last executing test programs:

3m5.772252656s ago: executing program 2 (id=97):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r1, 0x0, 0x4d6)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000980)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d030100000000009500000c000000006926000000000000bf67000000000000150600000fff070056060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff6d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded85d3cdd66d9c79f0529d045625b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c700e3806f825f1d0da2a304e06543b56d35235d7897a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664b44e22b72e843e7cf55f394cf75d1cd57c9150bfb98cc45b3fde43e42e150d4a2fddd9a9767748ca3522443097c55dc97c09d38485b18ad2cff787338bab324336f50c97b751f2ed2c4281858b428d1b2c1194b06f9bb7ffcc95c1bcfc5540f9574f20e7f513a2a7c5dad90e7d479724d69fa0c0bf97af1231a49ea166f743279d240e2e6f01d8704f313d68b16198be5f6a50e9e0fd20893b2922df566d2622edee5000000000000000000d91c6da09fa7cdbbf16d4780d8c2401c55aff772aced3ff966ff76d796c171f5f7a31e1b14b0c0c712c0fdd2710f37a3d15710d68e7326a7db043c57784bd9bdb047db75"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="660a0000000000006111530000000000850000001500000095000000000000004b4ce93ac73c1028358a23cabce92fa9b3c0df7b4c1f6bb69b2f6f3df1f7521114a93b3008aedaa23ec821811f98b39353edaa8fb2ef04e52c1cb7cfe590ac8829fb20f54f8ecb49db4796e6bf1e31eb9dcd26b0aa8dd2105b98c1931bc3880dbd61efe5fcd0e83ade46087470436702cde9de23b23835d8752c9df00b002bd344fda65a5c1323c9250cffb5aa568aa69ee1d4f37f363a9ac1e98ecdf52acf5ef7cb71147158590bf8ce0456fd5dd403116195bf98f26b89941895aea228dfbede414cb5871452a669c2f999e3feabc2a60e50f6b778ac2aad"], &(0x7f0000000000)='GPL\x00'}, 0x80)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf)
r4 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000002c0)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r5, 0xc0189378, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2, {r2}}, './file0\x00'})
ioctl$TCFLSH(r3, 0x400455c8, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x7)

3m5.771990165s ago: executing program 3 (id=98):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="340000003e000701fcffffff00000000017c0000040042800c00018006000600ab230000100002800c00178008000180", @ANYRES64], 0x34}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x2000c000) (fail_nth: 1)

3m5.435047123s ago: executing program 3 (id=101):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000200)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000002c0)={0x28, 0x6, r1, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f0000000140)={0xc, r1})
ioctl$IOMMU_VFIO_SET_IOMMU(r0, 0x3b66, 0x1)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r0, 0x3b72, &(0x7f0000000440)=ANY=[@ANYBLOB="1800007f000000000020"])

3m5.244403486s ago: executing program 3 (id=102):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000004f7a82eb00040000000018010000756c6c2500000000002020207b1af8ff00ea943afdd8e91c55000000bfa100000000000007010000f8ffffffb702000008000000b716000003000000c98c1215a234909bf4bf59468ca885000000060000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SNDCTL_DSP_GETFMTS(0xffffffffffffffff, 0x8004500b, &(0x7f0000000a40)=0x6)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20\x00'}, 0x58)
recvmmsg(0xffffffffffffffff, &(0x7f0000000a00)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000b80)=""/4104, 0x1008}, {&(0x7f00000006c0)=""/96, 0x60}], 0x2}, 0x7}], 0x1, 0x40000021, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x60000, 0x0)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f00000034c0)={0x2020, 0x0, 0x0, <r7=>0x0, <r8=>0x0}, 0xcac)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000600)=""/32, &(0x7f0000000800)=0x20)
fchown(r5, r7, r8)
fsetxattr$system_posix_acl(r5, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="020000000100040000000000040004000000000008000000", @ANYRES32=<r9=>r8, @ANYBLOB="10000100000080df20"], 0x2c, 0x2)
sendmsg$unix(r1, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000300)="a29a5a0e76cc809932179755a86c08e5d70d3acb907e2c30e10fe263be7b0bb36908a08e928a607c619b9eeba4ba7bdc53dd607a1f634f2d1c5467872e6216fbef33a484d28f27448777624b44521e120103435858aee0fd81f39c57523c9e08b6ecd2fbb16a089b5a6dff16eac24d654e4c9239d71cf972272b44f857e5953efda0d03c0e436e0b1978a14de1201d3f0556e95208629381d15193a46b7f5b749cd276835d53855d8639b38017da0776a4dc", 0xb2}, {&(0x7f0000000180)="d2d47e2bd71af658438cfa09cfe24fc131787cd4635ca6d031f56b5d300879b08f55f89f9b1db3afd48273885b51bd4687126a8f56eccd1c1ac739", 0x3b}, {&(0x7f00000003c0)="1715c70d21a7402d8140ef1c08b92a3faef7e672f8bae6078211eca51e9ca8b518c82a010dba01fdbbdbd0b01e00bab96f933956ed7fc5897bc7e89c396032ec0bda96087d5613ad4007e2e844fd18acbd6977f1ace31ac947b4cd9574edf758fc46928c9fb582c6bd64fee16752e649c7e53ee458f7492626b20ae5daaa7e51b4b8aa02b8f080e3d75a0a327b885f66c36ac1e38bd6376580c78bf91b037f1a3cb5392e9155b2765965f908e0c12225522ebdc1771c82594b2f8f505ce75fc1f8fc2ea7c835865d3012c18ff42b42c901eeb93e2e4382c785c026332ced2479998b4567d7c74a5dbec4fe0dff79958487d1df", 0xf3}, {&(0x7f00000004c0)="6a7bd6f3852e2955c6c4c0a9c61b0eb6830e4c9875f4475ffa4714a9bc51b37d8e6e0b9d9b597d049ca4c38b119326c58af9686e01137f26140867ba63840f83868297eef36806c76dc39e46a074217efdf1ba5cd7ca00f7dc3ea075e3379610e1732aa1a381d4e9b794891047d86ccb476af76408341ca24f0e53ec7a37117244aa0b44dc612caba4055bc8e9823cb1a62a24a7a5a63c2ce71d5a6ba47dfe695a897e32c70a49654aaccc12b7541d63f230d7a8f2cff273e9155939550a6b9f98218273de9a56c2e140645884a714807f16db1d8022f5c766ba3594cea52b25880bbab74c75100b054a40a5cb0cefa5165646b097402984", 0xf8}, {&(0x7f0000000240)="a25a28b798f8c2da92285bb3cfaa8befe401e8745a88c073758ea3e1d82a4937480418d8543d9678dcef62c2647ac1815a92e7e9503c1ef999e80f2a6b184bb3f34da022467410f629222693daae4ee8b5f6549e26e531cc4223428cd7c95aa85c8650b949e2ceb0415115b81ceaf354678304", 0x73}, {&(0x7f00000005c0)="63b419bdac3aff29658b70833f9252d3c97ce30a26d1c55767d77eed87f1136f0085dcf5fa61e7641398951fd601013a21f10c44de076f18f3f8f07422", 0x3d}, {0x0}, {&(0x7f0000000640)="ecc5f5bfee665586815445ed3d0ca826a33cdd9e5da7a5c8e5025bcd74191b73e0968695ab086065c5e9c7fd6f72c9b4028957e2260a971dd1aab244a99e6d66add1eb7e6a0f5228d39b091cd6f4fdb9ada57904f6b4d3ef02c6ea8a", 0x5c}, {&(0x7f00000006c0)="4566efcc4d5eb26ea83a6ce38d042d7bb03b99c12b6b17c2de1fcd14fc4fe5b1d6f9", 0x22}, {&(0x7f0000000700)}], 0xa, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES8, @ANYBLOB="00000000070100000002000000", @ANYRES64=r9, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32, @ANYRES32=r1, @ANYRES32=r3, @ANYRES32=r1, @ANYRESDEC=r0, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=r8, @ANYBLOB='\x00\x00\x00\x00'], 0x90, 0x4000}, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r10 = syz_open_dev$vim2m(&(0x7f0000000a40), 0x9, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r10, 0xc0405602, &(0x7f0000000a80)={0x4000, 0xd, 0x0, "134600cea4dd512d97d4188cbf770637bc747721f37af54dd1dc03030096c337"})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000000000b1400101c0"])
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)

3m2.049974834s ago: executing program 1 (id=107):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001d00070f000200000000000007", @ANYRES32], 0x24}}, 0x0)

3m1.945885648s ago: executing program 2 (id=109):
timer_create(0x3, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000080), &(0x7f00000000c0))

3m1.76369795s ago: executing program 1 (id=110):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000000180))
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x80489439, &(0x7f0000000580))
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @remote}, 0x10)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
exit(0x7)
preadv(r2, &(0x7f0000000040)=[{&(0x7f0000000080)=""/4097, 0x1001}], 0x1, 0x300, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0xffbf, 0x9}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$nfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={[{'\x01\x00\x00\x00&'}], [{@audit}, {@audit}, {@obj_role}]})
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r4, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001100)={r4, 0x0, &(0x7f0000001700)=""/53}, 0x20)
connect$tipc(r3, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x5}}, 0x10)
sendto(r3, &(0x7f00000010c0)="b8c1dcc5623e95c86896d3e101", 0xd, 0x40000, &(0x7f0000001340)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x3, 0x4, 0x4, 0x4, {0xa, 0x4e24, 0x0, @mcast2, 0xffffffff}}}, 0x80)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
pselect6(0xf8, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x9000000}, &(0x7f0000000140), &(0x7f00000003c0), &(0x7f00000001c0)={0x77359400}, &(0x7f0000000240)={&(0x7f0000000200), 0x8})
sendmmsg$inet(r3, &(0x7f0000006740), 0x0, 0x0)
connect$tipc(r3, &(0x7f00000004c0)=@nameseq={0x1e, 0x1, 0x1, {0x43, 0x4, 0x3}}, 0x10)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x23, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x679, @dev={0xfe, 0x80, '\x00', 0x7}, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000005400)=[{{&(0x7f0000000040)={0xa, 0x4e27, 0xfff, @remote, 0x2}, 0x1c, 0x0}}], 0x40000000000016d, 0x1000)

3m1.591936036s ago: executing program 2 (id=112):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x48141, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
close_range(r0, r0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000000), 0x2}], 0x1, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x149403, 0x0)
ioctl$TIOCGPGRP(r2, 0x540f, 0x0)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x14, 0x28b}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000200)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)

3m0.591823582s ago: executing program 1 (id=114):
r0 = socket(0x2a, 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
socket$rds(0x15, 0x5, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000))
r1 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
r2 = socket$packet(0x11, 0xcf65fa28e352322a, 0x300)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140))
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newlink={0x170, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_AF_SPEC={0x150, 0x1a, 0x0, 0x1, [@AF_INET6={0xc, 0x2, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0x3}]}, @AF_INET={0x30, 0x2, 0x0, 0x1, {0x2c, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}, {0x8}]}}, @AF_INET={0x18, 0x2, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x8}, {0x8}]}}, @AF_INET6={0x40, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x14, 0x7, @empty}]}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x24, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}]}}, @AF_MPLS={0x4}, @AF_INET6={0x88, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @dev}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x14, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_TOKEN={0x14, 0x7, @private1}, @IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_ADDR_GEN_MODE={0x5}]}, @AF_MPLS={0x4}]}]}, 0x170}}, 0x0)

3m0.171900106s ago: executing program 1 (id=115):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=ANY=[], 0x0}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000073016d000000000095000000002732286d000200"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x68000000}, 0x48)
link(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00')
socket$inet6(0xa, 0x800000000000002, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000001)
bpf$MAP_CREATE_TAIL_CALL(0x9, 0x0, 0xc)
clock_nanosleep(0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f00000000c0)={&(0x7f0000000780)=[0x35e, 0x8001, 0x0, 0x8, 0x0, 0x9, 0xc9, 0x3, 0x6, 0x3, 0x3ff, 0x4, 0xfffffffe, 0x461, 0x1, 0x3, 0x200, 0x8cb4, 0xfffff1fb, 0x0, 0x6, 0xc98, 0x8, 0x6b, 0x9, 0x3, 0x4, 0x40, 0xffff, 0x100, 0xe01e, 0x8001, 0x5080, 0xfffffffd, 0x9, 0x0, 0x7, 0xd, 0xab6f, 0x40, 0xee, 0x0, 0x10001, 0x7, 0x89, 0x1, 0x400a, 0x9, 0x5, 0x3, 0x80, 0x4, 0xfa74, 0x1, 0x8001, 0x1, 0x9, 0xc, 0xb0a, 0x200, 0x4, 0x6, 0x5, 0x4, 0x40, 0x3, 0x4, 0xfffffff0, 0x3, 0x8, 0x401, 0x44ef, 0x49, 0x8, 0x1, 0x40, 0xfffffffd, 0x6, 0x2, 0x4, 0x8, 0x9047, 0x8, 0x7, 0x101, 0x1, 0x5, 0x8000, 0xb, 0x1, 0x9, 0x8000, 0x3ff, 0x763, 0xe973, 0x5, 0x2, 0xfff, 0x0, 0x6df, 0x6, 0x4, 0x2, 0x0, 0xe3, 0x8, 0x519b, 0x1, 0x0, 0xff, 0x1000, 0x81, 0x3e2, 0x7, 0x1000, 0xec79, 0x401, 0x4, 0x9, 0x2, 0x79, 0xfffffff7, 0xfffffe01, 0x7, 0x401, 0x5, 0xc90f, 0x7ff, 0x6, 0x80, 0x1, 0x8000, 0x7, 0x1, 0x9, 0x5, 0x101, 0x80000001, 0x0, 0x5, 0x81, 0x5, 0xc, 0xc, 0x3, 0x9, 0x9221, 0x1, 0x9f0, 0x7, 0x10, 0x1, 0x10001, 0x3, 0x7cc3, 0xa8, 0x8bf8, 0x5, 0x8, 0x2, 0x401, 0x3, 0xffff, 0xa160e3f, 0x5fdc, 0x40, 0x200, 0x0, 0x3, 0x0, 0x2, 0x8, 0x2, 0x10000, 0x6, 0x5, 0x8, 0xfffff422, 0x1, 0x6, 0x6, 0x9, 0x6, 0x200, 0x4, 0x7f, 0x5, 0xd, 0x80000000, 0xffffffff, 0x0, 0xe, 0x2, 0x373a, 0x5, 0x8, 0xd, 0x1, 0x6, 0x1, 0xeb0, 0x5a, 0xffffffa1, 0xff, 0x8a5, 0xb18, 0xf, 0x5, 0x5, 0x6, 0x33f, 0x5cd958c4, 0x81, 0x7, 0x7e, 0x7fff, 0x80000001, 0xa, 0x7, 0xfffffffe, 0x5, 0x7, 0x0, 0x200000, 0x7e, 0x4, 0x9, 0x401, 0x5, 0x7ff, 0x9, 0xf, 0x2, 0x4, 0x8, 0x3, 0x2, 0xfff, 0x7, 0x7, 0xfffffff9, 0x9d0, 0x80, 0x2, 0x6, 0x1, 0xb7a, 0x705, 0x2, 0x25d4, 0x7, 0x2, 0x2, 0x3, 0x1, 0xffffffff, 0x4, 0x3, 0x2, 0x85a, 0x1, 0x8, 0x63b01967, 0x9, 0xfffffff8, 0xb, 0x2, 0x39, 0x3, 0x7fffffff, 0x80000001, 0x2, 0x2, 0xb4, 0xfff, 0x2, 0x5, 0x0, 0x6, 0x6, 0x200, 0x4, 0x1, 0x1, 0x7, 0x2, 0x1, 0x2df6, 0x2, 0xdf2, 0x6, 0xffffffff, 0x0, 0x635, 0x0, 0x1, 0x2, 0xeaa, 0x8, 0x1, 0x4, 0x9, 0x3, 0x0, 0x8, 0x8000, 0x8, 0x1, 0x4, 0xffffffff, 0x1000, 0x9, 0x3, 0x8, 0x6, 0x0, 0x9979, 0x9, 0x93d0, 0x2, 0x4, 0x401, 0xd7, 0x1, 0x80, 0x401, 0x6, 0xfff, 0x80, 0x10, 0x8, 0x10001, 0xf9, 0x3, 0x200, 0x7, 0xb, 0xfffffff7, 0xea, 0x8, 0x1, 0x7db7, 0x6, 0x8, 0x1b, 0x9, 0x1, 0x7, 0x5, 0x8e33, 0x2, 0xffff0000, 0x81, 0x1, 0x9, 0x4, 0x8000, 0xa3c, 0x1ff, 0xffff, 0x1d16, 0x3, 0x9, 0x2, 0xfff, 0x9, 0x9, 0x5, 0x8000, 0x3, 0x7fff, 0x2, 0x101, 0x5, 0x7ff, 0x6, 0xffffffff, 0x0, 0x3, 0x80000000, 0x6410, 0x8, 0xbda0, 0x5, 0x0, 0x10000, 0x17, 0xc6c, 0x3f, 0x4, 0x8, 0xa, 0xd, 0xb, 0x7, 0x861b, 0x5, 0x8, 0x7, 0x722, 0x2, 0x1807, 0x3, 0x81, 0x100, 0xa8, 0x400, 0x4ae, 0x1, 0x3, 0x5, 0x7, 0x2, 0x6, 0x180, 0x8, 0x7fff, 0x4, 0x8f, 0x5, 0x4, 0x3, 0x0, 0x72, 0x1, 0x6, 0x1a, 0x1ff, 0x7, 0x1, 0x8d8, 0x3ff, 0x167ace25, 0x6c, 0x6, 0x583f6e51, 0x6, 0x2d8, 0xc816, 0xc, 0x8, 0x100, 0xffffff80, 0x5, 0x3ff, 0x7, 0x7, 0xe, 0x6, 0x8, 0xdd2, 0x2, 0x5, 0x400, 0x4, 0x7, 0xe84, 0x2, 0x9, 0x1, 0x7fff, 0x10, 0x8, 0x1, 0x5311040, 0x8, 0x7, 0x0, 0x101, 0xc55, 0xf, 0x80000000, 0xfffffffb, 0xc9, 0x8, 0xc86, 0x6, 0x8, 0x8, 0x7, 0x8, 0x8, 0xba, 0x5, 0x7fff, 0x80000001, 0x3, 0x200, 0x394, 0x3, 0xb805, 0xe5, 0xe0df, 0x8, 0x100, 0x40, 0x8, 0x8, 0x7, 0x2, 0x80000000, 0x7, 0xfec, 0x3, 0xfffffffc, 0xfffff0d2, 0xe4, 0x1, 0x2, 0x5, 0x80000001, 0x4da, 0x8, 0x80, 0x9, 0x100, 0x5, 0x7, 0x5, 0x9, 0x826c, 0x1, 0x6, 0x401, 0x9, 0x5, 0x7, 0x990, 0x8, 0x7f, 0x6, 0x7, 0x3, 0xb, 0x1, 0x4, 0x9, 0x7, 0x0, 0x8, 0x0, 0x6, 0x200, 0xd4, 0x6, 0x400, 0x4, 0x4, 0x0, 0x6, 0x40, 0xac14, 0x10000, 0x3, 0xfffffffd, 0x10001, 0xf1e, 0x0, 0x81, 0xa4, 0x25da, 0x77c, 0x3, 0x10, 0x6, 0x1, 0x6, 0x7ff, 0x42d3, 0x7be, 0x8, 0x392, 0x0, 0x6, 0xa, 0x9, 0x3, 0x8, 0x2, 0x22e5, 0xffffffff, 0xdaf, 0x4, 0x2, 0x4, 0xff, 0x5, 0xfffffffa, 0x1, 0x3, 0x1f13, 0xa, 0x7, 0xf, 0x45d, 0x7fff, 0x3, 0x5, 0xfffff830, 0x8, 0x0, 0xd8, 0x3, 0x80000001, 0x2, 0x5, 0xfffffffb, 0x4ee, 0x9, 0x401, 0x7df, 0x1, 0x8, 0x2, 0x7, 0x2d8b30a2, 0x2, 0x6, 0x0, 0x7ff, 0x0, 0x8, 0xdb, 0x6, 0xa, 0x2, 0x9, 0x80000000, 0x4, 0x8000, 0x8, 0x2a, 0x1ab5, 0x3, 0x2, 0x9bb9, 0x51, 0x7, 0x0, 0x80000001, 0x5, 0xfffffffa, 0x3, 0x5, 0xffff, 0x4, 0x80000000, 0x8, 0x4a7, 0x4, 0x2, 0x7, 0x10, 0x200, 0x4900, 0x7, 0x8, 0x701d, 0x1, 0x1, 0x400, 0x1, 0x10001, 0x9, 0x4, 0x1, 0x69ca, 0x400, 0x1, 0x790, 0x7, 0x2, 0x3, 0x6, 0x1, 0x1, 0x448, 0x7, 0x2, 0x70a, 0x4, 0x10001, 0x9, 0xc794, 0x3, 0x6, 0xffffff76, 0x7, 0x5, 0x4, 0x5, 0x80000000, 0xfffffff7, 0xd, 0x1, 0x1, 0x7, 0x5464ffad, 0x4af5, 0x3, 0x7, 0xfffffbf1, 0x5, 0xff, 0x79, 0x4, 0x8, 0x4e6, 0x9, 0x6, 0x1, 0x1ff, 0x6fb3, 0x1, 0xa2, 0x41a2, 0xdbe, 0x5, 0x8, 0x2, 0x80000000, 0x3, 0x5, 0x7, 0x0, 0x1cc7, 0xf, 0x5, 0x6, 0xc, 0x5, 0x8, 0x4, 0x4, 0x3, 0x4, 0xfffffc01, 0x10, 0x80000000, 0x8000, 0x5, 0x4, 0x1, 0x3ff, 0x8, 0xf, 0x3, 0x0, 0xe22b, 0x40, 0xfff, 0x1000, 0x6, 0xfffffffd, 0x6, 0x8, 0x4, 0x4, 0x8585, 0x6, 0xe1a5, 0x84a4, 0x1, 0x0, 0x0, 0x1, 0x5, 0x1, 0x2, 0x9, 0x8, 0x0, 0x5, 0xd, 0x2, 0xce3, 0x80, 0x7e2, 0x5, 0xcfef, 0x9, 0x2, 0xffffffff, 0x6, 0x60000000, 0x5, 0x9, 0x6, 0x6, 0x7786c3ad, 0xffff, 0x800, 0x0, 0x7, 0x5, 0x7, 0xe, 0x4, 0x731, 0x0, 0xe, 0x5, 0x8000, 0xb, 0x10, 0x3, 0x7, 0x9, 0x80000000, 0x360000, 0x7, 0x2, 0xe, 0x1, 0x0, 0x7, 0x9, 0x947, 0x433f, 0x1, 0x9, 0xff, 0x2, 0xbc0, 0x3, 0x9, 0x7ff, 0x2, 0x401, 0x7, 0x9, 0x0, 0xc, 0x81, 0x4, 0xffff, 0x5, 0x10, 0x6, 0x101, 0x4, 0x3, 0x3, 0x3, 0x5, 0x52, 0xf589, 0x7, 0x0, 0x7, 0x9, 0x7f, 0x6, 0x9, 0x29e, 0xa, 0xa, 0x3de9, 0x4, 0x80000000, 0x8, 0x8, 0x400, 0x10, 0x2, 0x1, 0x3, 0x12d, 0x80000001, 0x8, 0x6, 0x1, 0x7fffffff, 0x17, 0x80, 0x7fffffff, 0x1, 0xb, 0x7, 0x1, 0x7f, 0xfd7, 0x4, 0x5, 0xd, 0x5, 0x3, 0x3, 0x9, 0x9, 0x5, 0xf6b, 0x900000, 0x3ff, 0x5, 0x0, 0x9, 0xc, 0xb23, 0x10001, 0x7, 0x6370, 0x7, 0x1edc, 0x8, 0x4, 0x3, 0x8001, 0x2, 0x3, 0x6, 0xffff, 0x5, 0x9, 0x3ff, 0xdd0, 0x8, 0xfbe, 0x4, 0x4c46, 0x7fffffff, 0x7fffffff, 0x5, 0xa21b, 0x7fffffff, 0xa, 0x8, 0x2, 0xd36, 0x7, 0xaa, 0xe, 0x1, 0x2, 0x63b, 0x0, 0x2, 0x7, 0x1f, 0xa, 0xff, 0xd, 0x1, 0x4, 0xfff, 0x6, 0x0, 0x100, 0x80, 0x1, 0x1, 0x0, 0xa, 0x76, 0x10001, 0x0, 0x8049, 0x3, 0x6, 0x4, 0x9, 0x2, 0x7fffffff, 0x8001, 0xec, 0xffffffff, 0xfffffffa, 0x3, 0x200, 0x1000, 0x4, 0x8, 0xd, 0x8, 0x9, 0x5, 0x10001, 0x8, 0x8001, 0x1, 0x54b3, 0x80, 0x6, 0x9, 0x0, 0x101, 0x2, 0x4, 0x6, 0x8cbd, 0x3, 0x4, 0x6, 0xff, 0x4, 0x4, 0x4, 0xbf, 0x6, 0xff, 0xfff, 0x3, 0x4, 0xc, 0x5, 0x2, 0x0, 0x5, 0x0, 0x5, 0x4, 0x10001, 0x201, 0x9, 0xfffff562, 0x400, 0x5, 0x4, 0x72, 0x9, 0x3, 0x4, 0x7, 0x8001], 0x4, 0x400, 0x6})

3m0.130817917s ago: executing program 4 (id=116):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
close(r3)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r4, 0xc0105500, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0})
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r5, 0x40384708, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "3e07f500100000ef0200"})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffd)

2m59.781367855s ago: executing program 0 (id=117):
r0 = syz_open_dev$sndctrl(&(0x7f0000000340), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0x40045532, &(0x7f0000003f80)=""/4086)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0xa00)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f0000000000)={0x20, 0x5, 0x6}) (async)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009e02"])
capset(&(0x7f0000000500)={0x20080522}, &(0x7f00000002c0)={0x200002, 0x200003, 0x4, 0x4, 0x7}) (async)
r7 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c) (async)
sendmmsg$inet6(r7, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x20, 0x4001c00)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f00000000c0)={0x1, [0x0]}, &(0x7f0000000100)=0x8) (async)
r8 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x54d}) (async)
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) (async)
mremap(&(0x7f00003cd000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000c9a000/0x2000)=nil)
close_range(r8, 0xffffffffffffffff, 0x0) (async)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
pipe2$watch_queue(&(0x7f0000000000)={0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x80)
r11 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/conn_reuse_mode\x00', 0x2, 0x0) (async)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r10, 0x84, 0x13, &(0x7f00000001c0)=0x6, 0x4)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r10, 0x5761, &(0x7f0000000300)=ANY=[@ANYBLOB='\b\x00\x00\x00\x00\x00\x00\x00\a']) (async)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000240)={<r12=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r11, 0x40182103, &(0x7f0000000140)={r12, 0x1, r7, 0x0, 0x80000})
ioctl$HIDIOCGFIELDINFO(r11, 0xc038480a, &(0x7f0000000080)={0x3, 0x200, 0x33, 0x6, 0x4f2e, 0x7, 0x3, 0x80000001, 0xa, 0x2, 0x1, 0xc7, 0x101})
ioctl$KDSIGACCEPT(r9, 0x4b62, 0x1)

2m57.780351614s ago: executing program 4 (id=118):
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = mq_open(&(0x7f0000000000)='eth0\x00', 0x42, 0x0, 0x0)
r1 = mq_open(0x0, 0x42, 0x11, 0x0)
r2 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x41c3, 0x800, 0x0, 0x335}, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x3, 0x0})
io_uring_enter(r2, 0x47ba, 0x98f1, 0x20, 0x0, 0x0)
exit(0x5)
mq_timedsend(r1, 0x0, 0x0, 0x6, 0x0)

2m57.73145404s ago: executing program 1 (id=119):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
pause()
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/ipc\x00')
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETOBJ(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0xf8, 0x13, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x5}, [@NFTA_OBJ_USERDATA={0xe1, 0x8, "978cb09193041346adca3575a7bec2915306724042604963aaf79a3407b539a26c2b6485d658e2982127ba906ce2e0b8a87a77619c4a77797f7495c40ae2f27845b3e54aee44f73e712a2ba674e8bc1925f1de247ec56dcd6fbec40aece12ee539b9ccacc5f2fd95f963d18853b22fea3116bbc2ae94de0153d4b7a30a3c821878001603fb7d622033ccadc26c0e49c34770496a74ee26901cc19c8d944295749e0daeda90251a0e81a5f02f41e948763b33f4f31403ed2b539e135e28b5e036838ece47e146c5ada374e8baee40c0275da2dfcc9484225100000000e8"}]}, 0xf8}, 0x1, 0x0, 0x0, 0xb6f46e842b0a9c8}, 0x48096)
setns(r1, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = semget$private(0x0, 0x1, 0x81)
semctl$SETVAL(r4, 0x1, 0x10, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000000380)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, <r5=>0x0})
ioctl$BTRFS_IOC_RM_DEV_V2(r0, 0x5000943a, &(0x7f0000000600)={{}, r5, 0x4, @inherit={0x50, &(0x7f0000000580)={0x0, 0x1, 0x10, 0x7, {0x6d, 0x9, 0x89e, 0x6, 0xfffffffffffeffff}, [0x7]}}, @name="984699f4cfc11ea00d886f87fa20cd4cab26b62bfde7c4b939998c1df0ba46186cdb4a48383b88a203206d881390c5a1f35c9b3fd5d50ae25800c048e87a3ecd9e75fce123918950303a0f6269c8d03411d411ff6681d6f67801054e5ea79cb6d1331457b1a3d198f713dab33e269f0034d1f2f436a9365fa27d5cd9735657dbd85f54525d2891ee90cfaa62b23718ebf8c7973f554061536d34f1724a5df6f1fddc6499ee26318753dd0d5a930c3453e3d7c3b9c380a91c55a3342cd63d2ea6f00f1e15f8aaa582f83b4d721a263622198ad4029f1e36e2a9838911e949d6bfbd5832b7212506f07c01f10cbeaac4d7f7d321ae32a5528cf4158df4f97fe147db634c9bc2b7a98e5c82a01e3764353e7e7a38123983a7698e5180adf9244c74c094e2d050efc6e837fe075a8caf7e5177ed5e49d0251db7873cda3935d882c237edc06dc8288739cd89177b0a970e1ca25619061da6aa0250463e0ae0cbe80401bf967e0eb0451d67c16b793d8538b9776ec0a99a4718de47d1a300cd4ca845f16412db3cade56a54969260c69faaf6ef3687093293ab20bcd8b1f1275fdb8cd4b2b6d8ff7c9e03323ac875959cca09809bab2c7ab7eb957df26904f9681ef90f047c81bdd9242bad321992054200ea46bb67e3ca9aaba6d5adc18463f5c56e9556cf60adc2efafe7de1ae7c6e8201f1d6821f732246ae529a8d68c331d9b91823c23a523f8a0e889906e9e8caf4776e7bb3c234ad1a9adfa759de5ea55dfa1a98983ca978b9926df5a8dfe4f433ae6e3e662016400286790e112ba832f9e9c3884b2d837d743da61e4153260eb47032e1907fd9ff4e8bf627241071a850ba7623b4ae8c83b46b78bbfce382bae18932bb7ea9466d2697eb7f3df5c33849da594c2b6f9e422e91bffb559b69092ee9ca28da4e7b047903d6a14de7bdb046c486bec17ab9bbbe4dc5acc3b1bb9f893ec61e5b21c59d57317043788271d31529b3c95f35cd04b50e2a858a5a72a986953ca01f8b22bf339c7a9090c8de85d1ed8499a0dc50b5b883c767f0f73bb7be1be352d9524a10e155ce3d8516444bdd91efc81010f1e64acbec237036a9868717e6845f5e625cd15f68cbebc45dbbb55388505d134cdef54a2e948e7b80b2077f92b7e8c23e8ce6e43a9686b76482603f73f159e83276af1a46882edd164470696705a33e47e896438efeed90fb2423323677bb5cab4488345420291786c4fc489229b4e846c70a4d5090c6dc75d7722d8280e873b832cbba07dbe4d6c0bb2d51592f20c871e02d97158d9ee8e8f1355258962fa6c1038805dc7818fe812e9210e9e85f3345245be342299d61ce7a1fc94acf764c1cc9ff3dad970b1c6ad55eaca0afd3e8da3e92a97b34b5973f4d2de5ab8dddc355f105d8d5d3b6ad22d92530d0ed1a33f58b77c4415287036d29608b571ec0595a03f124796ac4ee6000fc659baa7ae7cc709f92ab02c3bfcd2b6618083e5c7b2c049f8c229a650c288dca59bf3ede99bce79962a4faacc4baed08f0d4ffadf39e5d77d5521c34f325e68452060600dd0a791501a4d3f0e21ee00d888d293ff56dd1f72eec85e8d65befab91adfa39f009c5ef67ebbe0e77cce4bf16e13a565e50f0696842f970abd0b985d06be8a0fec3bac944b819079d19baa4e0e9a45cb435f62dc3b566e0b4f7ad717833f915f9a61f9f7e2cf0889aa6e1d91834ae86dbb7099fc49f4f1d101caff35274c968bca94351eabceb8cce54a4bfb7e8dc0f623b08d052a4c0d02e906e26e80e75cc58d7cef4ec8a13bb645d799dabff9267d3efb3d93d61151432a2e6683699b23085f6b1456177f1fd46b1753ab03efad047fc817eca18256d365943b0a2c817b97f3a6f910a1cc35333920a6b4ef3600b2f5f756b60daa5e1d88c68f8ec53be51f8048fa34612d722894ef378642a2626f2b35544f135250a9a689607f41cec7792423f215feac85a3682014323f20b0d86deff000dfc6a398f39c46441ceca0c84db37d493fec9b0d52e30e8f9d1c5c0e36572c50fccd6f61de18a140be68cd2a4acdc39acb292f7dbd91aefb7ffef45b14e2e43f3ae56181f5fa32a7b31f986dda2c156f065562b82f79edd75d35d4d10ff74fd69b6a1c24d79720608d719a48152589ff5e033b9c92fd5b07f8e3e2c8d5c5fd4c154a3124c92ff8a87944ed5bd084ba71b66fe76d2bcb2bfa3061ffe5d4ff5fef2f8731e581c1021eb5002e3ba869f2aea0eddcc9c7387396c20a5eb0f70404866edc360860cb74b4c3c0d9400bac739bcb351b95f01fcf4500b1417ac0c05b42cb0e7c5829a3b59140ea50de36352e7e003f8d4d7c5debe00226967a3a6e1cb53ea5fd472c45c6b0252c094ca6e6861a508993ee47c42c549417cbd9ae2531d36a033cce6cbb292ef0fd2a2db6c8a8479e3bdc9150def12a12526724076940b2632ab6953cb74ac8da229df4f772d963fa1accdd4f41eba0ba59847e7de0c2999f9d601fc4c7d7f496e845c00dbb8b9b582be3edbf81e62efbd33ddea77801c455cc0f8a176914de468a437c2acfbde01c1dd3dc92e6c07cf362b2a8cb69800466a741e9382a015346c6edc97a0a1d0bbee854162fcdbc81ac76f751eb366e1dfbaeefc6cfaaa7f37d1ecfeb2de752cc28aa937cdffaa633aee93e183c483f4aac1c7945c456a339e024b9a1e6d41772c2eae2e7707c4eb981eeeed0a74e22d0015613f3e1b76718617ebe8920337fbd8174d83668d2f9b5e626defe43fd9c93c5afa71cb5d653f19079374b22a85a9201dd2bd0bda4416bd0526d56620a18bb99efe5821ab05d33f9dacb8c47fa7f3f5ee8ce1fb651e989e98afa0ae4e873b8299eb3c07a9686088d5a22d132fa2a02863aabb302d2577410f3f67c17390c8769c78dc10661c2a597c8fd87ab6b12cdee844acd1cc56493dd3be6575f0f0ef7c57d9ec9d6c58d749b8ccf8dd5e1d8875ac860716226025f881a98fcc1c9e0b875da0c2cae4f2d4af246bf0c777535cc20364a81c32ab2a0d660e7a5b12a34681759ce5cabd8a31f789b440e9cf6baf5ba9489a411ef51d39ae0098ea045c346faf3cf64a9739b04b9af29973999fcc2bddd20db2b554e2a22c02eb68d25baed99b87c3901dc87bc76c067e9abb79968c9e044973b851b53a2d1f4f70b7deb25a07d365474733682552131a48c918818fb263c61e00691605a8f5405fb63afbee45c30fa647c020fb5f3d6a1f16a03c441bd8cfa84a6ea1a1f5834d0f763ce9505c208176f2c0147723a20ac45bf80aac34559dd9ff88cd4f7ffec05f1ec1d76f7a41a8784668e3fb67b2fddca38720911925aee0bc16648cd1f0b4c6d977b7724bbe72438391a9848cedba5b84c6539e458c8ccae947e281d3024668479398a9930c161ebd809f92a19dc12746e0a5186eb3561436c5497822b4410781dfa209dfc7ec2cf1242989a88aa8498be50812f4e0aff3165f4477ab00014cda7b7f870aca3ef85d248cc49f2ac5b9ee0f1e2972d345b34a81035a6b4d9a332ea024684432508eedfbefc775b73dbcb22f0ad108365a7d1c32cb77044f1d8f2ae61896f0e1a1e19481ff3de191975397a213132bd9298cc5d31e93694f21a9e8efec873e9d942d0d7977a9456a4577851f5cf723193c6bcb097d19adf9183b75d7b1a99a8c8738efd2c85afc28b34ff702b7c5ec5c4d0d96eef77c9b18613c63ef09ca7c552d58491c9f3a3eff13d47989a01b2cf6eeaf690ae2a8b3e4bf3dfc4d3cf01711acf2e703915f11bb7d0d29746280fe4fddd26506ce73410713b218365cfcf25b50c27d1e0f02352b819f151a454e8fd6de1e8d172cbb332846b4e7977c65c3b7ab84f5fafe68e39bd78890374d72fbb2e661a38721f2c31975d86d248093c6689e034d8c888d1eac37599ece0bcda0ee737f83fb359dc80ea14208f69eaa1dfe70e1a6cc7e6669adc2a72ef711e668fea4573677241b30dcfa69af368bbe9aef79474541aa7a99d7e9dd237f6c8a8b88014c7ec2a394c884eb0d56377964da8850739f233edf3cb841d153f767741d60aa87a1f5e861504c88798af2f10d98fc0284cdb7ea56aa052787ec902325933bfd77b6face94cd8c0e9a0162d9fc4bbe7de16f8d72065aceb90b2606f97145a4fbac7ba453114de20a9bcf00d3ecc296c8244b48f226263ee3b74948c77612a13c0cd8d19ae102e9f26b16dc9c90fd021a61a026aba9a8ed83db7b3b35b1f2508294dcd88cd16b3a042f1c38e0e08f01d193e23319d3808430ccb9024cef472c8cc4c886f4ab315fb3c93930c7db959d0b74a3ad84de1860583d271119939abdf19730eb4429667afa9d129e8e2cb097f6f18bb33bb345f696d868cd500e81e0a2b3d8589c05b8340b088d47e7a0bcec16ff486e8a295c0631ad3c5118719b25057cb66a9a432e4a476cb76c9e6855bf423f199123ca02e790101b9e061cd6c278d867dc4b43a5cbaf1067d92761b327690ae12ea4040f030393b96e59fd05881a38faec971fff730a2ee2e7a0940ddcedeb8f43ff4f3a013201ae86d6c0491f945f1342c59d4e977b47a6430333cb4ff98529781bd9d026ce7be4b6e7b997ebb1836c82df6f9e581b7028b82b4cd39f4369987e37ae8ce8373da37ec9df205ce446aab0b65aeaa446490315ff3f3a97eef9d2c79939d6c2fed8d38e8f57b263ab989bc058b8066f153fd4a386ed4b4642e7923f4437c54df39ac4601179df97099a78bda5feccbbdef40cf95126672fe3e04050d5bab1ff9d99d68915988f305b9aea7e0c52380d484aa3cb0b26701c06ac3924c0f3e0e0f16663d952f7670a0678b63dbc6496fd414f56a75ca10c4019ce1a1246e52b8f98c29fc453b2f9c473d7cd94c37c98ea0059cb22d3248565fbb95c29bbd3d831445e265a5bbdf4a8648fe167a55f8bc27abd049f846fbc4ba46206fd997f92761f57e7c978967fc8b7a07fe80cd965eeb0cfdebeb3337805cd1100de893a3e57634187122970e1cf3bcf1deb8f75809784064e876b8c75f8712f9face6ec99ce6b8f91ca9c11d076a4c7db7db89c23c92e05a5602f8c69ccd55bcf3779f1a59a3a906b0a55793ddddb2fc01f10bf61d97d0fd3b540908ba13afbdd928136830d8897f659d8a842f3e4ac77450c170a65b8c6daae64ab259aa4ff486f4c14b2803a7f6bbd5e95e461b347878d5e377eeb7e0404e1f6039f5e0b922be1f0f25b3dd5ba1cb6a5de81af03e216b6180f192698261a7775109f10b3bc4657ce2f72da873cbae3946e598ad2b213e66cda1e2fae0bcab4b2b16d36e77e210521a8372be2965b0aac5b3235141c3e52414f3b419677210f3b2bcdd8c3a8df23fc0bdc69727a3e38bbb8bb823eb7fda7fe88ad3886562927b6374dcfbabb031d2ac986b299229d1547a4ac1a478462553a2574051601d2950e5751c9fbce3fe75798b2e23502bc9d29b7681b5031de9e970859c11a5348964739088137639df7bd9da79917108e9d8470fd7fe7e5ac83ed6bdad9568badf589134031edc774008ed2d9f93e9c5569f6171ec12330cfa1275283d7b00f12f2aaa9dc27594586dbb5237562764274265bc5aa98f8844fd1e0cdbe3a21e2b37ddd1cfe659f4432fc60da0ea6c06eaf20000440fabb9e3a42a9f63ccb252b07b60a148a50271be6d4ea5dcb0f9601d52dac19bb73bf9dbbed69c8a5787b394da7aba8a"})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r6=>r3, {0xffffffffffffffff, 0xffffffffffffffff}}, './file0\x00'})
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000040)={<r7=>0x0, 0x4, 0x2}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r6, 0x84, 0xf, &(0x7f00000000c0)={r7, @in={{0x2, 0x4e23, @broadcast}}, 0x6eac6c33, 0x5, 0x2, 0x8, 0xfffffffc}, &(0x7f0000000180)=0x98)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, 0x0)

2m57.678629698s ago: executing program 2 (id=120):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r1, 0x0, 0x4d6)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000980)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d030100000000009500000c000000006926000000000000bf67000000000000150600000fff070056060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff6d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded85d3cdd66d9c79f0529d045625b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c700e3806f825f1d0da2a304e06543b56d35235d7897a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664b44e22b72e843e7cf55f394cf75d1cd57c9150bfb98cc45b3fde43e42e150d4a2fddd9a9767748ca3522443097c55dc97c09d38485b18ad2cff787338bab324336f50c97b751f2ed2c4281858b428d1b2c1194b06f9bb7ffcc95c1bcfc5540f9574f20e7f513a2a7c5dad90e7d479724d69fa0c0bf97af1231a49ea166f743279d240e2e6f01d8704f313d68b16198be5f6a50e9e0fd20893b2922df566d2622edee5000000000000000000d91c6da09fa7cdbbf16d4780d8c2401c55aff772aced3ff966ff76d796c171f5f7a31e1b14b0c0c712c0fdd2710f37a3d15710d68e7326a7db043c57784bd9bdb047db75"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x3, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="660a0000000000006111530000000000850000001500000095000000000000004b4ce93ac73c1028358a23cabce92fa9b3c0df7b4c1f6bb69b2f6f3df1f7521114a93b3008aedaa23ec821811f98b39353edaa8fb2ef04e52c1cb7cfe590ac8829fb20f54f8ecb49db4796e6bf1e31eb9dcd26b0aa8dd2105b98c1931bc3880dbd61efe5fcd0e83ade46087470436702cde9de23b23835d8752c9df00b002bd344fda65a5c1323c9250cffb5aa568aa69ee1d4f37f363a9ac1e98ecdf52acf5ef7cb71147158590bf8ce0456fd5dd403116195bf98f26b89941895aea228dfbede414cb5871452a669c2f999e3feabc2a60e50f6b778ac2aad"], &(0x7f0000000000)='GPL\x00'}, 0x80)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf)
r4 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f00000002c0)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r5, 0xc0189378, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2, {r2}}, './file0\x00'})
ioctl$TCFLSH(r3, 0x400455c8, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x7)

2m57.296328315s ago: executing program 0 (id=121):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000200000014000200626f6e643000000000000000000000000900010091"], 0x43}}, 0x0)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000400)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x60, r2, 0x310, 0x70bd26, 0x25dfdbfd, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_macvtap\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'pimreg1\x00'}]}, 0x60}}, 0x20000805)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00'/20, @ANYRES32=r4, @ANYBLOB="01000000000000000c001a800800052e04"], 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x20044894)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r6=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000040)={'ip6_vti0\x00', &(0x7f00000000c0)={'syztnl0\x00', r6, 0x4, 0x9, 0x3, 0xffffff3f, 0x20, @private0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x8000, 0x7, 0xaac, 0x7fffffff}})
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f00000001c003306000000000000000000000000000000000000000000000000ffffffff0000000000004000000080040a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414000000000000000000000000000000000032000000fc02000000000000000000000000000027030000000000000000000000000000000000000000000000000000000000000010000000000000fcffffffffffffff00000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000007000000000080000100000025bd7000023500000a0000ff0000000000000000"], 0xf0}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

2m56.96131781s ago: executing program 0 (id=122):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x30, r1, 0xc11, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_QOS_MAP={0x14, 0xc7, {[{0x2, 0x1}, {0x7a, 0x2}, {0x0, 0x4}, {0x0, 0x4}], "7ecd4163b8fccf09"}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)

2m56.842780749s ago: executing program 3 (id=123):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000802, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, &(0x7f0000000280)={0x3, 0x6c03, 0x8, 0x5, 0x7f, 0xb2c, 0x9, 0xffff, 0x710})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x480, @loopback}})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x891c, &(0x7f0000000540)={'macsec0\x00', {0x2, 0x4e21, @local}})
socket$packet(0x11, 0x3, 0x300)
socket$kcm(0x2, 0x0, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000080)={'batadv_slave_1\x00', {0x2, 0x4e21, @empty}})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x20000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)

2m56.755873346s ago: executing program 0 (id=124):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000000180))
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x80489439, &(0x7f0000000580))
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @remote}, 0x10)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
exit(0x7)
preadv(r2, &(0x7f0000000040)=[{&(0x7f0000000080)=""/4097, 0x1001}], 0x1, 0x300, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0xffbf, 0x9}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$nfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000140)={[{'\x01\x00\x00\x00&'}], [{@audit}, {@audit}, {@obj_role}]})
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r4, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001100)={r4, 0x0, &(0x7f0000001700)=""/53}, 0x20)
connect$tipc(r3, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x5}}, 0x10)
sendto(r3, &(0x7f00000010c0)="b8c1dcc5623e95c86896d3e101", 0xd, 0x40000, &(0x7f0000001340)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x3, 0x4, 0x4, 0x4, {0xa, 0x4e24, 0x0, @mcast2, 0xffffffff}}}, 0x80)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
pselect6(0xf8, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x9000000}, &(0x7f0000000140), &(0x7f00000003c0), &(0x7f00000001c0)={0x77359400}, &(0x7f0000000240)={&(0x7f0000000200), 0x8})
sendmmsg$inet(r3, &(0x7f0000006740), 0x0, 0x0)
connect$tipc(r3, &(0x7f00000004c0)=@nameseq={0x1e, 0x1, 0x1, {0x43, 0x4, 0x3}}, 0x10)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x23, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={0x0}}, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x679, @dev={0xfe, 0x80, '\x00', 0x7}, 0x2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000005400)=[{{&(0x7f0000000040)={0xa, 0x4e27, 0xfff, @remote, 0x2}, 0x1c, 0x0}}], 0x40000000000016d, 0x1000)

2m56.708065703s ago: executing program 4 (id=125):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x181603, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000000)=@e={0xff, 0xb, 0xf, 0x2, @generic=0xfc, 0x8, 0x7, 0x6e})
r1 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r1, 0x800442d2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, @multicast}]})
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff})
vmsplice(r2, 0x0, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000440)={r1, 0x58, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
setsockopt$packet_drop_memb(r2, 0x107, 0x2, &(0x7f0000000480)={r3, 0x1, 0x6, @remote}, 0x10)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000000)=<r4=>0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f00000000c0)=""/221, 0xa000, 0x0, 0x401, 0x1}, 0x20)
ioctl$sock_bt_bnep_BNEPCONNADD(r1, 0x400442c8, &(0x7f00000002c0)={r1, 0x9, 0x800, "ce1fbea8edeebb419281349d6f55a459a4f09c4a1e280352ead53f3068cf214e075befcc68bb6889d5501b4bb62d0a1e405e7be3d88d3b30cb87634b0e6dcaf50e90b26e6243d12a4e635b9655d8e7f15c478c9340e44e0475850c5402316921755270c89c21ecbf4599cd901d4e53211cbd79b7c4e7a7449ab4621946916c85a7bf75890ada8d4a5df8ecdf255d9c3c862273514c0d21aec275ab6a9265c02b75bb02bdc88b79296217dbd45df101cb3c97ff979bd5421d785f4fac07d456f35ba50948684eec66dc33d5c32afc0d2515019edba524a6e7ad25f1"})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@func_proto, @const={0x8, 0x0, 0x0, 0xa, 0x2}]}}, 0x0, 0x32, 0x0, 0x1}, 0x28)
sched_setscheduler(r4, 0x0, &(0x7f0000000040)=0x1)

2m56.459768934s ago: executing program 4 (id=126):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e25}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x50, 0x0, &(0x7f0000001840)=0x1c)
fchdir(0xffffffffffffffff)
read$FUSE(0xffffffffffffffff, &(0x7f0000006100)={0x2020}, 0x2020)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r3, &(0x7f0000000280), &(0x7f0000000000)=""/3, 0x2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000800)={r3, &(0x7f0000000780)}, 0x20)

2m53.007683085s ago: executing program 4 (id=127):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="04010000100007000000000004000000ff020000000000000000000000000001e0000002000000000000000000000000ffff0000000000000000000002000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ff010000000000000000000000000001000000002b000000fc0000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000070000000000000000000000000000000000040000000000e80a000000000000000000000a000200700000000000000014000e00fe8000000000000000000000000000bb"], 0x104}}, 0x0)
syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
listen(r1, 0xfffffffd)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r3, 0x0, 0x6, &(0x7f0000000200)=0x208001, 0x4)
sendto$inet(r3, &(0x7f0000000000)="f461a9bbc95c3583", 0x8, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
recvmmsg(r3, &(0x7f000000e280), 0x58a, 0x42, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000000)=0x1)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_int(r4, 0x0, 0x13, 0xfffffffffffffffc, &(0x7f0000000000)=0x60)
socket$netlink(0x10, 0x3, 0x0)

2m52.908022756s ago: executing program 0 (id=128):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
close(r3)
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r4, 0xc0105500, &(0x7f0000000040)={0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0})
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r5, 0x40384708, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "3e07f500100000ef0200"})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffd)

2m52.903438532s ago: executing program 1 (id=129):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
eventfd2(0x8, 0x0)
r0 = syz_io_uring_setup(0x110, &(0x7f0000001280)={0x0, 0xfad6, 0x8}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FADVISE={0x18, 0x48, 0x0, @fd_index=0x4, 0x15, 0x0, 0x8, 0x1})
io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x10, 0x4, &(0x7f0000000300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x38}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
r6 = syz_io_uring_setup(0x835, &(0x7f00000000c0)={0x0, 0x679a, 0x800, 0x2000006, 0x3ce}, &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x2400c0c7, 0x1})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)

2m52.623818282s ago: executing program 3 (id=130):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0xb4, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x8c, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x54, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_XOR={0x1c, 0x5, 0x0, 0x1, [@NFTA_DATA_VALUE={0x15, 0x1, "a48ce447bb2f04f1aaa1a0baeaddd6216d"}]}, @NFTA_BITWISE_MASK={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x8, 0x1, "6eee7e08"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x128}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000001c0)="d8000000150081044e81f782db44b9040a78080206140000040000a118000300ff05000006000e1208000f0100810401a80016eaa400010000005f54c92011148ed08734843cb12b00000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5e835913b06218a07445d6d930dfe1d9d322fe7c", 0x90}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = syz_open_dev$video4linux(&(0x7f0000000000), 0x7f67, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r3, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0x0, 0x0, 0x200d, 0x0, 0x6, 0x9, 0x5}})
syz_emit_ethernet(0x21, &(0x7f0000000180)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}, @val={@val={0x88a8, 0x2, 0x1}, {0x8100, 0x1, 0x0, 0xe}}, {@x25={0x805, {0x0, 0xa, 0xff, "0cc1dc0f3f6abca3"}}}}, &(0x7f0000000280)={0x1, 0x1, [0x6a5, 0xedf, 0x2b8, 0xc44]})
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2, <r4=>0xffffffffffffffff}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000400008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r5, 0x18000000000002a0, 0x72, 0x0, &(0x7f0000000240)="ce010000009a697f65360c5e86dd", 0x0, 0x1fe7, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="bc010000190001000000000001000000fe8000000000000000000000000000aaac1414bb00000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000009da600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004010500ac1414aa000000000000000000000000000000003300000000000000ffffffff0000000000000000000000000000000000000000000000000000000040000000fe8000000000000000000000000000bb000000003c00000000000000fe8000000000000000000000000000000000000000000000000000000000000000000000fe8000000000000000000000000000aa0000000033000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f000001000000000000000000000000000000003300000003"], 0x1bc}, 0x1, 0x0, 0x0, 0x1}, 0x40)

2m51.10778478s ago: executing program 0 (id=131):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000802, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, &(0x7f0000000280)={0x3, 0x6c03, 0x8, 0x5, 0x7f, 0xb2c, 0x9, 0xffff, 0x710})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x480, @loopback}})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x891c, &(0x7f0000000540)={'macsec0\x00', {0x2, 0x4e21, @local}})
socket$packet(0x11, 0x3, 0x300)
socket$kcm(0x2, 0x0, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000080)={'batadv_slave_1\x00', {0x2, 0x4e21, @empty}})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x20000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)

2m50.536540005s ago: executing program 2 (id=132):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBDIACR(r1, 0x4bfb, &(0x7f0000000000)=""/174)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000280)='cdg', 0x3)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

2m49.524103347s ago: executing program 3 (id=133):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000004f7a82eb00040000000018010000756c6c2500000000002020207b1af8ff00ea943afdd8e91c55000000bfa100000000000007010000f8ffffffb702000008000000b716000003000000c98c1215a234909bf4bf59468ca885000000060000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SNDCTL_DSP_GETFMTS(0xffffffffffffffff, 0x8004500b, &(0x7f0000000a40)=0x6)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20\x00'}, 0x58)
recvmmsg(0xffffffffffffffff, &(0x7f0000000a00)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000b80)=""/4104, 0x1008}, {&(0x7f00000006c0)=""/96, 0x60}], 0x2}, 0x7}], 0x1, 0x40000021, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x60000, 0x0)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f00000034c0)={0x2020, 0x0, 0x0, <r7=>0x0, <r8=>0x0}, 0xcac)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000600)=""/32, &(0x7f0000000800)=0x20)
fchown(r5, r7, r8)
fsetxattr$system_posix_acl(r5, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="020000000100040000000000040004000000000008000000", @ANYRES32=<r9=>r8, @ANYBLOB="10000100000080df20"], 0x2c, 0x2)
sendmsg$unix(r1, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000300)="a29a5a0e76cc809932179755a86c08e5d70d3acb907e2c30e10fe263be7b0bb36908a08e928a607c619b9eeba4ba7bdc53dd607a1f634f2d1c5467872e6216fbef33a484d28f27448777624b44521e120103435858aee0fd81f39c57523c9e08b6ecd2fbb16a089b5a6dff16eac24d654e4c9239d71cf972272b44f857e5953efda0d03c0e436e0b1978a14de1201d3f0556e95208629381d15193a46b7f5b749cd276835d53855d8639b38017da0776a4dc", 0xb2}, {&(0x7f0000000180)="d2d47e2bd71af658438cfa09cfe24fc131787cd4635ca6d031f56b5d300879b08f55f89f9b1db3afd48273885b51bd4687126a8f56eccd1c1ac739", 0x3b}, {&(0x7f00000003c0)="1715c70d21a7402d8140ef1c08b92a3faef7e672f8bae6078211eca51e9ca8b518c82a010dba01fdbbdbd0b01e00bab96f933956ed7fc5897bc7e89c396032ec0bda96087d5613ad4007e2e844fd18acbd6977f1ace31ac947b4cd9574edf758fc46928c9fb582c6bd64fee16752e649c7e53ee458f7492626b20ae5daaa7e51b4b8aa02b8f080e3d75a0a327b885f66c36ac1e38bd6376580c78bf91b037f1a3cb5392e9155b2765965f908e0c12225522ebdc1771c82594b2f8f505ce75fc1f8fc2ea7c835865d3012c18ff42b42c901eeb93e2e4382c785c026332ced2479998b4567d7c74a5dbec4fe0dff79958487d1df", 0xf3}, {&(0x7f00000004c0)="6a7bd6f3852e2955c6c4c0a9c61b0eb6830e4c9875f4475ffa4714a9bc51b37d8e6e0b9d9b597d049ca4c38b119326c58af9686e01137f26140867ba63840f83868297eef36806c76dc39e46a074217efdf1ba5cd7ca00f7dc3ea075e3379610e1732aa1a381d4e9b794891047d86ccb476af76408341ca24f0e53ec7a37117244aa0b44dc612caba4055bc8e9823cb1a62a24a7a5a63c2ce71d5a6ba47dfe695a897e32c70a49654aaccc12b7541d63f230d7a8f2cff273e9155939550a6b9f98218273de9a56c2e140645884a714807f16db1d8022f5c766ba3594cea52b25880bbab74c75100b054a40a5cb0cefa5165646b097402984", 0xf8}, {&(0x7f0000000240)="a25a28b798f8c2da92285bb3cfaa8befe401e8745a88c073758ea3e1d82a4937480418d8543d9678dcef62c2647ac1815a92e7e9503c1ef999e80f2a6b184bb3f34da022467410f629222693daae4ee8b5f6549e26e531cc4223428cd7c95aa85c8650b949e2ceb0415115b81ceaf354678304", 0x73}, {&(0x7f00000005c0)="63b419bdac3aff29658b70833f9252d3c97ce30a26d1c55767d77eed87f1136f0085dcf5fa61e7641398951fd601013a21f10c44de076f18f3f8f07422", 0x3d}, {0x0}, {&(0x7f0000000640)="ecc5f5bfee665586815445ed3d0ca826a33cdd9e5da7a5c8e5025bcd74191b73e0968695ab086065c5e9c7fd6f72c9b4028957e2260a971dd1aab244a99e6d66add1eb7e6a0f5228d39b091cd6f4fdb9ada57904f6b4d3ef02c6ea8a", 0x5c}, {&(0x7f00000006c0)="4566efcc4d5eb26ea83a6ce38d042d7bb03b99c12b6b17c2de1fcd14fc4fe5b1d6f9", 0x22}, {&(0x7f0000000700)}], 0xa, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES8, @ANYBLOB="00000000070100000002000000", @ANYRES64=r9, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32, @ANYRES32=r1, @ANYRES32=r3, @ANYRES32=r1, @ANYRESDEC=r0, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=r8, @ANYBLOB='\x00\x00\x00\x00'], 0x90, 0x4000}, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r10 = syz_open_dev$vim2m(&(0x7f0000000a40), 0x9, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r10, 0xc0405602, &(0x7f0000000a80)={0x4000, 0xd, 0x0, "134600cea4dd512d97d4188cbf770637bc747721f37af54dd1dc03030096c337"})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000000000b1400101c0"])
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)

2m49.399165617s ago: executing program 4 (id=134):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000280)='cdg', 0x3)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) (fail_nth: 1)

2m49.027658109s ago: executing program 2 (id=135):
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = mq_open(&(0x7f0000000000)='eth0\x00', 0x42, 0x0, 0x0)
r1 = mq_open(0x0, 0x42, 0x11, 0x0)
r2 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x41c3, 0x800, 0x0, 0x335}, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x3, 0x0})
io_uring_enter(r2, 0x47ba, 0x98f1, 0x20, 0x0, 0x0)
exit(0x5)
mq_timedsend(r1, 0x0, 0x0, 0x6, 0x0)

1m23.086133366s ago: executing program 32 (id=131):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000802, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, &(0x7f0000000280)={0x3, 0x6c03, 0x8, 0x5, 0x7f, 0xb2c, 0x9, 0xffff, 0x710})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000040)={'batadv_slave_1\x00', {0x2, 0x480, @loopback}})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x891c, &(0x7f0000000540)={'macsec0\x00', {0x2, 0x4e21, @local}})
socket$packet(0x11, 0x3, 0x300)
socket$kcm(0x2, 0x0, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000080)={'batadv_slave_1\x00', {0x2, 0x4e21, @empty}})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x20000, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x1)

56.68716392s ago: executing program 33 (id=129):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
eventfd2(0x8, 0x0)
r0 = syz_io_uring_setup(0x110, &(0x7f0000001280)={0x0, 0xfad6, 0x8}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FADVISE={0x18, 0x48, 0x0, @fd_index=0x4, 0x15, 0x0, 0x8, 0x1})
io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x10, 0x4, &(0x7f0000000300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x38}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x80)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
r6 = syz_io_uring_setup(0x835, &(0x7f00000000c0)={0x0, 0x679a, 0x800, 0x2000006, 0x3ce}, &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x2400c0c7, 0x1})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)

53.153792623s ago: executing program 34 (id=135):
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = mq_open(&(0x7f0000000000)='eth0\x00', 0x42, 0x0, 0x0)
r1 = mq_open(0x0, 0x42, 0x11, 0x0)
r2 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x41c3, 0x800, 0x0, 0x335}, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x3, 0x0})
io_uring_enter(r2, 0x47ba, 0x98f1, 0x20, 0x0, 0x0)
exit(0x5)
mq_timedsend(r1, 0x0, 0x0, 0x6, 0x0)

28.660002358s ago: executing program 35 (id=133):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000004f7a82eb00040000000018010000756c6c2500000000002020207b1af8ff00ea943afdd8e91c55000000bfa100000000000007010000f8ffffffb702000008000000b716000003000000c98c1215a234909bf4bf59468ca885000000060000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$SNDCTL_DSP_GETFMTS(0xffffffffffffffff, 0x8004500b, &(0x7f0000000a40)=0x6)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20\x00'}, 0x58)
recvmmsg(0xffffffffffffffff, &(0x7f0000000a00)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000b80)=""/4104, 0x1008}, {&(0x7f00000006c0)=""/96, 0x60}], 0x2}, 0x7}], 0x1, 0x40000021, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x60000, 0x0)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f00000034c0)={0x2020, 0x0, 0x0, <r7=>0x0, <r8=>0x0}, 0xcac)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000600)=""/32, &(0x7f0000000800)=0x20)
fchown(r5, r7, r8)
fsetxattr$system_posix_acl(r5, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="020000000100040000000000040004000000000008000000", @ANYRES32=<r9=>r8, @ANYBLOB="10000100000080df20"], 0x2c, 0x2)
sendmsg$unix(r1, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000300)="a29a5a0e76cc809932179755a86c08e5d70d3acb907e2c30e10fe263be7b0bb36908a08e928a607c619b9eeba4ba7bdc53dd607a1f634f2d1c5467872e6216fbef33a484d28f27448777624b44521e120103435858aee0fd81f39c57523c9e08b6ecd2fbb16a089b5a6dff16eac24d654e4c9239d71cf972272b44f857e5953efda0d03c0e436e0b1978a14de1201d3f0556e95208629381d15193a46b7f5b749cd276835d53855d8639b38017da0776a4dc", 0xb2}, {&(0x7f0000000180)="d2d47e2bd71af658438cfa09cfe24fc131787cd4635ca6d031f56b5d300879b08f55f89f9b1db3afd48273885b51bd4687126a8f56eccd1c1ac739", 0x3b}, {&(0x7f00000003c0)="1715c70d21a7402d8140ef1c08b92a3faef7e672f8bae6078211eca51e9ca8b518c82a010dba01fdbbdbd0b01e00bab96f933956ed7fc5897bc7e89c396032ec0bda96087d5613ad4007e2e844fd18acbd6977f1ace31ac947b4cd9574edf758fc46928c9fb582c6bd64fee16752e649c7e53ee458f7492626b20ae5daaa7e51b4b8aa02b8f080e3d75a0a327b885f66c36ac1e38bd6376580c78bf91b037f1a3cb5392e9155b2765965f908e0c12225522ebdc1771c82594b2f8f505ce75fc1f8fc2ea7c835865d3012c18ff42b42c901eeb93e2e4382c785c026332ced2479998b4567d7c74a5dbec4fe0dff79958487d1df", 0xf3}, {&(0x7f00000004c0)="6a7bd6f3852e2955c6c4c0a9c61b0eb6830e4c9875f4475ffa4714a9bc51b37d8e6e0b9d9b597d049ca4c38b119326c58af9686e01137f26140867ba63840f83868297eef36806c76dc39e46a074217efdf1ba5cd7ca00f7dc3ea075e3379610e1732aa1a381d4e9b794891047d86ccb476af76408341ca24f0e53ec7a37117244aa0b44dc612caba4055bc8e9823cb1a62a24a7a5a63c2ce71d5a6ba47dfe695a897e32c70a49654aaccc12b7541d63f230d7a8f2cff273e9155939550a6b9f98218273de9a56c2e140645884a714807f16db1d8022f5c766ba3594cea52b25880bbab74c75100b054a40a5cb0cefa5165646b097402984", 0xf8}, {&(0x7f0000000240)="a25a28b798f8c2da92285bb3cfaa8befe401e8745a88c073758ea3e1d82a4937480418d8543d9678dcef62c2647ac1815a92e7e9503c1ef999e80f2a6b184bb3f34da022467410f629222693daae4ee8b5f6549e26e531cc4223428cd7c95aa85c8650b949e2ceb0415115b81ceaf354678304", 0x73}, {&(0x7f00000005c0)="63b419bdac3aff29658b70833f9252d3c97ce30a26d1c55767d77eed87f1136f0085dcf5fa61e7641398951fd601013a21f10c44de076f18f3f8f07422", 0x3d}, {0x0}, {&(0x7f0000000640)="ecc5f5bfee665586815445ed3d0ca826a33cdd9e5da7a5c8e5025bcd74191b73e0968695ab086065c5e9c7fd6f72c9b4028957e2260a971dd1aab244a99e6d66add1eb7e6a0f5228d39b091cd6f4fdb9ada57904f6b4d3ef02c6ea8a", 0x5c}, {&(0x7f00000006c0)="4566efcc4d5eb26ea83a6ce38d042d7bb03b99c12b6b17c2de1fcd14fc4fe5b1d6f9", 0x22}, {&(0x7f0000000700)}], 0xa, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES8, @ANYBLOB="00000000070100000002000000", @ANYRES64=r9, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32, @ANYRES32=r1, @ANYRES32=r3, @ANYRES32=r1, @ANYRESDEC=r0, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=r8, @ANYBLOB='\x00\x00\x00\x00'], 0x90, 0x4000}, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r10 = syz_open_dev$vim2m(&(0x7f0000000a40), 0x9, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r10, 0xc0405602, &(0x7f0000000a80)={0x4000, 0xd, 0x0, "134600cea4dd512d97d4188cbf770637bc747721f37af54dd1dc03030096c337"})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000280)=ANY=[@ANYBLOB="01000000000000b1400101c0"])
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)

0s ago: executing program 36 (id=134):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000280)='cdg', 0x3)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25) (fail_nth: 1)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.84' (ED25519) to the list of known hosts.
[   77.652971][ T5823] cgroup: Unknown subsys name 'net'
[   77.904990][ T5823] cgroup: Unknown subsys name 'cpuset'
[   77.971010][ T5823] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   79.617270][ T5823] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   82.475931][ T5836] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   82.494062][ T5850] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   82.501628][ T5850] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   82.502314][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   82.505462][ T5850] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   82.507630][ T5850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   82.508923][ T5850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   82.510117][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   82.511370][ T5850] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   82.512749][ T5850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   82.512984][ T5850] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   82.514982][ T5850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   82.516025][ T5850] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   82.516197][ T5850] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   82.520131][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   82.520497][ T5836] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   82.521184][ T5854] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   82.524273][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   82.538017][ T5836] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   82.540927][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   82.553581][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   82.615889][ T5854] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   82.617302][ T5854] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   82.618730][ T5854] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   82.619553][ T5854] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   83.573512][ T5839] chnl_net:caif_netlink_parms(): no params data found
[   83.583617][ T5847] chnl_net:caif_netlink_parms(): no params data found
[   83.665171][ T5837] chnl_net:caif_netlink_parms(): no params data found
[   83.836970][ T5838] chnl_net:caif_netlink_parms(): no params data found
[   83.848140][ T5834] chnl_net:caif_netlink_parms(): no params data found
[   84.529262][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.538063][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.538668][ T5839] bridge_slave_0: entered allmulticast mode
[   84.541149][ T5839] bridge_slave_0: entered promiscuous mode
[   84.547546][ T5847] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.547690][ T5847] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.547871][ T5847] bridge_slave_0: entered allmulticast mode
[   84.561694][ T5847] bridge_slave_0: entered promiscuous mode
[   84.652579][ T5153] Bluetooth: hci3: command tx timeout
[   84.652852][ T5842] Bluetooth: hci4: command tx timeout
[   84.683975][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.684179][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.684360][ T5839] bridge_slave_1: entered allmulticast mode
[   84.687054][ T5839] bridge_slave_1: entered promiscuous mode
[   84.718216][ T5847] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.718367][ T5847] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.718502][ T5847] bridge_slave_1: entered allmulticast mode
[   84.719968][ T5847] bridge_slave_1: entered promiscuous mode
[   84.730419][ T5153] Bluetooth: hci2: command tx timeout
[   84.730427][ T5852] Bluetooth: hci1: command tx timeout
[   84.730685][ T5842] Bluetooth: hci0: command tx timeout
[   85.111835][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.111993][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.112188][ T5837] bridge_slave_0: entered allmulticast mode
[   85.114952][ T5837] bridge_slave_0: entered promiscuous mode
[   85.421164][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.421312][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.421484][ T5837] bridge_slave_1: entered allmulticast mode
[   85.423315][ T5837] bridge_slave_1: entered promiscuous mode
[   85.425467][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.425578][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.425687][ T5838] bridge_slave_0: entered allmulticast mode
[   85.427121][ T5838] bridge_slave_0: entered promiscuous mode
[   85.429316][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.429440][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.429600][ T5834] bridge_slave_0: entered allmulticast mode
[   85.433704][ T5834] bridge_slave_0: entered promiscuous mode
[   85.444428][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.449967][ T5847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.514501][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.514699][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.514873][ T5838] bridge_slave_1: entered allmulticast mode
[   85.520597][ T5838] bridge_slave_1: entered promiscuous mode
[   85.529783][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.529912][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.530085][ T5834] bridge_slave_1: entered allmulticast mode
[   85.532879][ T5834] bridge_slave_1: entered promiscuous mode
[   85.552333][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.555925][ T5847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.134408][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.443653][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.446334][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.449279][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.462126][ T5839] team0: Port device team_slave_0 added
[   86.465803][ T5847] team0: Port device team_slave_0 added
[   86.554919][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.557337][ T5839] team0: Port device team_slave_1 added
[   86.561262][ T5847] team0: Port device team_slave_1 added
[   86.564972][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.731510][ T5852] Bluetooth: hci3: command tx timeout
[   86.731641][ T5842] Bluetooth: hci4: command tx timeout
[   86.810503][ T5842] Bluetooth: hci1: command tx timeout
[   86.811591][ T5852] Bluetooth: hci2: command tx timeout
[   86.811668][ T5842] Bluetooth: hci0: command tx timeout
[   86.814798][   T31] cfg80211: failed to load regulatory.db
[   87.023178][ T5837] team0: Port device team_slave_0 added
[   87.594858][ T5837] team0: Port device team_slave_1 added
[   87.597364][ T5838] team0: Port device team_slave_0 added
[   87.605956][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.605970][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.605993][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.608204][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.608216][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.608238][ T5847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.611882][ T5834] team0: Port device team_slave_0 added
[   87.615266][ T5838] team0: Port device team_slave_1 added
[   87.744278][ T5847] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.744289][ T5847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.744303][ T5847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.745193][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.745201][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.745213][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.747019][ T5834] team0: Port device team_slave_1 added
[   88.125514][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.125530][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.125553][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.292366][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.292381][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.292402][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.293517][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.293529][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.293550][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.296701][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.296709][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.296722][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.297858][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.297869][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.297891][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.541872][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.541887][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.541900][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.745176][ T5847] hsr_slave_0: entered promiscuous mode
[   88.746795][ T5847] hsr_slave_1: entered promiscuous mode
[   88.756365][ T5839] hsr_slave_0: entered promiscuous mode
[   88.757518][ T5839] hsr_slave_1: entered promiscuous mode
[   88.758470][ T5839] debugfs: 'hsr0' already exists in 'hsr'
[   88.758579][ T5839] Cannot create hsr debugfs directory
[   88.820528][ T5852] Bluetooth: hci3: command tx timeout
[   88.820615][ T5842] Bluetooth: hci4: command tx timeout
[   88.900576][ T5852] Bluetooth: hci2: command tx timeout
[   88.900587][ T5153] Bluetooth: hci1: command tx timeout
[   88.900669][ T5842] Bluetooth: hci0: command tx timeout
[   89.149910][ T5837] hsr_slave_0: entered promiscuous mode
[   89.151535][ T5837] hsr_slave_1: entered promiscuous mode
[   89.152463][ T5837] debugfs: 'hsr0' already exists in 'hsr'
[   89.152485][ T5837] Cannot create hsr debugfs directory
[   89.386928][ T5838] hsr_slave_0: entered promiscuous mode
[   89.387737][ T5838] hsr_slave_1: entered promiscuous mode
[   89.388260][ T5838] debugfs: 'hsr0' already exists in 'hsr'
[   89.388279][ T5838] Cannot create hsr debugfs directory
[   89.548040][ T5834] hsr_slave_0: entered promiscuous mode
[   89.548818][ T5834] hsr_slave_1: entered promiscuous mode
[   89.549401][ T5834] debugfs: 'hsr0' already exists in 'hsr'
[   89.549426][ T5834] Cannot create hsr debugfs directory
[   90.891814][ T5153] Bluetooth: hci3: command tx timeout
[   90.891858][ T5842] Bluetooth: hci4: command tx timeout
[   90.971023][ T5842] Bluetooth: hci1: command tx timeout
[   90.971145][ T5153] Bluetooth: hci2: command tx timeout
[   90.971179][ T5842] Bluetooth: hci0: command tx timeout
[   91.117431][ T5847] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   91.180160][ T5847] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   91.217644][ T5847] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   91.266932][ T5847] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   91.382036][ T5839] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   91.418442][ T5839] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   91.451835][ T5839] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   91.504649][ T5839] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   91.638518][ T5837] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   91.691115][ T5837] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   91.744325][ T5837] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   91.797639][ T5837] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   91.961628][ T5838] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   92.018824][ T5838] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   92.067403][ T5838] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   92.115378][ T5838] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   92.296031][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.297127][ T5834] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   92.339299][ T5834] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   92.369030][ T5834] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   92.391922][ T5834] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   92.488214][ T5847] 8021q: adding VLAN 0 to HW filter on device team0
[   92.547632][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.548107][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.593331][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.606350][ T1373] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.606527][ T1373] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.716202][ T5839] 8021q: adding VLAN 0 to HW filter on device team0
[   92.742769][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.778184][ T1692] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.778308][ T1692] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.829407][ T1692] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.829553][ T1692] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.887142][ T5837] 8021q: adding VLAN 0 to HW filter on device team0
[   92.907882][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.939819][ T1373] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.939945][ T1373] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.016568][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.016706][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.096198][ T5838] 8021q: adding VLAN 0 to HW filter on device team0
[   93.160062][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.206847][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.207599][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.249862][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.249962][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.338930][ T5834] 8021q: adding VLAN 0 to HW filter on device team0
[   93.392427][ T1126] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.392861][ T1126] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.451059][ T1126] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.451214][ T1126] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.473952][ T5847] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.911800][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.155201][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.285871][ T5839] veth0_vlan: entered promiscuous mode
[   94.379942][ T5839] veth1_vlan: entered promiscuous mode
[   94.457609][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.467553][ T5847] veth0_vlan: entered promiscuous mode
[   94.493236][ T5837] veth0_vlan: entered promiscuous mode
[   94.497452][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.536699][ T5847] veth1_vlan: entered promiscuous mode
[   94.567544][ T5837] veth1_vlan: entered promiscuous mode
[   94.590687][ T5839] veth0_macvtap: entered promiscuous mode
[   94.631686][ T5839] veth1_macvtap: entered promiscuous mode
[   94.732080][ T5847] veth0_macvtap: entered promiscuous mode
[   94.743089][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.744538][ T5838] veth0_vlan: entered promiscuous mode
[   94.776815][ T5834] veth0_vlan: entered promiscuous mode
[   94.778368][ T5847] veth1_macvtap: entered promiscuous mode
[   94.793465][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.805516][ T5837] veth0_macvtap: entered promiscuous mode
[   94.839611][ T5838] veth1_vlan: entered promiscuous mode
[   94.850133][ T5837] veth1_macvtap: entered promiscuous mode
[   94.858962][   T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.869250][   T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.885305][ T5834] veth1_vlan: entered promiscuous mode
[   94.890083][   T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.916713][   T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.978851][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.043429][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.051281][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.150508][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.152625][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.185484][   T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.199156][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.229603][   T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.267453][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.268041][ T5838] veth0_macvtap: entered promiscuous mode
[   95.323894][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.328897][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.355798][   T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.355822][   T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.357356][ T5834] veth0_macvtap: entered promiscuous mode
[   95.358913][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.376871][ T5838] veth1_macvtap: entered promiscuous mode
[   95.499684][ T5834] veth1_macvtap: entered promiscuous mode
[   95.712905][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.712924][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.818422][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.851886][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.851902][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.882010][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.915786][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.974899][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.976142][ T1126] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.976158][ T1126] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.978941][ T3653] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.039677][ T3653] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.054848][ T3653] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.072286][ T3653] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.123274][   T43] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.142300][ T3653] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.142318][ T3653] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.169263][   T43] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.244350][   T43] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.260500][   T43] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.217968][ T3653] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.218021][ T3653] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.790046][ T5966] FAULT_INJECTION: forcing a failure.
[   97.790046][ T5966] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   97.790097][ T5966] CPU: 0 UID: 0 PID: 5966 Comm: syz.3.4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[   97.790118][ T5966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   97.790134][ T5966] Call Trace:
[   97.790140][ T5966]  <TASK>
[   97.790147][ T5966]  dump_stack_lvl+0x189/0x250
[   97.790182][ T5966]  ? __pfx____ratelimit+0x10/0x10
[   97.790205][ T5966]  ? __pfx_dump_stack_lvl+0x10/0x10
[   97.790231][ T5966]  ? __pfx__printk+0x10/0x10
[   97.790255][ T5966]  ? __might_fault+0xb0/0x130
[   97.790285][ T5966]  should_fail_ex+0x46c/0x600
[   97.790313][ T5966]  _copy_from_user+0x2d/0xb0
[   97.790334][ T5966]  ___sys_sendmsg+0x158/0x2a0
[   97.790353][ T5966]  ? __pfx____sys_sendmsg+0x10/0x10
[   97.790405][ T5966]  ? __fget_files+0x2a/0x420
[   97.790426][ T5966]  ? __fget_files+0x3a6/0x420
[   97.790459][ T5966]  __x64_sys_sendmsg+0x1a1/0x260
[   97.790479][ T5966]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[   97.790508][ T5966]  ? rcu_is_watching+0x15/0xb0
[   97.790537][ T5966]  ? do_syscall_64+0xbe/0x3b0
[   97.790558][ T5966]  do_syscall_64+0xfa/0x3b0
[   97.790573][ T5966]  ? lockdep_hardirqs_on+0x9c/0x150
[   97.790595][ T5966]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.790618][ T5966]  ? clear_bhb_loop+0x60/0xb0
[   97.790643][ T5966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.790659][ T5966] RIP: 0033:0x7f289990eec9
[   97.790680][ T5966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.790694][ T5966] RSP: 002b:00007f2897b6e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   97.790714][ T5966] RAX: ffffffffffffffda RBX: 00007f2899b65fa0 RCX: 00007f289990eec9
[   97.790727][ T5966] RDX: 0000000000000040 RSI: 0000200000000480 RDI: 0000000000000003
[   97.790742][ T5966] RBP: 00007f2897b6e090 R08: 0000000000000000 R09: 0000000000000000
[   97.790753][ T5966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.790763][ T5966] R13: 00007f2899b66038 R14: 00007f2899b65fa0 R15: 00007fff6ff43c28
[   97.790793][ T5966]  </TASK>
[   98.030561][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.030580][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.107964][ T3653] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.107983][ T3653] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.151470][ T5833] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   98.191498][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.191517][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.300587][ T5833] usb 5-1: device descriptor read/64, error -71
[   98.372114][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.372133][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.825174][ T5833] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   99.631977][ T5833] usb 5-1: device descriptor read/64, error -71
[   99.744670][ T5833] usb usb5-port1: attempt power cycle
[  100.010348][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  100.182097][ T5833] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  100.209456][ T5833] usb 5-1: device descriptor read/8, error -71
[  100.362566][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  100.420305][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  100.420347][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  100.420380][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  100.420410][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  100.420444][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  100.420475][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  100.420515][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  100.420546][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  100.750379][ T5833] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  101.074122][ T5833] usb 5-1: device not accepting address 5, error -71
[  101.074514][ T5833] usb usb5-port1: unable to enumerate USB device
[  101.100101][ T5994] FAULT_INJECTION: forcing a failure.
[  101.100101][ T5994] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.100861][ T5994] CPU: 0 UID: 0 PID: 5994 Comm: syz.1.9 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  101.100884][ T5994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  101.100894][ T5994] Call Trace:
[  101.100901][ T5994]  <TASK>
[  101.100909][ T5994]  dump_stack_lvl+0x189/0x250
[  101.100945][ T5994]  ? __pfx____ratelimit+0x10/0x10
[  101.100969][ T5994]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.100991][ T5994]  ? __pfx__printk+0x10/0x10
[  101.101011][ T5994]  ? __might_fault+0xb0/0x130
[  101.101046][ T5994]  should_fail_ex+0x46c/0x600
[  101.101075][ T5994]  _copy_from_user+0x2d/0xb0
[  101.101095][ T5994]  io_submit_one+0xc2/0x1310
[  101.101125][ T5994]  ? __pfx_io_submit_one+0x10/0x10
[  101.101139][ T5994]  ? __might_fault+0xb0/0x130
[  101.101166][ T5994]  ? __might_fault+0xb0/0x130
[  101.101191][ T5994]  __se_sys_io_submit+0x185/0x2f0
[  101.101214][ T5994]  ? __pfx___se_sys_io_submit+0x10/0x10
[  101.101234][ T5994]  ? ksys_write+0x230/0x260
[  101.101266][ T5994]  ? do_syscall_64+0xbe/0x3b0
[  101.101286][ T5994]  do_syscall_64+0xfa/0x3b0
[  101.101302][ T5994]  ? lockdep_hardirqs_on+0x9c/0x150
[  101.101323][ T5994]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.101340][ T5994]  ? clear_bhb_loop+0x60/0xb0
[  101.101361][ T5994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.101378][ T5994] RIP: 0033:0x7f975751eec9
[  101.101394][ T5994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.101407][ T5994] RSP: 002b:00007f9755765038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  101.101426][ T5994] RAX: ffffffffffffffda RBX: 00007f9757776090 RCX: 00007f975751eec9
[  101.101439][ T5994] RDX: 0000200000000780 RSI: 0000000000000001 RDI: 00007f975573c000
[  101.101451][ T5994] RBP: 00007f9755765090 R08: 0000000000000000 R09: 0000000000000000
[  101.101461][ T5994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.101472][ T5994] R13: 00007f9757776128 R14: 00007f9757776090 R15: 00007ffeaa93b5b8
[  101.101501][ T5994]  </TASK>
[  101.856236][ T6000] netlink: 'syz.0.12': attribute type 3 has an invalid length.
[  101.856325][ T6000] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.12'.
[  102.960436][ T5954] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  103.067638][ T6018] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  103.116619][ T5954] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  103.116645][ T5954] usb 4-1: config 0 has no interface number 0
[  103.116696][ T5954] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  103.116725][ T5954] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.258399][ T5954] usb 4-1: config 0 descriptor??
[  103.380139][ T5954] cp210x 4-1:0.1: cp210x converter detected
[  104.453941][ T5954] cp210x 4-1:0.1: failed to get vendor val 0x000e size 3: -32
[  104.593478][ T6031] Zero length message leads to an empty skb
[  104.596429][ T6031] netlink: 8 bytes leftover after parsing attributes in process `syz.0.21'.
[  104.599090][ T6031] openvswitch: netlink: nsh attr 0 has unexpected len 8 expected 0
[  104.599132][ T6031] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  104.805719][ T5954] cp210x 4-1:0.1: failed to get vendor val 0x370c size 15: -121
[  104.805737][ T5954] cp210x 4-1:0.1: GPIO initialisation failed: -121
[  104.831660][ T5954] usb 4-1: cp210x converter now attached to ttyUSB0
[  104.859408][ T6035] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22'.
[  104.859571][ T6035] openvswitch: netlink: nsh attr 0 has unexpected len 8 expected 0
[  104.859604][ T6035] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  104.891455][ T6036] bond0: Unable to set down delay as MII monitoring is disabled
[  105.041650][ T6034] process 'syz.4.23' launched '/dev/fd/6' with NULL argv: empty string added
[  105.046068][ T6034] FAULT_INJECTION: forcing a failure.
[  105.046068][ T6034] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.046087][ T6034] CPU: 1 UID: 0 PID: 6034 Comm: syz.4.23 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  105.046099][ T6034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  105.046105][ T6034] Call Trace:
[  105.046109][ T6034]  <TASK>
[  105.046113][ T6034]  dump_stack_lvl+0x189/0x250
[  105.046133][ T6034]  ? __pfx____ratelimit+0x10/0x10
[  105.046147][ T6034]  ? __pfx_dump_stack_lvl+0x10/0x10
[  105.046161][ T6034]  ? __pfx__printk+0x10/0x10
[  105.046171][ T6034]  ? __might_fault+0xb0/0x130
[  105.046191][ T6034]  should_fail_ex+0x46c/0x600
[  105.046207][ T6034]  _copy_from_user+0x2d/0xb0
[  105.046220][ T6034]  __sys_bind+0x19f/0x3e0
[  105.046235][ T6034]  ? __pfx___sys_bind+0x10/0x10
[  105.046253][ T6034]  ? __pfx_ksys_write+0x10/0x10
[  105.046269][ T6034]  __x64_sys_bind+0x7a/0x90
[  105.046282][ T6034]  do_syscall_64+0xfa/0x3b0
[  105.046291][ T6034]  ? lockdep_hardirqs_on+0x9c/0x150
[  105.046304][ T6034]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.046313][ T6034]  ? clear_bhb_loop+0x60/0xb0
[  105.046325][ T6034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.046334][ T6034] RIP: 0033:0x7fe2cdc8eec9
[  105.046343][ T6034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.046350][ T6034] RSP: 002b:00007fe2cbeee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  105.046368][ T6034] RAX: ffffffffffffffda RBX: 00007fe2cdee5fa0 RCX: 00007fe2cdc8eec9
[  105.046375][ T6034] RDX: 000000000000006e RSI: 0000200000003000 RDI: 0000000000000008
[  105.046381][ T6034] RBP: 00007fe2cbeee090 R08: 0000000000000000 R09: 0000000000000000
[  105.046387][ T6034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.046393][ T6034] R13: 00007fe2cdee6038 R14: 00007fe2cdee5fa0 R15: 00007fff08a419a8
[  105.046408][ T6034]  </TASK>
[  105.088432][ T5954] usb 4-1: USB disconnect, device number 2
[  105.353240][ T5954] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  105.356227][ T5954] cp210x 4-1:0.1: device disconnected
[  106.051325][ T6031] FAULT_INJECTION: forcing a failure.
[  106.051325][ T6031] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.051356][ T6031] CPU: 0 UID: 0 PID: 6031 Comm: syz.0.21 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  106.051376][ T6031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  106.051384][ T6031] Call Trace:
[  106.051391][ T6031]  <TASK>
[  106.051398][ T6031]  dump_stack_lvl+0x189/0x250
[  106.051421][ T6031]  ? __pfx____ratelimit+0x10/0x10
[  106.051444][ T6031]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.051463][ T6031]  ? __pfx__printk+0x10/0x10
[  106.051477][ T6031]  ? __might_fault+0xb0/0x130
[  106.051505][ T6031]  should_fail_ex+0x46c/0x600
[  106.051536][ T6031]  _copy_from_user+0x2d/0xb0
[  106.051553][ T6031]  do_sock_getsockopt+0x17d/0x450
[  106.051572][ T6031]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  106.051589][ T6031]  ? __fget_files+0x3a6/0x420
[  106.051609][ T6031]  ? __fget_files+0x2a/0x420
[  106.051637][ T6031]  __x64_sys_getsockopt+0x1ab/0x250
[  106.051662][ T6031]  do_syscall_64+0xfa/0x3b0
[  106.051678][ T6031]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.051692][ T6031]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  106.051709][ T6031]  ? clear_bhb_loop+0x60/0xb0
[  106.051729][ T6031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.051745][ T6031] RIP: 0033:0x7f3f9c76eec9
[  106.051760][ T6031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.051772][ T6031] RSP: 002b:00007f3f9a9d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  106.051790][ T6031] RAX: ffffffffffffffda RBX: 00007f3f9c9c5fa0 RCX: 00007f3f9c76eec9
[  106.051802][ T6031] RDX: 000000000000001c RSI: 0000000000000001 RDI: 0000000000000005
[  106.051811][ T6031] RBP: 00007f3f9a9d6090 R08: 0000200000000480 R09: 0000000000000000
[  106.051819][ T6031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.051829][ T6031] R13: 00007f3f9c9c6038 R14: 00007f3f9c9c5fa0 R15: 00007ffecd224b88
[  106.051856][ T6031]  </TASK>
[  106.786588][ T6049] FAULT_INJECTION: forcing a failure.
[  106.786588][ T6049] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  106.786609][ T6049] CPU: 1 UID: 0 PID: 6049 Comm: syz.4.27 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  106.786621][ T6049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  106.786627][ T6049] Call Trace:
[  106.786632][ T6049]  <TASK>
[  106.786636][ T6049]  dump_stack_lvl+0x189/0x250
[  106.786655][ T6049]  ? __pfx____ratelimit+0x10/0x10
[  106.786671][ T6049]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.786684][ T6049]  ? __pfx__printk+0x10/0x10
[  106.786699][ T6049]  ? __might_fault+0xb0/0x130
[  106.786720][ T6049]  should_fail_ex+0x46c/0x600
[  106.786737][ T6049]  _copy_from_user+0x2d/0xb0
[  106.786750][ T6049]  ___sys_sendmsg+0x158/0x2a0
[  106.786762][ T6049]  ? __pfx____sys_sendmsg+0x10/0x10
[  106.786790][ T6049]  ? __fget_files+0x2a/0x420
[  106.786803][ T6049]  ? __fget_files+0x3a6/0x420
[  106.786821][ T6049]  __x64_sys_sendmsg+0x1a1/0x260
[  106.786832][ T6049]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  106.786846][ T6049]  ? __pfx_ksys_write+0x10/0x10
[  106.786861][ T6049]  ? do_syscall_64+0xbe/0x3b0
[  106.786872][ T6049]  do_syscall_64+0xfa/0x3b0
[  106.786880][ T6049]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.786893][ T6049]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.786903][ T6049]  ? clear_bhb_loop+0x60/0xb0
[  106.786914][ T6049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.786923][ T6049] RIP: 0033:0x7fe2cdc8eec9
[  106.786933][ T6049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.786941][ T6049] RSP: 002b:00007fe2cbecd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  106.786951][ T6049] RAX: ffffffffffffffda RBX: 00007fe2cdee6090 RCX: 00007fe2cdc8eec9
[  106.786958][ T6049] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000008
[  106.786964][ T6049] RBP: 00007fe2cbecd090 R08: 0000000000000000 R09: 0000000000000000
[  106.786970][ T6049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  106.786975][ T6049] R13: 00007fe2cdee6128 R14: 00007fe2cdee6090 R15: 00007fff08a419a8
[  106.786991][ T6049]  </TASK>
[  107.314372][ T6058] loop8: detected capacity change from 0 to 7
[  107.360683][ T6058] Dev loop8: unable to read RDB block 7
[  107.360738][ T6058]  loop8: unable to read partition table
[  107.360972][ T6058] loop8: partition table beyond EOD, truncated
[  107.361003][ T6058] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  107.473874][ T6062] FAULT_INJECTION: forcing a failure.
[  107.473874][ T6062] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.473905][ T6062] CPU: 1 UID: 0 PID: 6062 Comm: syz.2.31 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  107.473925][ T6062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  107.473935][ T6062] Call Trace:
[  107.473942][ T6062]  <TASK>
[  107.473950][ T6062]  dump_stack_lvl+0x189/0x250
[  107.473979][ T6062]  ? __pfx____ratelimit+0x10/0x10
[  107.474004][ T6062]  ? __pfx_dump_stack_lvl+0x10/0x10
[  107.474027][ T6062]  ? __pfx__printk+0x10/0x10
[  107.474045][ T6062]  ? __might_fault+0xb0/0x130
[  107.474078][ T6062]  should_fail_ex+0x46c/0x600
[  107.474107][ T6062]  _copy_from_user+0x2d/0xb0
[  107.474129][ T6062]  ___sys_sendmsg+0x158/0x2a0
[  107.474150][ T6062]  ? __pfx____sys_sendmsg+0x10/0x10
[  107.474210][ T6062]  ? __fget_files+0x2a/0x420
[  107.474232][ T6062]  ? __fget_files+0x3a6/0x420
[  107.474264][ T6062]  __x64_sys_sendmsg+0x1a1/0x260
[  107.474285][ T6062]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  107.474311][ T6062]  ? __pfx_ksys_write+0x10/0x10
[  107.474329][ T6062]  ? rcu_is_watching+0x15/0xb0
[  107.474358][ T6062]  ? do_syscall_64+0xbe/0x3b0
[  107.474378][ T6062]  do_syscall_64+0xfa/0x3b0
[  107.474393][ T6062]  ? lockdep_hardirqs_on+0x9c/0x150
[  107.474416][ T6062]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.474432][ T6062]  ? clear_bhb_loop+0x60/0xb0
[  107.474451][ T6062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.474467][ T6062] RIP: 0033:0x7faf8116eec9
[  107.474483][ T6062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.474496][ T6062] RSP: 002b:00007faf7f3ce038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  107.474513][ T6062] RAX: ffffffffffffffda RBX: 00007faf813c5fa0 RCX: 00007faf8116eec9
[  107.474525][ T6062] RDX: 0000000000004000 RSI: 0000200000000000 RDI: 0000000000000003
[  107.474537][ T6062] RBP: 00007faf7f3ce090 R08: 0000000000000000 R09: 0000000000000000
[  107.474547][ T6062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.474556][ T6062] R13: 00007faf813c6038 R14: 00007faf813c5fa0 R15: 00007fff7ddf9dd8
[  107.474584][ T6062]  </TASK>
[  108.392650][    C1] vkms_vblank_simulate: vblank timer overrun
[  108.397248][ T6072] netlink: 'syz.0.35': attribute type 2 has an invalid length.
[  108.522512][ T6073] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  109.135708][    C1] vkms_vblank_simulate: vblank timer overrun
[  109.330158][    C1] vkms_vblank_simulate: vblank timer overrun
[  109.620594][    C1] vkms_vblank_simulate: vblank timer overrun
[  109.811585][ T6081] sp0: Synchronizing with TNC
[  109.841916][ T6080] [U] è
[  109.844577][ T6078] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  109.844689][ T6078] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  109.987058][ T6078] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  110.082543][ T6078] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  110.082628][ T6078] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  110.184548][ T6078] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  110.250698][ T6078] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  110.250781][ T6078] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  110.264217][ T6092] IPVS: set_ctl: invalid protocol: 20486 4.0.0.0:0
[  110.296246][ T6092] IPVS: set_ctl: invalid protocol: 20486 4.0.0.0:0
[  110.373817][ T6078] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  110.451563][ T6078] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  110.451610][ T6078] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  110.547919][ T6078] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  110.584248][ T6078] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  110.584294][ T6078] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  110.639008][ T6096] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  110.916822][ T6098] netlink: 324 bytes leftover after parsing attributes in process `syz.1.42'.
[  110.916864][ T6098] netlink: 8 bytes leftover after parsing attributes in process `syz.1.42'.
[  111.160088][ T6078] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  111.599469][    C1] vkms_vblank_simulate: vblank timer overrun
[  111.829585][ T6106] FAULT_INJECTION: forcing a failure.
[  111.829585][ T6106] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.829642][ T6106] CPU: 1 UID: 0 PID: 6106 Comm: syz.1.43 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  111.829663][ T6106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  111.829673][ T6106] Call Trace:
[  111.829681][ T6106]  <TASK>
[  111.829689][ T6106]  dump_stack_lvl+0x189/0x250
[  111.829717][ T6106]  ? __pfx____ratelimit+0x10/0x10
[  111.829742][ T6106]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.829765][ T6106]  ? __pfx__printk+0x10/0x10
[  111.829784][ T6106]  ? __might_fault+0xb0/0x130
[  111.829819][ T6106]  should_fail_ex+0x46c/0x600
[  111.829856][ T6106]  _copy_from_user+0x2d/0xb0
[  111.829879][ T6106]  ___sys_sendmsg+0x158/0x2a0
[  111.829902][ T6106]  ? __pfx____sys_sendmsg+0x10/0x10
[  111.829957][ T6106]  ? __fget_files+0x2a/0x420
[  111.829985][ T6106]  ? __fget_files+0x3a6/0x420
[  111.830018][ T6106]  __x64_sys_sendmsg+0x1a1/0x260
[  111.830039][ T6106]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  111.830083][ T6106]  do_syscall_64+0xfa/0x3b0
[  111.830101][ T6106]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.830118][ T6106]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  111.830135][ T6106]  ? clear_bhb_loop+0x60/0xb0
[  111.830156][ T6106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.830174][ T6106] RIP: 0033:0x7f975751eec9
[  111.830190][ T6106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.830203][ T6106] RSP: 002b:00007f9755744038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  111.830222][ T6106] RAX: ffffffffffffffda RBX: 00007f9757776180 RCX: 00007f975751eec9
[  111.830238][ T6106] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[  111.830247][ T6106] RBP: 00007f9755744090 R08: 0000000000000000 R09: 0000000000000000
[  111.830257][ T6106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.830267][ T6106] R13: 00007f9757776218 R14: 00007f9757776180 R15: 00007ffeaa93b5b8
[  111.830298][ T6106]  </TASK>
[  111.853460][    C1] vkms_vblank_simulate: vblank timer overrun
[  112.404653][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout
[  112.406079][ T5153] Bluetooth: hci1: command 0x0c1a tx timeout
[  112.406088][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  112.490469][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout
[  112.782754][ T5842] Bluetooth: hci4: command 0x0c1a tx timeout
[  112.900721][    C1] vkms_vblank_simulate: vblank timer overrun
[  113.082386][    C1] vkms_vblank_simulate: vblank timer overrun
[  113.532671][    C1] vkms_vblank_simulate: vblank timer overrun
[  113.907796][ T6117] FAULT_INJECTION: forcing a failure.
[  113.907796][ T6117] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  113.907818][ T6117] CPU: 1 UID: 0 PID: 6117 Comm: syz.1.48 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  113.907830][ T6117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  113.907835][ T6117] Call Trace:
[  113.907839][ T6117]  <TASK>
[  113.907844][ T6117]  dump_stack_lvl+0x189/0x250
[  113.907863][ T6117]  ? __pfx____ratelimit+0x10/0x10
[  113.907877][ T6117]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.907891][ T6117]  ? __pfx__printk+0x10/0x10
[  113.907902][ T6117]  ? __might_fault+0xb0/0x130
[  113.907921][ T6117]  should_fail_ex+0x46c/0x600
[  113.907938][ T6117]  _copy_from_user+0x2d/0xb0
[  113.907951][ T6117]  ___sys_sendmsg+0x158/0x2a0
[  113.907963][ T6117]  ? __pfx____sys_sendmsg+0x10/0x10
[  113.907991][ T6117]  ? __fget_files+0x2a/0x420
[  113.908004][ T6117]  ? __fget_files+0x3a6/0x420
[  113.908022][ T6117]  __x64_sys_sendmsg+0x1a1/0x260
[  113.908033][ T6117]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  113.908047][ T6117]  ? __pfx_ksys_write+0x10/0x10
[  113.908058][ T6117]  ? rcu_is_watching+0x15/0xb0
[  113.908075][ T6117]  ? do_syscall_64+0xbe/0x3b0
[  113.908086][ T6117]  do_syscall_64+0xfa/0x3b0
[  113.908094][ T6117]  ? lockdep_hardirqs_on+0x9c/0x150
[  113.908107][ T6117]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.908117][ T6117]  ? clear_bhb_loop+0x60/0xb0
[  113.908128][ T6117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.908137][ T6117] RIP: 0033:0x7f975751eec9
[  113.908146][ T6117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.908154][ T6117] RSP: 002b:00007f9755786038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  113.908165][ T6117] RAX: ffffffffffffffda RBX: 00007f9757775fa0 RCX: 00007f975751eec9
[  113.908172][ T6117] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  113.908178][ T6117] RBP: 00007f9755786090 R08: 0000000000000000 R09: 0000000000000000
[  113.908183][ T6117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.908189][ T6117] R13: 00007f9757776038 R14: 00007f9757775fa0 R15: 00007ffeaa93b5b8
[  113.908204][ T6117]  </TASK>
[  114.330732][    C1] af_packet: tpacket_rcv: packet too big, clamped from 56 to 4294967272. macoff=96
[  114.413431][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout
[  114.413520][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout
[  114.413544][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout
[  114.570413][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout
[  114.810478][ T5852] Bluetooth: hci4: command 0x0c1a tx timeout
[  114.837942][ T6123] sp0: Synchronizing with TNC
[  114.872177][ T6121] [U] è
[  114.924033][ T6128] netlink: 24 bytes leftover after parsing attributes in process `syz.3.52'.
[  115.320847][ T5907] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  115.470448][ T5907] usb 1-1: Using ep0 maxpacket: 32
[  115.477003][ T5907] usb 1-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  115.477032][ T5907] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.477051][ T5907] usb 1-1: Product: syz
[  115.477064][ T5907] usb 1-1: Manufacturer: syz
[  115.477078][ T5907] usb 1-1: SerialNumber: syz
[  115.545050][ T5907] usb 1-1: config 0 descriptor??
[  115.807224][ T5907] peak_usb 1-1:0.0 can0: unable to request usb[type=0 value=1] err=-32
[  115.807255][ T5907] peak_usb 1-1:0.0: unable to read PCAN-USB Pro firmware info (err -32)
[  116.075928][ T6145] FAULT_INJECTION: forcing a failure.
[  116.075928][ T6145] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  116.075964][ T6145] CPU: 1 UID: 0 PID: 6145 Comm: syz.2.57 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  116.075985][ T6145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  116.075995][ T6145] Call Trace:
[  116.076002][ T6145]  <TASK>
[  116.076011][ T6145]  dump_stack_lvl+0x189/0x250
[  116.076038][ T6145]  ? __pfx____ratelimit+0x10/0x10
[  116.076062][ T6145]  ? __pfx_dump_stack_lvl+0x10/0x10
[  116.076085][ T6145]  ? __pfx__printk+0x10/0x10
[  116.076118][ T6145]  should_fail_ex+0x46c/0x600
[  116.076148][ T6145]  _copy_to_user+0x31/0xb0
[  116.076170][ T6145]  simple_read_from_buffer+0xe1/0x170
[  116.076191][ T6145]  proc_fail_nth_read+0x1b6/0x220
[  116.076203][ T6145]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  116.076215][ T6145]  ? rw_verify_area+0x2ac/0x4e0
[  116.076226][ T6145]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  116.076237][ T6145]  vfs_read+0x206/0xa30
[  116.076253][ T6145]  ? __pfx_vfs_read+0x10/0x10
[  116.076263][ T6145]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  116.076280][ T6145]  ? mutex_lock_nested+0x154/0x1d0
[  116.076290][ T6145]  ? fdget_pos+0x253/0x320
[  116.076308][ T6145]  ksys_read+0x14b/0x260
[  116.076321][ T6145]  ? __pfx_ksys_read+0x10/0x10
[  116.076346][ T6145]  ? do_syscall_64+0xbe/0x3b0
[  116.076358][ T6145]  do_syscall_64+0xfa/0x3b0
[  116.076370][ T6145]  ? lockdep_hardirqs_on+0x9c/0x150
[  116.076384][ T6145]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.076393][ T6145]  ? clear_bhb_loop+0x60/0xb0
[  116.076405][ T6145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.076415][ T6145] RIP: 0033:0x7faf8116d8dc
[  116.076425][ T6145] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  116.076433][ T6145] RSP: 002b:00007faf7f3ce030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  116.076444][ T6145] RAX: ffffffffffffffda RBX: 00007faf813c5fa0 RCX: 00007faf8116d8dc
[  116.076451][ T6145] RDX: 000000000000000f RSI: 00007faf7f3ce0a0 RDI: 0000000000000008
[  116.076457][ T6145] RBP: 00007faf7f3ce090 R08: 0000000000000000 R09: 0000000000000000
[  116.076463][ T6145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.076468][ T6145] R13: 00007faf813c6038 R14: 00007faf813c5fa0 R15: 00007fff7ddf9dd8
[  116.076484][ T6145]  </TASK>
[  116.162140][ T5907] peak_usb 1-1:0.0: probe with driver peak_usb failed with error -32
[  116.490423][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout
[  116.490461][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout
[  116.490484][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout
[  116.673266][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout
[  116.902664][ T5842] Bluetooth: hci4: command 0x0c1a tx timeout
[  117.467805][ T6152] netlink: 8 bytes leftover after parsing attributes in process `syz.2.59'.
[  118.030927][ T5954] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[  118.035614][   T31] usb 1-1: USB disconnect, device number 2
[  118.199448][ T5954] usb 3-1: config 0 has an invalid interface number: 166 but max is 0
[  118.199482][ T5954] usb 3-1: config 0 has no interface number 0
[  118.199531][ T5954] usb 3-1: config 0 interface 166 altsetting 7 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  118.199557][ T5954] usb 3-1: config 0 interface 166 has no altsetting 0
[  118.249485][ T5954] usb 3-1: New USB device found, idVendor=0675, idProduct=1688, bcdDevice=59.4c
[  118.249509][ T5954] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.249519][ T5954] usb 3-1: Product: syz
[  118.249527][ T5954] usb 3-1: Manufacturer: syz
[  118.249534][ T5954] usb 3-1: SerialNumber: syz
[  118.282630][ T6169] sp0: Synchronizing with TNC
[  118.297772][ T6168] [U] è
[  118.305052][ T5954] usb 3-1: config 0 descriptor??
[  118.307790][ T6164] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  118.339025][ T5954] HFC-S_USB 3-1:0.166: probe with driver HFC-S_USB failed with error -5
[  118.590017][ T6164] netlink: 4 bytes leftover after parsing attributes in process `syz.2.63'.
[  118.665503][ T6164] veth1_macvtap: left promiscuous mode
[  122.098876][ T6011] usb 3-1: USB disconnect, device number 2
[  122.700537][ T6224] netlink: 12 bytes leftover after parsing attributes in process `syz.4.77'.
[  123.817768][   T37] audit: type=1326 audit(1758635632.726:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6211 comm="syz.1.75" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f975751eec9 code=0x0
[  124.077835][ T6153] Bluetooth: hci5: Frame reassembly failed (-84)
[  124.160912][ T6232] sp0: Synchronizing with TNC
[  126.090462][ T5842] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  126.153570][ T6230] [U] è
[  128.524283][ T6259] =======================================================
[  128.524283][ T6259] WARNING: The mand mount option has been deprecated and
[  128.524283][ T6259]          and is ignored by this kernel. Remove the mand
[  128.524283][ T6259]          option from the mount to silence this warning.
[  128.524283][ T6259] =======================================================
[  129.941771][ T6273] FAULT_INJECTION: forcing a failure.
[  129.941771][ T6273] name failslab, interval 1, probability 0, space 0, times 0
[  129.941811][ T6273] CPU: 0 UID: 0 PID: 6273 Comm: syz.2.90 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  129.941832][ T6273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  129.941842][ T6273] Call Trace:
[  129.941849][ T6273]  <TASK>
[  129.941856][ T6273]  dump_stack_lvl+0x189/0x250
[  129.941884][ T6273]  ? __pfx____ratelimit+0x10/0x10
[  129.941908][ T6273]  ? __pfx_dump_stack_lvl+0x10/0x10
[  129.941930][ T6273]  ? __pfx__printk+0x10/0x10
[  129.941953][ T6273]  ? __pfx___might_resched+0x10/0x10
[  129.941974][ T6273]  should_fail_ex+0x46c/0x600
[  129.942001][ T6273]  ? __alloc_skb+0x112/0x2d0
[  129.942022][ T6273]  should_failslab+0xa8/0x100
[  129.942045][ T6273]  ? __alloc_skb+0x112/0x2d0
[  129.942063][ T6273]  kmem_cache_alloc_node_noprof+0x77/0x330
[  129.942092][ T6273]  __alloc_skb+0x112/0x2d0
[  129.942119][ T6273]  alloc_skb_with_frags+0xca/0x890
[  129.942135][ T6273]  ? __lock_acquire+0xab9/0xd20
[  129.942170][ T6273]  sock_alloc_send_pskb+0x863/0x9a0
[  129.942212][ T6273]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  129.942231][ T6273]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  129.942260][ T6273]  ? __might_fault+0xb0/0x130
[  129.942286][ T6273]  hci_sock_sendmsg+0x207/0xef0
[  129.942311][ T6273]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  129.942333][ T6273]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  129.942350][ T6273]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  129.942368][ T6273]  __sock_sendmsg+0x21c/0x270
[  129.942393][ T6273]  sock_write_iter+0x25e/0x330
[  129.942417][ T6273]  ? __pfx_sock_write_iter+0x10/0x10
[  129.942460][ T6273]  vfs_write+0x5d5/0xb40
[  129.942493][ T6273]  ? __pfx_sock_write_iter+0x10/0x10
[  129.942513][ T6273]  ? __pfx_vfs_write+0x10/0x10
[  129.942544][ T6273]  ? __fget_files+0x2a/0x420
[  129.942576][ T6273]  ksys_write+0x14b/0x260
[  129.942598][ T6273]  ? __pfx_ksys_write+0x10/0x10
[  129.942616][ T6273]  ? rcu_is_watching+0x15/0xb0
[  129.942646][ T6273]  ? do_syscall_64+0xbe/0x3b0
[  129.942667][ T6273]  do_syscall_64+0xfa/0x3b0
[  129.942682][ T6273]  ? lockdep_hardirqs_on+0x9c/0x150
[  129.942705][ T6273]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.942722][ T6273]  ? clear_bhb_loop+0x60/0xb0
[  129.942743][ T6273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.942760][ T6273] RIP: 0033:0x7faf8116eec9
[  129.942776][ T6273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.942790][ T6273] RSP: 002b:00007faf7f3ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  129.942816][ T6273] RAX: ffffffffffffffda RBX: 00007faf813c5fa0 RCX: 00007faf8116eec9
[  129.942829][ T6273] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0000000000000004
[  129.942840][ T6273] RBP: 00007faf7f3ce090 R08: 0000000000000000 R09: 0000000000000000
[  129.942851][ T6273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.942862][ T6273] R13: 00007faf813c6038 R14: 00007faf813c5fa0 R15: 00007fff7ddf9dd8
[  129.942891][ T6273]  </TASK>
[  130.622912][ T6280] FAULT_INJECTION: forcing a failure.
[  130.622912][ T6280] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.622933][ T6280] CPU: 1 UID: 0 PID: 6280 Comm: syz.2.93 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  130.622945][ T6280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  130.622952][ T6280] Call Trace:
[  130.622956][ T6280]  <TASK>
[  130.622961][ T6280]  dump_stack_lvl+0x189/0x250
[  130.622984][ T6280]  ? __pfx____ratelimit+0x10/0x10
[  130.622999][ T6280]  ? __pfx_dump_stack_lvl+0x10/0x10
[  130.623012][ T6280]  ? __pfx__printk+0x10/0x10
[  130.623027][ T6280]  ? __might_fault+0xb0/0x130
[  130.623046][ T6280]  should_fail_ex+0x46c/0x600
[  130.623064][ T6280]  _copy_from_user+0x2d/0xb0
[  130.623076][ T6280]  __sys_bpf+0x1ed/0x870
[  130.623090][ T6280]  ? __pfx___sys_bpf+0x10/0x10
[  130.623108][ T6280]  ? ksys_write+0x230/0x260
[  130.623122][ T6280]  ? __pfx_ksys_write+0x10/0x10
[  130.623132][ T6280]  ? rcu_is_watching+0x15/0xb0
[  130.623151][ T6280]  __x64_sys_bpf+0x7c/0x90
[  130.623168][ T6280]  do_syscall_64+0xfa/0x3b0
[  130.623176][ T6280]  ? lockdep_hardirqs_on+0x9c/0x150
[  130.623189][ T6280]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.623199][ T6280]  ? clear_bhb_loop+0x60/0xb0
[  130.623210][ T6280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.623219][ T6280] RIP: 0033:0x7faf8116eec9
[  130.623229][ T6280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.623236][ T6280] RSP: 002b:00007faf7f3ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  130.623247][ T6280] RAX: ffffffffffffffda RBX: 00007faf813c5fa0 RCX: 00007faf8116eec9
[  130.623254][ T6280] RDX: 0000000000000050 RSI: 0000200000000340 RDI: 000000000000000a
[  130.623260][ T6280] RBP: 00007faf7f3ce090 R08: 0000000000000000 R09: 0000000000000000
[  130.623266][ T6280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.623271][ T6280] R13: 00007faf813c6038 R14: 00007faf813c5fa0 R15: 00007fff7ddf9dd8
[  130.623286][ T6280]  </TASK>
[  131.183821][ T6290] FAULT_INJECTION: forcing a failure.
[  131.183821][ T6290] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.183852][ T6290] CPU: 1 UID: 0 PID: 6290 Comm: syz.3.98 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  131.183872][ T6290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  131.183887][ T6290] Call Trace:
[  131.183894][ T6290]  <TASK>
[  131.183901][ T6290]  dump_stack_lvl+0x189/0x250
[  131.183929][ T6290]  ? __pfx____ratelimit+0x10/0x10
[  131.183953][ T6290]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.183975][ T6290]  ? __pfx__printk+0x10/0x10
[  131.183995][ T6290]  ? __might_fault+0xb0/0x130
[  131.184029][ T6290]  should_fail_ex+0x46c/0x600
[  131.184065][ T6290]  _copy_from_user+0x2d/0xb0
[  131.184087][ T6290]  ___sys_sendmsg+0x158/0x2a0
[  131.184108][ T6290]  ? __pfx____sys_sendmsg+0x10/0x10
[  131.184166][ T6290]  ? __fget_files+0x2a/0x420
[  131.184187][ T6290]  ? __fget_files+0x3a6/0x420
[  131.184219][ T6290]  __x64_sys_sendmsg+0x1a1/0x260
[  131.184240][ T6290]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  131.184268][ T6290]  ? __pfx_ksys_write+0x10/0x10
[  131.184286][ T6290]  ? rcu_is_watching+0x15/0xb0
[  131.184314][ T6290]  ? do_syscall_64+0xbe/0x3b0
[  131.184335][ T6290]  do_syscall_64+0xfa/0x3b0
[  131.184350][ T6290]  ? lockdep_hardirqs_on+0x9c/0x150
[  131.184379][ T6290]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.184396][ T6290]  ? clear_bhb_loop+0x60/0xb0
[  131.184418][ T6290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.184434][ T6290] RIP: 0033:0x7f289990eec9
[  131.184450][ T6290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.184462][ T6290] RSP: 002b:00007f2897b6e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  131.184480][ T6290] RAX: ffffffffffffffda RBX: 00007f2899b65fa0 RCX: 00007f289990eec9
[  131.184493][ T6290] RDX: 000000002000c000 RSI: 0000200000000000 RDI: 0000000000000003
[  131.184504][ T6290] RBP: 00007f2897b6e090 R08: 0000000000000000 R09: 0000000000000000
[  131.184514][ T6290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.184524][ T6290] R13: 00007f2899b66038 R14: 00007f2899b65fa0 R15: 00007fff6ff43c28
[  131.184552][ T6290]  </TASK>
[  131.420700][   T57] Bluetooth: hci5: Frame reassembly failed (-84)
[  131.725785][ T6289] sp0: Synchronizing with TNC
[  131.841677][ T6300] netlink: 12 bytes leftover after parsing attributes in process `syz.0.100'.
[  132.916064][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  132.916700][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  133.283385][ T6310] netlink: 24 bytes leftover after parsing attributes in process `syz.1.104'.
[  133.450400][ T5842] Bluetooth: hci5: command 0x1003 tx timeout
[  133.450541][ T5852] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  133.514331][ T6287] [U] è
[  135.011923][ T6325] FAULT_INJECTION: forcing a failure.
[  135.011923][ T6325] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.011968][ T6325] CPU: 0 UID: 0 PID: 6325 Comm: syz.0.108 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  135.011986][ T6325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  135.011995][ T6325] Call Trace:
[  135.012002][ T6325]  <TASK>
[  135.012009][ T6325]  dump_stack_lvl+0x189/0x250
[  135.012034][ T6325]  ? __pfx____ratelimit+0x10/0x10
[  135.012057][ T6325]  ? __pfx_dump_stack_lvl+0x10/0x10
[  135.012080][ T6325]  ? __pfx__printk+0x10/0x10
[  135.012098][ T6325]  ? __might_fault+0xb0/0x130
[  135.012132][ T6325]  should_fail_ex+0x46c/0x600
[  135.012161][ T6325]  _copy_from_user+0x2d/0xb0
[  135.012183][ T6325]  ___sys_sendmsg+0x158/0x2a0
[  135.012206][ T6325]  ? __pfx____sys_sendmsg+0x10/0x10
[  135.012260][ T6325]  ? __fget_files+0x2a/0x420
[  135.012282][ T6325]  ? __fget_files+0x3a6/0x420
[  135.012313][ T6325]  __x64_sys_sendmsg+0x1a1/0x260
[  135.012334][ T6325]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  135.012362][ T6325]  ? __pfx_ksys_write+0x10/0x10
[  135.012380][ T6325]  ? rcu_is_watching+0x15/0xb0
[  135.012410][ T6325]  ? do_syscall_64+0xbe/0x3b0
[  135.012431][ T6325]  do_syscall_64+0xfa/0x3b0
[  135.012446][ T6325]  ? lockdep_hardirqs_on+0x9c/0x150
[  135.012468][ T6325]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.012485][ T6325]  ? clear_bhb_loop+0x60/0xb0
[  135.012506][ T6325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.012523][ T6325] RIP: 0033:0x7f3f9c76eec9
[  135.012539][ T6325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.012553][ T6325] RSP: 002b:00007f3f9a9d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  135.012572][ T6325] RAX: ffffffffffffffda RBX: 00007f3f9c9c5fa0 RCX: 00007f3f9c76eec9
[  135.012585][ T6325] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  135.012596][ T6325] RBP: 00007f3f9a9d6090 R08: 0000000000000000 R09: 0000000000000000
[  135.012607][ T6325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  135.012618][ T6325] R13: 00007f3f9c9c6038 R14: 00007f3f9c9c5fa0 R15: 00007ffecd224b88
[  135.012647][ T6325]  </TASK>
[  135.385776][ T6330] Bluetooth: MGMT ver 1.23
[  135.446429][   T37] audit: type=1326 audit(1758635644.356:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6332 comm="syz.2.112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf8116eec9 code=0x7ffc0000
[  135.449010][   T37] audit: type=1326 audit(1758635644.356:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6332 comm="syz.2.112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7faf8116eec9 code=0x7ffc0000
[  135.449056][   T37] audit: type=1326 audit(1758635644.356:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6332 comm="syz.2.112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf8116eec9 code=0x7ffc0000
[  135.449095][   T37] audit: type=1326 audit(1758635644.356:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6332 comm="syz.2.112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7faf8116eec9 code=0x7ffc0000
[  135.548048][   T37] audit: type=1326 audit(1758635644.456:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6332 comm="syz.2.112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf8116eec9 code=0x7ffc0000
[  135.548099][   T37] audit: type=1326 audit(1758635644.456:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6332 comm="syz.2.112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7faf8116eec9 code=0x7ffc0000
[  135.548142][   T37] audit: type=1326 audit(1758635644.456:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6332 comm="syz.2.112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf8116eec9 code=0x7ffc0000
[  135.548181][   T37] audit: type=1326 audit(1758635644.456:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6332 comm="syz.2.112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7faf8116eec9 code=0x7ffc0000
[  137.864001][ T6353] tty tty1: ldisc open failed (-12), clearing slot 0
[  139.658796][ T1692] Bluetooth: hci5: Frame reassembly failed (-84)
[  139.753401][ T6364] sp0: Synchronizing with TNC
[  139.758111][ T6366] netlink: 12 bytes leftover after parsing attributes in process `syz.0.121'.
[  139.764428][ T6366] netlink: 220 bytes leftover after parsing attributes in process `syz.0.121'.
[  143.546985][ T5842] Bluetooth: hci5: command 0x1003 tx timeout
[  143.547209][ T5852] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  143.771744][ T6363] [U] è
[  177.140263][    C1] sched: DL replenish lagged too much
[  218.142077][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  218.158688][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  253.810895][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  253.819167][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  255.980638][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  257.047624][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  257.048430][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  261.099042][ T5852] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  261.765217][ T5153] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  261.765680][ T5153] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  261.771360][ T5153] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  261.772164][ T5153] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  265.337403][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  265.353675][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  283.584972][ T5842] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  284.111720][ T5852] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  285.323498][ T5852] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  285.361473][ T5844] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  286.055346][ T5852] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  286.061571][ T5844] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  286.062274][ T5844] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  286.063081][ T5844] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  287.721001][ T5153] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  287.721830][ T5153] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  300.504385][ T5844] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  300.518078][ T5844] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  300.518546][ T5844] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  300.788186][ T5844] Bluetooth: hci0: command tx timeout
[  300.832685][ T5844] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  300.883162][ T5844] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  302.911564][ T5153] Bluetooth: hci0: command tx timeout
[  305.113446][ T5153] Bluetooth: hci0: command tx timeout
[  306.021082][ T5153] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  306.907806][ T5153] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  307.522704][ T5153] Bluetooth: hci0: command tx timeout
[  308.193068][ T5153] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  309.461706][ T5153] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  309.462833][ T5153] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  312.381678][ T5153] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  312.385386][ T5153] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  312.387205][ T5153] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  312.400386][ T5153] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  312.401253][ T5153] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  313.104071][ T5844] Bluetooth: hci5: command tx timeout
[  315.370436][ T5844] Bluetooth: hci5: command tx timeout
[  317.681605][ T5844] Bluetooth: hci5: command tx timeout
[  320.062107][ T5844] Bluetooth: hci5: command tx timeout
[  322.119214][ T5153] Bluetooth: hci6: command tx timeout
[  324.278490][ T5153] Bluetooth: hci6: command tx timeout
[  326.927612][ T5153] Bluetooth: hci6: command tx timeout
[  329.061190][ T5842] Bluetooth: hci6: command tx timeout
[  330.928909][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  330.945380][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  337.357653][ T5153] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  337.365929][ T5153] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  337.366999][ T5153] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  337.368475][ T5153] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  337.369250][ T5153] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  343.950219][ T5842] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  344.119406][   T38] INFO: task kworker/1:3:5833 blocked for more than 142 seconds.
[  344.119430][   T38]       Not tainted syzkaller #0
[  344.119440][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  344.119535][   T38] task:kworker/1:3     state:D stack:20392 pid:5833  tgid:5833  ppid:2      task_flags:0x4208060 flags:0x00004000
[  344.119582][   T38] Workqueue: events_power_efficient reg_check_chans_work
[  344.119617][   T38] Call Trace:
[  344.119624][   T38]  <TASK>
[  344.119637][   T38]  __schedule+0x16f3/0x4c20
[  344.119690][   T38]  ? __pfx___schedule+0x10/0x10
[  344.119739][   T38]  rt_mutex_schedule+0x77/0xf0
[  344.119758][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  344.119793][   T38]  ? rt_mutex_slowlock_block+0x351/0x6d0
[  344.119818][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  344.119840][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  344.119862][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  344.119880][   T38]  ? __lock_acquire+0xab9/0xd20
[  344.119913][   T38]  ? reg_check_chans_work+0x164/0xf30
[  344.119939][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  344.119963][   T38]  ? __lock_acquire+0xab9/0xd20
[  344.119991][   T38]  ? reg_check_chans_work+0x164/0xf30
[  344.120012][   T38]  mutex_lock_nested+0x16a/0x1d0
[  344.120033][   T38]  ? reg_check_chans_work+0x95/0xf30
[  344.120060][   T38]  reg_check_chans_work+0x164/0xf30
[  344.120090][   T38]  ? __lock_acquire+0xab9/0xd20
[  344.120119][   T38]  ? __pfx_reg_check_chans_work+0x10/0x10
[  344.120144][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  344.120171][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  344.120193][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  344.120212][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  344.136389][   T38]  process_scheduled_works+0xade/0x17b0
[  344.136454][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  344.136494][   T38]  worker_thread+0x8a0/0xda0
[  344.136520][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  344.136568][   T38]  ? __kthread_parkme+0x7b/0x200
[  344.136600][   T38]  kthread+0x70e/0x8a0
[  344.136627][   T38]  ? __pfx_worker_thread+0x10/0x10
[  344.136646][   T38]  ? __pfx_kthread+0x10/0x10
[  344.136672][   T38]  ? __pfx_kthread+0x10/0x10
[  344.136695][   T38]  ret_from_fork+0x436/0x7d0
[  344.136719][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  344.136747][   T38]  ? __switch_to_asm+0x39/0x70
[  344.136764][   T38]  ? __switch_to_asm+0x33/0x70
[  344.136779][   T38]  ? __pfx_kthread+0x10/0x10
[  344.136803][   T38]  ret_from_fork_asm+0x1a/0x30
[  344.136838][   T38]  </TASK>
[  344.136922][   T38] 
[  344.136922][   T38] Showing all locks held in the system:
[  344.136931][   T38] 2 locks held by kworker/0:0/9:
[  344.136942][   T38] 5 locks held by kworker/0:1/10:
[  344.136952][   T38]  #0: ffff88805d72b538 ((wq_completion)wg-kex-wg2#10){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.137005][   T38]  #1: ffff[  344.137005][   T38]  #1: ffffc900000f7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.137062][   T38]  #2: ffff88805e8f7880 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x38/0xbe0
[  344.137107][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.137150][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.137195][   T38] 5 locks held by kworker/u8:0/12:
[  344.137205][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.137248][   T38]  #1: ffffc90000117bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.137292][   T38]  #2: ffff88805fe20898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  344.137339][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.137382][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.137427][   T38] 5 locks held by kworker/u8:1/13:
[  344.137437][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.137481][   T38]  #1: ffffc90000127bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.137532][   T38]  #2: ffff88803d830898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  344.137577][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.137620][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.137665][   T38] 2 locks held by ksoftirqd/0/15:
[  344.137675][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.137718][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.137762][   T38] 4 locks held by pr/legacy/17:
[  344.137774][   T38] 2 locks held by rcuc/0/20:
[  344.137786][   T38] 2 locks held by rcuc/1/28:
[  344.137796][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.137840][   T38]  #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.137884][   T38] 2 locks held by ksoftirqd/1/30:
[  344.137894][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.137936][   T38]  #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.137981][   T38] 1 lock held by khungtaskd/38:
[  344.137990][   T38]  #0: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  344.138033][   T38] 2 locks held by kworker/u8:2/43:
[  344.138044][   T38] 4 locks held by kworker/1:1/49:
[  344.138054][   T38]  #0: ffff888019899938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.138099][   T38]  #1: ffffc90000bb7bc0 ((work_completion)(&(&tbl->gc_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.138144][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.138188][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.138233][   T38] 5 locks held by kworker/u8:3/57:
[  344.138243][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.138286][   T38]  #1: ffffc9000123fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.138330][   T38]  #2: ffff888060370898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  344.138376][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.138418][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.138463][   T38] 5 locks held by kworker/u8:4/64:
[  344.138474][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.138518][   T38]  #1: ffffc900014ffbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.138569][   T38]  #2: ffff888048f50898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  344.138614][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.138657][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.138710][   T38] 7 locks held by kworker/u8:5/1095:
[  344.138721][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.138765][   T38]  #1: ffffc90004b87bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.138810][   T38]  #2: ffff88805e688300 (&devlink->lock_key){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  344.138858][   T38]  #3: ffff88805e512520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  344.138906][   T38]  #4: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  344.138950][   T38]  #5: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.138993][   T38]  #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.139037][   T38] 6 locks held by kworker/u8:6/1123:
[  344.139047][   T38]  #0: ffff88803cbc6938 ((wq_completion)wg-kex-wg1#7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.139096][   T38]  #1: ffffc90004cb7bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.139141][   T38]  #2: ffff8880318f15f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  344.139187][   T38]  #3: ffff88805f1883f8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  344.139230][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.139273][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.139307][   T38] 2 locks held by kworker/u8:7/1126:
[  344.139318][   T38] 4 locks held by kworker/u8:8/1373:
[  344.139325][   T38]  #0: ffff888031081138 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.139368][   T38]  #1: ffffc90005277bc0 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.139413][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.139456][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.139500][   T38] 5 locks held by kworker/u8:9/1692:
[  344.139510][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.139567][   T38]  #1: ffffc90005cd7bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.139612][   T38]  #2: ffff888048d30898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  344.139657][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.139700][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.139756][   T38] 6 locks held by kworker/u8:10/3653:
[  344.139766][   T38]  #0: ffff888031fc9938 ((wq_completion)wg-kex-wg1){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.139811][   T38]  #1: ffffc9000e097bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.139856][   T38]  #2: ffff88803cc555f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  344.139900][   T38]  #3: ffff88805e8f4388 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  344.139944][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.139988][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.140033][   T38] 3 locks held by udevd/5204:
[  344.140043][   T38]  #0: ffff8880249be350 (sk_lock-AF_NETLINK){+.+.}-{0:0}, at: sk_setsockopt+0xc2f/0x2a70
[  344.140091][   T38]  #1: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.140133][   T38]  #2: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.140178][   T38] 2 locks held by getty/5592:
[  344.140188][   T38]  #0: ffff88814ded80a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  344.238203][   T38]  #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410
[  344.238267][   T38] 1 lock held by syz-executor/5823:
[  344.238277][   T38] 4 locks held by kworker/1:3/5833:
[  344.238285][   T38]  #0: ffff888019899938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.238327][   T38]  #1: ffffc90004cc7bc0 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.238371][   T38]  #2: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: reg_check_chans_work+0x95/0xf30
[  344.238419][   T38]  #3: ffff888060670898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: reg_check_chans_work+0x164/0xf30
[  344.238466][   T38] 1 lock held by syz-executor/5834:
[  344.238476][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[  344.238532][   T38] 1 lock held by syz-executor/5838:
[  344.238542][   T38] 4 locks held by kworker/0:3/5843:
[  344.238552][   T38]  #0: ffff888036ec2538 ((wq_completion)wg-kex-wg2#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.238602][   T38]  #1: ffffc90004db7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.238658][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.238702][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.238749][   T38] 4 locks held by kworker/R-wg-cr/5876:
[  344.238759][   T38]  #0: ffff88805d32d538 ((wq_completion)wg-crypt-wg2#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.238808][   T38]  #1: ffffc90004f37ba0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.238853][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.238895][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.238941][   T38] 4 locks held by kworker/R-wg-cr/5885:
[  344.238951][   T38]  #0: ffff88805d72b938 ((wq_completion)wg-crypt-wg2#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.238999][   T38]  #1: ffffc90005087ba0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.239044][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.239087][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.239133][   T38] 4 locks held by kworker/0:4/5907:
[  344.239143][   T38]  #0: ffff88805d33a938 ((wq_completion)wg-kex-wg1#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.239191][   T38]  #1: ffffc90005197bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.239247][   T38]  #2: ffff8880318f15f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x150/0x900
[  344.239292][   T38]  #3: ffff88805f1883f8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x4de/0x900
[  344.239336][   T38] 2 locks held by napi/wg1-0/5910:
[  344.239346][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.239389][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.239434][   T38] 2 locks held by napi/wg0-0/5914:
[  344.239444][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.239487][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.239536][   T38] 6 locks held by kworker/1:4/5915:
[  344.239547][   T38]  #0: ffff88805d32d138 ((wq_completion)wg-kex-wg2#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.239595][   T38]  #1: ffffc90005217bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.239651][   T38]  #2: ffff888031ccd5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_response+0x115/0x970
[  344.239695][   T38]  #3: ffff88805e8c8e90 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_response+0x126/0x970
[  344.239738][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.239781][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.239827][   T38] 5 locks held by kworker/0:5/5954:
[  344.239837][   T38]  #0: ffff88805d32c138 ((wq_completion)wg-kex-wg2#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.239885][   T38]  #1: ffffc90005bb7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.239942][   T38]  #2: ffff888031cc95f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x150/0x900
[  344.239986][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.240028][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.240072][   T38] 5 locks held by kworker/u8:11/5986:
[  344.240082][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.240127][   T38]  #1: ffffc90005cf7bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.240171][   T38]  #2: ffff888060670898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  344.240218][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.256705][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.256753][   T38] 5 locks held by kworker/u8:12/5987:
[  344.256764][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.256810][   T38]  #1: ffffc90005c87bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.256855][   T38]  #2: ffff88805fe90898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  344.256901][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.256944][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.256985][   T38] 2 locks held by kworker/0:6/6011:
[  344.256994][   T38] 4 locks held by kworker/0:7/6012:
[  344.257003][   T38]  #0: ffff88805d32f538 ((wq_completion)wg-crypt-wg1#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.257051][   T38]  #1: ffffc90005d87bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.257107][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.257149][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.257195][   T38] 5 locks held by kworker/u8:14/6193:
[  344.257205][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.257249][   T38]  #1: ffffc900060f7bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.257291][   T38]  #2: ffff888048ff0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  344.257336][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.257379][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.257423][   T38] 5 locks held by kworker/u8:15/6399:
[  344.257433][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.257477][   T38]  #1: ffffc900063dfbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.257528][   T38]  #2: ffff8880600a0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  344.257574][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.257617][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.257661][   T38] 5 locks held by kworker/u8:16/6401:
[  344.257671][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.257715][   T38]  #1: ffffc9000658fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.257758][   T38]  #2: ffff888049100898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  344.257803][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.257846][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.257890][   T38] 6 locks held by kworker/u8:17/6424:
[  344.257901][   T38]  #0: ffff88803692f938 ((wq_completion)wg-kex-wg1#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.257949][   T38]  #1: ffffc90006d2fbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.257994][   T38]  #2: ffff88805d19d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  344.258039][   T38]  #3: ffff88805e8c83f8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  344.258084][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.258127][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.258171][   T38] 6 locks held by kworker/u8:18/6426:
[  344.258181][   T38]  #0: ffff88803692d938 ((wq_completion)wg-kex-wg0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.258226][   T38]  #1: ffffc900065efbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.258269][   T38]  #2: ffff88805d1995f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  344.258314][   T38]  #3: ffff88805e8f38f0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  344.258357][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.258400][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.258445][   T38] 4 locks held by kworker/u8:19/6427:
[  344.258455][   T38]  #0: ffff888033e04938 ((wq_completion)wg-kex-wg0#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.258503][   T38]  #1: ffffc90007137bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.258555][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.258598][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.258642][   T38] 2 locks held by kworker/u8:20/6428:
[  344.258653][   T38] 4 locks held by kworker/1:7/6429:
[  344.258663][   T38]  #0: ffff888036ec2538 ((wq_completion)wg-kex-wg2#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.258712][   T38]  #1: ffffc90007d7fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.258768][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.258811][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.258855][   T38] 5 locks held by kworker/u8:21/6430:
[  344.258866][   T38] 3 locks held by kworker/u8:22/6431:
[  344.258876][   T38]  #0: ffff88814ce5c938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.258920][   T38]  #1: ffffc9000639fbc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.258965][   T38]  #2: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  344.259011][   T38] 6 locks held by kworker/u8:23/6432:
[  344.259021][   T38]  #0: ffff88803cbc3938 ((wq_completion)wg-kex-wg0#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.259070][   T38]  #1: ffffc90008177bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.259114][   T38]  #2: ffff8880359315f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  344.259158][   T38]  #3: ffff88805e8f6350 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  344.259201][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.259244][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.259285][   T38] 4 locks held by kworker/1:8/6433:
[  344.259295][   T38]  #0: ffff88805d33a138 ((wq_completion)wg-kex-wg2#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.259343][   T38]  #1: ffffc90005c77bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.259400][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.259443][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.259487][   T38] 5 locks held by kworker/0:10/6434:
[  344.259497][   T38]  #0: ffff88805d07f538 ((wq_completion)wg-kex-wg1#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.259551][   T38]  #1: ffffc9000660fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.259608][   T38]  #2: ffff88805d19d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x1c7/0xb00
[  344.259653][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.259696][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.259740][   T38] 1 lock held by dhcpcd/6435:
[  344.259750][   T38]  #0: ffff88805ef40278 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240
[  344.259799][   T38] 6 locks held by kworker/u8:24/6436:
[  344.259810][   T38]  #0: ffff88805d5d0138 ((wq_completion)wg-kex-wg0#7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.259858][   T38]  #1: ffffc9000856fbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.259903][   T38]  #2: ffff88805d5c15f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  344.259947][   T38]  #3: ffff88805e8ce350 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  344.259990][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.260034][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.260078][   T38] 5 locks held by kworker/0:11/6437:
[  344.260089][   T38]  #0: ffff88805ceab938 ((wq_completion)wg-kex-wg1#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.260137][   T38]  #1: ffffc9000857fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.260193][   T38]  #2: ffff88805e8c9928 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x38/0xbe0
[  344.276351][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.276409][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.276456][   T38] 6 locks held by kworker/u8:25/6439:
[  344.276467][   T38]  #0: ffff88803cbc7938 ((wq_completion)wg-kex-wg1#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.276527][   T38]  #1: ffffc90004ba7bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.276573][   T38]  #2: ffff8880318f55f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  344.276619][   T38]  #3: ffff88805e8f6de8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  344.276663][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.276706][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.276751][   T38] 1 lock held by dhcpcd/6440:
[  344.276761][   T38]  #0: ffff88803d6ab1b8 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240
[  344.276811][   T38] 4 locks held by kworker/1:11/6443:
[  344.276821][   T38]  #0: ffff88805cea9138 ((wq_completion)wg-kex-wg0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.276870][   T38]  #1: ffffc90008d8fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.276926][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.276970][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.277014][   T38] 4 locks held by kworker/1:12/6444:
[  344.277025][   T38]  #0: ffff888019899938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.277069][   T38]  #1: ffffc90009197bc0 ((work_completion)(&(&tbl->managed_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.277114][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.277157][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.277201][   T38] 4 locks held by kworker/1:13/6445:
[  344.277212][   T38]  #0: ffff88805ceab938 ((wq_completion)wg-kex-wg1#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.277260][   T38]  #1: ffffc900091a7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.277316][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.277358][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.277403][   T38] 4 locks held by kworker/1:14/6446:
[  344.277413][   T38]  #0: ffff88805d728138 ((wq_completion)wg-kex-wg1#10){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.277462][   T38]  #1: ffffc9000959fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.277525][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.277568][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.277612][   T38] 4 locks held by kworker/u8:26/6447:
[  344.277622][   T38]  #0: ffff888031fcf138 ((wq_completion)wg-kex-wg2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.277667][   T38]  #1: ffffc900095afbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.277712][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.277755][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.277799][   T38] 6 locks held by kworker/u8:27/6448:
[  344.277809][   T38]  #0: ffff88803cbc2138 ((wq_completion)wg-kex-wg1#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.277857][   T38]  #1: ffffc900099a7bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.277902][   T38]  #2: ffff888031f555f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  344.277946][   T38]  #3: ffff88805e8cc388 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  344.277990][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.278033][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.278077][   T38] 6 locks held by kworker/u8:28/6449:
[  344.278087][   T38]  #0: ffff88805d5d0138 ((wq_completion)wg-kex-wg0#7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.278135][   T38]  #1: ffffc900099b7bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.278180][   T38]  #2: ffff88805d5c15f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  344.278224][   T38]  #3: ffff88805e8cede8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  344.278267][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.278310][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.278355][   T38] 7 locks held by kworker/u8:29/6451:
[  344.278365][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.278410][   T38]  #1: ffffc9000a1afbc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.278456][   T38]  #2: ffff888023642300 (&devlink->lock_key#4){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  344.278509][   T38]  #3: ffff88805ea6b120 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  344.278562][   T38]  #4: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  344.278606][   T38]  #5: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.278649][   T38]  #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.278694][   T38] 6 locks held by kworker/u8:30/6452:
[  344.278704][   T38]  #0: ffff88803cbc3938 ((wq_completion)wg-kex-wg0#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.278752][   T38]  #1: ffffc9000a1bfbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.278797][   T38]  #2: ffff8880359315f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  344.278841][   T38]  #3: ffff88805f18a3c0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  344.278885][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.278928][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.278971][   T38] 1 lock held by dhcpcd/6453:
[  344.278981][   T38]  #0: ffff88805ef467b8 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240
[  344.279029][   T38] 4 locks held by kworker/u8:31/6454:
[  344.279039][   T38]  #0: ffff888031fcf938 ((wq_completion)wg-kex-wg2#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.279088][   T38]  #1: ffffc9000a5c7bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.279133][   T38]  #2: ffff888031ccd5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  344.279177][   T38]  #3: ffff88805e8c8e90 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  344.279221][   T38] 6 locks held by kworker/u8:32/6455:
[  344.279231][   T38]  #0: ffff88803cbc6938 ((wq_completion)wg-kex-wg1#7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.279279][   T38]  #1: ffffc90008987bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.279324][   T38]  #2: ffff8880318f15f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  344.279368][   T38]  #3: ffff88805e8cf880 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  344.279411][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.279455][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.279499][   T38] 4 locks held by kworker/0:12/6456:
[  344.279509][   T38]  #0: ffff88805d17f938 ((wq_completion)wg-crypt-wg0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.279563][   T38]  #1: ffffc9000a5d7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.279618][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.279662][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.279706][   T38] 5 locks held by kworker/0:13/6458:
[  344.279716][   T38]  #0: ffff88805d32d938 ((wq_completion)wg-kex-wg0#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.279765][   T38]  #1: ffffc9000add7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.279821][   T38]  #2: ffff888031f515f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x150/0x900
[  344.279864][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.279907][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.279951][   T38] 4 locks held by kworker/1:16/6459:
[  344.279962][   T38]  #0: ffff88805d32d938 ((wq_completion)wg-kex-wg0#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.280010][   T38]  #1: ffffc9000ade7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  344.280066][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  344.280110][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  344.280155][   T38] 6 locks held by kworker/u8:33/6460:
[  344.280165][   T38]  #0: ffff888031fcf138 ((wq_completion)wg-kex-wg2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  344.280209][   T38]  #1: ffffc9000b1efbc0 (
[  346.079706][ T5842] Bluetooth: hci7: command 0x1003 tx timeout
[  346.290068][ T6496] Bluetooth: hci7: Opcode 0x1003 failed: -110
[  348.188089][   T38] (work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.188142][   T38]  #2: ffff888031cc95f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  348.188188][   T38]  #3: ffff88805e8f58b8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  348.188231][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.188274][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.188320][   T38] 6 locks held by kworker/0:14/6461:
[  348.188331][   T38]  #0: ffff88805d32f138 ((wq_completion)wg-kex-wg1#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.188380][   T38]  #1: ffffc9000b1ffbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.188435][   T38]  #2: ffff888031f555f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_response+0x115/0x970
[  348.188480][   T38]  #3: ffff88805e8cb8f0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_response+0x126/0x970
[  348.188523][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.188566][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.188610][   T38] 4 locks held by kworker/1:17/6462:
[  348.188620][   T38]  #0: ffff88805d32c138 ((wq_completion)wg-kex-wg2#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.188669][   T38]  #1: ffffc90004c57bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.188724][   T38]  #2: ffff888031cc95f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x150/0x900
[  348.188769][   T38]  #3: ffff88805e8f58b8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x4de/0x900
[  348.188814][   T38] 4 locks held by kworker/1:18/6463:
[  348.188824][   T38]  #0: ffff88805ceabd38 ((wq_completion)wg-crypt-wg1){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.188867][   T38]  #1: ffffc9000b20fbc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.188912][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.188961][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.189006][   T38] 4 locks held by kworker/1:19/6464:
[  348.189016][   T38]  #0: ffff88805d72b538 ((wq_completion)wg-kex-wg2#10){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.189064][   T38]  #1: ffffc9000b9ffbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.189118][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.189161][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.189206][   T38] 4 locks held by kworker/1:21/6466:
[  348.189216][   T38]  #0: ffff88805d32f138 ((wq_completion)wg-kex-wg1#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.189264][   T38]  #1: ffffc9000be07bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.189320][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.189363][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.189406][   T38] 4 locks held by kworker/u8:34/6467:
[  348.189416][   T38]  #0: ffff888031c31938 ((wq_completion)wg-kex-wg2#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.189464][   T38]  #1: ffffc9000c20fbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.189508][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.189551][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.189595][   T38] 5 locks held by kworker/1:22/6468:
[  348.189605][   T38]  #0: ffff8880328acd38 ((wq_completion)wg-kex-wg0#10){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.189655][   T38]  #1: ffffc9000c607bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.189710][   T38]  #2: ffff8880359315f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x150/0x900
[  348.189754][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.189797][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.189841][   T38] 5 locks held by kworker/1:23/6469:
[  348.189851][   T38]  #0: ffff88805d33a938 ((wq_completion)wg-kex-wg1#8){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.189900][   T38]  #1: ffffc9000c617bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.189962][   T38]  #2: ffff8880318f15f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x1c7/0xb00
[  348.190006][   T38]  #3: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.190049][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.190091][   T38] 1 lock held by syz-executor/6470:
[  348.190102][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  348.190145][   T38] 4 locks held by kworker/1:24/6474:
[  348.190155][   T38]  #0: ffff88805d325138 ((wq_completion)wg-crypt-wg1#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.190203][   T38]  #1: ffffc9000ca4fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.190305][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.190348][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.190393][   T38] 1 lock held by dhcpcd/6476:
[  348.190403][   T38]  #0: ffff8880199ca350 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  348.190448][   T38] 3 locks held by kworker/0:15/6477:
[  348.190458][   T38]  #0: ffff8880328acd38 ((wq_completion)wg-kex-wg0#10){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.190506][   T38]  #1: ffffc9000caafbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.190562][   T38]  #2: ffff88805f18a3c0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x38/0xbe0
[  348.190607][   T38] 4 locks held by kworker/0:16/6478:
[  348.190617][   T38]  #0: ffff88805d33a138 ((wq_completion)wg-kex-wg2#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.190663][   T38]  #1: ffffc9000caefbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.190719][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.190763][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.190806][   T38] 1 lock held by syz-executor/6479:
[  348.190816][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  348.190858][   T38] 2 locks held by kworker/0:17/6480:
[  348.190868][   T38]  #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.190913][   T38]  #1: ffffc9000caffbc0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.190965][   T38] 1 lock held by syz-executor/6482:
[  348.190975][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  348.191017][   T38] 1 lock held by dhcpcd/6485:
[  348.191028][   T38]  #0: ffff88801cf4e350 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  348.191073][   T38] 5 locks held by kworker/u8:35/6487:
[  348.191084][   T38] 6 locks held by kworker/u8:36/6488:
[  348.191095][   T38]  #0: ffff888036170138 ((wq_completion)wg-kex-wg2#7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.191144][   T38]  #1: ffffc9000cb97bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.191190][   T38]  #2: ffff88805d5c55f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  348.191233][   T38]  #3: ffff88805f188e90 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  348.191277][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.191320][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.191365][   T38] 4 locks held by kworker/0:19/6489:
[  348.191376][   T38]  #0: ffff8880328ac138 ((wq_completion)wg-crypt-wg0#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.191425][   T38]  #1: ffffc9000cba7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.191485][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.191528][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.191573][   T38] 7 locks held by kworker/u8:37/6490:
[  348.191584][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.191629][   T38]  #1: ffffc9000cbb7bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.191675][   T38]  #2: ffff88805e84d300 (&devlink->lock_key#2){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  348.191728][   T38]  #3: ffff88805e815520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  348.191776][   T38]  #4: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  348.191820][   T38]  #5: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.191864][   T38]  #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.191908][   T38] 4 locks held by kworker/0:20/6491:
[  348.191918][   T38]  #0: ffff88805d17f538 ((wq_completion)wg-kex-wg0#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.191975][   T38]  #1: ffffc9000cbc7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.192033][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.192076][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.192121][   T38] 4 locks held by kworker/0:21/6492:
[  348.192132][   T38]  #0: ffff88805cea9138 ((wq_completion)wg-kex-wg0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.192181][   T38]  #1: ffffc9000cbd7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.192238][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.192281][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.192326][   T38] 4 locks held by kworker/0:22/6493:
[  348.192337][   T38]  #0: ffff88805d07d138 ((wq_completion)wg-kex-wg0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.192386][   T38]  #1: ffffc9000cbe7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.192446][   T38]  #2: ffff88805d1995f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x150/0x900
[  348.192491][   T38]  #3: ffff88805e8f38f0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x4de/0x900
[  348.192537][   T38] 4 locks held by kworker/u8:38/6494:
[  348.192547][   T38]  #0: ffff88803cbc0138 ((wq_completion)wg-kex-wg0#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.192595][   T38]  #1: ffffc9000cbf7bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.192641][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.192685][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.192731][   T38] 6 locks held by kworker/u8:39/6498:
[  348.192742][   T38]  #0: ffff88803692d938 ((wq_completion)wg-kex-wg0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.192786][   T38]  #1: ffffc9000cc07bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.192831][   T38]  #2: ffff88805d1995f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  348.192876][   T38]  #3: ffff88805e8f2e58 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  348.192920][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.192971][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.193016][   T38] 7 locks held by kworker/u8:40/6499:
[  348.193026][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.193072][   T38]  #1: ffffc9000cc17bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.193118][   T38]  #2: ffff88805e8c5300 (&devlink->lock_key#3){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  348.193170][   T38]  #3: ffff88805e833120 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  348.193218][   T38]  #4: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  348.193261][   T38]  #5: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.193304][   T38]  #6: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.193350][   T38] 4 locks held by kworker/u8:41/6500:
[  348.193360][   T38]  #0: ffff888033e04938 ((wq_completion)wg-kex-wg0#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.193411][   T38]  #1: ffffc9000cc27bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.193455][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.193499][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.193543][   T38] 6 locks held by kworker/u8:42/6501:
[  348.193553][   T38]  #0: ffff88803cbc7938 ((wq_completion)wg-kex-wg1#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.193602][   T38]  #1: ffffc9000cc37bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.193646][   T38]  #2: ffff8880318f55f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  348.193690][   T38]  #3: ffff88805f18ae58 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  348.193734][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.193777][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.193822][   T38] 4 locks held by kworker/1:25/6503:
[  348.193833][   T38]  #0: ffff88805d17f538 ((wq_completion)wg-kex-wg0#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.193881][   T38]  #1: ffffc9000cc57bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.193939][   T38]  #2: ffff88805d5c15f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x150/0x900
[  348.193990][   T38]  #3: ffff88805e8cede8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_initiation+0x582/0x900
[  348.194036][   T38] 4 locks held by kworker/1:27/6505:
[  348.194046][   T38]  #0: ffff88805d07d138 ((wq_completion)wg-kex-wg0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.194095][   T38]  #1: ffffc9000cc67bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.194153][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.194197][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.194241][   T38] 6 locks held by kworker/u8:43/6507:
[  348.194252][   T38]  #0: ffff88803cbc6138 ((wq_completion)wg-kex-wg2#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.194301][   T38]  #1: ffffc9000cc97bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.194345][   T38]  #2: ffff8880359355f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  348.194390][   T38]  #3: ffff88805e8cce20 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  348.194435][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.194478][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.194524][   T38] 1 lock held by dhcpcd/6508:
[  348.194534][   T38]  #0: ffff88805f638350 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  348.194578][   T38] 6 locks held by kworker/u8:44/6509:
[  348.194588][   T38]  #0: ffff888031fc9938 ((wq_completion)wg-kex-wg1){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  348.194634][   T38]  #1: ffffc9000cca7bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  348.194679][   T38]  #2: ffff88803cc555f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  348.194724][   T38]  #3: ffff88805e8c9928 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  348.194773][   T38]  #4: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.194816][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.194860][   T38] 3 locks held by syz-executor/6510:
[  348.194871][   T38]  #0: ffff888026bdd350 (sk_lock-AF_BLUETOOTH-BTPROTO_HCI){+.+.}-{0:0}, at: hci_sock_ioctl+0x247/0x910
[  348.194912][   T38]  #1: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  348.194961][   T38]  #2: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  348.195009][   T38] 
[  348.195014][   T38] =============================================
[  348.195014][   T38] 
[  348.195039][   T38] NMI backtrace for cpu 0
[  348.195058][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  348.195107][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  348.195133][   T38] Call Trace:
[  348.195149][   T38]  <TASK>
[  348.195168][   T38]  dump_stack_lvl+0x189/0x250
[  348.195216][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  348.195239][   T38]  ? __pfx__printk+0x10/0x10
[  348.195270][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[  348.195295][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  348.195319][   T38]  ? __pfx__printk+0x10/0x10
[  348.195342][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  348.195365][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  348.195390][   T38]  watchdog+0xf93/0xfe0
[  348.195416][   T38]  ? watchdog+0x1de/0xfe0
[  348.195443][   T38]  kthread+0x70e/0x8a0
[  348.195469][   T38]  ? __pfx_watchdog+0x10/0x10
[  348.195489][   T38]  ? __pfx_kthread+0x10/0x10
[  348.195517][   T38]  ? __pfx_kthread+0x10/0x10
[  348.195541][   T38]  ret_from_fork+0x436/0x7d0
[  348.195565][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  348.195592][   T38]  ? __switch_to_asm+0x39/0x70
[  348.195608][   T38]  ? __switch_to_asm+0x33/0x70
[  348.195622][   T38]  ? __pfx_kthread+0x10/0x10
[  348.195647][   T38]  ret_from_fork_asm+0x1a/0x30
[  348.195679][   T38]  </TASK>
[  348.195686][   T38] Sending NMI from CPU 0 to CPUs 1:
[  348.195711][    C1] NMI backtrace for cpu 1
[  348.195724][    C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  348.195742][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  348.195751][    C1] RIP: 0010:unwind_next_frame+0x7cd/0x2390
[  348.195772][    C1] Code: 0f 84 d3 0d 00 00 48 83 c7 38 e8 0e 28 00 00 49 89 c4 48 8b 34 24 e9 a9 02 00 00 49 8d 5e 40 48 89 d8 48 c1 e8 03 80 3c 28 00 <74> 11 48 89 df e8 39 ec aa 00 48 8b 34 24 48 8b 54 24 08 4c 8b 23
[  348.195785][    C1] RSP: 0018:ffffc90000a3e738 EFLAGS: 00000246
[  348.195799][    C1] RAX: 1ffff92000147d09 RBX: ffffc90000a3e848 RCX: ffffffff8f3154c0
[  348.195811][    C1] RDX: ffffffff8fa81f5a RSI: ffffffff8fa81f5e RDI: ffffffff8b621620
[  348.195823][    C1] RBP: dffffc0000000000 R08: 0000000000000001 R09: ffffffff8172c165
[  348.195834][    C1] R10: ffffc90000a3e858 R11: ffffffff81aaf310 R12: ffffffff8fa81f5f
[  348.195845][    C1] R13: ffffc90000a3e858 R14: ffffc90000a3e808 R15: ffffc90000a3e840
[  348.195857][    C1] FS:  0000000000000000(0000) GS:ffff8881269bc000(0000) knlGS:0000000000000000
[  348.195870][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  348.195881][    C1] CR2: 00007fd6bc285000 CR3: 000000000d7a6000 CR4: 00000000003526f0
[  348.195895][    C1] Call Trace:
[  348.195901][    C1]  <TASK>
[  348.195925][    C1]  ? unwind_next_frame+0xa5/0x2390
[  348.195943][    C1]  ? kthread+0x70e/0x8a0
[  348.195964][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  348.195980][    C1]  arch_stack_walk+0x11c/0x150
[  348.196003][    C1]  ? kthread+0x70e/0x8a0
[  348.196022][    C1]  stack_trace_save+0x9c/0xe0
[  348.196037][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  348.196050][    C1]  ? do_raw_spin_lock+0x121/0x290
[  348.196072][    C1]  kasan_save_track+0x3e/0x80
[  348.196088][    C1]  ? kasan_save_track+0x3e/0x80
[  348.196102][    C1]  ? __kasan_slab_alloc+0x6c/0x80
[  348.196118][    C1]  ? kmem_cache_alloc_noprof+0x143/0x310
[  348.196135][    C1]  ? fill_pool+0x100/0x570
[  348.196153][    C1]  ? debug_objects_fill_pool+0x107/0x120
[  348.196170][    C1]  ? debug_object_activate+0x6c/0x3a0
[  348.196186][    C1]  ? call_rcu+0xaa/0x9c0
[  348.196203][    C1]  ? skb_release_head_state+0x71/0x250
[  348.196223][    C1]  ? consume_skb+0x60/0xf0
[  348.196240][    C1]  ? nft_synproxy_eval_v4+0x376/0x560
[  348.196255][    C1]  ? nft_synproxy_do_eval+0x345/0x570
[  348.196269][    C1]  ? nft_do_chain+0x40c/0x1920
[  348.196282][    C1]  ? nft_do_chain_inet+0x25d/0x340
[  348.196296][    C1]  ? nf_hook_slow+0xc2/0x220
[  348.196314][    C1]  ? NF_HOOK+0x206/0x3a0
[  348.196331][    C1]  ? NF_HOOK+0x30c/0x3a0
[  348.196346][    C1]  ? __netif_receive_skb+0x143/0x380
[  348.196363][    C1]  ? process_backlog+0x31e/0x900
[  348.196379][    C1]  ? __napi_poll+0xb3/0x540
[  348.196393][    C1]  ? net_rx_action+0x707/0xe00
[  348.196409][    C1]  ? handle_softirqs+0x22f/0x710
[  348.196425][    C1]  ? run_ktimerd+0xcf/0x190
[  348.196441][    C1]  ? smpboot_thread_fn+0x53f/0xa60
[  348.196456][    C1]  ? kthread+0x70e/0x8a0
[  348.196488][    C1]  ? fill_pool+0x100/0x570
[  348.196506][    C1]  __kasan_slab_alloc+0x6c/0x80
[  348.196522][    C1]  ? fill_pool+0x100/0x570
[  348.196539][    C1]  kmem_cache_alloc_noprof+0x143/0x310
[  348.196559][    C1]  fill_pool+0x100/0x570
[  348.196577][    C1]  ? debug_objects_fill_pool+0xdf/0x120
[  348.196594][    C1]  ? __pfx_fill_pool+0x10/0x10
[  348.196614][    C1]  ? debug_objects_fill_pool+0xdf/0x120
[  348.196630][    C1]  ? debug_objects_fill_pool+0xdf/0x120
[  348.196648][    C1]  debug_objects_fill_pool+0x107/0x120
[  348.196666][    C1]  ? __pfx_debug_objects_fill_pool+0x10/0x10
[  348.196689][    C1]  debug_object_activate+0x6c/0x3a0
[  348.196710][    C1]  ? __pfx_dst_destroy_rcu+0x10/0x10
[  348.196726][    C1]  call_rcu+0xaa/0x9c0
[  348.196743][    C1]  ? rcuref_put+0x1b7/0x210
[  348.196758][    C1]  ? __pfx_call_rcu+0x10/0x10
[  348.196772][    C1]  ? percpu_counter_add_batch+0xea/0x1e0
[  348.196792][    C1]  ? dst_release+0x126/0x1b0