5418]  do_syscall_64+0xf3/0x230
[   83.754981][ T5418]  ? clear_bhb_loop+0x35/0x90
[   83.759697][ T5418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.765617][ T5418] RIP: 0033:0x7ffa95f7dff9
[   83.770048][ T5418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.789848][ T5418] RSP: 002b:00007ffa96cf0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   83.798293][ T5418] RAX: ffffffffffffffda RBX: 00007ffa96135f80 RCX: 00007ffa95f7dff9
[   83.806286][ T5418] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[   83.814271][ T5418] RBP: 00007ffa96cf0090 R08: 0000000000000670 R09: 0000000000000000
[   83.822261][ T5418] R10: 00000000200007c0 R11: 0000000000000246 R12: 0000000000000001
[   83.830245][ T5418] R13: 0000000000000000 R14: 00007ffa96135f80 R15: 00007ffa9625fa28
[   83.838242][ T5418]  </TASK>
[   83.851764][ T5281] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   83.862934][ T5281] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 0, changing to 7
[   83.874869][ T5281] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[   83.890855][ T5281] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   83.916875][ T5282] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   83.924875][ T5281] usb 3-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=54.21
[   83.934625][ T5281] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.942840][ T5281] usb 3-1: Product: syz
[   83.947129][ T5281] usb 3-1: Manufacturer: syz
[   83.951752][ T5281] usb 3-1: SerialNumber: syz
[   83.963496][ T5281] usb 3-1: config 0 descriptor??
[   83.971585][ T5281] imon_raw 3-1:0.0: IR endpoint missing
[   83.980038][ T5420] FAULT_INJECTION: forcing a failure.
[   83.980038][ T5420] name failslab, interval 1, probability 0, space 0, times 0
[   83.993009][ T5420] CPU: 1 UID: 0 PID: 5420 Comm: syz.3.41 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[   84.003560][ T5420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   84.013661][ T5420] Call Trace:
[   84.016983][ T5420]  <TASK>
[   84.019955][ T5420]  dump_stack_lvl+0x241/0x360
[   84.024674][ T5420]  ? __pfx_dump_stack_lvl+0x10/0x10
[   84.029906][ T5420]  ? __pfx__printk+0x10/0x10
[   84.034546][ T5420]  should_fail_ex+0x3b0/0x4e0
[   84.039292][ T5420]  ? skb_clone+0x20c/0x390
[   84.043765][ T5420]  should_failslab+0xac/0x100
[   84.048500][ T5420]  ? skb_clone+0x20c/0x390
[   84.052969][ T5420]  kmem_cache_alloc_noprof+0x6c/0x2a0
[   84.058407][ T5420]  skb_clone+0x20c/0x390
[   84.062705][ T5420]  ? dev_queue_xmit_nit+0x220/0xc10
[   84.067974][ T5420]  dev_queue_xmit_nit+0x419/0xc10
[   84.073162][ T5420]  ? dev_queue_xmit_nit+0x2b/0xc10
[   84.078338][ T5420]  ? validate_xmit_skb+0x9f9/0x1120
[   84.083599][ T5420]  dev_hard_start_xmit+0x15f/0x7e0
[   84.088775][ T5420]  ? __pfx_validate_xmit_skb+0x10/0x10
[   84.094299][ T5420]  __dev_queue_xmit+0x1b11/0x3ed0
[   84.099434][ T5420]  ? kasan_save_track+0x51/0x80
[   84.104355][ T5420]  ? __x64_sys_sendmmsg+0xa0/0xb0
[   84.109419][ T5420]  ? __dev_queue_xmit+0x2da/0x3ed0
[   84.114602][ T5420]  ? __pfx___dev_queue_xmit+0x10/0x10
[   84.116706][ T5282] usb 2-1: Using ep0 maxpacket: 32
[   84.119998][ T5420]  ? __copy_skb_header+0x437/0x5b0
[   84.127767][ T5282] usb 2-1: too many configurations: 9, using maximum allowed: 8
[   84.130248][ T5420]  ? __asan_memcpy+0x40/0x70
[   84.142546][ T5420]  ? __copy_skb_header+0x437/0x5b0
[   84.143264][ T5282] usb 2-1: unable to read config index 0 descriptor/start: -61
[   84.147689][ T5420]  ? __skb_clone+0x454/0x6c0
[   84.147731][ T5420]  ? skb_clone+0x240/0x390
[   84.147763][ T5420]  __netlink_deliver_tap+0x54d/0x7c0
[   84.156335][ T5282] usb 2-1: can't read configurations, error -61
[   84.159910][ T5420]  ? netlink_deliver_tap+0x2e/0x1b0
[   84.159941][ T5420]  netlink_deliver_tap+0x19d/0x1b0
[   84.159967][ T5420]  netlink_unicast+0x7c4/0x990
[   84.160010][ T5420]  ? __pfx_netlink_unicast+0x10/0x10
[   84.184600][ T5410] netlink: 16 bytes leftover after parsing attributes in process `syz.2.36'.
[   84.186438][ T5420]  ? __virt_addr_valid+0x183/0x530
[   84.210528][ T5420]  ? __check_object_size+0x48e/0x900
[   84.215879][ T5420]  netlink_sendmsg+0x8e4/0xcb0
[   84.220713][ T5420]  ? __pfx_netlink_sendmsg+0x10/0x10
[   84.226069][ T5420]  ? aa_sock_msg_perm+0x91/0x160
[   84.231077][ T5420]  ? __pfx_netlink_sendmsg+0x10/0x10
[   84.236422][ T5420]  __sock_sendmsg+0x221/0x270
[   84.241161][ T5420]  ____sys_sendmsg+0x52a/0x7e0
[   84.245990][ T5420]  ? __pfx_____sys_sendmsg+0x10/0x10
[   84.251355][ T5420]  __sys_sendmmsg+0x3ab/0x730
[   84.256131][ T5420]  ? __pfx___sys_sendmmsg+0x10/0x10
[   84.261438][ T5420]  ? __pfx_lock_release+0x10/0x10
[   84.266533][ T5420]  ? kstrtouint_from_user+0x128/0x190
[   84.272006][ T5420]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[   84.277960][ T5420]  ? ksys_write+0x229/0x2b0
[   84.282512][ T5420]  ? __pfx_lock_release+0x10/0x10
[   84.287580][ T5420]  ? vfs_write+0x7bf/0xc90
[   84.292037][ T5420]  ? kmem_cache_free+0x1a2/0x420
[   84.297016][ T5420]  ? __mutex_unlock_slowpath+0x21d/0x750
[   84.302685][ T5420]  ? __fget_files+0x3f3/0x470
[   84.307412][ T5420]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   84.313434][ T5420]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   84.319790][ T5420]  ? do_syscall_64+0x100/0x230
[   84.324581][ T5420]  __x64_sys_sendmmsg+0xa0/0xb0
[   84.329463][ T5420]  do_syscall_64+0xf3/0x230
[   84.333987][ T5420]  ? clear_bhb_loop+0x35/0x90
[   84.338686][ T5420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.344640][ T5420] RIP: 0033:0x7ffa95f7dff9
[   84.349074][ T5420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.368788][ T5420] RSP: 002b:00007ffa96cf0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   84.377225][ T5420] RAX: ffffffffffffffda RBX: 00007ffa96135f80 RCX: 00007ffa95f7dff9
[   84.385209][ T5420] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000007
[   84.393193][ T5420] RBP: 00007ffa96cf0090 R08: 0000000000000000 R09: 0000000000000000
[   84.401177][ T5420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.409166][ T5420] R13: 0000000000000000 R14: 00007ffa96135f80 R15: 00007ffa9625fa28
[   84.417171][ T5420]  </TASK>
[   84.420321][    C1] vkms_vblank_simulate: vblank timer overrun
[   84.422138][ T5282] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   84.434165][ T5281] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   84.448385][ T1173] usb 3-1: USB disconnect, device number 3
[   84.586784][ T5282] usb 2-1: Using ep0 maxpacket: 32
[   84.594375][ T5281] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   84.604888][ T5282] usb 2-1: too many configurations: 9, using maximum allowed: 8
[   84.613185][ T5281] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[   84.660144][ T5281] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   84.670226][ T5282] usb 2-1: unable to read config index 0 descriptor/start: -61
[   84.677968][ T5281] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   84.686071][ T5282] usb 2-1: can't read configurations, error -61
[   84.692831][ T5281] usb 1-1: SerialNumber: syz
[   84.698033][ T5282] usb usb2-port1: attempt power cycle
[   84.841803][ T5432] syz.3.46 uses obsolete (PF_INET,SOCK_PACKET)
[   85.056727][ T5282] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   85.088122][ T5281] usb 1-1: 0:2 : does not exist
[   85.112938][ T5282] usb 2-1: Using ep0 maxpacket: 32
[   85.191891][ T5282] usb 2-1: too many configurations: 9, using maximum allowed: 8
[   85.199642][ T5281] usb 1-1: USB disconnect, device number 4
[   85.230084][ T5436] netlink: 8 bytes leftover after parsing attributes in process `syz.2.47'.
[   85.263130][ T5282] usb 2-1: unable to read config index 0 descriptor/start: -61
[   85.280643][ T5282] usb 2-1: can't read configurations, error -61
[   85.338136][ T5245] udevd[5245]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   85.426697][ T5282] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   85.457732][ T5282] usb 2-1: Using ep0 maxpacket: 32
[   85.474997][ T5282] usb 2-1: too many configurations: 9, using maximum allowed: 8
[   85.495297][ T5282] usb 2-1: unable to read config index 0 descriptor/start: -61
[   85.513653][ T5282] usb 2-1: can't read configurations, error -61
[   85.520369][ T5440] netlink: 132 bytes leftover after parsing attributes in process `syz.3.49'.
[   85.553334][ T5282] usb usb2-port1: unable to enumerate USB device
[   86.126703][ T5304] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   86.236654][ T5329] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   86.280748][ T5281] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[   86.289053][ T5304] usb 1-1: Using ep0 maxpacket: 16
[   86.302138][ T5304] usb 1-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=d5.24
[   86.317010][ T5304] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.325654][ T5304] usb 1-1: Product: syz
[   86.354979][ T5304] usb 1-1: Manufacturer: syz
[   86.363218][ T5304] usb 1-1: SerialNumber: syz
[   86.410110][ T5329] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   86.425778][ T5304] usb 1-1: config 0 descriptor??
[   86.482063][ T5424] Zero length message leads to an empty skb
[   86.504531][ T5329] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   86.535218][ T5329] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   86.547030][ T5329] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.559343][ T5304] gspca_main: conex-2.14.0 probing 0572:0041
[   86.667908][ T5458] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[   86.690490][ T5329] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[   86.879970][ T5304] usb 1-1: USB disconnect, device number 5
[   86.984012][    T9] cfg80211: failed to load regulatory.db
[   87.056929][ T5284] usb 4-1: USB disconnect, device number 3
[   87.279283][ T5329] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[   87.449923][ T5329] usb 2-1: Using ep0 maxpacket: 8
[   87.459719][ T5329] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[   87.469431][ T5329] usb 2-1: config 16 has an invalid descriptor of length 252, skipping remainder of the config
[   87.514411][ T5329] usb 2-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[   87.555684][ T5329] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   87.571737][ T5329] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.611753][ T5329] usbtmc 2-1:16.0: bulk endpoints not found
[   87.966978][ T5281] usb 5-1: device descriptor read/64, error -71
[   88.059979][ T5489] xt_CT: You must specify a L4 protocol and not use inversions on it
[   88.066898][ T5282] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   88.173223][ T5491] FAULT_INJECTION: forcing a failure.
[   88.173223][ T5491] name failslab, interval 1, probability 0, space 0, times 0
[   88.193128][ T5491] CPU: 1 UID: 0 PID: 5491 Comm: syz.0.65 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[   88.203713][ T5491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   88.213880][ T5491] Call Trace:
[   88.217198][ T5491]  <TASK>
[   88.220171][ T5491]  dump_stack_lvl+0x241/0x360
[   88.224907][ T5491]  ? __pfx_dump_stack_lvl+0x10/0x10
[   88.230159][ T5491]  ? __pfx__printk+0x10/0x10
[   88.234807][ T5491]  ? __kmalloc_cache_noprof+0x44/0x2c0
[   88.238021][ T5281] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[   88.240297][ T5491]  ? __pfx___might_resched+0x10/0x10
[   88.253071][ T5491]  should_fail_ex+0x3b0/0x4e0
[   88.257782][ T5491]  should_failslab+0xac/0x100
[   88.262481][ T5491]  ? udmabuf_create+0xf0/0x11b0
[   88.267360][ T5491]  __kmalloc_cache_noprof+0x6c/0x2c0
[   88.272668][ T5491]  udmabuf_create+0xf0/0x11b0
[   88.277366][ T5491]  ? __pfx___might_resched+0x10/0x10
[   88.282670][ T5491]  ? __might_fault+0xaa/0x120
[   88.287370][ T5491]  ? __pfx_lock_release+0x10/0x10
[   88.292449][ T5491]  ? __pfx_udmabuf_create+0x10/0x10
[   88.297669][ T5491]  ? __might_fault+0xc6/0x120
[   88.302375][ T5491]  ? _copy_from_user+0xa6/0xe0
[   88.307165][ T5491]  udmabuf_ioctl+0x3ac/0x4e0
[   88.311779][ T5491]  ? __pfx_udmabuf_ioctl+0x10/0x10
[   88.316912][ T5491]  ? __fget_files+0x29/0x470
[   88.321518][ T5491]  ? __fget_files+0x3f3/0x470
[   88.326236][ T5491]  ? __pfx_udmabuf_ioctl+0x10/0x10
[   88.331378][ T5491]  __se_sys_ioctl+0xf9/0x170
[   88.336017][ T5491]  do_syscall_64+0xf3/0x230
[   88.340547][ T5491]  ? clear_bhb_loop+0x35/0x90
[   88.345257][ T5491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.351178][ T5491] RIP: 0033:0x7fe6aff7dff9
[   88.355782][ T5491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.375405][ T5491] RSP: 002b:00007fe6b0e17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   88.383845][ T5491] RAX: ffffffffffffffda RBX: 00007fe6b0135f80 RCX: 00007fe6aff7dff9
[   88.391840][ T5491] RDX: 000000002000e4c0 RSI: 0000000040087543 RDI: 0000000000000004
[   88.399829][ T5491] RBP: 00007fe6b0e17090 R08: 0000000000000000 R09: 0000000000000000
[   88.407821][ T5491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.415808][ T5491] R13: 0000000000000000 R14: 00007fe6b0135f80 R15: 00007fe6b025fa28
[   88.423818][ T5491]  </TASK>
[   88.426999][    C1] vkms_vblank_simulate: vblank timer overrun
[   88.443261][ T5282] usb 3-1: Using ep0 maxpacket: 8
[   88.492921][ T5282] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.533690][ T5282] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.573697][ T5282] usb 3-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[   88.592136][ T5282] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.605475][ T5282] usb 3-1: config 0 descriptor??
[   88.628287][ T5281] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.645397][ T5281] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.672920][ T5281] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   88.699770][ T5281] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.729524][ T5281] usb 5-1: config 0 descriptor??
[   88.806871][ T5284] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   88.884305][ T5496] netlink: 296 bytes leftover after parsing attributes in process `syz.1.55'.
[   88.985964][ T5284] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[   88.994573][ T5284] usb 1-1: config 0 has no interface number 0
[   89.003970][ T5284] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[   89.020349][ T5284] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   89.030282][ T5284] usb 1-1: Product: syz
[   89.035970][ T5284] usb 1-1: Manufacturer: syz
[   89.037023][ T5282] logitech 0003:046D:C20E.0002: rdesc size test failed for formula gp
[   89.053199][ T5284] usb 1-1: SerialNumber: syz
[   89.059290][ T5499] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   89.075206][ T5284] usb 1-1: config 0 descriptor??
[   89.077605][ T5282] logitech 0003:046D:C20E.0002: unbalanced collection at end of report description
[   89.097081][ T5499] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   89.114247][ T5282] logitech 0003:046D:C20E.0002: parse failed
[   89.125213][ T5282] logitech 0003:046D:C20E.0002: probe with driver logitech failed with error -22
[   89.168155][ T5281] hid (null): bogus close delimiter
[   89.176265][ T5283] usb 3-1: USB disconnect, device number 4
[   89.313276][ T5284] usb 1-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[   89.338054][ T5503] FAULT_INJECTION: forcing a failure.
[   89.338054][ T5503] name failslab, interval 1, probability 0, space 0, times 0
[   89.356093][ T5284] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[   89.368426][ T5503] CPU: 1 UID: 0 PID: 5503 Comm: syz.2.68 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[   89.378991][ T5503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   89.389096][ T5503] Call Trace:
[   89.392409][ T5503]  <TASK>
[   89.395395][ T5503]  dump_stack_lvl+0x241/0x360
[   89.400097][ T5503]  ? __pfx_dump_stack_lvl+0x10/0x10
[   89.405314][ T5503]  ? __pfx__printk+0x10/0x10
[   89.409932][ T5503]  ? kmem_cache_alloc_lru_noprof+0x49/0x2b0
[   89.415851][ T5503]  ? __pfx___might_resched+0x10/0x10
[   89.421171][ T5503]  should_fail_ex+0x3b0/0x4e0
[   89.425887][ T5503]  ? __d_alloc+0x31/0x700
[   89.430243][ T5503]  should_failslab+0xac/0x100
[   89.434942][ T5503]  ? __d_alloc+0x31/0x700
[   89.439293][ T5503]  kmem_cache_alloc_lru_noprof+0x71/0x2b0
[   89.445065][ T5503]  __d_alloc+0x31/0x700
[   89.449278][ T5503]  d_alloc_pseudo+0x1f/0xb0
[   89.453829][ T5503]  alloc_file_pseudo+0x123/0x290
[   89.458790][ T5503]  ? __pfx_alloc_file_pseudo+0x10/0x10
[   89.464276][ T5503]  ? alloc_fd+0x5a1/0x640
[   89.468627][ T5503]  sock_alloc_file+0xb8/0x280
[   89.473328][ T5503]  __sys_socket+0x1dd/0x3c0
[   89.477863][ T5503]  ? __pfx___sys_socket+0x10/0x10
[   89.482936][ T5503]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   89.489288][ T5503]  ? exc_page_fault+0x590/0x8c0
[   89.494165][ T5503]  __x64_sys_socket+0x7a/0x90
[   89.498875][ T5503]  do_syscall_64+0xf3/0x230
[   89.503392][ T5503]  ? clear_bhb_loop+0x35/0x90
[   89.508093][ T5503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.514008][ T5503] RIP: 0033:0x7fe38837ff17
[   89.518441][ T5503] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.538075][ T5503] RSP: 002b:00007fe389120f48 EFLAGS: 00000297 ORIG_RAX: 0000000000000029
[   89.546595][ T5503] RAX: ffffffffffffffda RBX: 00007fe388535f80 RCX: 00007fe38837ff17
[   89.554583][ T5503] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[   89.562564][ T5503] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[   89.570552][ T5503] R10: 0000000020000000 R11: 0000000000000297 R12: 0000000000000000
[   89.578541][ T5503] R13: 0000000000000001 R14: 0000000020000000 R15: 0000000000000000
[   89.586542][ T5503]  </TASK>
[   89.589616][    C1] vkms_vblank_simulate: vblank timer overrun
[   89.600404][ T5284] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[   89.604091][ T5281] usb 5-1: language id specifier not provided by device, defaulting to English
[   89.611118][ T5284] usb 1-1: media controller created
[   89.646635][ T5284] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   89.718749][ T5284] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[   89.847983][ T5284] usb 1-1: USB disconnect, device number 6
[   89.956221][    T9] usb 2-1: USB disconnect, device number 8
[   89.987302][ T5282] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   90.136830][ T5282] usb 4-1: device descriptor read/64, error -71
[   90.159122][   T46] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   90.260511][ T5510] IPVS: Error connecting to the multicast addr
[   90.354405][   T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[   90.377219][   T46] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[   90.392447][   T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[   90.402680][   T46] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[   90.417296][   T46] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[   90.426509][ T5282] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   90.439222][   T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.462875][ T5281] uclogic 0003:256C:006D.0003: failed retrieving Huion firmware version: -71
[   90.471918][ T5281] uclogic 0003:256C:006D.0003: failed probing parameters: -71
[   90.481656][ T5281] uclogic 0003:256C:006D.0003: probe with driver uclogic failed with error -71
[   90.496001][   T46] usb 3-1: config 0 descriptor??
[   90.544685][ T5281] usb 5-1: USB disconnect, device number 5
[   90.567164][ T5282] usb 4-1: device descriptor read/64, error -71
[   90.698572][ T5282] usb usb4-port1: attempt power cycle
[   90.722980][ T5506] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   90.765577][ T5506] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   90.844423][   T46] hdpvr 3-1:0.0: unexpected answer of status request, len -71
[   90.859375][   T46] hdpvr 3-1:0.0: device init failed
[   90.864856][   T46] hdpvr 3-1:0.0: probe with driver hdpvr failed with error -12
[   90.906009][   T46] usb 3-1: USB disconnect, device number 5
[   91.057319][ T5282] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   91.097646][ T5282] usb 4-1: device descriptor read/8, error -71
[   91.258409][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.275988][ T5523] FAULT_INJECTION: forcing a failure.
[   91.275988][ T5523] name failslab, interval 1, probability 0, space 0, times 0
[   91.296958][ T5522] FAULT_INJECTION: forcing a failure.
[   91.296958][ T5522] name failslab, interval 1, probability 0, space 0, times 0
[   91.301402][ T5523] CPU: 0 UID: 0 PID: 5523 Comm: syz.1.75 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[   91.320327][ T5523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   91.331651][ T5523] Call Trace:
[   91.334973][ T5523]  <TASK>
[   91.337940][ T5523]  dump_stack_lvl+0x241/0x360
[   91.342659][ T5523]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.347889][ T5523]  ? __pfx__printk+0x10/0x10
[   91.352517][ T5523]  ? __kmalloc_noprof+0xb0/0x400
[   91.357591][ T5523]  ? __pfx___might_resched+0x10/0x10
[   91.362926][ T5523]  should_fail_ex+0x3b0/0x4e0
[   91.367646][ T5523]  ? iovec_from_user+0x87/0x240
[   91.372537][ T5523]  should_failslab+0xac/0x100
[   91.377244][ T5523]  ? iovec_from_user+0x87/0x240
[   91.382130][ T5523]  __kmalloc_noprof+0xd8/0x400
[   91.386939][ T5523]  iovec_from_user+0x87/0x240
[   91.391666][ T5523]  __import_iovec+0x132/0x820
[   91.396394][ T5523]  import_iovec+0xeb/0x120
[   91.400844][ T5523]  copy_msghdr_from_user+0x52f/0x680
[   91.406157][ T5523]  ? __lock_acquire+0x1384/0x2050
[   91.411218][ T5523]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[   91.417074][ T5523]  do_recvmmsg+0x3f9/0xad0
[   91.421516][ T5523]  ? mark_lock+0x9a/0x360
[   91.425880][ T5523]  ? __lock_acquire+0x1384/0x2050
[   91.430937][ T5523]  ? __pfx_do_recvmmsg+0x10/0x10
[   91.435933][ T5523]  ? __pfx___might_resched+0x10/0x10
[   91.441251][ T5523]  ? __might_fault+0xaa/0x120
[   91.445956][ T5523]  ? __pfx_lock_release+0x10/0x10
[   91.451029][ T5523]  ? vfs_write+0x7bf/0xc90
[   91.455491][ T5523]  ? kmem_cache_free+0x1a2/0x420
[   91.460495][ T5523]  ? get_timespec64+0x19c/0x280
[   91.465492][ T5523]  __x64_sys_recvmmsg+0x1b8/0x250
[   91.470566][ T5523]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[   91.476145][ T5523]  ? do_syscall_64+0x100/0x230
[   91.480951][ T5523]  ? do_syscall_64+0xb6/0x230
[   91.485676][ T5523]  do_syscall_64+0xf3/0x230
[   91.490233][ T5523]  ? clear_bhb_loop+0x35/0x90
[   91.494963][ T5523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.500906][ T5523] RIP: 0033:0x7ff56cf7dff9
[   91.505352][ T5523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.525011][ T5523] RSP: 002b:00007ff56dce1038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[   91.533501][ T5523] RAX: ffffffffffffffda RBX: 00007ff56d136058 RCX: 00007ff56cf7dff9
[   91.541538][ T5523] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003
[   91.549530][ T5523] RBP: 00007ff56dce1090 R08: 0000000020003700 R09: 0000000000000000
[   91.557610][ T5523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.565595][ T5523] R13: 0000000000000001 R14: 00007ff56d136058 R15: 00007ff56d25fa28
[   91.573595][ T5523]  </TASK>
[   91.596272][ T5522] CPU: 0 UID: 0 PID: 5522 Comm: syz.4.77 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[   91.606885][ T5522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   91.617006][ T5522] Call Trace:
[   91.620319][ T5522]  <TASK>
[   91.623265][ T5522]  dump_stack_lvl+0x241/0x360
[   91.627976][ T5522]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.633210][ T5522]  ? __pfx__printk+0x10/0x10
[   91.637817][ T5522]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[   91.643825][ T5522]  ? __pfx___might_resched+0x10/0x10
[   91.649166][ T5522]  should_fail_ex+0x3b0/0x4e0
[   91.654566][ T5522]  should_failslab+0xac/0x100
[   91.659292][ T5522]  ? __alloc_skb+0x1c3/0x440
[   91.663923][ T5522]  kmem_cache_alloc_node_noprof+0x71/0x320
[   91.669784][ T5522]  __alloc_skb+0x1c3/0x440
[   91.674256][ T5522]  ? __pfx___alloc_skb+0x10/0x10
[   91.679243][ T5522]  ? __mutex_trylock_common+0x183/0x2e0
[   91.684850][ T5522]  netlink_dump+0x2cd/0xd80
[   91.689399][ T5522]  ? trace_contention_end+0x3c/0x120
[   91.694714][ T5522]  ? __pfx_netlink_dump+0x10/0x10
[   91.699782][ T5522]  ? __pfx_lock_acquire+0x10/0x10
[   91.704841][ T5522]  __netlink_dump_start+0x5a2/0x790
[   91.710076][ T5522]  rtnetlink_rcv_msg+0xb3d/0xcf0
[   91.715040][ T5522]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   91.720519][ T5522]  ? __pfx_neigh_dump_info+0x10/0x10
[   91.725856][ T5522]  ? ref_tracker_free+0x643/0x7e0
[   91.730922][ T5522]  netlink_rcv_skb+0x1e3/0x430
[   91.735717][ T5522]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   91.741213][ T5522]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   91.746539][ T5522]  ? netlink_deliver_tap+0x2e/0x1b0
[   91.751766][ T5522]  netlink_unicast+0x7f6/0x990
[   91.756574][ T5522]  ? __pfx_netlink_unicast+0x10/0x10
[   91.761899][ T5522]  ? __virt_addr_valid+0x183/0x530
[   91.767029][ T5522]  ? __check_object_size+0x48e/0x900
[   91.772336][ T5522]  netlink_sendmsg+0x8e4/0xcb0
[   91.777141][ T5522]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.782463][ T5522]  ? aa_sock_msg_perm+0x91/0x160
[   91.787432][ T5522]  ? __pfx_netlink_sendmsg+0x10/0x10
[   91.792735][ T5522]  __sock_sendmsg+0x221/0x270
[   91.797438][ T5522]  ____sys_sendmsg+0x52a/0x7e0
[   91.802231][ T5522]  ? __pfx_____sys_sendmsg+0x10/0x10
[   91.807544][ T5522]  __sys_sendmsg+0x292/0x380
[   91.812151][ T5522]  ? __pfx___sys_sendmsg+0x10/0x10
[   91.817289][ T5522]  ? __pfx_vfs_write+0x10/0x10
[   91.822087][ T5522]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   91.828439][ T5522]  ? do_syscall_64+0x100/0x230
[   91.833225][ T5522]  ? do_syscall_64+0xb6/0x230
[   91.837923][ T5522]  do_syscall_64+0xf3/0x230
[   91.842474][ T5522]  ? clear_bhb_loop+0x35/0x90
[   91.847177][ T5522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.853096][ T5522] RIP: 0033:0x7ff728d7dff9
[   91.857524][ T5522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.877150][ T5522] RSP: 002b:00007ff7287ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.885585][ T5522] RAX: ffffffffffffffda RBX: 00007ff728f35f80 RCX: 00007ff728d7dff9
[   91.893749][ T5522] RDX: 0000000020040010 RSI: 0000000020002b40 RDI: 0000000000000003
[   91.901740][ T5522] RBP: 00007ff7287ff090 R08: 0000000000000000 R09: 0000000000000000
[   91.909727][ T5522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.917716][ T5522] R13: 0000000000000000 R14: 00007ff728f35f80 R15: 00007ff72905fa28
[   91.925727][ T5522]  </TASK>
[   91.931230][ T5282] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   92.017160][ T5282] usb 4-1: device descriptor read/8, error -71
[   92.068346][ T5526] ALSA: seq fatal error: cannot create timer (-22)
[   92.121341][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.132707][ T5282] usb usb4-port1: unable to enumerate USB device
[   92.311380][ T5538] netlink: 'syz.3.82': attribute type 11 has an invalid length.
[   92.331755][ T5538] netlink: 190580 bytes leftover after parsing attributes in process `syz.3.82'.
[   92.394881][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.447324][ T5536] netlink: 36 bytes leftover after parsing attributes in process `syz.4.81'.
[   92.463443][ T5536] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[   92.563211][ T5235] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   92.572585][ T5235] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   92.581254][ T5235] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   92.596435][ T5235] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   92.610869][ T5235] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   92.618002][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.636765][ T5235] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   92.867114][   T46] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[   93.033956][   T46] usb 4-1: config 0 has no interfaces?
[   93.085010][ T5551] chnl_net:caif_netlink_parms(): no params data found
[   93.108144][   T46] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[   93.140286][   T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.162420][   T46] usb 4-1: Product: syz
[   93.166988][   T46] usb 4-1: Manufacturer: syz
[   93.176672][   T46] usb 4-1: SerialNumber: syz
[   93.208938][   T46] usb 4-1: config 0 descriptor??
[   93.230165][   T35] bridge_slave_1: left allmulticast mode
[   93.236147][   T35] bridge_slave_1: left promiscuous mode
[   93.245759][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.325110][   T35] bridge_slave_0: left allmulticast mode
[   93.331219][   T35] bridge_slave_0: left promiscuous mode
[   93.337855][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.527088][ T5304] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   93.687214][ T5304] usb 2-1: Using ep0 maxpacket: 16
[   93.709342][ T5304] usb 2-1: config 255 has an invalid interface number: 47 but max is 1
[   93.728222][ T5304] usb 2-1: config 255 has an invalid interface number: 218 but max is 1
[   93.760932][ T5304] usb 2-1: config 255 has no interface number 0
[   93.785555][ T5304] usb 2-1: config 255 has no interface number 1
[   93.813150][ T5304] usb 2-1: config 255 interface 47 altsetting 128 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[   94.592089][ T5304] usb 2-1: config 255 interface 47 has no altsetting 0
[   94.620148][ T5304] usb 2-1: config 255 interface 218 has no altsetting 0
[   94.766823][ T5235] Bluetooth: hci2: command tx timeout
[   96.806828][ T5235] Bluetooth: hci2: command tx timeout
[   98.886855][ T5235] Bluetooth: hci2: command tx timeout
[  100.966749][ T5235] Bluetooth: hci2: command tx timeout
[  101.266556][    C1] sched: DL replenish lagged too much
[  102.320477][ T5586] kvm: emulating exchange as write
[  106.219112][ T5234] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  106.233051][ T5234] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  106.242690][ T5234] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  106.259649][ T5234] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  106.268970][ T5234] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  106.282762][ T5234] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  106.532658][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  106.592935][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  106.645768][ T5235] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  106.656453][ T5235] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  106.665239][ T5235] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  106.677187][ T5235] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  106.687931][   T35] bond0 (unregistering): Released all slaves
[  106.694239][ T5235] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  106.703032][ T5235] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  106.946129][ T5551] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.967301][ T5551] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.985542][ T5551] bridge_slave_0: entered allmulticast mode
[  107.003240][ T5551] bridge_slave_0: entered promiscuous mode
[  107.015807][ T5551] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.030802][ T5551] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.054895][ T5551] bridge_slave_1: entered allmulticast mode
[  107.066086][ T5551] bridge_slave_1: entered promiscuous mode
[  107.170659][ T5551] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  107.192217][ T5551] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  107.343023][ T5551] team0: Port device team_slave_0 added
[  107.355158][ T5551] team0: Port device team_slave_1 added
[  107.425186][ T5551] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.438636][ T5551] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.478840][ T5551] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.501819][ T5551] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.513975][ T5551] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.549075][ T5551] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.674900][ T5551] hsr_slave_0: entered promiscuous mode
[  107.694428][ T5551] hsr_slave_1: entered promiscuous mode
[  107.725258][ T5551] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  107.741923][ T5551] Cannot create hsr debugfs directory
[  108.326759][ T5235] Bluetooth: hci3: command tx timeout
[  108.806849][ T5235] Bluetooth: hci5: command tx timeout
[  109.449316][ T5234] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  109.461316][ T5234] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  109.478060][ T5234] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  109.505394][ T4622] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  109.513266][ T4622] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  109.521268][ T4622] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  109.530550][ T5241] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  109.548092][ T5241] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  109.556093][ T5241] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  109.579405][ T4622] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  109.587839][ T4622] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  109.599476][ T4622] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  110.408004][ T4622] Bluetooth: hci3: command tx timeout
[  110.886893][ T4622] Bluetooth: hci5: command tx timeout
[  111.608047][ T4622] Bluetooth: hci6: command tx timeout
[  111.686760][ T4622] Bluetooth: hci7: command tx timeout
[  112.486915][ T4622] Bluetooth: hci3: command tx timeout
[  112.966847][ T4622] Bluetooth: hci5: command tx timeout
[  113.687860][ T4622] Bluetooth: hci6: command tx timeout
[  113.767071][ T4622] Bluetooth: hci7: command tx timeout
[  114.566753][ T4622] Bluetooth: hci3: command tx timeout
[  115.046910][ T4622] Bluetooth: hci5: command tx timeout
[  115.769086][ T4622] Bluetooth: hci6: command tx timeout
[  115.846811][ T4622] Bluetooth: hci7: command tx timeout
[  117.848418][ T4622] Bluetooth: hci6: command tx timeout
[  117.926730][ T4622] Bluetooth: hci7: command tx timeout
[  133.068076][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  133.074469][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  154.723662][ T5234] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  154.780023][ T5234] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  154.800400][ T5234] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  154.908846][ T5234] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  154.954181][ T5234] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  154.991463][ T5234] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  157.127106][ T5234] Bluetooth: hci8: command tx timeout
[  159.206863][ T5234] Bluetooth: hci8: command tx timeout
[  161.286858][ T5234] Bluetooth: hci8: command tx timeout
[  163.366906][ T5234] Bluetooth: hci8: command tx timeout
[  163.987324][ T4622] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  163.998921][ T4622] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  164.008450][ T4622] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  164.017699][ T4622] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  164.028229][ T4622] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  164.035631][ T4622] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  166.083192][ T4622] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  166.091868][ T5241] Bluetooth: hci9: command tx timeout
[  166.102343][ T5241] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  166.112652][ T5241] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  166.123144][ T5241] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  166.137146][ T5241] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  166.146258][ T5241] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  168.166788][ T5234] Bluetooth: hci9: command tx timeout
[  168.246900][ T5234] Bluetooth: hci10: command tx timeout
[  170.247032][ T5234] Bluetooth: hci9: command tx timeout
[  170.336655][ T5234] Bluetooth: hci10: command tx timeout
[  170.465320][ T5241] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  170.475124][ T5241] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  170.484343][ T5241] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  170.493941][ T5241] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  170.502363][ T5241] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  170.511591][ T5241] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  170.569433][ T5234] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  170.579685][ T5234] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  170.588158][ T5234] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  170.596400][ T5234] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  170.605511][ T5234] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  170.613125][ T5234] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  172.329167][ T5234] Bluetooth: hci9: command tx timeout
[  172.406716][ T5234] Bluetooth: hci10: command tx timeout
[  172.566734][ T5234] Bluetooth: hci11: command tx timeout
[  172.646875][ T5234] Bluetooth: hci12: command tx timeout
[  174.486679][ T5234] Bluetooth: hci10: command tx timeout
[  174.646915][ T5234] Bluetooth: hci11: command tx timeout
[  174.726787][ T5234] Bluetooth: hci12: command tx timeout
[  176.726841][ T5234] Bluetooth: hci11: command tx timeout
[  176.806750][ T5234] Bluetooth: hci12: command tx timeout
[  178.806689][ T5234] Bluetooth: hci11: command tx timeout
[  178.886853][ T5234] Bluetooth: hci12: command tx timeout
[  194.491944][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  194.498492][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  196.586552][ T5234] Bluetooth: hci4: command 0x0406 tx timeout
[  196.592656][ T5234] Bluetooth: hci1: command 0x0406 tx timeout
[  196.598877][ T5235] Bluetooth: hci0: command 0x0406 tx timeout
[  213.824917][ T4622] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  213.834976][ T4622] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  213.843869][ T4622] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  213.852400][ T4622] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  213.863347][ T4622] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  213.871290][ T4622] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  215.930335][ T4622] Bluetooth: hci13: command tx timeout
[  217.052464][ T4622] Bluetooth: hci2: command 0x0406 tx timeout
[  218.007196][ T5238] Bluetooth: hci13: command tx timeout
[  220.089319][ T5238] Bluetooth: hci13: command tx timeout
[  222.166651][ T5238] Bluetooth: hci13: command tx timeout
[  224.958967][ T4622] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  224.968239][ T4622] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  224.976536][ T4622] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  224.988015][ T4622] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  225.003941][ T4622] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  225.012612][ T4622] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  227.046837][ T4622] Bluetooth: hci14: command tx timeout
[  227.092008][ T5238] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  227.106816][ T5238] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  227.115143][ T5238] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  227.124253][ T5238] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  227.132929][ T5238] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[  227.142020][ T5238] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  229.127046][ T5238] Bluetooth: hci14: command tx timeout
[  229.207078][ T5238] Bluetooth: hci15: command tx timeout
[  231.206862][ T5238] Bluetooth: hci14: command tx timeout
[  231.287487][ T5238] Bluetooth: hci15: command tx timeout
[  231.420478][   T54] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  231.429941][   T54] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  231.438784][   T54] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  231.448694][   T54] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  231.457795][   T54] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3
[  231.465250][   T54] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  231.570864][ T5238] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  231.596849][ T5238] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  231.605277][ T5238] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  231.615060][ T5238] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  231.622913][ T5238] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3
[  231.630480][ T5238] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  232.422934][   T54] Bluetooth: hci6: command 0x0406 tx timeout
[  232.429163][ T5238] Bluetooth: hci5: command 0x0406 tx timeout
[  232.435226][ T5238] Bluetooth: hci3: command 0x0406 tx timeout
[  232.445012][ T5230] Bluetooth: hci7: command 0x0406 tx timeout
[  233.286672][ T5235] Bluetooth: hci14: command tx timeout
[  233.367070][ T5235] Bluetooth: hci15: command tx timeout
[  233.526942][ T5235] Bluetooth: hci16: command tx timeout
[  233.692592][ T5235] Bluetooth: hci17: command tx timeout
[  235.447413][ T5235] Bluetooth: hci15: command tx timeout
[  235.606923][ T5235] Bluetooth: hci16: command tx timeout
[  235.766922][ T5235] Bluetooth: hci17: command tx timeout
[  237.686845][ T5235] Bluetooth: hci16: command tx timeout
[  237.846752][ T5235] Bluetooth: hci17: command tx timeout
[  239.768250][ T5235] Bluetooth: hci16: command tx timeout
[  239.926828][ T5235] Bluetooth: hci17: command tx timeout
[  250.807088][   T30] INFO: task kworker/u8:2:35 blocked for more than 143 seconds.
[  250.815091][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  250.866540][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  250.896823][   T30] task:kworker/u8:2    state:D stack:22384 pid:35    tgid:35    ppid:2      flags:0x00004000
[  250.946539][   T30] Workqueue: netns cleanup_net
[  250.951426][   T30] Call Trace:
[  250.954786][   T30]  <TASK>
[  251.056789][   T30]  __schedule+0x1895/0x4b30
[  251.061517][   T30]  ? __pfx___schedule+0x10/0x10
[  251.066440][   T30]  ? __pfx_lock_release+0x10/0x10
[  251.121737][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  251.166908][   T30]  ? kthread_data+0x52/0xd0
[  251.171520][   T30]  ? schedule+0x90/0x320
[  251.175850][   T30]  ? wq_worker_sleeping+0x66/0x240
[  251.253918][   T30]  ? schedule+0x90/0x320
[  251.273801][   T30]  schedule+0x14b/0x320
[  251.286105][   T30]  schedule_preempt_disabled+0x13/0x30
[  251.322494][   T30]  __mutex_lock+0x6a7/0xd70
[  251.356564][   T30]  ? __mutex_lock+0x52a/0xd70
[  251.361339][   T30]  ? ieee80211_unregister_hw+0x55/0x2c0
[  251.415616][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  251.445386][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  251.486639][   T30]  ? rcu_is_watching+0x15/0xb0
[  251.491517][   T30]  ieee80211_unregister_hw+0x55/0x2c0
[  251.519768][   T30]  mac80211_hwsim_del_radio+0x2c4/0x4c0
[  251.525421][   T30]  ? __pfx_mac80211_hwsim_del_radio+0x10/0x10
[  251.577041][   T30]  hwsim_exit_net+0x5c1/0x670
[  251.581825][   T30]  ? __pfx_hwsim_exit_net+0x10/0x10
[  251.610424][   T30]  ? __ip_vs_dev_cleanup_batch+0x239/0x260
[  251.616334][   T30]  cleanup_net+0x802/0xcc0
[  251.656582][   T30]  ? __pfx_cleanup_net+0x10/0x10
[  251.661626][   T30]  ? process_scheduled_works+0x976/0x1850
[  251.706830][   T30]  process_scheduled_works+0xa63/0x1850
[  251.712505][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  251.746608][   T30]  ? assign_work+0x364/0x3d0
[  251.751309][   T30]  worker_thread+0x870/0xd30
[  251.755977][   T30]  ? __kthread_parkme+0x169/0x1d0
[  251.803516][   T30]  ? __pfx_worker_thread+0x10/0x10
[  251.825512][   T30]  kthread+0x2f0/0x390
[  251.847196][   T30]  ? __pfx_worker_thread+0x10/0x10
[  251.852411][   T30]  ? __pfx_kthread+0x10/0x10
[  251.886591][   T30]  ret_from_fork+0x4b/0x80
[  251.891127][   T30]  ? __pfx_kthread+0x10/0x10
[  251.895770][   T30]  ret_from_fork_asm+0x1a/0x30
[  251.946672][   T30]  </TASK>
[  251.958114][   T30] INFO: task kworker/u8:7:3037 blocked for more than 144 seconds.
[  251.966008][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  252.016593][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  252.025359][   T30] task:kworker/u8:7    state:D stack:22032 pid:3037  tgid:3037  ppid:2      flags:0x00004000
[  252.056343][   T30] Workqueue: events_unbound linkwatch_event
[  252.065575][   T30] Call Trace:
[  252.074004][   T30]  <TASK>
[  252.080185][   T30]  __schedule+0x1895/0x4b30
[  252.084803][   T30]  ? __pfx___schedule+0x10/0x10
[  252.096439][   T30]  ? __pfx_lock_release+0x10/0x10
[  252.101689][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  252.116825][   T30]  ? kthread_data+0x52/0xd0
[  252.121429][   T30]  ? schedule+0x90/0x320
[  252.125743][   T30]  ? wq_worker_sleeping+0x66/0x240
[  252.137044][   T30]  ? schedule+0x90/0x320
[  252.141380][   T30]  schedule+0x14b/0x320
[  252.145607][   T30]  schedule_preempt_disabled+0x13/0x30
[  252.158220][   T30]  __mutex_lock+0x6a7/0xd70
[  252.162815][   T30]  ? __mutex_lock+0x52a/0xd70
[  252.174037][   T30]  ? linkwatch_event+0xe/0x60
[  252.181709][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  252.192306][   T30]  ? process_scheduled_works+0x976/0x1850
[  252.200943][   T30]  linkwatch_event+0xe/0x60
[  252.205519][   T30]  process_scheduled_works+0xa63/0x1850
[  252.216603][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  252.222707][   T30]  ? assign_work+0x364/0x3d0
[  252.237447][   T30]  worker_thread+0x870/0xd30
[  252.242139][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  252.255964][   T30]  ? __kthread_parkme+0x169/0x1d0
[  252.262638][   T30]  ? __pfx_worker_thread+0x10/0x10
[  252.274270][   T30]  kthread+0x2f0/0x390
[  252.281717][   T30]  ? __pfx_worker_thread+0x10/0x10
[  252.293071][   T30]  ? __pfx_kthread+0x10/0x10
[  252.299774][   T30]  ret_from_fork+0x4b/0x80
[  252.304270][   T30]  ? __pfx_kthread+0x10/0x10
[  252.315383][   T30]  ret_from_fork_asm+0x1a/0x30
[  252.322097][   T30]  </TASK>
[  252.325256][   T30] INFO: task jbd2/sda1-8:4646 blocked for more than 144 seconds.
[  252.346113][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  252.354243][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  252.366502][   T30] task:jbd2/sda1-8     state:D stack:24240 pid:4646  tgid:4646  ppid:2      flags:0x00004000
[  252.383271][   T30] Call Trace:
[  252.386992][   T30]  <TASK>
[  252.389973][   T30]  __schedule+0x1895/0x4b30
[  252.394571][   T30]  ? __pfx___schedule+0x10/0x10
[  252.407880][   T30]  ? __pfx_lock_release+0x10/0x10
[  252.413015][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  252.426261][   T30]  ? schedule+0x90/0x320
[  252.431057][   T30]  schedule+0x14b/0x320
[  252.435291][   T30]  io_schedule+0x8d/0x110
[  252.446597][   T30]  bit_wait_io+0x12/0xd0
[  252.450928][   T30]  __wait_on_bit+0xb0/0x2f0
[  252.455515][   T30]  ? __pfx_bit_wait_io+0x10/0x10
[  252.469100][   T30]  out_of_line_wait_on_bit+0x1d5/0x260
[  252.474642][   T30]  ? __pfx_bit_wait_io+0x10/0x10
[  252.486168][   T30]  ? __pfx_out_of_line_wait_on_bit+0x10/0x10
[  252.493846][   T30]  ? __pfx_wake_bit_function+0x10/0x10
[  252.505573][   T30]  jbd2_journal_commit_transaction+0x3df6/0x67e0
[  252.514967][   T30]  ? __pfx_jbd2_journal_commit_transaction+0x10/0x10
[  252.526630][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  252.531909][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  252.548223][   T30]  ? __try_to_del_timer_sync+0x2ad/0x340
[  252.553961][   T30]  ? __timer_delete_sync+0x15c/0x310
[  252.566652][   T30]  ? __timer_delete_sync+0x25d/0x310
[  252.572053][   T30]  ? __pfx___timer_delete_sync+0x10/0x10
[  252.586796][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  252.592802][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  252.606586][   T30]  ? prepare_to_wait+0x186/0x210
[  252.611617][   T30]  ? finish_wait+0xd4/0x1e0
[  252.616176][   T30]  kjournald2+0x41c/0x7b0
[  252.627770][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  252.634202][   T30]  ? __pfx_kjournald2+0x10/0x10
[  252.649931][   T30]  ? __pfx_autoremove_wake_function+0x10/0x10
[  252.656110][   T30]  ? __kthread_parkme+0x169/0x1d0
[  252.665755][   T30]  ? __pfx_kjournald2+0x10/0x10
[  252.674606][   T30]  kthread+0x2f0/0x390
[  252.682602][   T30]  ? __pfx_kjournald2+0x10/0x10
[  252.693502][   T30]  ? __pfx_kthread+0x10/0x10
[  252.702068][   T30]  ret_from_fork+0x4b/0x80
[  252.710480][   T30]  ? __pfx_kthread+0x10/0x10
[  252.715137][   T30]  ret_from_fork_asm+0x1a/0x30
[  252.723968][   T30]  </TASK>
[  252.731137][   T30] INFO: task dhcpcd:4897 blocked for more than 145 seconds.
[  252.742776][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  252.756365][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  252.769980][   T30] task:dhcpcd          state:D stack:23632 pid:4897  tgid:4897  ppid:1      flags:0x00000002
[  252.784271][   T30] Call Trace:
[  252.791418][   T30]  <TASK>
[  252.794412][   T30]  __schedule+0x1895/0x4b30
[  252.803033][   T30]  ? __pfx___schedule+0x10/0x10
[  252.816270][   T30]  ? __pfx_lock_release+0x10/0x10
[  252.825570][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  252.834958][   T30]  ? schedule+0x90/0x320
[  252.843135][   T30]  schedule+0x14b/0x320
[  252.852627][   T30]  schedule_preempt_disabled+0x13/0x30
[  252.862180][   T30]  __mutex_lock+0x6a7/0xd70
[  252.870597][   T30]  ? __mutex_lock+0x52a/0xd70
[  252.875370][   T30]  ? vlan_ioctl_handler+0x112/0x9d0
[  252.886909][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  252.892025][   T30]  ? __might_fault+0xc6/0x120
[  252.911142][   T30]  vlan_ioctl_handler+0x112/0x9d0
[  252.916264][   T30]  ? sock_ioctl+0x661/0x8e0
[  252.925902][   T30]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[  252.938841][   T30]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[  252.944488][   T30]  sock_ioctl+0x680/0x8e0
[  252.957561][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  252.962807][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  252.974099][   T30]  __se_sys_ioctl+0xf9/0x170
[  252.980332][   T30]  do_syscall_64+0xf3/0x230
[  252.985447][   T30]  ? clear_bhb_loop+0x35/0x90
[  252.996542][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.002523][   T30] RIP: 0033:0x7f490f1b8d49
[  253.013608][   T30] RSP: 002b:00007fff8497a968 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  253.022512][   T30] RAX: ffffffffffffffda RBX: 000056056b2056d0 RCX: 00007f490f1b8d49
[  253.036509][   T30] RDX: 00007fff8497a970 RSI: 0000000000008982 RDI: 0000000000000011
[  253.044565][   T30] RBP: 0000000000000002 R08: 0000000000000008 R09: 0000000000000000
[  253.062786][   T30] R10: 00007fff8498aff0 R11: 0000000000000246 R12: 00007fff8497a970
[  253.074195][   T30] R13: 00007fff8497aa30 R14: 000056056b2056d0 R15: 000056056b204c20
[  253.087801][   T30]  </TASK>
[  253.091181][   T30] INFO: task kworker/0:6:5282 blocked for more than 145 seconds.
[  253.105404][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  253.122841][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  253.133731][   T30] task:kworker/0:6     state:D stack:21072 pid:5282  tgid:5282  ppid:2      flags:0x00004000
[  253.151651][   T30] Workqueue: events_power_efficient crda_timeout_work
[  253.160910][   T30] Call Trace:
[  253.164256][   T30]  <TASK>
[  253.175103][   T30]  __schedule+0x1895/0x4b30
[  253.182341][   T30]  ? __pfx___schedule+0x10/0x10
[  253.193701][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  253.201394][   T30]  ? __pfx_lock_release+0x10/0x10
[  253.212757][   T30]  ? kick_pool+0x1bd/0x620
[  253.218854][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  253.224129][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  253.236607][   T30]  ? schedule+0x90/0x320
[  253.240940][   T30]  schedule+0x14b/0x320
[  253.245169][   T30]  schedule_preempt_disabled+0x13/0x30
[  253.257975][   T30]  __mutex_lock+0x6a7/0xd70
[  253.263296][   T30]  ? __mutex_lock+0x52a/0xd70
[  253.274642][   T30]  ? crda_timeout_work+0x15/0x50
[  253.282008][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  253.293534][   T30]  ? process_scheduled_works+0x976/0x1850
[  253.303918][   T30]  crda_timeout_work+0x15/0x50
[  253.313831][   T30]  process_scheduled_works+0xa63/0x1850
[  253.322276][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  253.333439][   T30]  ? assign_work+0x364/0x3d0
[  253.341040][   T30]  worker_thread+0x870/0xd30
[  253.345720][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  253.361196][   T30]  ? __kthread_parkme+0x169/0x1d0
[  253.366325][   T30]  ? __pfx_worker_thread+0x10/0x10
[  253.375894][   T30]  kthread+0x2f0/0x390
[  253.385550][   T30]  ? __pfx_worker_thread+0x10/0x10
[  253.393515][   T30]  ? __pfx_kthread+0x10/0x10
[  253.403675][   T30]  ret_from_fork+0x4b/0x80
[  253.413587][   T30]  ? __pfx_kthread+0x10/0x10
[  253.423305][   T30]  ret_from_fork_asm+0x1a/0x30
[  253.431035][   T30]  </TASK>
[  253.434292][   T30] INFO: task syz.3.84:5545 blocked for more than 145 seconds.
[  253.446513][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  253.454214][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  253.470897][   T30] task:syz.3.84        state:D stack:23552 pid:5545  tgid:5541  ppid:5247   flags:0x00004006
[  253.485404][   T30] Call Trace:
[  253.494437][   T30]  <TASK>
[  253.500239][   T30]  __schedule+0x1895/0x4b30
[  253.504841][   T30]  ? __pfx___schedule+0x10/0x10
[  253.515474][   T30]  ? __pfx_lock_release+0x10/0x10
[  253.523367][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  253.535304][   T30]  ? schedule+0x90/0x320
[  253.542391][   T30]  schedule+0x14b/0x320
[  253.551580][   T30]  schedule_preempt_disabled+0x13/0x30
[  253.560095][   T30]  __mutex_lock+0x6a7/0xd70
[  253.564703][   T30]  ? __mutex_lock+0x52a/0xd70
[  253.576639][   T30]  ? tun_chr_close+0x3b/0x1b0
[  253.581413][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  253.594884][   T30]  ? __pfx_call_rcu+0x10/0x10
[  253.600053][   T30]  tun_chr_close+0x3b/0x1b0
[  253.604616][   T30]  ? __pfx_tun_chr_close+0x10/0x10
[  253.617494][   T30]  __fput+0x23f/0x880
[  253.621573][   T30]  task_work_run+0x24f/0x310
[  253.626213][   T30]  ? kasan_quarantine_put+0xdc/0x230
[  253.638521][   T30]  ? __pfx_task_work_run+0x10/0x10
[  253.643727][   T30]  ? do_exit+0xa2a/0x28e0
[  253.655189][   T30]  ? kmem_cache_free+0x1a2/0x420
[  253.662921][   T30]  ? do_exit+0xa2a/0x28e0
[  253.672951][   T30]  do_exit+0xa2f/0x28e0
[  253.680002][   T30]  ? __pfx_do_exit+0x10/0x10
[  253.684660][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  253.695127][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  253.704824][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  253.715167][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  253.726258][   T30]  do_group_exit+0x207/0x2c0
[  253.735287][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  253.744508][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  253.753631][   T30]  get_signal+0x16a3/0x1740
[  253.762109][   T30]  ? __pfx_get_signal+0x10/0x10
[  253.771109][   T30]  arch_do_signal_or_restart+0x96/0x860
[  253.783074][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  253.792984][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  253.804158][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  253.812668][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  253.823323][   T30]  do_syscall_64+0x100/0x230
[  253.832295][   T30]  ? clear_bhb_loop+0x35/0x90
[  253.842510][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.854161][   T30] RIP: 0033:0x7ffa95f7dff9
[  253.863665][   T30] RSP: 002b:00007ffa96ccf038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  253.875585][   T30] RAX: 0000000000010106 RBX: 00007ffa96136058 RCX: 00007ffa95f7dff9
[  253.889913][   T30] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003
[  253.903546][   T30] RBP: 00007ffa95ff0296 R08: 0000000000000000 R09: 0000000000000000
[  253.914394][   T30] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  253.926804][   T30] R13: 0000000000000001 R14: 00007ffa96136058 R15: 00007ffa9625fa28
[  253.934886][   T30]  </TASK>
[  253.953325][   T30] INFO: task syz.4.90:5569 blocked for more than 146 seconds.
[  253.963618][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  253.978568][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  253.993742][   T30] task:syz.4.90        state:D stack:25232 pid:5569  tgid:5566  ppid:5244   flags:0x00000004
[  254.007601][   T30] Call Trace:
[  254.010940][   T30]  <TASK>
[  254.013915][   T30]  __schedule+0x1895/0x4b30
[  254.026649][   T30]  ? __pfx___schedule+0x10/0x10
[  254.031631][   T30]  ? __pfx_lock_release+0x10/0x10
[  254.044367][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  254.050343][   T30]  ? schedule+0x90/0x320
[  254.054670][   T30]  schedule+0x14b/0x320
[  254.066814][   T30]  schedule_preempt_disabled+0x13/0x30
[  254.072377][   T30]  __mutex_lock+0x6a7/0xd70
[  254.083979][   T30]  ? __mutex_lock+0x52a/0xd70
[  254.090318][   T30]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  254.095510][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  254.107044][   T30]  rtnetlink_rcv_msg+0x6e6/0xcf0
[  254.112067][   T30]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  254.125927][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  254.132064][   T30]  ? ref_tracker_free+0x643/0x7e0
[  254.144743][   T30]  netlink_rcv_skb+0x1e3/0x430
[  254.149755][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  254.155283][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  254.168310][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  254.173608][   T30]  netlink_unicast+0x7f6/0x990
[  254.188980][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  254.194371][   T30]  ? __virt_addr_valid+0x183/0x530
[  254.204186][   T30]  ? __check_object_size+0x48e/0x900
[  254.213787][   T30]  netlink_sendmsg+0x8e4/0xcb0
[  254.222554][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.232974][   T30]  ? aa_sock_msg_perm+0x91/0x160
[  254.241927][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.256668][   T30]  __sock_sendmsg+0x221/0x270
[  254.261464][   T30]  ____sys_sendmsg+0x52a/0x7e0
[  254.266314][   T30]  ? __pfx_____sys_sendmsg+0x10/0x10
[  254.278601][   T30]  __sys_sendmsg+0x292/0x380
[  254.284050][   T30]  ? __pfx___sys_sendmsg+0x10/0x10
[  254.296211][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  254.306576][   T30]  ? do_syscall_64+0x100/0x230
[  254.311416][   T30]  ? do_syscall_64+0xb6/0x230
[  254.316159][   T30]  do_syscall_64+0xf3/0x230
[  254.327576][   T30]  ? clear_bhb_loop+0x35/0x90
[  254.332333][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.347141][   T30] RIP: 0033:0x7ff728d7dff9
[  254.351638][   T30] RSP: 002b:00007ff7287ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  254.366558][   T30] RAX: ffffffffffffffda RBX: 00007ff728f35f80 RCX: 00007ff728d7dff9
[  254.374627][   T30] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 000000000000000c
[  254.391475][   T30] RBP: 00007ff728df0296 R08: 0000000000000000 R09: 0000000000000000
[  254.404001][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  254.422187][   T30] R13: 0000000000000000 R14: 00007ff728f35f80 R15: 00007ff72905fa28
[  254.431845][   T30]  </TASK>
[  254.434998][   T30] INFO: task syz.4.90:5574 blocked for more than 146 seconds.
[  254.448240][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  254.456114][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  254.472055][   T30] task:syz.4.90        state:D stack:26032 pid:5574  tgid:5566  ppid:5244   flags:0x00000004
[  254.484038][   T30] Call Trace:
[  254.494461][   T30]  <TASK>
[  254.499138][   T30]  __schedule+0x1895/0x4b30
[  254.503756][   T30]  ? __pfx___schedule+0x10/0x10
[  254.520077][   T30]  ? __pfx_lock_release+0x10/0x10
[  254.525222][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  254.534804][   T30]  ? schedule+0x90/0x320
[  254.543107][   T30]  schedule+0x14b/0x320
[  254.551357][   T30]  schedule_preempt_disabled+0x13/0x30
[  254.560938][   T30]  __mutex_lock+0x6a7/0xd70
[  254.565585][   T30]  ? __mutex_lock+0x52a/0xd70
[  254.576324][   T30]  ? dev_ethtool+0x21e/0x1bc0
[  254.585156][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  254.594888][   T30]  ? __kasan_kmalloc+0x98/0xb0
[  254.603642][   T30]  ? dev_ethtool+0x145/0x1bc0
[  254.612330][   T30]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[  254.622824][   T30]  dev_ethtool+0x21e/0x1bc0
[  254.632723][   T30]  ? dev_load+0x21/0x1f0
[  254.641046][   T30]  ? __pfx_dev_ethtool+0x10/0x10
[  254.646057][   T30]  ? kfree+0x1a0/0x440
[  254.661658][   T30]  ? dev_load+0x21/0x1f0
[  254.665987][   T30]  dev_ioctl+0x785/0x1340
[  254.673175][   T30]  sock_do_ioctl+0x240/0x460
[  254.682923][   T30]  ? __pfx_sock_do_ioctl+0x10/0x10
[  254.692349][   T30]  sock_ioctl+0x626/0x8e0
[  254.702384][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  254.708878][   T30]  ? __fget_files+0x29/0x470
[  254.713982][   T30]  ? __fget_files+0x3f3/0x470
[  254.725307][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  254.732283][   T30]  __se_sys_ioctl+0xf9/0x170
[  254.744887][   T30]  do_syscall_64+0xf3/0x230
[  254.751004][   T30]  ? clear_bhb_loop+0x35/0x90
[  254.755751][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.766536][   T30] RIP: 0033:0x7ff728d7dff9
[  254.771022][   T30] RSP: 002b:00007ff7287de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  254.786658][   T30] RAX: ffffffffffffffda RBX: 00007ff728f36058 RCX: 00007ff728d7dff9
[  254.795468][   T30] RDX: 0000000020000000 RSI: 0000000000008946 RDI: 000000000000000b
[  254.808345][   T30] RBP: 00007ff728df0296 R08: 0000000000000000 R09: 0000000000000000
[  254.826960][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  254.835010][   T30] R13: 0000000000000001 R14: 00007ff728f36058 R15: 00007ff72905fa28
[  254.855414][   T30]  </TASK>
[  254.860361][   T30] INFO: task syz.1.92:5588 blocked for more than 147 seconds.
[  254.875285][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  254.883461][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  254.896593][   T30] task:syz.1.92        state:D stack:25184 pid:5588  tgid:5582  ppid:5243   flags:0x00000004
[  254.915910][   T30] Call Trace:
[  254.919636][   T30]  <TASK>
[  254.922619][   T30]  __schedule+0x1895/0x4b30
[  254.930083][   T30]  ? __pfx___schedule+0x10/0x10
[  254.935027][   T30]  ? __pfx_lock_release+0x10/0x10
[  254.945772][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  254.953375][   T30]  ? schedule+0x90/0x320
[  254.963904][   T30]  schedule+0x14b/0x320
[  254.977413][   T30]  schedule_preempt_disabled+0x13/0x30
[  254.982963][   T30]  __mutex_lock+0x6a7/0xd70
[  254.995086][   T30]  ? __mutex_lock+0x52a/0xd70
[  255.000933][   T30]  ? nl80211_pre_doit+0x5f/0x8b0
[  255.005950][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  255.016957][   T30]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  255.025603][   T30]  ? __nla_parse+0x40/0x60
[  255.036569][   T30]  nl80211_pre_doit+0x5f/0x8b0
[  255.041431][   T30]  genl_rcv_msg+0xaaa/0xec0
[  255.045987][   T30]  ? mark_lock+0x9a/0x360
[  255.057672][   T30]  ? __pfx_genl_rcv_msg+0x10/0x10
[  255.063096][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  255.074725][   T30]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  255.081790][   T30]  ? __pfx_nl80211_new_key+0x10/0x10
[  255.094998][   T30]  ? __pfx_nl80211_post_doit+0x10/0x10
[  255.102856][   T30]  ? __pfx___might_resched+0x10/0x10
[  255.114512][   T30]  netlink_rcv_skb+0x1e3/0x430
[  255.120943][   T30]  ? __pfx_genl_rcv_msg+0x10/0x10
[  255.126044][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  255.140693][   T30]  ? __netlink_deliver_tap+0x77e/0x7c0
[  255.146268][   T30]  genl_rcv+0x28/0x40
[  255.154378][   T30]  netlink_unicast+0x7f6/0x990
[  255.164463][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  255.173101][   T30]  ? __virt_addr_valid+0x183/0x530
[  255.183490][   T30]  ? __check_object_size+0x48e/0x900
[  255.191619][   T30]  netlink_sendmsg+0x8e4/0xcb0
[  255.201607][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.211925][   T30]  ? aa_sock_msg_perm+0x91/0x160
[  255.222004][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.230795][   T30]  __sock_sendmsg+0x221/0x270
[  255.235561][   T30]  ____sys_sendmsg+0x52a/0x7e0
[  255.245612][   T30]  ? __pfx_____sys_sendmsg+0x10/0x10
[  255.253807][   T30]  __sys_sendmsg+0x292/0x380
[  255.265333][   T30]  ? __pfx___sys_sendmsg+0x10/0x10
[  255.273294][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  255.285234][   T30]  ? call_rcu+0x731/0xa70
[  255.292543][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  255.303967][   T30]  ? do_syscall_64+0x100/0x230
[  255.312252][   T30]  ? do_syscall_64+0xb6/0x230
[  255.324111][   T30]  do_syscall_64+0xf3/0x230
[  255.331933][   T30]  ? clear_bhb_loop+0x35/0x90
[  255.341741][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.350499][   T30] RIP: 0033:0x7ff56cf7dff9
[  255.355070][   T30] RSP: 002b:00007ff56dcc0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  255.371736][   T30] RAX: ffffffffffffffda RBX: 00007ff56d136130 RCX: 00007ff56cf7dff9
[  255.383431][   T30] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000008
[  255.396863][   T30] RBP: 00007ff56cff0296 R08: 0000000000000000 R09: 0000000000000000
[  255.404994][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  255.420977][   T30] R13: 0000000000000000 R14: 00007ff56d136130 R15: 00007ff56d25fa28
[  255.434525][   T30]  </TASK>
[  255.442953][   T30] INFO: task syz.2.93:5587 blocked for more than 147 seconds.
[  255.455033][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  255.467993][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  255.481871][   T30] task:syz.2.93        state:D stack:26392 pid:5587  tgid:5584  ppid:5248   flags:0x00000004
[  255.496365][   T30] Call Trace:
[  255.504835][   T30]  <TASK>
[  255.511535][   T30]  __schedule+0x1895/0x4b30
[  255.516160][   T30]  ? __pfx___schedule+0x10/0x10
[  255.525590][   T30]  ? __pfx_lock_release+0x10/0x10
[  255.533706][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  255.544865][   T30]  ? schedule+0x90/0x320
[  255.553288][   T30]  schedule+0x14b/0x320
[  255.562596][   T30]  schedule_preempt_disabled+0x13/0x30
[  255.570868][   T30]  __mutex_lock+0x6a7/0xd70
[  255.575452][   T30]  ? __mutex_lock+0x52a/0xd70
[  255.584223][   T30]  ? raw_bind+0x99/0x770
[  255.594803][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  255.603974][   T30]  ? aa_sk_perm+0x96d/0xab0
[  255.614812][   T30]  ? __pfx_aa_sk_perm+0x10/0x10
[  255.622568][   T30]  ? __might_fault+0xaa/0x120
[  255.632509][   T30]  raw_bind+0x99/0x770
[  255.639489][   T30]  __sys_bind+0x22d/0x2d0
[  255.643900][   T30]  ? __pfx___sys_bind+0x10/0x10
[  255.654534][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  255.663730][   T30]  ? do_syscall_64+0x100/0x230
[  255.673565][   T30]  __x64_sys_bind+0x7a/0x90
[  255.682159][   T30]  do_syscall_64+0xf3/0x230
[  255.692211][   T30]  ? clear_bhb_loop+0x35/0x90
[  255.699826][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.705802][   T30] RIP: 0033:0x7fe38837dff9
[  255.715385][   T30] RSP: 002b:00007fe389122038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  255.728037][   T30] RAX: ffffffffffffffda RBX: 00007fe388535f80 RCX: 00007fe38837dff9
[  255.736093][   T30] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000006
[  255.753672][   T30] RBP: 00007fe3883f0296 R08: 0000000000000000 R09: 0000000000000000
[  255.763380][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  255.776603][   T30] R13: 0000000000000000 R14: 00007fe388535f80 R15: 00007fe38865fa28
[  255.784680][   T30]  </TASK>
[  255.795892][   T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  255.805479][   T30] INFO: task syz.2.93:5589 blocked for more than 148 seconds.
[  255.816579][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  255.831631][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  255.844455][   T30] task:syz.2.93        state:D stack:27392 pid:5589  tgid:5584  ppid:5248   flags:0x00000004
[  255.861667][   T30] Call Trace:
[  255.865018][   T30]  <TASK>
[  255.869825][   T30]  __schedule+0x1895/0x4b30
[  255.874495][   T30]  ? __pfx___schedule+0x10/0x10
[  255.886435][   T30]  ? __pfx_lock_release+0x10/0x10
[  255.893112][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  255.906813][   T30]  ? schedule+0x90/0x320
[  255.911149][   T30]  schedule+0x14b/0x320
[  255.915379][   T30]  schedule_preempt_disabled+0x13/0x30
[  255.927235][   T30]  __mutex_lock+0x6a7/0xd70
[  255.931838][   T30]  ? __mutex_lock+0x52a/0xd70
[  255.945099][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  255.952544][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  255.966520][   T30]  ? raw_setsockopt+0xe6d/0x1a80
[  255.971551][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  255.988186][   T30]  ? __might_fault+0xc6/0x120
[  255.992951][   T30]  ? _copy_from_user+0xa6/0xe0
[  256.004848][   T30]  raw_setsockopt+0xe6d/0x1a80
[  256.016528][   T30]  ? __pfx_raw_setsockopt+0x10/0x10
[  256.021820][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  256.038261][   T30]  ? aa_sock_opt_perm+0x79/0x120
[  256.043298][   T30]  ? __pfx_raw_setsockopt+0x10/0x10
[  256.056640][   T30]  do_sock_setsockopt+0x3af/0x720
[  256.061776][   T30]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  256.075678][   T30]  ? __fget_files+0x29/0x470
[  256.081887][   T30]  ? __fget_files+0x3f3/0x470
[  256.094484][   T30]  ? __fget_files+0x29/0x470
[  256.099507][   T30]  __sys_setsockopt+0x1a2/0x250
[  256.104427][   T30]  __x64_sys_setsockopt+0xb5/0xd0
[  256.116909][   T30]  do_syscall_64+0xf3/0x230
[  256.121490][   T30]  ? clear_bhb_loop+0x35/0x90
[  256.133542][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.141197][   T30] RIP: 0033:0x7fe38837dff9
[  256.145682][   T30] RSP: 002b:00007fe389101038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  256.162388][   T30] RAX: ffffffffffffffda RBX: 00007fe388536058 RCX: 00007fe38837dff9
[  256.171860][   T30] RDX: 0000000000000001 RSI: 0000000000000065 RDI: 0000000000000006
[  256.186826][   T30] RBP: 00007fe3883f0296 R08: 0000000000000018 R09: 0000000000000000
[  256.194877][   T30] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
[  256.212183][   T30] R13: 0000000000000001 R14: 00007fe388536058 R15: 00007fe38865fa28
[  256.224183][   T30]  </TASK>
[  256.231953][   T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  256.245153][   T30] INFO: task syz.2.93:5590 blocked for more than 148 seconds.
[  256.263492][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  256.274018][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  256.291154][   T30] task:syz.2.93        state:D stack:27392 pid:5590  tgid:5584  ppid:5248   flags:0x00000004
[  256.304290][   T30] Call Trace:
[  256.312901][   T30]  <TASK>
[  256.315926][   T30]  __schedule+0x1895/0x4b30
[  256.325688][   T30]  ? __pfx___schedule+0x10/0x10
[  256.336579][   T30]  ? __pfx_lock_release+0x10/0x10
[  256.341725][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  256.353683][   T30]  ? schedule+0x90/0x320
[  256.359108][   T30]  schedule+0x14b/0x320
[  256.363349][   T30]  schedule_preempt_disabled+0x13/0x30
[  256.376537][   T30]  __mutex_lock+0x6a7/0xd70
[  256.381229][   T30]  ? __mutex_lock+0x52a/0xd70
[  256.385962][   T30]  ? raw_bind+0x99/0x770
[  256.399116][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  256.404226][   T30]  ? aa_sk_perm+0x96d/0xab0
[  256.417163][   T30]  ? __pfx_aa_sk_perm+0x10/0x10
[  256.422094][   T30]  ? __might_fault+0xaa/0x120
[  256.433588][   T30]  raw_bind+0x99/0x770
[  256.441322][   T30]  __sys_bind+0x22d/0x2d0
[  256.445748][   T30]  ? __pfx___sys_bind+0x10/0x10
[  256.456325][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  256.465701][   T30]  ? do_syscall_64+0x100/0x230
[  256.475711][   T30]  __x64_sys_bind+0x7a/0x90
[  256.483120][   T30]  do_syscall_64+0xf3/0x230
[  256.495772][   T30]  ? clear_bhb_loop+0x35/0x90
[  256.500698][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.514634][   T30] RIP: 0033:0x7fe38837dff9
[  256.519514][   T30] RSP: 002b:00007fe3890e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  256.536154][   T30] RAX: ffffffffffffffda RBX: 00007fe388536130 RCX: 00007fe38837dff9
[  256.546128][   T30] RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000007
[  256.562224][   T30] RBP: 00007fe3883f0296 R08: 0000000000000000 R09: 0000000000000000
[  256.572151][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  256.586424][   T30] R13: 0000000000000000 R14: 00007fe388536130 R15: 00007fe38865fa28
[  256.596071][   T30]  </TASK>
[  256.606644][   T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  256.623180][   T30] INFO: task syz.2.93:5591 blocked for more than 149 seconds.
[  256.631293][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  256.646636][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  256.655378][   T30] task:syz.2.93        state:D stack:27392 pid:5591  tgid:5584  ppid:5248   flags:0x00000004
[  256.674222][   T30] Call Trace:
[  256.678033][   T30]  <TASK>
[  256.681043][   T30]  __schedule+0x1895/0x4b30
[  256.685663][   T30]  ? __pfx___schedule+0x10/0x10
[  256.696603][   T30]  ? __pfx_lock_release+0x10/0x10
[  256.701724][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  256.716369][   T30]  ? schedule+0x90/0x320
[  256.721146][   T30]  schedule+0x14b/0x320
[  256.725383][   T30]  schedule_preempt_disabled+0x13/0x30
[  256.737094][   T30]  __mutex_lock+0x6a7/0xd70
[  256.744583][   T30]  ? __mutex_lock+0x52a/0xd70
[  256.754514][   T30]  ? raw_setsockopt+0xe6d/0x1a80
[  256.762408][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  256.771822][   T30]  raw_setsockopt+0xe6d/0x1a80
[  256.782549][   T30]  ? __pfx_raw_setsockopt+0x10/0x10
[  256.790548][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  256.795666][   T30]  ? aa_sock_opt_perm+0x79/0x120
[  256.805917][   T30]  ? __pfx_raw_setsockopt+0x10/0x10
[  256.814003][   T30]  do_sock_setsockopt+0x3af/0x720
[  256.824186][   T30]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  256.832689][   T30]  ? __fget_files+0x29/0x470
[  256.843023][   T30]  ? __fget_files+0x3f3/0x470
[  256.852621][   T30]  ? __fget_files+0x29/0x470
[  256.860058][   T30]  __sys_setsockopt+0x1a2/0x250
[  256.865109][   T30]  __x64_sys_setsockopt+0xb5/0xd0
[  256.875901][   T30]  do_syscall_64+0xf3/0x230
[  256.883273][   T30]  ? clear_bhb_loop+0x35/0x90
[  256.893016][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.903280][   T30] RIP: 0033:0x7fe38837dff9
[  256.913195][   T30] RSP: 002b:00007fe3890bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  256.924564][   T30] RAX: ffffffffffffffda RBX: 00007fe388536208 RCX: 00007fe38837dff9
[  256.936636][   T30] RDX: 0000000000000001 RSI: 0000000000000065 RDI: 0000000000000007
[  256.953751][   T30] RBP: 00007fe3883f0296 R08: 0000000000000000 R09: 0000000000000000
[  256.963479][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  256.979576][   T30] R13: 0000000000000001 R14: 00007fe388536208 R15: 00007fe38865fa28
[  256.991556][   T30]  </TASK>
[  256.994645][   T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  257.009554][   T30] INFO: task syz-executor:5599 blocked for more than 149 seconds.
[  257.023810][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  257.033156][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  257.048071][   T30] task:syz-executor    state:D stack:26816 pid:5599  tgid:5599  ppid:1      flags:0x00004004
[  257.075943][   T30] Call Trace:
[  257.079804][   T30]  <TASK>
[  257.082794][   T30]  __schedule+0x1895/0x4b30
[  257.093919][   T30]  ? __pfx___schedule+0x10/0x10
[  257.099226][   T30]  ? __pfx_lock_release+0x10/0x10
[  257.104329][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  257.116587][   T30]  ? schedule+0x90/0x320
[  257.120927][   T30]  schedule+0x14b/0x320
[  257.125149][   T30]  schedule_preempt_disabled+0x13/0x30
[  257.140196][   T30]  __mutex_lock+0x6a7/0xd70
[  257.144808][   T30]  ? __mutex_lock+0x52a/0xd70
[  257.159747][   T30]  ? register_nexthop_notifier+0x84/0x290
[  257.165575][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  257.179153][   T30]  ? __asan_memset+0x23/0x50
[  257.184464][   T30]  register_nexthop_notifier+0x84/0x290
[  257.199146][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  257.205150][   T30]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  257.216641][   T30]  ? __pfx_register_nexthop_notifier+0x10/0x10
[  257.222915][   T30]  ? __asan_memset+0x23/0x50
[  257.235259][   T30]  ops_init+0x31e/0x590
[  257.241202][   T30]  ? lockdep_init_map_type+0xa1/0x910
[  257.252353][   T30]  setup_net+0x287/0x9e0
[  257.259721][   T30]  ? __pfx_down_read_killable+0x10/0x10
[  257.265354][   T30]  ? __pfx_setup_net+0x10/0x10
[  257.276251][   T30]  copy_net_ns+0x33f/0x570
[  257.283958][   T30]  create_new_namespaces+0x425/0x7b0
[  257.294621][   T30]  unshare_nsproxy_namespaces+0x124/0x180
[  257.304519][   T30]  ksys_unshare+0x57d/0xa70
[  257.314131][   T30]  ? __pfx_ksys_unshare+0x10/0x10
[  257.321981][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  257.333633][   T30]  ? do_syscall_64+0x100/0x230
[  257.341298][   T30]  __x64_sys_unshare+0x38/0x40
[  257.346143][   T30]  do_syscall_64+0xf3/0x230
[  257.356583][   T30]  ? clear_bhb_loop+0x35/0x90
[  257.361378][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.375554][   T30] RIP: 0033:0x7f44f1d7f7f7
[  257.380966][   T30] RSP: 002b:00007f44f205ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[  257.396574][   T30] RAX: ffffffffffffffda RBX: 00007f44f1df1a85 RCX: 00007f44f1d7f7f7
[  257.404645][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[  257.422170][   T30] RBP: 0000000000000000 R08: 00007f44f2a67d60 R09: 0000000000000000
[  257.434166][   T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c
[  257.446165][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  257.459240][   T30]  </TASK>
[  257.462432][   T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  257.476675][   T30] INFO: task syz-executor:5601 blocked for more than 149 seconds.
[  257.491701][   T30]       Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  257.501604][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  257.516641][   T30] task:syz-executor    state:D stack:26592 pid:5601  tgid:5601  ppid:1      flags:0x00004004
[  257.536532][   T30] Call Trace:
[  257.539892][   T30]  <TASK>
[  257.542868][   T30]  __schedule+0x1895/0x4b30
[  257.554265][   T30]  ? __pfx___schedule+0x10/0x10
[  257.560304][   T30]  ? __pfx_lock_release+0x10/0x10
[  257.565402][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  257.576962][   T30]  ? schedule+0x90/0x320
[  257.581283][   T30]  schedule+0x14b/0x320
[  257.594274][   T30]  schedule_preempt_disabled+0x13/0x30
[  257.601385][   T30]  __mutex_lock+0x6a7/0xd70
[  257.605954][   T30]  ? __mutex_lock+0x52a/0xd70
[  257.619561][   T30]  ? register_nexthop_notifier+0x84/0x290
[  257.625369][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  257.635814][   T30]  ? __asan_memset+0x23/0x50
[  257.643214][   T30]  register_nexthop_notifier+0x84/0x290
[  257.653831][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  257.664556][   T30]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  257.676009][   T30]  ? __pfx_register_nexthop_notifier+0x10/0x10
[  257.685488][   T30]  ? __asan_memset+0x23/0x50
[  257.695349][   T30]  ops_init+0x31e/0x590
[  257.702265][   T30]  ? lockdep_init_map_type+0xa1/0x910
[  257.714914][   T30]  setup_net+0x287/0x9e0
[  257.722386][   T30]  ? __pfx_down_read_killable+0x10/0x10
[  257.733083][   T30]  ? __pfx_setup_net+0x10/0x10
[  257.740675][   T30]  copy_net_ns+0x33f/0x570
[  257.745177][   T30]  create_new_namespaces+0x425/0x7b0
[  257.755695][   T30]  unshare_nsproxy_namespaces+0x124/0x180
[  257.771853][   T30]  ksys_unshare+0x57d/0xa70
[  257.776980][   T30]  ? __pfx_ksys_unshare+0x10/0x10
[  257.782074][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  257.796716][   T30]  ? do_syscall_64+0x100/0x230
[  257.801591][   T30]  __x64_sys_unshare+0x38/0x40
[  257.806426][   T30]  do_syscall_64+0xf3/0x230
[  257.818852][   T30]  ? clear_bhb_loop+0x35/0x90
[  257.823588][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.836507][   T30] RIP: 0033:0x7f9393f7f7f7
[  257.841008][   T30] RSP: 002b:00007f939425ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[  257.858005][   T30] RAX: ffffffffffffffda RBX: 00007f9393ff1a85 RCX: 00007f9393f7f7f7
[  257.866106][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[  257.881849][   T30] RBP: 0000000000000000 R08: 00007f9394c67d60 R09: 0000000000000000
[  257.893338][   T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c
[  257.906413][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  257.922253][   T30]  </TASK>
[  257.925445][   T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  257.944962][   T30] 
[  257.944962][   T30] Showing all locks held in the system:
[  257.955020][   T30] 1 lock held by khungtaskd/30:
[  257.967482][   T30]  #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  257.984345][   T30] 4 locks held by kworker/u8:2/35:
[  257.991145][   T30]  #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  258.011550][   T30]  #1: ffffc90000ab7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  258.026410][   T30]  #2: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  258.036114][   T30]  #3: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2c0
[  258.053821][   T30] 3 locks held by kworker/1:1/46:
[  258.059130][   T30] 3 locks held by kworker/u8:5/1065:
[  258.064490][   T30]  #0: ffff88814bada948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  258.086243][   T30]  #1: ffffc90004247d00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  258.118178][   T30]  #2: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[  258.134529][   T30] 3 locks held by kworker/u8:7/3037:
[  258.140295][   T30]  #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  258.156517][   T30]  #1: ffffc9000a3b7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  258.178290][   T30]  #2: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  258.193035][   T30] 2 locks held by dhcpcd/4897:
[  258.201100][   T30]  #0: ffffffff8fcb76a8 (vlan_ioctl_mutex){+.+.}-{3:3}, at: sock_ioctl+0x661/0x8e0
[  258.215843][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: vlan_ioctl_handler+0x112/0x9d0
[  258.228265][   T30] 2 locks held by getty/4985:
[  258.233001][   T30]  #0: ffff88802e43c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  258.246743][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  258.264840][   T30] 3 locks held by kworker/0:5/5281:
[  258.270622][   T30]  #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  258.292986][   T30]  #1: ffffc90003f17d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  258.314058][   T30]  #2: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0
[  258.325427][   T30] 3 locks held by kworker/0:6/5282:
[  258.338769][   T30]  #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  258.356612][   T30]  #1: ffffc90003f27d00 ((crda_timeout).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  258.374300][   T30]  #2: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: crda_timeout_work+0x15/0x50
[  258.384936][   T30] 3 locks held by kworker/1:5/5304:
[  258.398203][   T30] 6 locks held by kworker/1:7/5329:
[  258.403517][   T30] 1 lock held by syz.3.84/5545:
[  258.416041][   T30]  #0: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  258.428524][   T30] 7 locks held by syz-executor/5551:
[  258.433878][   T30]  #0: ffff8880327ba420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x224/0xc90
[  258.448362][   T30]  #1: ffff888031f02088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1ea/0x500
[  258.465774][   T30]  #2: ffff888143f49878 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500
[  258.478853][   T30]  #3: ffffffff8f570c68 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  258.496536][   T30]  #4: ffff8880621480e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[  258.517032][   T30]  #5: ffff88806214c250 (&devlink->lock_key#5){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160
[  258.534837][   T30]  #6: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0
[  258.544729][   T30] 1 lock held by syz.4.90/5569:
[  258.556800][   T30]  #0: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  258.566332][   T30] 1 lock held by syz.4.90/5574:
[  258.581570][   T30]  #0: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: dev_ethtool+0x21e/0x1bc0
[  258.595539][   T30] 2 locks held by syz.1.92/5588:
[  258.604473][   T30]  #0: ffffffff8fd388f0 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  258.617457][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5f/0x8b0
[  258.634859][   T30] 1 lock held by syz.2.93/5587:
[  258.641296][   T30]  #0: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: raw_bind+0x99/0x770
[  258.656870][   T30] 1 lock held by syz.2.93/5589:
[  258.661777][   T30]  #0: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: raw_setsockopt+0xe6d/0x1a80
[  258.677916][   T30] 1 lock held by syz.2.93/5590:
[  258.682828][   T30]  #0: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: raw_bind+0x99/0x770
[  258.701349][   T30] 1 lock held by syz.2.93/5591:
[  258.707428][   T30]  #0: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: raw_setsockopt+0xe6d/0x1a80
[  258.724161][   T30] 2 locks held by syz-executor/5599:
[  258.730122][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  258.746504][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  258.766297][   T30] 2 locks held by syz-executor/5601:
[  258.772086][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  258.786506][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  258.805499][   T30] 2 locks held by syz-executor/5609:
[  258.811386][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  258.829003][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  258.844327][   T30] 2 locks held by syz-executor/5610:
[  258.852390][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  258.871284][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  258.884540][   T30] 2 locks held by syz-executor/5615:
[  258.895752][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  258.908194][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  258.925887][   T30] 2 locks held by syz-executor/5620:
[  258.934064][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  258.948762][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  258.964037][   T30] 2 locks held by syz-executor/5623:
[  258.972698][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  258.986525][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  259.004311][   T30] 2 locks held by syz-executor/5631:
[  259.010014][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  259.027842][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  259.045461][   T30] 2 locks held by syz-executor/5632:
[  259.052798][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  259.066789][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  259.083851][   T30] 2 locks held by syz-executor/5639:
[  259.090132][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  259.109253][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  259.126366][   T30] 2 locks held by syz-executor/5645:
[  259.137101][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  259.159859][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  259.175001][   T30] 2 locks held by syz-executor/5648:
[  259.183422][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  259.198258][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  259.218528][   T30] 2 locks held by syz-executor/5654:
[  259.223884][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  259.241376][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  259.253162][   T30] 2 locks held by syz-executor/5658:
[  259.264782][   T30]  #0: ffffffff8fcc6090 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  259.277170][   T30]  #1: ffffffff8fcd2b88 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  259.300695][   T30] 
[  259.303090][   T30] =============================================
[  259.303090][   T30] 
[  259.320165][   T30] NMI backtrace for cpu 0
[  259.324581][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  259.335229][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  259.345324][   T30] Call Trace:
[  259.348645][   T30]  <TASK>
[  259.351613][   T30]  dump_stack_lvl+0x241/0x360
[  259.356347][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.361593][   T30]  ? __pfx__printk+0x10/0x10
[  259.366283][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  259.371285][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  259.376886][   T30]  ? _printk+0xd5/0x120
[  259.381090][   T30]  ? __pfx__printk+0x10/0x10
[  259.385727][   T30]  ? __wake_up_klogd+0xcc/0x110
[  259.390634][   T30]  ? __pfx__printk+0x10/0x10
[  259.395268][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  259.400344][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  259.406371][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  259.412412][   T30]  watchdog+0xff4/0x1040
[  259.416712][   T30]  ? watchdog+0x1ea/0x1040
[  259.421185][   T30]  ? __pfx_watchdog+0x10/0x10
[  259.425911][   T30]  kthread+0x2f0/0x390
[  259.430028][   T30]  ? __pfx_watchdog+0x10/0x10
[  259.434757][   T30]  ? __pfx_kthread+0x10/0x10
[  259.439389][   T30]  ret_from_fork+0x4b/0x80
[  259.443854][   T30]  ? __pfx_kthread+0x10/0x10
[  259.448487][   T30]  ret_from_fork_asm+0x1a/0x30
[  259.453316][   T30]  </TASK>
[  259.456965][   T30] Sending NMI from CPU 0 to CPUs 1:
[  259.462347][    C1] NMI backtrace for cpu 1
[  259.462362][    C1] CPU: 1 UID: 0 PID: 5329 Comm: kworker/1:7 Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  259.462389][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  259.462401][    C1] Workqueue: events nsim_dev_trap_report_work
[  259.462431][    C1] RIP: 0010:__lock_acquire+0xeba/0x2050
[  259.462462][    C1] Code: ca c1 c2 06 44 31 f2 01 c1 29 d0 89 d6 c1 c6 08 31 c6 01 ca 29 f1 89 f3 c1 c3 10 31 cb 01 d6 29 da 89 dd c1 c5 13 31 d5 01 f3 <29> ee 01 eb c1 c5 04 31 f5 48 c1 e5 20 48 c7 c0 40 30 1d 90 48 c1
[  259.462484][    C1] RSP: 0018:ffffc90000a18510 EFLAGS: 00000896
[  259.462499][    C1] RAX: 00000000920902f9 RBX: 00000000980c12a3 RCX: 00000000740be0c4
[  259.462512][    C1] RDX: 00000000c14bba0c RSI: 000000005f398cc4 RDI: dffffc0000000000
[  259.462525][    C1] RBP: 00000000efb27c98 R08: ffffffff942c9807 R09: 1ffffffff2859300
[  259.462539][    C1] R10: dffffc0000000000 R11: fffffbfff2859301 R12: 0000000000000000
[  259.462552][    C1] R13: ffff88801e7c64d8 R14: 00000000a93107c7 R15: ffff88801e7c65c8
[  259.462566][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  259.462582][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  259.462594][    C1] CR2: 0000000020167030 CR3: 000000000e734000 CR4: 00000000003526f0
[  259.462610][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  259.462621][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  259.462632][    C1] Call Trace:
[  259.462639][    C1]  <NMI>
[  259.462647][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  259.462670][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  259.462698][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  259.462727][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  259.462752][    C1]  ? nmi_handle+0x14f/0x5a0
[  259.462771][    C1]  ? nmi_handle+0x2a/0x5a0
[  259.462790][    C1]  ? __lock_acquire+0xeba/0x2050
[  259.462816][    C1]  ? default_do_nmi+0x63/0x160
[  259.462840][    C1]  ? exc_nmi+0x123/0x1f0
[  259.462862][    C1]  ? end_repeat_nmi+0xf/0x53
[  259.462884][    C1]  ? __lock_acquire+0xeba/0x2050
[  259.462911][    C1]  ? __lock_acquire+0xeba/0x2050
[  259.462938][    C1]  ? __lock_acquire+0xeba/0x2050
[  259.462965][    C1]  </NMI>
[  259.462971][    C1]  <IRQ>
[  259.462984][    C1]  lock_acquire+0x1ed/0x550
[  259.463010][    C1]  ? NF_HOOK+0x9a/0x450
[  259.463035][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  259.463060][    C1]  ? nf_nat_inet_fn+0xa30/0xd10
[  259.463082][    C1]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[  259.463103][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  259.463126][    C1]  NF_HOOK+0xbb/0x450
[  259.463145][    C1]  ? NF_HOOK+0x9a/0x450
[  259.463167][    C1]  ? NF_HOOK+0x9a/0x450
[  259.463187][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  259.463211][    C1]  ? ip_rcv_finish+0x406/0x560
[  259.463233][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  259.463254][    C1]  NF_HOOK+0x3a4/0x450
[  259.463274][    C1]  ? __lock_acquire+0x1384/0x2050
[  259.463301][    C1]  ? NF_HOOK+0x9a/0x450
[  259.463321][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  259.463340][    C1]  ? ip_rcv_core+0x801/0xd10
[  259.463362][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  259.463393][    C1]  ? __pfx_ip_rcv+0x10/0x10
[  259.463414][    C1]  __netif_receive_skb+0x2bf/0x650
[  259.463438][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  259.463465][    C1]  ? __pfx___netif_receive_skb+0x10/0x10
[  259.463488][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  259.463515][    C1]  ? __pfx_lock_release+0x10/0x10
[  259.463542][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  259.463573][    C1]  process_backlog+0x662/0x15b0
[  259.463600][    C1]  ? process_backlog+0x33b/0x15b0
[  259.463627][    C1]  ? __pfx_process_backlog+0x10/0x10
[  259.463651][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  259.463679][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  259.463708][    C1]  __napi_poll+0xcb/0x490
[  259.463732][    C1]  net_rx_action+0x89b/0x1240
[  259.463764][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  259.463791][    C1]  ? sched_clock+0x4a/0x70
[  259.463819][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  259.463857][    C1]  handle_softirqs+0x2c5/0x980
[  259.463884][    C1]  ? do_softirq+0x11b/0x1e0
[  259.463908][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  259.463935][    C1]  do_softirq+0x11b/0x1e0
[  259.463958][    C1]  </IRQ>
[  259.463964][    C1]  <TASK>
[  259.463970][    C1]  ? __pfx_do_softirq+0x10/0x10
[  259.463993][    C1]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  259.464021][    C1]  ? rcu_is_watching+0x15/0xb0
[  259.464043][    C1]  __local_bh_enable_ip+0x1bb/0x200
[  259.464067][    C1]  ? nsim_dev_trap_report_work+0x75d/0xaa0
[  259.464089][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  259.464113][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[  259.464138][    C1]  ? nsim_dev_trap_report_work+0x6a7/0xaa0
[  259.464162][    C1]  nsim_dev_trap_report_work+0x75d/0xaa0
[  259.464189][    C1]  ? process_scheduled_works+0x976/0x1850
[  259.464215][    C1]  process_scheduled_works+0xa63/0x1850
[  259.464250][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  259.464278][    C1]  ? assign_work+0x364/0x3d0
[  259.464304][    C1]  worker_thread+0x870/0xd30
[  259.464332][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  259.464361][    C1]  ? __kthread_parkme+0x169/0x1d0
[  259.464393][    C1]  ? __pfx_worker_thread+0x10/0x10
[  259.464419][    C1]  kthread+0x2f0/0x390
[  259.464435][    C1]  ? __pfx_worker_thread+0x10/0x10
[  259.464462][    C1]  ? __pfx_kthread+0x10/0x10
[  259.464479][    C1]  ret_from_fork+0x4b/0x80
[  259.464504][    C1]  ? __pfx_kthread+0x10/0x10
[  259.464522][    C1]  ret_from_fork_asm+0x1a/0x30
[  259.464553][    C1]  </TASK>
[  260.074185][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  260.081118][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00044-g2f87d0916ce0 #0
[  260.091667][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  260.101861][   T30] Call Trace:
[  260.105173][   T30]  <TASK>
[  260.108148][   T30]  dump_stack_lvl+0x241/0x360
[  260.112881][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  260.118129][   T30]  ? __pfx__printk+0x10/0x10
[  260.122759][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  260.128802][   T30]  ? vscnprintf+0x5d/0x90
[  260.133187][   T30]  panic+0x349/0x880
[  260.138440][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  260.144651][   T30]  ? __pfx_panic+0x10/0x10
[  260.149216][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  260.154674][   T30]  ? __irq_work_queue_local+0x137/0x410
[  260.160285][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  260.165715][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  260.171926][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  260.178143][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  260.184359][   T30]  watchdog+0x1033/0x1040
[  260.188744][   T30]  ? watchdog+0x1ea/0x1040
[  260.193245][   T30]  ? __pfx_watchdog+0x10/0x10
[  260.197985][   T30]  kthread+0x2f0/0x390
[  260.202148][   T30]  ? __pfx_watchdog+0x10/0x10
[  260.206876][   T30]  ? __pfx_kthread+0x10/0x10
[  260.211510][   T30]  ret_from_fork+0x4b/0x80
[  260.215983][   T30]  ? __pfx_kthread+0x10/0x10
[  260.220619][   T30]  ret_from_fork_asm+0x1a/0x30
[  260.225445][   T30]  </TASK>
[  260.228808][   T30] Kernel Offset: disabled
[  260.233161][   T30] Rebooting in 86400 seconds..