last executing test programs:

3m32.782623764s ago: executing program 1 (id=72):
socket$packet(0x11, 0x2, 0x300)
r0 = socket$pppoe(0x18, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f00000001c0)=0x1e00)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r6=>0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r5, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r6, 0x0, <r7=>0xffffffffffffffff})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r5, 0x3ba0, &(0x7f0000000540)={0x48, 0x8, r7, 0x0, 0x2fff, 0x1, &(0x7f00000000c0)='r', 0x4})
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r8, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$can_bcm(r8, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000080)={0x5, 0x802, 0x0, {0x0, 0x2710}, {0x0, 0xea60}, {0x0, 0x0, 0x1}, 0x1, @canfd={{}, 0x27, 0x0, 0x0, 0x0, "f33d8e7b847ec8b36f1107e036dd98fc469107485e371bcf5c6b77db54f3d984795c49eca9b92241dc9fc39f976ad52e581942d9fc2178681e6866aa6ef10d06"}}, 0x80}, 0x1, 0x0, 0x0, 0x40084}, 0x20000000)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vxcan0\x00'})

3m30.147036498s ago: executing program 1 (id=75):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r0)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000500)={0x0, 0x0, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r3, 0x0, 0x0, 0x0, 0x0, [<r4=>0x0], [], [0x8]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xad, 0x3fb, 0x34325241, 0x0, [r4], [0x2b8, 0xeb, 0x0, 0xfffffffe], [0x0, 0xfffffffd, 0x0, 0x5], [0x690]})
r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet(r5, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/devices.allow\x00', 0x2, 0x8)
write$cgroup_devices(r6, &(0x7f0000000080)=ANY=[@ANYBLOB='c ', @ANYRESDEC], 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000003c0), 0x8}, 0x94)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
bind$can_j1939(0xffffffffffffffff, &(0x7f00000000c0), 0x18)
sendmmsg(0xffffffffffffffff, &(0x7f0000003e40), 0x3fffffffffffe3d, 0x0)
getpeername$llc(r5, 0x0, 0x0)

3m25.520288505s ago: executing program 1 (id=86):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0x65, &(0x7f0000000200)=0x5, 0x4)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @local}, 0x2}}, 0x2e)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22, 0x81, @mcast2, 0x5}, 0x1c)
write$RDMA_USER_CM_CMD_JOIN_MCAST(0xffffffffffffffff, &(0x7f0000000180)={0x16, 0x98, 0xfa00, {&(0x7f00000000c0), 0x0, 0xffffffffffffffff, 0x0, 0x0, @in6={0xa, 0x4e20, 0x7, @empty, 0xf68}}}, 0xa0)
sendmsg$OSF_MSG_REMOVE(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000340)={0x964, 0x1, 0x5, 0x201, 0x0, 0x0, {0x0, 0x0, 0x2}, [{{0x254, 0x1, {{0x1, 0x10}, 0x2, 0x8e, 0xa000, 0x700, 0x1f, 'syz0\x00', "9909de6310049d8bc2974de579dbfd2dd921af34526e8672f9f19658b1aa3bbd", "7d2c3c454d3e3c0b9f9c3efc392a7da02a3de29c5fc559e363210b656f2c7f35", [{0xc9, 0x3, {0x0, 0x2}}, {0x4, 0x100, {0x0, 0x2}}, {0x5c91, 0x8, {0x3, 0x7fffffff}}, {0x3, 0xaebc, {0x3, 0x3b}}, {0x6, 0x7, {0x1, 0x1000}}, {0x7, 0x9, {0x3, 0x73d}}, {0x0, 0x9, {0x2, 0x7ff}}, {0x3, 0x7, {0x3, 0x6}}, {0x7, 0x6, {0x0, 0x7c}}, {0x6, 0x3, {0x3, 0x1}}, {0x1, 0xc493, {0x2, 0xd1}}, {0xffff, 0x1ff, {0x2, 0x3}}, {0x2, 0xa00, {0x0, 0x3}}, {0x200, 0x0, {0x0, 0x1}}, {0x800, 0x6, {0x2, 0x81}}, {0x2, 0x5f9, {0x0, 0x60}}, {0x100, 0x4, {0x3, 0x400}}, {0x6, 0x8e2, {0x3, 0x43a386b5}}, {0x8000, 0x8, {0x3, 0x925a}}, {0x8000, 0xa, {0x3, 0x7}}, {0x4, 0x1, {0x3, 0xf}}, {0xfc01, 0x10, {0x2, 0x3147}}, {0x1, 0xf00, {0x3, 0xdb9d}}, {0x6, 0x4bcf, {0x2, 0x8}}, {0x800, 0x0, {0x0, 0x3}}, {0xcc28, 0xffff, {0x0, 0x80}}, {0x0, 0x3, {0x0, 0x4}}, {0x3, 0x9, {0x1, 0x2}}, {0x7fff, 0x84, {0x3, 0x3}}, {0xffff, 0xee, {0x3}}, {0x3, 0x22a, {0x0, 0x1}}, {0x83de, 0x616, {0x1, 0x9}}, {0x1ff, 0x8001, {0x0, 0x8}}, {0x1, 0x6, {0x0, 0x5}}, {0x80, 0x1, {0x3, 0x4}}, {0x8, 0x2, {0x0, 0x6}}, {0x6, 0x9, {0x1, 0x7}}, {0x2, 0x7f, {0x1, 0xfffffff5}}, {0x9, 0xff9a, {0x0, 0x10}}, {0x514, 0x9c8, {0x0, 0xfffffff9}}]}}}, {{0x254, 0x1, {{0x3, 0x4}, 0x9, 0x2, 0x5, 0x5, 0x10, 'syz0\x00', "9a884ee16a56a00db8dfae9045745ddfa7803401a785f6fc7ce6c814627d2695", "1148d5df80d98fba4fbafd3912fc7f1f0a6c39ae74f0c31a34d4870ce7df976d", [{0x6, 0x2, {0x2, 0x7}}, {0x0, 0x9, {0x1, 0x4}}, {0x3, 0xfffa, {0x0, 0x101}}, {0x2, 0xf742, {0x3, 0x4}}, {0x4, 0x5, {0x3, 0xfffffff8}}, {0x8, 0xe6bf, {0x2, 0xda}}, {0xfeff, 0x6, {0x2, 0x10000}}, {0x1, 0xa7c2, {0x1, 0x5}}, {0x3ff, 0x3, {0x3, 0x8001}}, {0x2, 0xc, {0x0, 0x3}}, {0xfe3, 0xfffa, {0x1}}, {0x7, 0x3, {0x0, 0x2}}, {0x3, 0x7, {0x3, 0x4}}, {0xb12c, 0x7, {0x2, 0x4}}, {0x8, 0x5, {0x1, 0x1}}, {0x401, 0x7, {0x0, 0x5}}, {0x3, 0xc9, {0x2, 0x40}}, {0x5, 0xf11, {0x2, 0x3}}, {0x9, 0x3, {0x3, 0x60}}, {0x6, 0xfffd, {0x0, 0x2b3}}, {0x6, 0x5, {0x3, 0x4}}, {0xe000, 0x8, {0x3, 0x6893}}, {0x8d8, 0x2, {0x1, 0x3}}, {0x9, 0x5, {0x3, 0x15}}, {0xe, 0x0, {0x2, 0x4}}, {0xd4, 0x4, {0x2, 0x622}}, {0x8, 0xc, {0x1}}, {0x9, 0x800}, {0x9, 0x5, {0x2, 0x5}}, {0xb8a6, 0x6, {0x0, 0x80}}, {0x4, 0x3ea, {0x2, 0x8}}, {0x5, 0x2, {0x1, 0x7}}, {0x6, 0x9, {0x0, 0x5}}, {0x6, 0x800, {0x1, 0x9}}, {0x0, 0x7, {0x3, 0x10000000}}, {0x81, 0x1, {0x2, 0x2}}, {0x3, 0x7, {0x2, 0x101}}, {0x4, 0x72, {0x2, 0x3}}, {0xc, 0x4, {0x3, 0x6}}, {0xfff9, 0x200, {0x3, 0x9}}]}}}, {{0x254, 0x1, {{0x2, 0x6}, 0x0, 0xa0, 0x764, 0x71e0, 0x21, 'syz1\x00', "b05d2cdc55612252f25e9e2cf511a13a0a95554cf2c7970a700f46359f39400f", "24b1b69d02cde316f6d3755ba17c49ca404dc421fd6af6104632b4776a347244", [{0x5, 0x5, {0x2, 0x78}}, {0x0, 0xffff, {0x2, 0x8}}, {0x5, 0x9, {0x1, 0x28b}}, {0x5, 0x1000, {0x0, 0x6}}, {0x5444, 0x8, {0x0, 0x46e2cd87}}, {0xfffc, 0xfffa, {0x0, 0x80000001}}, {0x3, 0x4, {0x0, 0x8}}, {0xd, 0x8, {0x0, 0x8}}, {0x7, 0x1, {0x2, 0x400}}, {0xab, 0x6, {0x0, 0x983}}, {0x8, 0x6, {0x3, 0x5}}, {0x3, 0x0, {0x0, 0x1}}, {0x3, 0xff, {0x3, 0x3}}, {0x7, 0x9, {0x0, 0x8}}, {0x6, 0x1, {0x2, 0x2}}, {0xd, 0xcbf3, {0x1, 0x43d0}}, {0x4, 0x1, {0x0, 0x4}}, {0x101, 0xfffe, {0x2, 0x534e}}, {0x7, 0x18, {0x3, 0x9}}, {0xf297, 0x1, {0x3, 0x7}}, {0x8, 0x4, {0x0, 0x5}}, {0x1, 0x10a, {0x3, 0x1}}, {0x7ff, 0xc4, {0x1, 0x6}}, {0x796, 0xfff, {0x3, 0xc}}, {0x4, 0xb1c, {0x2, 0xb541}}, {0xfc01, 0x200, {0x1, 0x800}}, {0x7, 0x45d, {0x2, 0x9}}, {0xff, 0xcdd, {0x3, 0x7}}, {0x9, 0x2, {0x3, 0x2}}, {0x0, 0x7, {0x3, 0x3}}, {0x1000, 0x1ff, {0x1, 0x3}}, {0x81, 0x7f, {0x3, 0xe}}, {0x0, 0x3, {0x1, 0xef6f}}, {0x6, 0x24, {0x2}}, {0x8, 0x1, {0x1, 0xa6f}}, {0xfffa, 0x6, {0x3, 0x7}}, {0x0, 0x0, {0x1, 0xfffffffc}}, {0x2, 0xe, {0x1, 0x4}}, {0x1, 0x7, {0x3, 0x2}}, {0x75a, 0x4, {0x0, 0xa}}]}}}, {{0x254, 0x1, {{0x3, 0x2}, 0xe, 0xa, 0x0, 0x3, 0x17, 'syz1\x00', "fc37e8321eced567605e11b39ed7a1d29c1b7a4a40f9d2889cb3c14fd14581de", "dff5eda10ec26447659e0bfc176baae17360aa362ca266cbbecf2c01f6d10e35", [{0x200, 0x800, {0x3, 0x97f2}}, {0x3ff, 0x0, {0x0, 0x6}}, {0x5, 0x852f, {0x1, 0x6}}, {0x2, 0x4, {0x0, 0x4}}, {0x1000, 0x5, {0x1, 0x8}}, {0x8, 0x6, {0x3, 0x2}}, {0x4, 0x28f, {0x2, 0x8}}, {0x6, 0x3800, {0x1, 0x9}}, {0x40, 0x8, {0x3, 0x2}}, {0xed5, 0x81, {0x0, 0x3}}, {0x6f, 0x5, {0x1, 0x400}}, {0x1000, 0x5, {0x3, 0x8}}, {0x3ff, 0xfffa, {0x2, 0x101}}, {0xa, 0x9, {0x2, 0x6}}, {0x7, 0x4, {0x0, 0x7}}, {0x9e61, 0x1, {0x0, 0x6}}, {0x9, 0x74, {0x1, 0x78}}, {0x1ff, 0xe, {0x0, 0x1ff}}, {0x40, 0x91d, {0x2, 0xfb14}}, {0x2, 0x9, {0x3, 0xff}}, {0x7, 0x4, {0x0, 0x9}}, {0xd, 0x8, {0x0, 0x7}}, {0x78af, 0x8000, {0x1, 0xa}}, {0x7f, 0x80, {0x2, 0x1000}}, {0x0, 0x2, {0x2, 0x4}}, {0x1, 0x8, {0x3, 0x7}}, {0x5, 0xa, {0x1, 0x101}}, {0x1a, 0x3, {0x2, 0x7fffffff}}, {0x2, 0x25c7, {0x2, 0x5}}, {0xe15, 0x3, {0x0, 0x7}}, {0x8001, 0xfffc, {0x0, 0x247}}, {0x5, 0x80, {0x1, 0x2}}, {0xfffc, 0x0, {0x2, 0x69}}, {0x4, 0x401, {0x0, 0x4}}, {0x7, 0x7}, {0x2, 0x6, {0x2, 0x8c8f}}, {0x7, 0x1, {0x0, 0x5}}, {0x37f, 0x1}, {0x215, 0x80, {0x2, 0x6}}, {0x200, 0x5e, {0x3, 0x6}}]}}}]}, 0x964}, 0x1, 0x0, 0x0, 0x4000}, 0x4080)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001900)=@newlink={0x58, 0x10, 0x403, 0x300, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40220}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x1e, 0x1d}}, @IFLA_VLAN_ID={0x6, 0x1, 0xffe}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)

3m18.863213401s ago: executing program 1 (id=94):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000012c0)={&(0x7f0000001200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x77, 0x77, 0x4, [@restrict={0x7, 0x0, 0x0, 0xb, 0x5}, @int={0xe, 0x0, 0x0, 0x1, 0x0, 0x42, 0x0, 0x24, 0x2}, @datasec={0x8, 0x1, 0x0, 0xf, 0x3, [{0x4, 0x9, 0x2}], "08a01d"}, @enum={0x8, 0x5, 0x0, 0x6, 0x4, [{0xf, 0x6dd}, {0x3, 0x3}, {0xd, 0x1}, {0x8, 0xfffffffa}, {0x10, 0x7}]}, @fwd={0xc}]}, {0x0, [0x28, 0x5f]}}, &(0x7f00000010c0)=""/48, 0x94, 0x30, 0x1, 0xe1b}, 0x28)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001340)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x1}, 0x50)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/key-users\x00', 0x0, 0x0)
read$hiddev(r1, &(0x7f00000000c0)=""/4092, 0xffc)
pidfd_getfd(r1, r0, 0x0)
preadv(r1, &(0x7f0000001300)=[{&(0x7f0000000040)=""/17, 0x11}], 0x1, 0x0, 0x0)
read$hiddev(r1, &(0x7f0000001100)=""/234, 0xea)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xc, 0x10, &(0x7f0000000500)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000000))

3m18.291881337s ago: executing program 1 (id=97):
pread64(0xffffffffffffffff, &(0x7f0000000000)=""/175, 0xaf, 0x1c)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x9, @pix={0x2, 0x3, 0x494e4f4b, 0x9, 0xef, 0x1, 0xa, 0x0, 0x1, 0x3, 0x2}})
r0 = syz_usb_connect(0x5, 0x46, &(0x7f0000000780)=ANY=[@ANYBLOB="12010000e75fcc08c0070515c5b8010203010902340001000080000904ba00038e4ee2000905000000041a06010905010300021007c109050c04400006030f07059acbf5"], 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000100)={0x14, 0x0, &(0x7f00000000c0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_connect$uac1(0x6, 0xac, &(0x7f0000000240)=ANY=[@ANYRESOCT=0x0], 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000000)=""/175, 0xaf, 0x1c) (async)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x9, @pix={0x2, 0x3, 0x494e4f4b, 0x9, 0xef, 0x1, 0xa, 0x0, 0x1, 0x3, 0x2}}) (async)
syz_usb_connect(0x5, 0x46, &(0x7f0000000780)=ANY=[@ANYBLOB="12010000e75fcc08c0070515c5b8010203010902340001000080000904ba00038e4ee2000905000000041a06010905010300021007c109050c04400006030f07059acbf5"], 0x0) (async)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000100)={0x14, 0x0, &(0x7f00000000c0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) (async)
syz_usb_connect$uac1(0x6, 0xac, &(0x7f0000000240)=ANY=[@ANYRESOCT=0x0], 0x0) (async)

3m14.989669066s ago: executing program 1 (id=103):
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e24, 0x76, @mcast2, 0x5}, 0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', <r2=>0x0})
sendmmsg$inet6(r0, &(0x7f0000002000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=[@pktinfo={{0x24, 0x29, 0x32, {@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, r2}}}], 0x28}}], 0x1, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r3, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r3, 0x84, 0x5, &(0x7f0000001840)={0x0, @in6={{0xa, 0x4e22, 0xc616, @private1, 0x4}}}, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket(0x23, 0x5, 0x0)
listen(r5, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)=<r7=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
timer_gettime(r7, &(0x7f0000000000))
accept4$inet6(r5, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)

2m57.685152935s ago: executing program 32 (id=103):
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e24, 0x76, @mcast2, 0x5}, 0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', <r2=>0x0})
sendmmsg$inet6(r0, &(0x7f0000002000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000d00)=[@pktinfo={{0x24, 0x29, 0x32, {@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, r2}}}], 0x28}}], 0x1, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r3, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r3, 0x84, 0x5, &(0x7f0000001840)={0x0, @in6={{0xa, 0x4e22, 0xc616, @private1, 0x4}}}, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket(0x23, 0x5, 0x0)
listen(r5, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)=<r7=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
timer_gettime(r7, &(0x7f0000000000))
accept4$inet6(r5, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)

2m41.82349547s ago: executing program 4 (id=137):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r0)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000500)={0x0, 0x0, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r3, 0x0, 0x0, 0x0, 0x0, [<r4=>0x0], [], [0x8]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xad, 0x3fb, 0x34325241, 0x0, [r4], [0x2b8, 0xeb, 0x0, 0xfffffffe], [0x0, 0xfffffffd, 0x0, 0x5], [0x690]})
r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet(r5, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/devices.allow\x00', 0x2, 0x8)
write$cgroup_devices(r6, &(0x7f0000000080)=ANY=[@ANYBLOB='c ', @ANYRESDEC], 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000003c0), 0x8}, 0x94)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
bind$can_j1939(0xffffffffffffffff, &(0x7f00000000c0), 0x18)
sendmmsg(0xffffffffffffffff, &(0x7f0000003e40), 0x3fffffffffffe3d, 0x0)
getpeername$llc(r5, 0x0, 0x0)

2m40.365730296s ago: executing program 4 (id=141):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={0x0}, 0x1, 0x0, 0x0, 0x4000011}, 0x8010)
write$RDMA_USER_CM_CMD_JOIN_MCAST(0xffffffffffffffff, &(0x7f0000000180)={0x16, 0x98, 0xfa00, {&(0x7f00000000c0), 0x0, 0xffffffffffffffff, 0x0, 0x0, @in6={0xa, 0x4e20, 0x7, @empty, 0xf68}}}, 0xa0)
sendmsg$OSF_MSG_REMOVE(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000340)={0x964, 0x1, 0x5, 0x201, 0x0, 0x0, {0x0, 0x0, 0x2}, [{{0x254, 0x1, {{0x1, 0x10}, 0x2, 0x8e, 0xa000, 0x700, 0x1f, 'syz0\x00', "9909de6310049d8bc2974de579dbfd2dd921af34526e8672f9f19658b1aa3bbd", "7d2c3c454d3e3c0b9f9c3efc392a7da02a3de29c5fc559e363210b656f2c7f35", [{0xc9, 0x3, {0x0, 0x2}}, {0x4, 0x100, {0x0, 0x2}}, {0x5c91, 0x8, {0x3, 0x7fffffff}}, {0x3, 0xaebc, {0x3, 0x3b}}, {0x6, 0x7, {0x1, 0x1000}}, {0x7, 0x9, {0x3, 0x73d}}, {0x0, 0x9, {0x2, 0x7ff}}, {0x3, 0x7, {0x3, 0x6}}, {0x7, 0x6, {0x0, 0x7c}}, {0x6, 0x3, {0x3, 0x1}}, {0x1, 0xc493, {0x2, 0xd1}}, {0xffff, 0x1ff, {0x2, 0x3}}, {0x2, 0xa00, {0x0, 0x3}}, {0x200, 0x0, {0x0, 0x1}}, {0x800, 0x6, {0x2, 0x81}}, {0x2, 0x5f9, {0x0, 0x60}}, {0x100, 0x4, {0x3, 0x400}}, {0x6, 0x8e2, {0x3, 0x43a386b5}}, {0x8000, 0x8, {0x3, 0x925a}}, {0x8000, 0xa, {0x3, 0x7}}, {0x4, 0x1, {0x3, 0xf}}, {0xfc01, 0x10, {0x2, 0x3147}}, {0x1, 0xf00, {0x3, 0xdb9d}}, {0x6, 0x4bcf, {0x2, 0x8}}, {0x800, 0x0, {0x0, 0x3}}, {0xcc28, 0xffff, {0x0, 0x80}}, {0x0, 0x3, {0x0, 0x4}}, {0x3, 0x9, {0x1, 0x2}}, {0x7fff, 0x84, {0x3, 0x3}}, {0xffff, 0xee, {0x3}}, {0x3, 0x22a, {0x0, 0x1}}, {0x83de, 0x616, {0x1, 0x9}}, {0x1ff, 0x8001, {0x0, 0x8}}, {0x1, 0x6, {0x0, 0x5}}, {0x80, 0x1, {0x3, 0x4}}, {0x8, 0x2, {0x0, 0x6}}, {0x6, 0x9, {0x1, 0x7}}, {0x2, 0x7f, {0x1, 0xfffffff5}}, {0x9, 0xff9a, {0x0, 0x10}}, {0x514, 0x9c8, {0x0, 0xfffffff9}}]}}}, {{0x254, 0x1, {{0x3, 0x4}, 0x9, 0x2, 0x5, 0x5, 0x10, 'syz0\x00', "9a884ee16a56a00db8dfae9045745ddfa7803401a785f6fc7ce6c814627d2695", "1148d5df80d98fba4fbafd3912fc7f1f0a6c39ae74f0c31a34d4870ce7df976d", [{0x6, 0x2, {0x2, 0x7}}, {0x0, 0x9, {0x1, 0x4}}, {0x3, 0xfffa, {0x0, 0x101}}, {0x2, 0xf742, {0x3, 0x4}}, {0x4, 0x5, {0x3, 0xfffffff8}}, {0x8, 0xe6bf, {0x2, 0xda}}, {0xfeff, 0x6, {0x2, 0x10000}}, {0x1, 0xa7c2, {0x1, 0x5}}, {0x3ff, 0x3, {0x3, 0x8001}}, {0x2, 0xc, {0x0, 0x3}}, {0xfe3, 0xfffa, {0x1}}, {0x7, 0x3, {0x0, 0x2}}, {0x3, 0x7, {0x3, 0x4}}, {0xb12c, 0x7, {0x2, 0x4}}, {0x8, 0x5, {0x1, 0x1}}, {0x401, 0x7, {0x0, 0x5}}, {0x3, 0xc9, {0x2, 0x40}}, {0x5, 0xf11, {0x2, 0x3}}, {0x9, 0x3, {0x3, 0x60}}, {0x6, 0xfffd, {0x0, 0x2b3}}, {0x6, 0x5, {0x3, 0x4}}, {0xe000, 0x8, {0x3, 0x6893}}, {0x8d8, 0x2, {0x1, 0x3}}, {0x9, 0x5, {0x3, 0x15}}, {0xe, 0x0, {0x2, 0x4}}, {0xd4, 0x4, {0x2, 0x622}}, {0x8, 0xc, {0x1}}, {0x9, 0x800}, {0x9, 0x5, {0x2, 0x5}}, {0xb8a6, 0x6, {0x0, 0x80}}, {0x4, 0x3ea, {0x2, 0x8}}, {0x5, 0x2, {0x1, 0x7}}, {0x6, 0x9, {0x0, 0x5}}, {0x6, 0x800, {0x1, 0x9}}, {0x0, 0x7, {0x3, 0x10000000}}, {0x81, 0x1, {0x2, 0x2}}, {0x3, 0x7, {0x2, 0x101}}, {0x4, 0x72, {0x2, 0x3}}, {0xc, 0x4, {0x3, 0x6}}, {0xfff9, 0x200, {0x3, 0x9}}]}}}, {{0x254, 0x1, {{0x2, 0x6}, 0x0, 0xa0, 0x764, 0x71e0, 0x21, 'syz1\x00', "b05d2cdc55612252f25e9e2cf511a13a0a95554cf2c7970a700f46359f39400f", "24b1b69d02cde316f6d3755ba17c49ca404dc421fd6af6104632b4776a347244", [{0x5, 0x5, {0x2, 0x78}}, {0x0, 0xffff, {0x2, 0x8}}, {0x5, 0x9, {0x1, 0x28b}}, {0x5, 0x1000, {0x0, 0x6}}, {0x5444, 0x8, {0x0, 0x46e2cd87}}, {0xfffc, 0xfffa, {0x0, 0x80000001}}, {0x3, 0x4, {0x0, 0x8}}, {0xd, 0x8, {0x0, 0x8}}, {0x7, 0x1, {0x2, 0x400}}, {0xab, 0x6, {0x0, 0x983}}, {0x8, 0x6, {0x3, 0x5}}, {0x3, 0x0, {0x0, 0x1}}, {0x3, 0xff, {0x3, 0x3}}, {0x7, 0x9, {0x0, 0x8}}, {0x6, 0x1, {0x2, 0x2}}, {0xd, 0xcbf3, {0x1, 0x43d0}}, {0x4, 0x1, {0x0, 0x4}}, {0x101, 0xfffe, {0x2, 0x534e}}, {0x7, 0x18, {0x3, 0x9}}, {0xf297, 0x1, {0x3, 0x7}}, {0x8, 0x4, {0x0, 0x5}}, {0x1, 0x10a, {0x3, 0x1}}, {0x7ff, 0xc4, {0x1, 0x6}}, {0x796, 0xfff, {0x3, 0xc}}, {0x4, 0xb1c, {0x2, 0xb541}}, {0xfc01, 0x200, {0x1, 0x800}}, {0x7, 0x45d, {0x2, 0x9}}, {0xff, 0xcdd, {0x3, 0x7}}, {0x9, 0x2, {0x3, 0x2}}, {0x0, 0x7, {0x3, 0x3}}, {0x1000, 0x1ff, {0x1, 0x3}}, {0x81, 0x7f, {0x3, 0xe}}, {0x0, 0x3, {0x1, 0xef6f}}, {0x6, 0x24, {0x2}}, {0x8, 0x1, {0x1, 0xa6f}}, {0xfffa, 0x6, {0x3, 0x7}}, {0x0, 0x0, {0x1, 0xfffffffc}}, {0x2, 0xe, {0x1, 0x4}}, {0x1, 0x7, {0x3, 0x2}}, {0x75a, 0x4, {0x0, 0xa}}]}}}, {{0x254, 0x1, {{0x3, 0x2}, 0xe, 0xa, 0x0, 0x3, 0x17, 'syz1\x00', "fc37e8321eced567605e11b39ed7a1d29c1b7a4a40f9d2889cb3c14fd14581de", "dff5eda10ec26447659e0bfc176baae17360aa362ca266cbbecf2c01f6d10e35", [{0x200, 0x800, {0x3, 0x97f2}}, {0x3ff, 0x0, {0x0, 0x6}}, {0x5, 0x852f, {0x1, 0x6}}, {0x2, 0x4, {0x0, 0x4}}, {0x1000, 0x5, {0x1, 0x8}}, {0x8, 0x6, {0x3, 0x2}}, {0x4, 0x28f, {0x2, 0x8}}, {0x6, 0x3800, {0x1, 0x9}}, {0x40, 0x8, {0x3, 0x2}}, {0xed5, 0x81, {0x0, 0x3}}, {0x6f, 0x5, {0x1, 0x400}}, {0x1000, 0x5, {0x3, 0x8}}, {0x3ff, 0xfffa, {0x2, 0x101}}, {0xa, 0x9, {0x2, 0x6}}, {0x7, 0x4, {0x0, 0x7}}, {0x9e61, 0x1, {0x0, 0x6}}, {0x9, 0x74, {0x1, 0x78}}, {0x1ff, 0xe, {0x0, 0x1ff}}, {0x40, 0x91d, {0x2, 0xfb14}}, {0x2, 0x9, {0x3, 0xff}}, {0x7, 0x4, {0x0, 0x9}}, {0xd, 0x8, {0x0, 0x7}}, {0x78af, 0x8000, {0x1, 0xa}}, {0x7f, 0x80, {0x2, 0x1000}}, {0x0, 0x2, {0x2, 0x4}}, {0x1, 0x8, {0x3, 0x7}}, {0x5, 0xa, {0x1, 0x101}}, {0x1a, 0x3, {0x2, 0x7fffffff}}, {0x2, 0x25c7, {0x2, 0x5}}, {0xe15, 0x3, {0x0, 0x7}}, {0x8001, 0xfffc, {0x0, 0x247}}, {0x5, 0x80, {0x1, 0x2}}, {0xfffc, 0x0, {0x2, 0x69}}, {0x4, 0x401, {0x0, 0x4}}, {0x7, 0x7}, {0x2, 0x6, {0x2, 0x8c8f}}, {0x7, 0x1, {0x0, 0x5}}, {0x37f, 0x1}, {0x215, 0x80, {0x2, 0x6}}, {0x200, 0x5e, {0x3, 0x6}}]}}}]}, 0x964}, 0x1, 0x0, 0x0, 0x4000}, 0x4080)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001900)=@newlink={0x58, 0x10, 0x403, 0x300, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40220}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x1e, 0x1d}}, @IFLA_VLAN_ID={0x6, 0x1, 0xffe}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)

2m37.643399415s ago: executing program 4 (id=145):
syz_usb_connect(0x5, 0x24, &(0x7f0000001280)={{0x12, 0x1, 0x300, 0x0, 0x1f, 0x66, 0x8, 0x58f, 0x6610, 0x4805, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x4, 0x95, 0x70, 0x81, [{{0x9, 0x4, 0x0, 0x81, 0x0, 0xff, 0xff, 0xff, 0x2}}]}}]}}, &(0x7f0000001700)={0xffffffa0, 0x0, 0x0, 0x0, 0x23})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x200}, &(0x7f0000000280)=0x8)
sendmmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0, 0x2200000c)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, <r2=>0x0}, &(0x7f00000000c0)=0xc)
quotactl_fd$Q_GETQUOTA(0xffffffffffffffff, 0xffffffff80000700, r2, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/comedi4\x00', 0x2, 0x0)
ioctl$COMEDI_INSN(r3, 0x8028640c, &(0x7f0000000000)={0xc000003, 0xf, &(0x7f0000001180)=[0x1d, 0x810, 0x8, 0x899d, 0x7fffffff, 0x825, 0x7, 0xd, 0xfffffe01, 0x1, 0x4, 0x2, 0x6, 0x6, 0x0], 0x1, 0x4000005})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000007, 0x13, 0xffffffffffffffff, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
getsockopt$PNPIPE_HANDLE(0xffffffffffffffff, 0x113, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=0x4)

2m31.931504292s ago: executing program 4 (id=150):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x4b)
close(r0)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000500)={0x0, 0x0, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r3, 0x0, 0x0, 0x0, 0x0, [<r4=>0x0], [], [0x8]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f00000001c0)={0x0, 0xad, 0x3fb, 0x34325241, 0x0, [r4], [0x2b8, 0xeb, 0x0, 0xfffffffe], [0x0, 0xfffffffd, 0x0, 0x5], [0x690]})
r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet(r5, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/devices.allow\x00', 0x2, 0x8)
write$cgroup_devices(r6, &(0x7f0000000080)=ANY=[@ANYBLOB='c ', @ANYRESDEC], 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000003c0), 0x8}, 0x94)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
bind$can_j1939(0xffffffffffffffff, &(0x7f00000000c0), 0x18)
sendmmsg(0xffffffffffffffff, &(0x7f0000003e40), 0x3fffffffffffe3d, 0x0)
getpeername$llc(r5, 0x0, 0x0)

2m29.132314037s ago: executing program 4 (id=156):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x0}, 0x0, 0x0, r0)
add_key$fscrypt_provisioning(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x3}, &(0x7f0000000280)={0x0, 0x0, @auto=[0x3b, 0x28, 0x21, 0x37, 0x2a, 0x1e, 0x2d, 0x27]}, 0x10, r1)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000000)='asymmetric\x00', &(0x7f0000000180)=@keyring={'key_or_keyring:', 0x0, 0x2})
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x4}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10)
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x5}, 0x8)
sendmsg$inet_sctp(r2, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000002c0)=[{&(0x7f00000001c0)='N', 0x1}], 0x1, 0x0, 0x0, 0xc04c000}, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0xcb)
setsockopt$ax25_int(r3, 0x101, 0x2, &(0x7f0000000000)=0x6, 0x5a)

2m27.667507174s ago: executing program 4 (id=160):
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, 0x0)
setreuid(0x0, 0xee01)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x2, &(0x7f0000000040)=0x6, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r3=>0x0})
bind$can_raw(r2, &(0x7f0000000000)={0x1d, r3}, 0x10)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x6c, 0x10, 0xffffffffffffffff, 0x70bd24, 0x25dfdbfa, {0x0, 0x0, 0xe0, 0x0, 0x0, 0x1041}, [@IFLA_LINKINFO={0x4c, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x3c, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x30}, @IFLA_GRE_TOS={0x5, 0x9, 0x8}, @IFLA_GRE_LINK={0x8, 0x1, r3}, @IFLA_GRE_FWMARK={0x8, 0x14, 0x1}, @IFLA_GRE_FWMARK={0x8, 0x14, 0xffffffff}, @IFLA_GRE_ERSPAN_DIR={0x5}, @IFLA_GRE_ERSPAN_HWID={0x6, 0x18, 0x2}]}}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20004410}, 0x20040040)
semctl$SETVAL(0x0, 0x4, 0x10, 0x0)

2m19.101790588s ago: executing program 0 (id=170):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r3, r3, 0x0, 0x7fffffffffffffff)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
listen(r4, 0x5)
ioctl$sock_SIOCGPGRP(r4, 0x8904, &(0x7f0000000000)=<r5=>0x0)
capset(&(0x7f00000001c0)={0x19980330, r5}, &(0x7f0000000240)={0x3, 0x81, 0x6, 0x1, 0x5, 0x9})
syz_emit_ethernet(0x42, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000000800450e00340064000007069078ac1414bbac1414bb4e224e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="020000009078e28ef0eb273a3fb42153247f13e7"], 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="05000000040000000400000009"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000040000000c0000000010"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='sys_exit\x00', r7, 0x0, 0x4000000000000004}, 0x18)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5, 0x3, 0xbe2a23d4fdc905fc}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x17}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_NEWSETELEM={0x78, 0xc, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0xa}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8}]}, @NFT_MSG_DELSET={0x30, 0xb, 0xa, 0x801, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_SET_DATA_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}]}], {0x14}}, 0x128}}, 0x48000)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000100)={0x28, r0, 0x801, 0x0, 0x3, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_KEY={0xc, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5, 0x2, 0x2}]}]}, 0x28}}, 0x40000)

2m12.323942562s ago: executing program 33 (id=160):
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, 0x0)
setreuid(0x0, 0xee01)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x2, &(0x7f0000000040)=0x6, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r3=>0x0})
bind$can_raw(r2, &(0x7f0000000000)={0x1d, r3}, 0x10)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x6c, 0x10, 0xffffffffffffffff, 0x70bd24, 0x25dfdbfa, {0x0, 0x0, 0xe0, 0x0, 0x0, 0x1041}, [@IFLA_LINKINFO={0x4c, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x3c, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x30}, @IFLA_GRE_TOS={0x5, 0x9, 0x8}, @IFLA_GRE_LINK={0x8, 0x1, r3}, @IFLA_GRE_FWMARK={0x8, 0x14, 0x1}, @IFLA_GRE_FWMARK={0x8, 0x14, 0xffffffff}, @IFLA_GRE_ERSPAN_DIR={0x5}, @IFLA_GRE_ERSPAN_HWID={0x6, 0x18, 0x2}]}}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20004410}, 0x20040040)
semctl$SETVAL(0x0, 0x4, 0x10, 0x0)

2m7.051385667s ago: executing program 0 (id=188):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, 0x0) (fail_nth: 1)

2m5.99606415s ago: executing program 2 (id=189):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e22, @private=0xa010100}}, 0x0, 0x100, 0x0, 0x0, 0x8a}, 0x9c)
shutdown(r2, 0x2)
read(0xffffffffffffffff, 0x0, 0x0)
epoll_create1(0x0)
setrlimit(0x40000000000008, &(0x7f0000000000)={0x4848, 0xfffffffffffff005})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x15, &(0x7f0000000180)=0xffffffff, 0x4)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x1})
r4 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000280)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r4, r3, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x28, 0x18, &(0x7f0000000a40)={@flat=@weak_binder={0x77622a85, 0x1000, 0x2}, @flat=@binder={0x66642a85, 0x1101, 0x3}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x40}], 0x0, 0x0, 0x0})

2m5.819409639s ago: executing program 0 (id=190):
getpid()
syz_init_net_socket$x25(0x9, 0x2, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
munmap(&(0x7f0000901000/0x3000)=nil, 0x3000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x3ffa, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r3 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ppoll(0x0, 0x0, 0x0, &(0x7f00000000c0)={[0x8001a0ffffffff]}, 0x8)
ioctl$int_in(r4, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r4, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r5}], 0x1, 0x0, 0x0, 0x0)
dup2(r4, r5)
tkill(r3, 0x13)

2m3.950947071s ago: executing program 2 (id=192):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x81, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000440f000002"])

2m3.883433032s ago: executing program 3 (id=193):
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)

2m3.800252755s ago: executing program 3 (id=194):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x589b}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000a0000000c000080", @ANYRES16=r4], 0x20}, 0x1, 0x0, 0x0, 0x20040041}, 0x0) (fail_nth: 1)

2m3.738740738s ago: executing program 2 (id=195):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x589b}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="200000001600010a00000000000000000a0000000c000080", @ANYRES16=r4], 0x20}, 0x1, 0x0, 0x0, 0x20040041}, 0x0)

2m2.343536359s ago: executing program 3 (id=196):
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x9}}, './file0\x00'})
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f00000000c0)=@ethtool_regs={0x4, 0x0, 0x1c, "f42a97b96d025891dd3f75fdda624457ad3d5c36389c308570204262"}})
syz_init_net_socket$llc(0x1a, 0x3, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$key(0xf, 0x3, 0x2)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000740)='./binderfs/binder1\x00', 0x1802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100, 0xfffffffffffffffd})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00')
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$nullb(0xffffffffffffff9c, 0x0, 0x42000, 0x0)
syz_open_dev$loop(&(0x7f0000000080), 0x45ffffa, 0x281)

2m2.34300447s ago: executing program 0 (id=197):
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={0x0}, 0x1, 0x0, 0x0, 0x4000011}, 0x8010)
write$RDMA_USER_CM_CMD_JOIN_MCAST(0xffffffffffffffff, &(0x7f0000000180)={0x16, 0x98, 0xfa00, {&(0x7f00000000c0), 0x0, 0xffffffffffffffff, 0x0, 0x0, @in6={0xa, 0x4e20, 0x7, @empty, 0xf68}}}, 0xa0)
sendmsg$OSF_MSG_REMOVE(0xffffffffffffffff, &(0x7f0000000d00)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000340)={0x964, 0x1, 0x5, 0x201, 0x0, 0x0, {0x0, 0x0, 0x2}, [{{0x254, 0x1, {{0x1, 0x10}, 0x2, 0x8e, 0xa000, 0x700, 0x1f, 'syz0\x00', "9909de6310049d8bc2974de579dbfd2dd921af34526e8672f9f19658b1aa3bbd", "7d2c3c454d3e3c0b9f9c3efc392a7da02a3de29c5fc559e363210b656f2c7f35", [{0xc9, 0x3, {0x0, 0x2}}, {0x4, 0x100, {0x0, 0x2}}, {0x5c91, 0x8, {0x3, 0x7fffffff}}, {0x3, 0xaebc, {0x3, 0x3b}}, {0x6, 0x7, {0x1, 0x1000}}, {0x7, 0x9, {0x3, 0x73d}}, {0x0, 0x9, {0x2, 0x7ff}}, {0x3, 0x7, {0x3, 0x6}}, {0x7, 0x6, {0x0, 0x7c}}, {0x6, 0x3, {0x3, 0x1}}, {0x1, 0xc493, {0x2, 0xd1}}, {0xffff, 0x1ff, {0x2, 0x3}}, {0x2, 0xa00, {0x0, 0x3}}, {0x200, 0x0, {0x0, 0x1}}, {0x800, 0x6, {0x2, 0x81}}, {0x2, 0x5f9, {0x0, 0x60}}, {0x100, 0x4, {0x3, 0x400}}, {0x6, 0x8e2, {0x3, 0x43a386b5}}, {0x8000, 0x8, {0x3, 0x925a}}, {0x8000, 0xa, {0x3, 0x7}}, {0x4, 0x1, {0x3, 0xf}}, {0xfc01, 0x10, {0x2, 0x3147}}, {0x1, 0xf00, {0x3, 0xdb9d}}, {0x6, 0x4bcf, {0x2, 0x8}}, {0x800, 0x0, {0x0, 0x3}}, {0xcc28, 0xffff, {0x0, 0x80}}, {0x0, 0x3, {0x0, 0x4}}, {0x3, 0x9, {0x1, 0x2}}, {0x7fff, 0x84, {0x3, 0x3}}, {0xffff, 0xee, {0x3}}, {0x3, 0x22a, {0x0, 0x1}}, {0x83de, 0x616, {0x1, 0x9}}, {0x1ff, 0x8001, {0x0, 0x8}}, {0x1, 0x6, {0x0, 0x5}}, {0x80, 0x1, {0x3, 0x4}}, {0x8, 0x2, {0x0, 0x6}}, {0x6, 0x9, {0x1, 0x7}}, {0x2, 0x7f, {0x1, 0xfffffff5}}, {0x9, 0xff9a, {0x0, 0x10}}, {0x514, 0x9c8, {0x0, 0xfffffff9}}]}}}, {{0x254, 0x1, {{0x3, 0x4}, 0x9, 0x2, 0x5, 0x5, 0x10, 'syz0\x00', "9a884ee16a56a00db8dfae9045745ddfa7803401a785f6fc7ce6c814627d2695", "1148d5df80d98fba4fbafd3912fc7f1f0a6c39ae74f0c31a34d4870ce7df976d", [{0x6, 0x2, {0x2, 0x7}}, {0x0, 0x9, {0x1, 0x4}}, {0x3, 0xfffa, {0x0, 0x101}}, {0x2, 0xf742, {0x3, 0x4}}, {0x4, 0x5, {0x3, 0xfffffff8}}, {0x8, 0xe6bf, {0x2, 0xda}}, {0xfeff, 0x6, {0x2, 0x10000}}, {0x1, 0xa7c2, {0x1, 0x5}}, {0x3ff, 0x3, {0x3, 0x8001}}, {0x2, 0xc, {0x0, 0x3}}, {0xfe3, 0xfffa, {0x1}}, {0x7, 0x3, {0x0, 0x2}}, {0x3, 0x7, {0x3, 0x4}}, {0xb12c, 0x7, {0x2, 0x4}}, {0x8, 0x5, {0x1, 0x1}}, {0x401, 0x7, {0x0, 0x5}}, {0x3, 0xc9, {0x2, 0x40}}, {0x5, 0xf11, {0x2, 0x3}}, {0x9, 0x3, {0x3, 0x60}}, {0x6, 0xfffd, {0x0, 0x2b3}}, {0x6, 0x5, {0x3, 0x4}}, {0xe000, 0x8, {0x3, 0x6893}}, {0x8d8, 0x2, {0x1, 0x3}}, {0x9, 0x5, {0x3, 0x15}}, {0xe, 0x0, {0x2, 0x4}}, {0xd4, 0x4, {0x2, 0x622}}, {0x8, 0xc, {0x1}}, {0x9, 0x800}, {0x9, 0x5, {0x2, 0x5}}, {0xb8a6, 0x6, {0x0, 0x80}}, {0x4, 0x3ea, {0x2, 0x8}}, {0x5, 0x2, {0x1, 0x7}}, {0x6, 0x9, {0x0, 0x5}}, {0x6, 0x800, {0x1, 0x9}}, {0x0, 0x7, {0x3, 0x10000000}}, {0x81, 0x1, {0x2, 0x2}}, {0x3, 0x7, {0x2, 0x101}}, {0x4, 0x72, {0x2, 0x3}}, {0xc, 0x4, {0x3, 0x6}}, {0xfff9, 0x200, {0x3, 0x9}}]}}}, {{0x254, 0x1, {{0x2, 0x6}, 0x0, 0xa0, 0x764, 0x71e0, 0x21, 'syz1\x00', "b05d2cdc55612252f25e9e2cf511a13a0a95554cf2c7970a700f46359f39400f", "24b1b69d02cde316f6d3755ba17c49ca404dc421fd6af6104632b4776a347244", [{0x5, 0x5, {0x2, 0x78}}, {0x0, 0xffff, {0x2, 0x8}}, {0x5, 0x9, {0x1, 0x28b}}, {0x5, 0x1000, {0x0, 0x6}}, {0x5444, 0x8, {0x0, 0x46e2cd87}}, {0xfffc, 0xfffa, {0x0, 0x80000001}}, {0x3, 0x4, {0x0, 0x8}}, {0xd, 0x8, {0x0, 0x8}}, {0x7, 0x1, {0x2, 0x400}}, {0xab, 0x6, {0x0, 0x983}}, {0x8, 0x6, {0x3, 0x5}}, {0x3, 0x0, {0x0, 0x1}}, {0x3, 0xff, {0x3, 0x3}}, {0x7, 0x9, {0x0, 0x8}}, {0x6, 0x1, {0x2, 0x2}}, {0xd, 0xcbf3, {0x1, 0x43d0}}, {0x4, 0x1, {0x0, 0x4}}, {0x101, 0xfffe, {0x2, 0x534e}}, {0x7, 0x18, {0x3, 0x9}}, {0xf297, 0x1, {0x3, 0x7}}, {0x8, 0x4, {0x0, 0x5}}, {0x1, 0x10a, {0x3, 0x1}}, {0x7ff, 0xc4, {0x1, 0x6}}, {0x796, 0xfff, {0x3, 0xc}}, {0x4, 0xb1c, {0x2, 0xb541}}, {0xfc01, 0x200, {0x1, 0x800}}, {0x7, 0x45d, {0x2, 0x9}}, {0xff, 0xcdd, {0x3, 0x7}}, {0x9, 0x2, {0x3, 0x2}}, {0x0, 0x7, {0x3, 0x3}}, {0x1000, 0x1ff, {0x1, 0x3}}, {0x81, 0x7f, {0x3, 0xe}}, {0x0, 0x3, {0x1, 0xef6f}}, {0x6, 0x24, {0x2}}, {0x8, 0x1, {0x1, 0xa6f}}, {0xfffa, 0x6, {0x3, 0x7}}, {0x0, 0x0, {0x1, 0xfffffffc}}, {0x2, 0xe, {0x1, 0x4}}, {0x1, 0x7, {0x3, 0x2}}, {0x75a, 0x4, {0x0, 0xa}}]}}}, {{0x254, 0x1, {{0x3, 0x2}, 0xe, 0xa, 0x0, 0x3, 0x17, 'syz1\x00', "fc37e8321eced567605e11b39ed7a1d29c1b7a4a40f9d2889cb3c14fd14581de", "dff5eda10ec26447659e0bfc176baae17360aa362ca266cbbecf2c01f6d10e35", [{0x200, 0x800, {0x3, 0x97f2}}, {0x3ff, 0x0, {0x0, 0x6}}, {0x5, 0x852f, {0x1, 0x6}}, {0x2, 0x4, {0x0, 0x4}}, {0x1000, 0x5, {0x1, 0x8}}, {0x8, 0x6, {0x3, 0x2}}, {0x4, 0x28f, {0x2, 0x8}}, {0x6, 0x3800, {0x1, 0x9}}, {0x40, 0x8, {0x3, 0x2}}, {0xed5, 0x81, {0x0, 0x3}}, {0x6f, 0x5, {0x1, 0x400}}, {0x1000, 0x5, {0x3, 0x8}}, {0x3ff, 0xfffa, {0x2, 0x101}}, {0xa, 0x9, {0x2, 0x6}}, {0x7, 0x4, {0x0, 0x7}}, {0x9e61, 0x1, {0x0, 0x6}}, {0x9, 0x74, {0x1, 0x78}}, {0x1ff, 0xe, {0x0, 0x1ff}}, {0x40, 0x91d, {0x2, 0xfb14}}, {0x2, 0x9, {0x3, 0xff}}, {0x7, 0x4, {0x0, 0x9}}, {0xd, 0x8, {0x0, 0x7}}, {0x78af, 0x8000, {0x1, 0xa}}, {0x7f, 0x80, {0x2, 0x1000}}, {0x0, 0x2, {0x2, 0x4}}, {0x1, 0x8, {0x3, 0x7}}, {0x5, 0xa, {0x1, 0x101}}, {0x1a, 0x3, {0x2, 0x7fffffff}}, {0x2, 0x25c7, {0x2, 0x5}}, {0xe15, 0x3, {0x0, 0x7}}, {0x8001, 0xfffc, {0x0, 0x247}}, {0x5, 0x80, {0x1, 0x2}}, {0xfffc, 0x0, {0x2, 0x69}}, {0x4, 0x401, {0x0, 0x4}}, {0x7, 0x7}, {0x2, 0x6, {0x2, 0x8c8f}}, {0x7, 0x1, {0x0, 0x5}}, {0x37f, 0x1}, {0x215, 0x80, {0x2, 0x6}}, {0x200, 0x5e, {0x3, 0x6}}]}}}]}, 0x964}, 0x1, 0x0, 0x0, 0x4000}, 0x4080)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001900)=@newlink={0x58, 0x10, 0x403, 0x300, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40220}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x1e, 0x1d}}, @IFLA_VLAN_ID={0x6, 0x1, 0xffe}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)

2m2.099226115s ago: executing program 2 (id=198):
clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x3b9ac9ff, 0x0, 0x0, 0x0, 0x0, 0x5a6c103, 0x0, 0x1})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x1e, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000950000001e000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @link_local={0x17, 0x80, 0xc2, 0x6, 0x5}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "182325", 0x0, 0x2c, 0x0, @remote, @local}}}}, 0x0)

2m1.031132012s ago: executing program 0 (id=199):
getpid()
syz_init_net_socket$x25(0x9, 0x2, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
munmap(&(0x7f0000901000/0x3000)=nil, 0x3000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x3ffa, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r3 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ppoll(0x0, 0x0, 0x0, &(0x7f00000000c0)={[0x8001a0ffffffff]}, 0x8)
ioctl$int_in(r4, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
ppoll(&(0x7f0000000100)=[{r5}], 0x1, 0x0, 0x0, 0x0)
dup2(r4, r5)
fcntl$setown(r5, 0x8, r3)
tkill(r3, 0x13)

1m56.695519362s ago: executing program 0 (id=200):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e22, @private=0xa010100}}, 0x0, 0x100, 0x0, 0x0, 0x8a}, 0x9c)
shutdown(r2, 0x2)
read(0xffffffffffffffff, 0x0, 0x0)
epoll_create1(0x0)
setrlimit(0x40000000000008, &(0x7f0000000000)={0x4848, 0xfffffffffffff005})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x15, &(0x7f0000000180)=0xffffffff, 0x4)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x1})
r4 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000280)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r4, r3, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x28, 0x18, &(0x7f0000000a40)={@flat=@weak_binder={0x77622a85, 0x1000, 0x2}, @flat=@binder={0x66642a85, 0x1101, 0x3}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x40}], 0x0, 0x0, 0x0})

1m56.695188644s ago: executing program 3 (id=201):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x0}, 0x0, 0x0, r0)
add_key$fscrypt_provisioning(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x3}, &(0x7f0000000280)={0x0, 0x0, @auto=[0x3b, 0x28, 0x21, 0x37, 0x2a, 0x1e, 0x2d, 0x27]}, 0x10, r1)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000000)='asymmetric\x00', &(0x7f0000000180)=@keyring={'key_or_keyring:', 0x0, 0x2})
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000100)={0x0, 0x4}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @empty}], 0x10)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0xcb)
setsockopt$ax25_int(r3, 0x101, 0x2, &(0x7f0000000000)=0x6, 0x5a)

1m53.709499892s ago: executing program 2 (id=202):
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)

1m53.624302267s ago: executing program 3 (id=203):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x81, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000440f000002"])

1m53.383433845s ago: executing program 2 (id=204):
timer_create(0x0, 0x0, 0x0)
setreuid(0x0, 0xee01)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x2, &(0x7f0000000040)=0x6, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r3=>0x0})
bind$can_raw(r2, &(0x7f0000000000)={0x1d, r3}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r3, {0x1, 0x6}, {0xffff}, {0x1}}}, 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x6c, 0x10, 0xffffffffffffffff, 0x70bd24, 0x25dfdbfa, {0x0, 0x0, 0xe0, 0x0, 0x0, 0x1041}, [@IFLA_LINKINFO={0x4c, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x3c, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x30}, @IFLA_GRE_TOS={0x5, 0x9, 0x8}, @IFLA_GRE_LINK={0x8, 0x1, r3}, @IFLA_GRE_FWMARK={0x8, 0x14, 0x1}, @IFLA_GRE_FWMARK={0x8, 0x14, 0xffffffff}, @IFLA_GRE_ERSPAN_DIR={0x5}, @IFLA_GRE_ERSPAN_HWID={0x6, 0x18, 0x2}]}}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20004410}, 0x20040040)
semctl$SETVAL(0x0, 0x4, 0x10, 0x0)

1m53.33406731s ago: executing program 3 (id=205):
getpid()
syz_init_net_socket$x25(0x9, 0x2, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
munmap(&(0x7f0000901000/0x3000)=nil, 0x3000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x3ffa, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r3 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ppoll(0x0, 0x0, 0x0, &(0x7f00000000c0)={[0x8001a0ffffffff]}, 0x8)
ioctl$int_in(r4, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r4, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r5}], 0x1, 0x0, 0x0, 0x0)
dup2(r4, r5)
tkill(r3, 0x13)

1m30.965618021s ago: executing program 34 (id=200):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e22, @private=0xa010100}}, 0x0, 0x100, 0x0, 0x0, 0x8a}, 0x9c)
shutdown(r2, 0x2)
read(0xffffffffffffffff, 0x0, 0x0)
epoll_create1(0x0)
setrlimit(0x40000000000008, &(0x7f0000000000)={0x4848, 0xfffffffffffff005})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x15, &(0x7f0000000180)=0xffffffff, 0x4)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x1})
r4 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000280)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r4, r3, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x28, 0x18, &(0x7f0000000a40)={@flat=@weak_binder={0x77622a85, 0x1000, 0x2}, @flat=@binder={0x66642a85, 0x1101, 0x3}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x40}], 0x0, 0x0, 0x0})

13.586560202s ago: executing program 35 (id=204):
timer_create(0x0, 0x0, 0x0)
setreuid(0x0, 0xee01)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r2, 0x65, 0x2, &(0x7f0000000040)=0x6, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r3=>0x0})
bind$can_raw(r2, &(0x7f0000000000)={0x1d, r3}, 0x10)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r3, {0x1, 0x6}, {0xffff}, {0x1}}}, 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x6c, 0x10, 0xffffffffffffffff, 0x70bd24, 0x25dfdbfa, {0x0, 0x0, 0xe0, 0x0, 0x0, 0x1041}, [@IFLA_LINKINFO={0x4c, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x3c, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x30}, @IFLA_GRE_TOS={0x5, 0x9, 0x8}, @IFLA_GRE_LINK={0x8, 0x1, r3}, @IFLA_GRE_FWMARK={0x8, 0x14, 0x1}, @IFLA_GRE_FWMARK={0x8, 0x14, 0xffffffff}, @IFLA_GRE_ERSPAN_DIR={0x5}, @IFLA_GRE_ERSPAN_HWID={0x6, 0x18, 0x2}]}}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x20004410}, 0x20040040)
semctl$SETVAL(0x0, 0x4, 0x10, 0x0)

0s ago: executing program 36 (id=205):
getpid()
syz_init_net_socket$x25(0x9, 0x2, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
munmap(&(0x7f0000901000/0x3000)=nil, 0x3000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x3ffa, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r3 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ppoll(0x0, 0x0, 0x0, &(0x7f00000000c0)={[0x8001a0ffffffff]}, 0x8)
ioctl$int_in(r4, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r4, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r5}], 0x1, 0x0, 0x0, 0x0)
dup2(r4, r5)
tkill(r3, 0x13)

kernel console output (not intermixed with test programs):

could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.947086][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.949632][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.949646][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.949668][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.951783][ T5853] team0: Port device team_slave_1 added
[   93.128869][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.128880][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.128893][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.129857][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.129867][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.129879][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.271475][ T5851] team0: Port device team_slave_0 added
[   93.272735][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.272746][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.272770][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.449365][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.449380][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.449404][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.452419][ T5851] team0: Port device team_slave_1 added
[   93.456041][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.456052][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.456065][ T5853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.610190][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.610202][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.610215][ T5853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.886862][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.886877][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.886898][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.182484][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.182501][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.182526][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.193449][ T5848] hsr_slave_0: entered promiscuous mode
[   94.194939][ T5848] hsr_slave_1: entered promiscuous mode
[   94.215753][ T5842] hsr_slave_0: entered promiscuous mode
[   94.230452][ T5842] hsr_slave_1: entered promiscuous mode
[   94.231350][ T5842] debugfs: 'hsr0' already exists in 'hsr'
[   94.231464][ T5842] Cannot create hsr debugfs directory
[   94.286597][ T5847] Bluetooth: hci1: command tx timeout
[   94.286608][ T5843] Bluetooth: hci0: command tx timeout
[   94.348687][ T5845] hsr_slave_0: entered promiscuous mode
[   94.350002][ T5845] hsr_slave_1: entered promiscuous mode
[   94.350997][ T5845] debugfs: 'hsr0' already exists in 'hsr'
[   94.351019][ T5845] Cannot create hsr debugfs directory
[   94.367801][ T5847] Bluetooth: hci2: command tx timeout
[   94.446475][ T5847] Bluetooth: hci4: command tx timeout
[   94.526471][ T5847] Bluetooth: hci3: command tx timeout
[   94.742212][ T5853] hsr_slave_0: entered promiscuous mode
[   94.744626][ T5853] hsr_slave_1: entered promiscuous mode
[   94.745178][ T5853] debugfs: 'hsr0' already exists in 'hsr'
[   94.745199][ T5853] Cannot create hsr debugfs directory
[   95.065310][ T5851] hsr_slave_0: entered promiscuous mode
[   95.070214][ T5851] hsr_slave_1: entered promiscuous mode
[   95.071065][ T5851] debugfs: 'hsr0' already exists in 'hsr'
[   95.071088][ T5851] Cannot create hsr debugfs directory
[   96.366476][ T5847] Bluetooth: hci0: command tx timeout
[   96.376925][ T5847] Bluetooth: hci1: command tx timeout
[   96.459848][ T5847] Bluetooth: hci2: command tx timeout
[   96.489771][ T5848] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   96.526509][ T5847] Bluetooth: hci4: command tx timeout
[   96.535676][ T5848] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   96.576800][ T5848] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   96.606485][ T5847] Bluetooth: hci3: command tx timeout
[   96.642990][ T5848] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   96.780660][ T5845] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   96.830296][ T5845] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   96.879755][ T5845] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   96.933238][ T5845] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   97.105123][ T5842] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   97.143036][ T5842] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   97.182075][ T5842] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   97.243666][ T5842] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   97.405328][ T5853] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   97.441706][ T5853] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   97.481981][ T5853] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   97.556128][ T5853] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   97.643157][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.734749][ T5851] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   97.782258][ T5851] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   97.833712][ T5851] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   97.865438][ T5851] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   97.917695][ T5848] 8021q: adding VLAN 0 to HW filter on device team0
[   97.980155][ T4576] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.981607][ T4576] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.030532][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.033442][ T1380] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.036126][ T1380] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.163408][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[   98.215259][  T189] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.215418][  T189] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.277380][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.279822][ T1127] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.279967][ T1127] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.413206][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[   98.493245][ T5853] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.502326][  T189] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.503061][  T189] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.558992][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.559161][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.660031][ T5853] 8021q: adding VLAN 0 to HW filter on device team0
[   98.688882][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.732302][  T189] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.743740][  T189] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.823467][ T3542] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.823687][ T3542] bridge0: port 2(bridge_slave_1) entered forwarding state
[   98.885808][ T5851] 8021q: adding VLAN 0 to HW filter on device team0
[   98.961005][  T189] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.966528][  T189] bridge0: port 1(bridge_slave_0) entered forwarding state
[   98.990557][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.043330][  T189] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.043554][  T189] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.240699][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.387850][ T5848] veth0_vlan: entered promiscuous mode
[   99.462864][ T5848] veth1_vlan: entered promiscuous mode
[   99.730668][ T5848] veth0_macvtap: entered promiscuous mode
[   99.780492][ T5848] veth1_macvtap: entered promiscuous mode
[   99.817972][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.933908][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.983675][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.020732][ T5853] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.063103][ T1127] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.083454][ T1127] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.102735][ T1127] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.121324][ T1127] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.153896][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.246069][ T5842] veth0_vlan: entered promiscuous mode
[  100.417883][ T5842] veth1_vlan: entered promiscuous mode
[  100.508415][ T5845] veth0_vlan: entered promiscuous mode
[  100.557535][ T1127] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.557559][ T1127] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.611628][ T5853] veth0_vlan: entered promiscuous mode
[  100.634897][ T5845] veth1_vlan: entered promiscuous mode
[  100.700684][ T5853] veth1_vlan: entered promiscuous mode
[  100.714034][ T4576] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.714054][ T4576] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.733442][ T5851] veth0_vlan: entered promiscuous mode
[  100.787895][ T5842] veth0_macvtap: entered promiscuous mode
[  100.812895][ T5842] veth1_macvtap: entered promiscuous mode
[  100.818287][ T5851] veth1_vlan: entered promiscuous mode
[  100.900425][ T5845] veth0_macvtap: entered promiscuous mode
[  100.955754][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.962076][ T5845] veth1_macvtap: entered promiscuous mode
[  100.990073][ T5853] veth0_macvtap: entered promiscuous mode
[  101.039011][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.077965][ T5853] veth1_macvtap: entered promiscuous mode
[  101.139886][ T1380] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.145850][ T1380] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.152844][ T5851] veth0_macvtap: entered promiscuous mode
[  101.154502][ T1380] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.162740][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.169685][ T1380] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.195040][ T5851] veth1_macvtap: entered promiscuous mode
[  101.208294][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.273519][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.302537][   T57] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.342985][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.345245][   T57] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.385090][   T57] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.404380][   T57] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.468473][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.476938][   T57] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.529722][   T57] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.548522][   T57] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.564226][   T57] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.614092][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.814235][   T43] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.814254][   T43] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.843554][ T3542] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.864932][ T3542] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.941006][ T3542] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.984421][   T43] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.009131][ T5958] FAULT_INJECTION: forcing a failure.
[  102.009131][ T5958] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  102.009177][ T5958] CPU: 0 UID: 0 PID: 5958 Comm: syz.2.6 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  102.009197][ T5958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  102.009214][ T5958] Call Trace:
[  102.009221][ T5958]  <TASK>
[  102.009228][ T5958]  dump_stack_lvl+0x189/0x250
[  102.009261][ T5958]  ? __pfx____ratelimit+0x10/0x10
[  102.009283][ T5958]  ? __pfx_dump_stack_lvl+0x10/0x10
[  102.009305][ T5958]  ? __pfx__printk+0x10/0x10
[  102.009323][ T5958]  ? __might_fault+0xb0/0x130
[  102.009357][ T5958]  should_fail_ex+0x46c/0x600
[  102.009384][ T5958]  _copy_from_user+0x2d/0xb0
[  102.009411][ T5958]  ___sys_sendmsg+0x158/0x2a0
[  102.009437][ T5958]  ? __pfx____sys_sendmsg+0x10/0x10
[  102.009489][ T5958]  ? __fget_files+0x2a/0x420
[  102.009506][ T5958]  ? __fget_files+0x3a6/0x420
[  102.009537][ T5958]  __x64_sys_sendmsg+0x1a1/0x260
[  102.009562][ T5958]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  102.009587][ T5958]  ? __pfx_ksys_write+0x10/0x10
[  102.009601][ T5958]  ? rcu_is_watching+0x15/0xb0
[  102.009624][ T5958]  ? do_syscall_64+0xbe/0x3b0
[  102.009643][ T5958]  do_syscall_64+0xfa/0x3b0
[  102.009659][ T5958]  ? lockdep_hardirqs_on+0x9c/0x150
[  102.009674][ T5958]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.009688][ T5958]  ? clear_bhb_loop+0x60/0xb0
[  102.009703][ T5958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.009717][ T5958] RIP: 0033:0x7f33baccebe9
[  102.009733][ T5958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.009744][ T5958] RSP: 002b:00007f33b8f15038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  102.009761][ T5958] RAX: ffffffffffffffda RBX: 00007f33baf06090 RCX: 00007f33baccebe9
[  102.009770][ T5958] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000005
[  102.009777][ T5958] RBP: 00007f33b8f15090 R08: 0000000000000000 R09: 0000000000000000
[  102.009786][ T5958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  102.009794][ T5958] R13: 00007f33baf06128 R14: 00007f33baf06090 R15: 00007ffcdacfeeb8
[  102.009817][ T5958]  </TASK>
[  102.364017][ T1127] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.364036][ T1127] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.574025][ T5965] netlink: 'syz.2.8': attribute type 21 has an invalid length.
[  102.596417][ T5965] netlink: 132 bytes leftover after parsing attributes in process `syz.2.8'.
[  102.604561][ T1127] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.604580][ T1127] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.780863][ T4576] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.780882][ T4576] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.996605][ T1380] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.996626][ T1380] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.139549][   T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.139569][   T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.194486][ T5973] FAULT_INJECTION: forcing a failure.
[  103.194486][ T5973] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  103.194518][ T5973] CPU: 1 UID: 0 PID: 5973 Comm: syz.2.10 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  103.194535][ T5973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  103.194544][ T5973] Call Trace:
[  103.194551][ T5973]  <TASK>
[  103.194559][ T5973]  dump_stack_lvl+0x189/0x250
[  103.194586][ T5973]  ? __pfx____ratelimit+0x10/0x10
[  103.194609][ T5973]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.194632][ T5973]  ? __pfx__printk+0x10/0x10
[  103.194649][ T5973]  ? __might_fault+0xb0/0x130
[  103.194683][ T5973]  should_fail_ex+0x46c/0x600
[  103.194709][ T5973]  _copy_from_user+0x2d/0xb0
[  103.194728][ T5973]  ___sys_sendmsg+0x158/0x2a0
[  103.194752][ T5973]  ? __pfx____sys_sendmsg+0x10/0x10
[  103.194799][ T5973]  ? __fget_files+0x2a/0x420
[  103.194816][ T5973]  ? __fget_files+0x3a6/0x420
[  103.194841][ T5973]  __x64_sys_sendmsg+0x1a1/0x260
[  103.194860][ T5973]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  103.194885][ T5973]  ? __pfx_ksys_write+0x10/0x10
[  103.194899][ T5973]  ? rcu_is_watching+0x15/0xb0
[  103.194924][ T5973]  ? do_syscall_64+0xbe/0x3b0
[  103.194946][ T5973]  do_syscall_64+0xfa/0x3b0
[  103.194961][ T5973]  ? lockdep_hardirqs_on+0x9c/0x150
[  103.194978][ T5973]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.194990][ T5973]  ? clear_bhb_loop+0x60/0xb0
[  103.195006][ T5973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.195019][ T5973] RIP: 0033:0x7f33baccebe9
[  103.195033][ T5973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.195044][ T5973] RSP: 002b:00007f33b8f36038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  103.195059][ T5973] RAX: ffffffffffffffda RBX: 00007f33baf05fa0 RCX: 00007f33baccebe9
[  103.195068][ T5973] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004
[  103.195076][ T5973] RBP: 00007f33b8f36090 R08: 0000000000000000 R09: 0000000000000000
[  103.195084][ T5973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.195092][ T5973] R13: 00007f33baf06038 R14: 00007f33baf05fa0 R15: 00007ffcdacfeeb8
[  103.195115][ T5973]  </TASK>
[  103.372298][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.372318][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.646326][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  103.866339][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  104.016333][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  104.056302][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  104.246855][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  104.296373][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  104.413896][   T67] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.413916][   T67] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.162322][   T31] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  105.330753][   T31] usb 2-1: Using ep0 maxpacket: 8
[  105.348341][ T5828] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  105.377369][   T31] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  105.377416][   T31] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  105.377436][   T31] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.393614][   T31] usb 2-1: config 0 descriptor??
[  105.506652][ T5828] usb 5-1: Using ep0 maxpacket: 16
[  105.509297][ T5828] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  105.519549][ T5828] usb 5-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[  105.519577][ T5828] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.519594][ T5828] usb 5-1: Product: syz
[  105.519607][ T5828] usb 5-1: Manufacturer: syz
[  105.519619][ T5828] usb 5-1: SerialNumber: syz
[  105.612622][ T5828] usb 5-1: config 0 descriptor??
[  105.677341][ T6002] netlink: 12 bytes leftover after parsing attributes in process `syz.0.15'.
[  105.908324][ T6001] FAULT_INJECTION: forcing a failure.
[  105.908324][ T6001] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  105.908355][ T6001] CPU: 0 UID: 0 PID: 6001 Comm: syz.2.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  105.908375][ T6001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  105.908385][ T6001] Call Trace:
[  105.908392][ T6001]  <TASK>
[  105.908399][ T6001]  dump_stack_lvl+0x189/0x250
[  105.908427][ T6001]  ? __pfx____ratelimit+0x10/0x10
[  105.908450][ T6001]  ? __pfx_dump_stack_lvl+0x10/0x10
[  105.908472][ T6001]  ? __pfx__printk+0x10/0x10
[  105.908490][ T6001]  ? __might_fault+0xb0/0x130
[  105.908523][ T6001]  should_fail_ex+0x46c/0x600
[  105.908551][ T6001]  _copy_from_user+0x2d/0xb0
[  105.908570][ T6001]  ___sys_sendmsg+0x158/0x2a0
[  105.908596][ T6001]  ? __pfx____sys_sendmsg+0x10/0x10
[  105.908655][ T6001]  ? __fget_files+0x2a/0x420
[  105.908676][ T6001]  ? __fget_files+0x3a6/0x420
[  105.908715][ T6001]  __sys_sendmmsg+0x22d/0x430
[  105.908741][ T6001]  ? __pfx___sys_sendmmsg+0x10/0x10
[  105.908771][ T6001]  ? bpf_trace_run2+0x322/0x4b0
[  105.908808][ T6001]  ? rcu_is_watching+0x15/0xb0
[  105.908835][ T6001]  __x64_sys_sendmmsg+0xa0/0xc0
[  105.908859][ T6001]  do_syscall_64+0xfa/0x3b0
[  105.908879][ T6001]  ? lockdep_hardirqs_on+0x9c/0x150
[  105.908899][ T6001]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.908916][ T6001]  ? clear_bhb_loop+0x60/0xb0
[  105.908936][ T6001]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.908952][ T6001] RIP: 0033:0x7f33baccebe9
[  105.908968][ T6001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.908981][ T6001] RSP: 002b:00007f33b8f36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  105.908999][ T6001] RAX: ffffffffffffffda RBX: 00007f33baf05fa0 RCX: 00007f33baccebe9
[  105.909011][ T6001] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000004
[  105.909022][ T6001] RBP: 00007f33b8f36090 R08: 0000000000000000 R09: 0000000000000000
[  105.909033][ T6001] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001
[  105.909043][ T6001] R13: 00007f33baf06038 R14: 00007f33baf05fa0 R15: 00007ffcdacfeeb8
[  105.909071][ T6001]  </TASK>
[  106.116843][   T31] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  106.128096][ T5828] port100 5-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  106.141880][ T5998] tty tty2: ldisc open failed (-12), clearing slot 1
[  106.565780][ T5988] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  106.605731][ T5988] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  106.677983][ T5953] usb 5-1: USB disconnect, device number 2
[  106.723310][ T5984] vlan2: entered allmulticast mode
[  106.723332][ T5984] bond0: entered allmulticast mode
[  106.723344][ T5984] bond_slave_0: entered allmulticast mode
[  106.723365][ T5984] bond_slave_1: entered allmulticast mode
[  107.078810][    T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  107.859586][    C0] vkms_vblank_simulate: vblank timer overrun
[  107.863867][    T9] usb 3-1: Using ep0 maxpacket: 8
[  107.879622][    T9] usb 3-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30
[  107.879671][    T9] usb 3-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  107.879694][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  107.879724][    T9] usb 3-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  107.879743][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.999337][ T6020] FAULT_INJECTION: forcing a failure.
[  107.999337][ T6020] name failslab, interval 1, probability 0, space 0, times 0
[  107.999395][ T6020] CPU: 0 UID: 0 PID: 6020 Comm: syz.3.21 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  107.999416][ T6020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  107.999426][ T6020] Call Trace:
[  107.999434][ T6020]  <TASK>
[  107.999442][ T6020]  dump_stack_lvl+0x189/0x250
[  107.999474][ T6020]  ? __pfx_dump_stack_lvl+0x10/0x10
[  107.999497][ T6020]  ? __pfx__printk+0x10/0x10
[  107.999529][ T6020]  should_fail_ex+0x46c/0x600
[  107.999556][ T6020]  should_failslab+0xa8/0x100
[  107.999580][ T6020]  __kmalloc_cache_noprof+0x6e/0x320
[  107.999601][ T6020]  ? __se_sys_memfd_create+0x211/0x7a0
[  107.999617][ T6020]  ? task_active_pid_ns+0x81/0xb0
[  107.999644][ T6020]  __se_sys_memfd_create+0x211/0x7a0
[  107.999666][ T6020]  do_syscall_64+0xfa/0x3b0
[  107.999690][ T6020]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.999707][ T6020]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  107.999724][ T6020]  ? clear_bhb_loop+0x60/0xb0
[  107.999744][ T6020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.999761][ T6020] RIP: 0033:0x7f02489bebe9
[  107.999777][ T6020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.999790][ T6020] RSP: 002b:00007f0246bdc038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[  107.999809][ T6020] RAX: ffffffffffffffda RBX: 00007f0248bf6180 RCX: 00007f02489bebe9
[  107.999828][ T6020] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000200000000680
[  107.999839][ T6020] RBP: 00007f0246bdc090 R08: 0000000000000000 R09: 0000000000000000
[  107.999850][ T6020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.999860][ T6020] R13: 00007f0248bf6218 R14: 00007f0248bf6180 R15: 00007ffe277e07d8
[  107.999889][ T6020]  </TASK>
[  108.012233][    C0] vkms_vblank_simulate: vblank timer overrun
[  108.035177][    C0] vkms_vblank_simulate: vblank timer overrun
[  108.156474][    T9] usb 3-1: config 0 descriptor??
[  108.871492][    C0] vkms_vblank_simulate: vblank timer overrun
[  109.649856][    C0] vkms_vblank_simulate: vblank timer overrun
[  109.892276][    T9] usbhid 3-1:0.0: can't add hid device: -71
[  109.892408][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  110.062247][    C0] vkms_vblank_simulate: vblank timer overrun
[  110.134409][    T9] usb 3-1: USB disconnect, device number 2
[  111.078623][    C0] vkms_vblank_simulate: vblank timer overrun
[  111.222830][    C0] vkms_vblank_simulate: vblank timer overrun
[  111.347991][    T9] usb 2-1: USB disconnect, device number 2
[  111.516681][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  111.556337][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  111.559650][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  111.586892][ T6051] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  112.372087][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  112.521902][    C0] vkms_vblank_simulate: vblank timer overrun
[  112.751380][    C0] vkms_vblank_simulate: vblank timer overrun
[  112.827460][    C0] vkms_vblank_simulate: vblank timer overrun
[  114.069143][ T5828] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  114.236411][ T5828] usb 1-1: Using ep0 maxpacket: 8
[  114.239273][ T5828] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  114.239319][ T5828] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  114.239339][ T5828] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.787300][ T5828] usb 1-1: config 0 descriptor??
[  114.906460][    T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  115.056432][    T9] usb 5-1: Using ep0 maxpacket: 8
[  115.931515][    T9] usb 5-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30
[  115.931566][    T9] usb 5-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  115.931591][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  115.931625][    T9] usb 5-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  115.931645][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.012096][    T9] usb 5-1: config 0 descriptor??
[  116.023397][ T5828] iowarrior 1-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  117.329488][ T6088] FAULT_INJECTION: forcing a failure.
[  117.329488][ T6088] name failslab, interval 1, probability 0, space 0, times 0
[  117.329544][ T6088] CPU: 0 UID: 0 PID: 6088 Comm: syz.1.36 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  117.329564][ T6088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  117.329574][ T6088] Call Trace:
[  117.329582][ T6088]  <TASK>
[  117.329590][ T6088]  dump_stack_lvl+0x189/0x250
[  117.329618][ T6088]  ? __pfx____ratelimit+0x10/0x10
[  117.329641][ T6088]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.329664][ T6088]  ? __pfx__printk+0x10/0x10
[  117.329689][ T6088]  ? __pfx___might_resched+0x10/0x10
[  117.329709][ T6088]  ? fs_reclaim_acquire+0x7d/0x100
[  117.329730][ T6088]  should_fail_ex+0x46c/0x600
[  117.329758][ T6088]  should_failslab+0xa8/0x100
[  117.329783][ T6088]  __kmalloc_noprof+0xcb/0x430
[  117.329803][ T6088]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  117.329831][ T6088]  tomoyo_realpath_from_path+0xe3/0x5d0
[  117.329854][ T6088]  ? tomoyo_domain+0xda/0x130
[  117.329888][ T6088]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  117.329908][ T6088]  tomoyo_path_number_perm+0x1e8/0x5a0
[  117.329930][ T6088]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  117.329954][ T6088]  ? __pfx___schedule+0x10/0x10
[  117.329985][ T6088]  ? __lock_acquire+0xab9/0xd20
[  117.330028][ T6088]  ? __fget_files+0x2a/0x420
[  117.330054][ T6088]  ? __fget_files+0x2a/0x420
[  117.330074][ T6088]  ? __fget_files+0x3a6/0x420
[  117.330094][ T6088]  ? __fget_files+0x2a/0x420
[  117.330120][ T6088]  security_file_ioctl+0xcb/0x2d0
[  117.330144][ T6088]  __se_sys_ioctl+0x47/0x170
[  117.330166][ T6088]  do_syscall_64+0xfa/0x3b0
[  117.330189][ T6088]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.330206][ T6088]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  117.330223][ T6088]  ? clear_bhb_loop+0x60/0xb0
[  117.330244][ T6088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.330260][ T6088] RIP: 0033:0x7f4f6778ebe9
[  117.330276][ T6088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.330289][ T6088] RSP: 002b:00007f4f659b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  117.330308][ T6088] RAX: ffffffffffffffda RBX: 00007f4f679c6180 RCX: 00007f4f6778ebe9
[  117.330321][ T6088] RDX: 0000000000000000 RSI: 0000000040946400 RDI: 0000000000000007
[  117.330332][ T6088] RBP: 00007f4f659b4090 R08: 0000000000000000 R09: 0000000000000000
[  117.330342][ T6088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.330353][ T6088] R13: 00007f4f679c6218 R14: 00007f4f679c6180 R15: 00007ffec8a3e268
[  117.330382][ T6088]  </TASK>
[  117.330414][ T6088] ERROR: Out of memory at tomoyo_realpath_from_path.
[  118.331701][    T9] usbhid 5-1:0.0: can't add hid device: -71
[  118.331824][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  118.386784][    T9] usb 5-1: USB disconnect, device number 3
[  118.440191][ T6070] vlan2: entered allmulticast mode
[  118.440211][ T6070] bond0: entered allmulticast mode
[  118.440223][ T6070] bond_slave_0: entered allmulticast mode
[  118.440243][ T6070] bond_slave_1: entered allmulticast mode
[  119.343493][ T6102] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  119.769548][ T6110] FAULT_INJECTION: forcing a failure.
[  119.769548][ T6110] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  119.769584][ T6110] CPU: 1 UID: 0 PID: 6110 Comm: syz.2.42 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  119.769596][ T6110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  119.769602][ T6110] Call Trace:
[  119.769606][ T6110]  <TASK>
[  119.769611][ T6110]  dump_stack_lvl+0x189/0x250
[  119.769629][ T6110]  ? __pfx____ratelimit+0x10/0x10
[  119.769642][ T6110]  ? __pfx_dump_stack_lvl+0x10/0x10
[  119.769654][ T6110]  ? __pfx__printk+0x10/0x10
[  119.769664][ T6110]  ? __might_fault+0xb0/0x130
[  119.769689][ T6110]  should_fail_ex+0x46c/0x600
[  119.769705][ T6110]  _copy_from_user+0x2d/0xb0
[  119.769716][ T6110]  __sys_bpf+0x1ed/0x870
[  119.769729][ T6110]  ? __pfx___sys_bpf+0x10/0x10
[  119.769746][ T6110]  ? ksys_write+0x230/0x260
[  119.769759][ T6110]  ? __pfx_ksys_write+0x10/0x10
[  119.769769][ T6110]  ? rcu_is_watching+0x15/0xb0
[  119.769785][ T6110]  __x64_sys_bpf+0x7c/0x90
[  119.769796][ T6110]  do_syscall_64+0xfa/0x3b0
[  119.769808][ T6110]  ? lockdep_hardirqs_on+0x9c/0x150
[  119.769819][ T6110]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.769829][ T6110]  ? clear_bhb_loop+0x60/0xb0
[  119.769840][ T6110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.769849][ T6110] RIP: 0033:0x7f33baccebe9
[  119.769859][ T6110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.769866][ T6110] RSP: 002b:00007f33b8f36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  119.769882][ T6110] RAX: ffffffffffffffda RBX: 00007f33baf05fa0 RCX: 00007f33baccebe9
[  119.769889][ T6110] RDX: 0000000000000094 RSI: 0000200000000840 RDI: 0000000000000005
[  119.769895][ T6110] RBP: 00007f33b8f36090 R08: 0000000000000000 R09: 0000000000000000
[  119.769901][ T6110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.769906][ T6110] R13: 00007f33baf06038 R14: 00007f33baf05fa0 R15: 00007ffcdacfeeb8
[  119.769920][ T6110]  </TASK>
[  119.786782][ T6113] netlink: 'syz.3.43': attribute type 1 has an invalid length.
[  122.894206][    T9] usb 1-1: USB disconnect, device number 2
[  123.056285][ T6141] FAULT_INJECTION: forcing a failure.
[  123.056285][ T6141] name failslab, interval 1, probability 0, space 0, times 0
[  123.056371][ T6141] CPU: 0 UID: 0 PID: 6141 Comm: syz.1.48 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  123.056411][ T6141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  123.056422][ T6141] Call Trace:
[  123.056429][ T6141]  <TASK>
[  123.056437][ T6141]  dump_stack_lvl+0x189/0x250
[  123.056466][ T6141]  ? __pfx____ratelimit+0x10/0x10
[  123.056489][ T6141]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.056511][ T6141]  ? __pfx__printk+0x10/0x10
[  123.056536][ T6141]  ? __pfx___might_resched+0x10/0x10
[  123.056555][ T6141]  ? fs_reclaim_acquire+0x7d/0x100
[  123.056577][ T6141]  should_fail_ex+0x46c/0x600
[  123.056605][ T6141]  should_failslab+0xa8/0x100
[  123.056629][ T6141]  __kmalloc_noprof+0xcb/0x430
[  123.056649][ T6141]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  123.056677][ T6141]  tomoyo_realpath_from_path+0xe3/0x5d0
[  123.056701][ T6141]  ? tomoyo_domain+0xda/0x130
[  123.056730][ T6141]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  123.056749][ T6141]  tomoyo_path_number_perm+0x1e8/0x5a0
[  123.056772][ T6141]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  123.056792][ T6141]  ? cpupri_find+0xe7/0x240
[  123.056828][ T6141]  ? __lock_acquire+0xab9/0xd20
[  123.056871][ T6141]  ? __fget_files+0x2a/0x420
[  123.056896][ T6141]  ? __fget_files+0x2a/0x420
[  123.056917][ T6141]  ? __fget_files+0x3a6/0x420
[  123.056937][ T6141]  ? __fget_files+0x2a/0x420
[  123.056963][ T6141]  security_file_ioctl+0xcb/0x2d0
[  123.056986][ T6141]  __se_sys_ioctl+0x47/0x170
[  123.057008][ T6141]  do_syscall_64+0xfa/0x3b0
[  123.057031][ T6141]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.057048][ T6141]  ? asm_sysvec_call_function_single+0x1a/0x20
[  123.057064][ T6141]  ? clear_bhb_loop+0x60/0xb0
[  123.057084][ T6141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.057101][ T6141] RIP: 0033:0x7f4f6778ebe9
[  123.057117][ T6141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.057130][ T6141] RSP: 002b:00007f4f659b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  123.057148][ T6141] RAX: ffffffffffffffda RBX: 00007f4f679c6180 RCX: 00007f4f6778ebe9
[  123.057161][ T6141] RDX: 0000000000000000 RSI: 0000000040946400 RDI: 0000000000000008
[  123.057171][ T6141] RBP: 00007f4f659b4090 R08: 0000000000000000 R09: 0000000000000000
[  123.057182][ T6141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.057192][ T6141] R13: 00007f4f679c6218 R14: 00007f4f679c6180 R15: 00007ffec8a3e268
[  123.057222][ T6141]  </TASK>
[  123.057252][ T6141] ERROR: Out of memory at tomoyo_realpath_from_path.
[  125.057334][ T6150] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  125.456431][ T5925] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  125.717565][ T5925] usb 5-1: Using ep0 maxpacket: 8
[  125.722835][ T5925] usb 5-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30
[  125.722884][ T5925] usb 5-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  125.722908][ T5925] usb 5-1: config 0 interface 0 has no altsetting 0
[  125.722939][ T5925] usb 5-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  125.722959][ T5925] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.651593][ T5925] usb 5-1: config 0 descriptor??
[  128.601375][ T5925] usbhid 5-1:0.0: can't add hid device: -71
[  128.601451][ T5925] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  128.654548][ T5925] usb 5-1: USB disconnect, device number 4
[  131.858726][ T6194] netlink: 12 bytes leftover after parsing attributes in process `syz.4.61'.
[  132.515389][ T6199] FAULT_INJECTION: forcing a failure.
[  132.515389][ T6199] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.515450][ T6199] CPU: 0 UID: 0 PID: 6199 Comm: syz.1.64 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  132.515472][ T6199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  132.515482][ T6199] Call Trace:
[  132.515489][ T6199]  <TASK>
[  132.515497][ T6199]  dump_stack_lvl+0x189/0x250
[  132.515516][ T6199]  ? __pfx____ratelimit+0x10/0x10
[  132.515532][ T6199]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.515545][ T6199]  ? __pfx__printk+0x10/0x10
[  132.515564][ T6199]  should_fail_ex+0x46c/0x600
[  132.515580][ T6199]  _copy_to_user+0x31/0xb0
[  132.515592][ T6199]  simple_read_from_buffer+0xe1/0x170
[  132.515608][ T6199]  proc_fail_nth_read+0x1b6/0x220
[  132.515621][ T6199]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  132.515632][ T6199]  ? rw_verify_area+0x2ac/0x4e0
[  132.515643][ T6199]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  132.515653][ T6199]  vfs_read+0x203/0xa30
[  132.515669][ T6199]  ? __pfx_vfs_read+0x10/0x10
[  132.515678][ T6199]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  132.515693][ T6199]  ? mutex_lock_nested+0x154/0x1d0
[  132.515702][ T6199]  ? fdget_pos+0x253/0x320
[  132.515719][ T6199]  ksys_read+0x14b/0x260
[  132.515731][ T6199]  ? __pfx_ksys_read+0x10/0x10
[  132.515748][ T6199]  do_syscall_64+0xfa/0x3b0
[  132.515761][ T6199]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.515771][ T6199]  ? asm_sysvec_call_function_single+0x1a/0x20
[  132.515780][ T6199]  ? clear_bhb_loop+0x60/0xb0
[  132.515791][ T6199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.515800][ T6199] RIP: 0033:0x7f4f6778d5fc
[  132.515810][ T6199] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  132.515817][ T6199] RSP: 002b:00007f4f659b4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  132.515828][ T6199] RAX: ffffffffffffffda RBX: 00007f4f679c6180 RCX: 00007f4f6778d5fc
[  132.515835][ T6199] RDX: 000000000000000f RSI: 00007f4f659b40a0 RDI: 0000000000000004
[  132.515840][ T6199] RBP: 00007f4f659b4090 R08: 0000000000000000 R09: 000000000000001c
[  132.515846][ T6199] R10: 00000000200c8004 R11: 0000000000000246 R12: 0000000000000001
[  132.515852][ T6199] R13: 00007f4f679c6218 R14: 00007f4f679c6180 R15: 00007ffec8a3e268
[  132.515867][ T6199]  </TASK>
[  133.015427][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  133.015544][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  133.978865][ T6205] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  140.679077][    C1] vkms_vblank_simulate: vblank timer overrun
[  140.953684][    C1] vkms_vblank_simulate: vblank timer overrun
[  141.336206][ T6257] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.600564][ T6263] FAULT_INJECTION: forcing a failure.
[  141.600564][ T6263] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  141.600594][ T6263] CPU: 0 UID: 0 PID: 6263 Comm: syz.0.81 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  141.600614][ T6263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  141.600624][ T6263] Call Trace:
[  141.600631][ T6263]  <TASK>
[  141.600638][ T6263]  dump_stack_lvl+0x189/0x250
[  141.600666][ T6263]  ? __pfx____ratelimit+0x10/0x10
[  141.600687][ T6263]  ? __pfx_dump_stack_lvl+0x10/0x10
[  141.600710][ T6263]  ? __pfx__printk+0x10/0x10
[  141.600742][ T6263]  should_fail_ex+0x46c/0x600
[  141.600769][ T6263]  _copy_to_user+0x31/0xb0
[  141.600790][ T6263]  simple_read_from_buffer+0xe1/0x170
[  141.600817][ T6263]  proc_fail_nth_read+0x1b6/0x220
[  141.600838][ T6263]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  141.600859][ T6263]  ? rw_verify_area+0x2ac/0x4e0
[  141.600878][ T6263]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  141.600897][ T6263]  vfs_read+0x203/0xa30
[  141.600924][ T6263]  ? __pfx_vfs_read+0x10/0x10
[  141.600944][ T6263]  ? ieee802154_sock_connect+0x5b/0x160
[  141.600966][ T6263]  ? __sys_connect+0x346/0x450
[  141.600989][ T6263]  ? __pfx___sys_connect+0x10/0x10
[  141.601015][ T6263]  ksys_read+0x14b/0x260
[  141.601037][ T6263]  ? __pfx_ksys_read+0x10/0x10
[  141.601054][ T6263]  ? rcu_is_watching+0x15/0xb0
[  141.601082][ T6263]  ? do_syscall_64+0xbe/0x3b0
[  141.601108][ T6263]  do_syscall_64+0xfa/0x3b0
[  141.601127][ T6263]  ? lockdep_hardirqs_on+0x9c/0x150
[  141.601147][ T6263]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.601164][ T6263]  ? clear_bhb_loop+0x60/0xb0
[  141.601185][ T6263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.601201][ T6263] RIP: 0033:0x7f277344d5fc
[  141.601216][ T6263] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  141.601230][ T6263] RSP: 002b:00007f27716b6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  141.601248][ T6263] RAX: ffffffffffffffda RBX: 00007f2773685fa0 RCX: 00007f277344d5fc
[  141.601261][ T6263] RDX: 000000000000000f RSI: 00007f27716b60a0 RDI: 0000000000000003
[  141.601271][ T6263] RBP: 00007f27716b6090 R08: 0000000000000000 R09: 0000000000000000
[  141.601282][ T6263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.601298][ T6263] R13: 00007f2773686038 R14: 00007f2773685fa0 R15: 00007ffc91e49098
[  141.601326][ T6263]  </TASK>
[  142.318366][    C1] vkms_vblank_simulate: vblank timer overrun
[  142.922857][    C1] vkms_vblank_simulate: vblank timer overrun
[  143.112929][    C1] vkms_vblank_simulate: vblank timer overrun
[  143.653794][    C1] vkms_vblank_simulate: vblank timer overrun
[  143.786018][    C1] vkms_vblank_simulate: vblank timer overrun
[  144.228170][    C1] vkms_vblank_simulate: vblank timer overrun
[  144.411978][    C1] vkms_vblank_simulate: vblank timer overrun
[  144.535424][ T6286] vlan2: entered allmulticast mode
[  144.817538][ T6293] FAULT_INJECTION: forcing a failure.
[  144.817538][ T6293] name failslab, interval 1, probability 0, space 0, times 0
[  144.817624][ T6293] CPU: 0 UID: 0 PID: 6293 Comm: syz.4.88 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  144.817645][ T6293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  144.817656][ T6293] Call Trace:
[  144.817664][ T6293]  <TASK>
[  144.817672][ T6293]  dump_stack_lvl+0x189/0x250
[  144.817700][ T6293]  ? __pfx____ratelimit+0x10/0x10
[  144.817723][ T6293]  ? __pfx_dump_stack_lvl+0x10/0x10
[  144.817745][ T6293]  ? __pfx__printk+0x10/0x10
[  144.817768][ T6293]  ? fs_reclaim_acquire+0x7d/0x100
[  144.817794][ T6293]  should_fail_ex+0x46c/0x600
[  144.817822][ T6293]  should_failslab+0xa8/0x100
[  144.817846][ T6293]  __kmalloc_noprof+0xcb/0x430
[  144.817866][ T6293]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  144.817894][ T6293]  tomoyo_realpath_from_path+0xe3/0x5d0
[  144.817928][ T6293]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  144.817947][ T6293]  tomoyo_path_number_perm+0x1e8/0x5a0
[  144.817970][ T6293]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  144.817987][ T6293]  ? lockdep_hardirqs_on+0x9c/0x150
[  144.818025][ T6293]  ? hook_file_ioctl+0xad/0x530
[  144.818065][ T6293]  ? __rcu_read_unlock+0x84/0xe0
[  144.818085][ T6293]  ? __fget_files+0x2a/0x420
[  144.818106][ T6293]  ? __fget_files+0x3a6/0x420
[  144.818126][ T6293]  ? __fget_files+0x2a/0x420
[  144.818152][ T6293]  security_file_ioctl+0xcb/0x2d0
[  144.818175][ T6293]  __se_sys_ioctl+0x47/0x170
[  144.818197][ T6293]  do_syscall_64+0xfa/0x3b0
[  144.818221][ T6293]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.818244][ T6293]  ? asm_sysvec_call_function_single+0x1a/0x20
[  144.818261][ T6293]  ? clear_bhb_loop+0x60/0xb0
[  144.818282][ T6293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.818299][ T6293] RIP: 0033:0x7f4b2e78ebe9
[  144.818315][ T6293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.818328][ T6293] RSP: 002b:00007f4b2c9d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  144.818347][ T6293] RAX: ffffffffffffffda RBX: 00007f4b2e9c6090 RCX: 00007f4b2e78ebe9
[  144.818360][ T6293] RDX: 0000200000000700 RSI: 00000000c0487c04 RDI: 0000000000000004
[  144.818371][ T6293] RBP: 00007f4b2c9d5090 R08: 0000000000000000 R09: 0000000000000000
[  144.818382][ T6293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  144.818392][ T6293] R13: 00007f4b2e9c6128 R14: 00007f4b2e9c6090 R15: 00007fff9c324228
[  144.818422][ T6293]  </TASK>
[  144.818519][ T6293] ERROR: Out of memory at tomoyo_realpath_from_path.
[  145.800757][   T46] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  145.978059][   T46] usb 4-1: Using ep0 maxpacket: 8
[  145.993187][   T46] usb 4-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30
[  145.993235][   T46] usb 4-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  145.993260][   T46] usb 4-1: config 0 interface 0 has no altsetting 0
[  145.993293][   T46] usb 4-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  145.993313][   T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.054220][   T46] usb 4-1: config 0 descriptor??
[  146.465173][ T6295] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  146.465228][ T6295] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  146.465318][ T6295] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  146.883320][ T6295] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  146.883516][ T6295] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  146.884567][ T6295] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  146.886939][ T6295] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  146.889497][ T6295] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  146.890266][ T6295] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  146.890498][ T6295] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  148.135442][ T6295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.380419][ T6295] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.409313][   T46] usbhid 4-1:0.0: can't add hid device: -32
[  151.409440][   T46] usbhid 4-1:0.0: probe with driver usbhid failed with error -32
[  151.635448][ T5953] usb 4-1: USB disconnect, device number 2
[  152.026382][ T6036] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  152.996359][ T6036] usb 2-1: Using ep0 maxpacket: 8
[  152.999063][ T6036] usb 2-1: config 0 has an invalid interface number: 186 but max is 0
[  152.999087][ T6036] usb 2-1: config 0 has no interface number 0
[  152.999136][ T6036] usb 2-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  152.999158][ T6036] usb 2-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  152.999180][ T6036] usb 2-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  152.999211][ T6036] usb 2-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  153.002499][ T6036] usb 2-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  153.002527][ T6036] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.002543][ T6036] usb 2-1: Product: syz
[  153.002556][ T6036] usb 2-1: Manufacturer: syz
[  153.002568][ T6036] usb 2-1: SerialNumber: syz
[  153.091161][    C0] vkms_vblank_simulate: vblank timer overrun
[  153.164942][ T6036] usb 2-1: config 0 descriptor??
[  153.416936][ T6036] iowarrior 2-1:0.186: IOWarrior product=0x1505, serial=42424242 interface=186 now attached to iowarrior0
[  153.582418][    C0] vkms_vblank_simulate: vblank timer overrun
[  153.659836][ T6314] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.660400][ T6314] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.819787][ T6337] netlink: 32 bytes leftover after parsing attributes in process `syz.3.100'.
[  154.765245][ T5991] usb 2-1: USB disconnect, device number 3
[  156.687346][    C0] vkms_vblank_simulate: vblank timer overrun
[  156.886913][    C0] vkms_vblank_simulate: vblank timer overrun
[  157.181597][    C0] vkms_vblank_simulate: vblank timer overrun
[  157.767375][ T6092] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  157.916641][ T6092] usb 5-1: Using ep0 maxpacket: 8
[  157.918578][ T6092] usb 5-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30
[  157.918644][ T6092] usb 5-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  157.918658][ T6092] usb 5-1: config 0 interface 0 has no altsetting 0
[  157.918675][ T6092] usb 5-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  157.918686][ T6092] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.923810][ T6092] usb 5-1: config 0 descriptor??
[  158.256382][ T5904] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  158.428755][ T6366] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  158.429034][ T6366] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  158.429132][ T6366] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  158.431244][ T6366] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  158.431297][ T6366] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  158.431584][ T6366] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  158.431633][ T6366] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  158.433224][ T6366] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  158.433512][ T6366] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  158.433561][ T6366] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  158.552454][ T5904] usb 3-1: config index 0 descriptor too short (expected 14385, got 36)
[  158.552483][ T5904] usb 3-1: config 52 has too many interfaces: 52, using maximum allowed: 32
[  158.552500][ T5904] usb 3-1: config 52 has an invalid descriptor of length 52, skipping remainder of the config
[  158.552516][ T5904] usb 3-1: config 52 has 0 interfaces, different from the descriptor's value: 52
[  158.827227][ T5904] usb 3-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  158.827255][ T5904] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.827272][ T5904] usb 3-1: Product: syz
[  158.827283][ T5904] usb 3-1: Manufacturer: syz
[  158.827295][ T5904] usb 3-1: SerialNumber: syz
[  158.879609][ T6366] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  158.880130][ T6366] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  163.405939][ T6092] usbhid 5-1:0.0: can't add hid device: -32
[  163.832631][ T6092] usbhid 5-1:0.0: probe with driver usbhid failed with error -32
[  170.100244][ T6092] usb 3-1: USB disconnect, device number 3
[  170.281718][    C1] vkms_vblank_simulate: vblank timer overrun
[  170.805852][    C1] vkms_vblank_simulate: vblank timer overrun
[  170.832562][    C1] vkms_vblank_simulate: vblank timer overrun
[  171.356955][ T6166] usb 5-1: USB disconnect, device number 5
[  171.841066][    C1] vkms_vblank_simulate: vblank timer overrun
[  171.952065][    C1] vkms_vblank_simulate: vblank timer overrun
[  172.066715][    C1] vkms_vblank_simulate: vblank timer overrun
[  172.254577][    C1] vkms_vblank_simulate: vblank timer overrun
[  172.687594][    C1] vkms_vblank_simulate: vblank timer overrun
[  173.937898][    C1] vkms_vblank_simulate: vblank timer overrun
[  173.983929][    C1] vkms_vblank_simulate: vblank timer overrun
[  174.114389][    C1] vkms_vblank_simulate: vblank timer overrun
[  174.590209][ T6166] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  174.795260][    C1] vkms_vblank_simulate: vblank timer overrun
[  174.904358][    C1] vkms_vblank_simulate: vblank timer overrun
[  175.525068][ T6166] usb 5-1: config 36 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  175.779410][ T6166] usb 5-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=26.29
[  175.779437][ T6166] usb 5-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[  175.830662][ T6166] usb 5-1: can't set config #36, error -71
[  175.848352][ T6166] usb 5-1: USB disconnect, device number 6
[  177.608486][    C0] vkms_vblank_simulate: vblank timer overrun
[  177.760547][ T5843] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  177.763890][ T5843] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  177.765551][ T5843] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  177.873023][    C0] vkms_vblank_simulate: vblank timer overrun
[  177.973403][    C0] vkms_vblank_simulate: vblank timer overrun
[  178.591068][    C0] vkms_vblank_simulate: vblank timer overrun
[  178.663566][ T5843] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  178.670493][ T5843] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  178.804366][ T6402] netlink: 2 bytes leftover after parsing attributes in process `syz.3.120'.
[  178.994365][    C0] vkms_vblank_simulate: vblank timer overrun
[  179.367919][    T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  179.529324][    T9] usb 5-1: Using ep0 maxpacket: 8
[  179.534580][    T9] usb 5-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30
[  179.534627][    T9] usb 5-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  179.534650][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  179.534682][    T9] usb 5-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  179.534716][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.662052][    T9] usb 5-1: config 0 descriptor??
[  180.083397][    C0] vkms_vblank_simulate: vblank timer overrun
[  180.099476][ T6427] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  180.099607][ T6427] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  180.099771][ T6427] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  180.128030][ T6427] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  180.128103][ T6427] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  180.128133][ T6427] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  180.128158][ T6427] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  180.128206][ T6427] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  180.133561][ T6427] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  180.133686][ T6427] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  180.549841][    C0] vkms_vblank_simulate: vblank timer overrun
[  180.621795][    C0] vkms_vblank_simulate: vblank timer overrun
[  180.747015][    C0] vkms_vblank_simulate: vblank timer overrun
[  180.767047][ T5843] Bluetooth: hci5: command tx timeout
[  180.771808][ T6427] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  181.275700][ T6427] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  182.846475][ T5843] Bluetooth: hci5: command tx timeout
[  185.012685][ T5843] Bluetooth: hci5: command tx timeout
[  185.014610][    T9] usbhid 5-1:0.0: can't add hid device: -32
[  185.014827][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -32
[  186.092700][ T5991] usb 5-1: USB disconnect, device number 7
[  186.884581][ T5979] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.746707][ T5843] Bluetooth: hci5: command tx timeout
[  188.447003][    C1] vkms_vblank_simulate: vblank timer overrun
[  188.769867][ T5979] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.626504][    C1] vkms_vblank_simulate: vblank timer overrun
[  189.730380][    C1] vkms_vblank_simulate: vblank timer overrun
[  190.388377][    C1] vkms_vblank_simulate: vblank timer overrun
[  190.664896][    C1] vkms_vblank_simulate: vblank timer overrun
[  191.217545][    C1] vkms_vblank_simulate: vblank timer overrun
[  191.416641][ T5979] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.628280][ T6501] vlan2: entered allmulticast mode
[  191.628299][ T6501] bond0: entered allmulticast mode
[  191.628311][ T6501] bond_slave_0: entered allmulticast mode
[  191.628331][ T6501] bond_slave_1: entered allmulticast mode
[  191.996487][ T6035] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  192.029597][ T6508] netlink: 32 bytes leftover after parsing attributes in process `syz.0.144'.
[  192.030520][ T6510] netlink: 32 bytes leftover after parsing attributes in process `syz.0.144'.
[  192.166369][ T6035] usb 4-1: Using ep0 maxpacket: 8
[  192.169442][ T6035] usb 4-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30
[  192.169490][ T6035] usb 4-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  192.169513][ T6035] usb 4-1: config 0 interface 0 has no altsetting 0
[  192.169542][ T6035] usb 4-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  192.169561][ T6035] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.230621][ T6035] usb 4-1: config 0 descriptor??
[  192.459324][ T6166] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  192.618234][    C1] vkms_vblank_simulate: vblank timer overrun
[  192.786558][ T6166] usb 5-1: Using ep0 maxpacket: 8
[  192.972368][ T5979] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.160716][ T6166] usb 5-1: unable to get BOS descriptor or descriptor too short
[  193.165172][ T6166] usb 5-1: config 4 interface 0 has no altsetting 0
[  193.197704][ T6166] usb 5-1: string descriptor 0 read error: -22
[  193.197849][ T6166] usb 5-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  193.197868][ T6166] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.360595][ T6511] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  193.389902][ T6511] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  193.433683][ T6166] usb 5-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  196.862867][    C1] vkms_vblank_simulate: vblank timer overrun
[  197.431435][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  197.432761][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  197.737799][ T6035] usbhid 4-1:0.0: can't add hid device: -32
[  197.737901][ T6035] usbhid 4-1:0.0: probe with driver usbhid failed with error -32
[  197.775371][ T6166] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  197.776186][ T6166] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  197.813821][ T6166] usb 5-1: media controller created
[  197.855542][ T6166] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  197.909844][ T6035] usb 4-1: USB disconnect, device number 3
[  198.068517][ T6166] zl10353_read_register: readreg error (reg=127, ret==0)
[  198.721152][    C1] vkms_vblank_simulate: vblank timer overrun
[  198.863698][ T6166] usb 5-1: USB disconnect, device number 8
[  199.058095][    C1] vkms_vblank_simulate: vblank timer overrun
[  199.335942][    C1] vkms_vblank_simulate: vblank timer overrun
[  199.743367][    C1] vkms_vblank_simulate: vblank timer overrun
[  200.200215][ T6421] chnl_net:caif_netlink_parms(): no params data found
[  200.287903][ T6549] vlan2: entered allmulticast mode
[  200.967203][ T6560] FAULT_INJECTION: forcing a failure.
[  200.967203][ T6560] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  200.967262][ T6560] CPU: 1 UID: 0 PID: 6560 Comm: syz.0.157 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  200.967282][ T6560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  200.967293][ T6560] Call Trace:
[  200.967300][ T6560]  <TASK>
[  200.967308][ T6560]  dump_stack_lvl+0x189/0x250
[  200.967336][ T6560]  ? __pfx____ratelimit+0x10/0x10
[  200.967359][ T6560]  ? __pfx_dump_stack_lvl+0x10/0x10
[  200.967382][ T6560]  ? __pfx__printk+0x10/0x10
[  200.967401][ T6560]  ? __might_fault+0xb0/0x130
[  200.967435][ T6560]  should_fail_ex+0x46c/0x600
[  200.967463][ T6560]  _copy_from_user+0x2d/0xb0
[  200.967483][ T6560]  ___sys_sendmsg+0x158/0x2a0
[  200.967510][ T6560]  ? __pfx____sys_sendmsg+0x10/0x10
[  200.967537][ T6560]  ? trace_irq_disable+0x37/0x110
[  200.967557][ T6560]  ? preempt_schedule_irq+0xde/0x150
[  200.967597][ T6560]  ? lockdep_hardirqs_on+0x9c/0x150
[  200.967634][ T6560]  ? kasan_check_range+0x16d/0x2c0
[  200.967665][ T6560]  __sys_sendmmsg+0x22d/0x430
[  200.967690][ T6560]  ? __pfx___sys_sendmmsg+0x10/0x10
[  200.967737][ T6560]  __x64_sys_sendmmsg+0xa0/0xc0
[  200.967756][ T6560]  do_syscall_64+0xfa/0x3b0
[  200.967772][ T6560]  ? lockdep_hardirqs_on+0x9c/0x150
[  200.967787][ T6560]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.967800][ T6560]  ? clear_bhb_loop+0x60/0xb0
[  200.967816][ T6560]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.967829][ T6560] RIP: 0033:0x7f277344ebe9
[  200.967841][ T6560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.967851][ T6560] RSP: 002b:00007f2771674038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  200.967866][ T6560] RAX: ffffffffffffffda RBX: 00007f2773686180 RCX: 00007f277344ebe9
[  200.967875][ T6560] RDX: 3284b164842c97f7 RSI: 0000200000000c40 RDI: 0000000000000006
[  200.967884][ T6560] RBP: 00007f2771674090 R08: 0000000000000000 R09: 0000000000000000
[  200.967892][ T6560] R10: 0000000000008014 R11: 0000000000000246 R12: 0000000000000001
[  200.967899][ T6560] R13: 00007f2773686218 R14: 00007f2773686180 R15: 00007ffc91e49098
[  200.967920][ T6560]  </TASK>
[  202.039099][ T5979] bridge_slave_1: left allmulticast mode
[  202.039622][ T5979] bridge_slave_1: left promiscuous mode
[  202.043066][ T5979] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.367035][    C1] vkms_vblank_simulate: vblank timer overrun
[  202.844059][    C1] vkms_vblank_simulate: vblank timer overrun
[  203.214529][ T5979] bridge_slave_0: left allmulticast mode
[  203.217058][ T5979] bridge_slave_0: left promiscuous mode
[  203.416505][ T5979] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.558034][ T6166] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  203.706479][ T6166] usb 1-1: Using ep0 maxpacket: 8
[  203.777504][ T6166] usb 1-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30
[  203.777551][ T6166] usb 1-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  203.777575][ T6166] usb 1-1: config 0 interface 0 has no altsetting 0
[  203.777607][ T6166] usb 1-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  203.777627][ T6166] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.871269][ T6166] usb 1-1: config 0 descriptor??
[  203.876319][    C1] vkms_vblank_simulate: vblank timer overrun
[  204.974372][ T6577] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  204.974426][ T6577] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  204.974576][ T6577] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  204.974725][ T6577] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  205.009125][ T6577] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  205.009188][ T6577] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  205.009673][ T6577] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  205.009850][ T6577] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  205.009950][ T6577] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  205.009989][ T6577] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  205.021144][ T6577] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  205.026540][ T6577] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  208.038631][ T6597] FAULT_INJECTION: forcing a failure.
[  208.038631][ T6597] name failslab, interval 1, probability 0, space 0, times 0
[  208.038796][ T6597] CPU: 0 UID: 0 PID: 6597 Comm: syz.3.166 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  208.038817][ T6597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  208.038827][ T6597] Call Trace:
[  208.038834][ T6597]  <TASK>
[  208.038842][ T6597]  dump_stack_lvl+0x189/0x250
[  208.038869][ T6597]  ? __pfx____ratelimit+0x10/0x10
[  208.038891][ T6597]  ? __pfx_dump_stack_lvl+0x10/0x10
[  208.038913][ T6597]  ? __pfx__printk+0x10/0x10
[  208.038936][ T6597]  ? __pfx___might_resched+0x10/0x10
[  208.038954][ T6597]  ? fs_reclaim_acquire+0x7d/0x100
[  208.038974][ T6597]  should_fail_ex+0x46c/0x600
[  208.038999][ T6597]  ? prepare_creds+0x31/0x6c0
[  208.039020][ T6597]  should_failslab+0xa8/0x100
[  208.039041][ T6597]  ? prepare_creds+0x31/0x6c0
[  208.039059][ T6597]  kmem_cache_alloc_noprof+0x6e/0x310
[  208.039084][ T6597]  prepare_creds+0x31/0x6c0
[  208.039111][ T6597]  __sys_setresgid+0x584/0x8f0
[  208.039134][ T6597]  do_syscall_64+0xfa/0x3b0
[  208.039156][ T6597]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.039172][ T6597]  ? asm_sysvec_call_function_single+0x1a/0x20
[  208.039189][ T6597]  ? clear_bhb_loop+0x60/0xb0
[  208.039205][ T6597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.039217][ T6597] RIP: 0033:0x7f02489bebe9
[  208.039236][ T6597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.039246][ T6597] RSP: 002b:00007f0246bfd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000077
[  208.039261][ T6597] RAX: ffffffffffffffda RBX: 00007f0248bf6090 RCX: 00007f02489bebe9
[  208.039270][ T6597] RDX: 0000000000000000 RSI: 000000000000ee01 RDI: 000000000000ee00
[  208.039278][ T6597] RBP: 00007f0246bfd090 R08: 0000000000000000 R09: 0000000000000000
[  208.039286][ T6597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.039293][ T6597] R13: 00007f0248bf6128 R14: 00007f0248bf6090 R15: 00007ffe277e07d8
[  208.039314][ T6597]  </TASK>
[  209.086704][    C1] vkms_vblank_simulate: vblank timer overrun
[  209.383069][    C1] vkms_vblank_simulate: vblank timer overrun
[  209.583513][ T6604] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  210.092070][    C1] vkms_vblank_simulate: vblank timer overrun
[  210.290086][    C1] vkms_vblank_simulate: vblank timer overrun
[  210.541270][    C0] raw-gadget.0 gadget.0: ignoring, device is not running
[  210.541672][    C0] raw-gadget.0 gadget.0: ignoring, device is not running
[  210.542054][    C0] raw-gadget.0 gadget.0: ignoring, device is not running
[  210.542210][ T6166] usbhid 1-1:0.0: can't add hid device: -32
[  210.542323][ T6166] usbhid 1-1:0.0: probe with driver usbhid failed with error -32
[  210.627789][  T991] usb 1-1: USB disconnect, device number 3
[  210.959984][ T6620] capability: warning: `syz.0.170' uses 32-bit capabilities (legacy support in use)
[  210.991847][ T6611] Bluetooth: hci2: Malformed HCI Event
[  211.521004][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.486345][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.487137][ T6611] Bluetooth: hci1: command 0x0406 tx timeout
[  213.487169][ T6611] Bluetooth: hci4: command 0x0406 tx timeout
[  213.487191][ T6611] Bluetooth: hci2: command 0x0406 tx timeout
[  213.487212][ T6611] Bluetooth: hci3: command 0x0406 tx timeout
[  215.884809][    C0] vkms_vblank_simulate: vblank timer overrun
[  216.326812][    C0] vkms_vblank_simulate: vblank timer overrun
[  216.406655][    C0] vkms_vblank_simulate: vblank timer overrun
[  216.476109][    C0] vkms_vblank_simulate: vblank timer overrun
[  216.878556][    C0] vkms_vblank_simulate: vblank timer overrun
[  217.109495][    C0] vkms_vblank_simulate: vblank timer overrun
[  217.341840][    C0] vkms_vblank_simulate: vblank timer overrun
[  217.911099][    C0] vkms_vblank_simulate: vblank timer overrun
[  218.326068][ T6658] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  218.517847][   T59] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  218.548834][   T59] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  218.554397][   T59] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  218.555651][   T59] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  218.584495][   T59] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  218.987652][    C0] vkms_vblank_simulate: vblank timer overrun
[  219.528361][    C0] vkms_vblank_simulate: vblank timer overrun
[  220.421311][    C0] vkms_vblank_simulate: vblank timer overrun
[  220.606650][   T59] Bluetooth: hci0: command tx timeout
[  220.624277][ T5979] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  220.666792][ T5979] bond_slave_0: left allmulticast mode
[  220.959428][ T5979] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  221.874208][ T5979] bond_slave_1: left allmulticast mode
[  221.897119][ T5979] bond0 (unregistering): Released all slaves
[  222.686497][   T59] Bluetooth: hci0: command tx timeout
[  223.089249][ T6421] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.089395][ T6421] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.089565][ T6421] bridge_slave_0: entered allmulticast mode
[  223.093152][ T6421] bridge_slave_0: entered promiscuous mode
[  223.189972][ T6691] FAULT_INJECTION: forcing a failure.
[  223.189972][ T6691] name failslab, interval 1, probability 0, space 0, times 0
[  223.190029][ T6691] CPU: 1 UID: 0 PID: 6691 Comm: syz.0.188 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  223.190050][ T6691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  223.190060][ T6691] Call Trace:
[  223.190067][ T6691]  <TASK>
[  223.190075][ T6691]  dump_stack_lvl+0x189/0x250
[  223.190104][ T6691]  ? __pfx____ratelimit+0x10/0x10
[  223.190127][ T6691]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.190150][ T6691]  ? __pfx__printk+0x10/0x10
[  223.190175][ T6691]  ? __pfx___might_resched+0x10/0x10
[  223.190194][ T6691]  ? fs_reclaim_acquire+0x7d/0x100
[  223.190216][ T6691]  should_fail_ex+0x46c/0x600
[  223.190244][ T6691]  should_failslab+0xa8/0x100
[  223.190268][ T6691]  __kmalloc_noprof+0xcb/0x430
[  223.190288][ T6691]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  223.190317][ T6691]  tomoyo_realpath_from_path+0xe3/0x5d0
[  223.190341][ T6691]  ? tomoyo_domain+0xda/0x130
[  223.190369][ T6691]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  223.190389][ T6691]  tomoyo_path_number_perm+0x1e8/0x5a0
[  223.190411][ T6691]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  223.190431][ T6691]  ? lockdep_hardirqs_on+0x9c/0x150
[  223.190469][ T6691]  ? trace_irq_disable+0x37/0x110
[  223.190517][ T6691]  ? security_file_ioctl+0x19/0x2d0
[  223.190543][ T6691]  security_file_ioctl+0xcb/0x2d0
[  223.190564][ T6691]  __se_sys_ioctl+0x47/0x170
[  223.190587][ T6691]  do_syscall_64+0xfa/0x3b0
[  223.190610][ T6691]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.190627][ T6691]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  223.190643][ T6691]  ? clear_bhb_loop+0x60/0xb0
[  223.190664][ T6691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.190681][ T6691] RIP: 0033:0x7f277344ebe9
[  223.190696][ T6691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.190710][ T6691] RSP: 002b:00007f2771674038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  223.190734][ T6691] RAX: ffffffffffffffda RBX: 00007f2773686180 RCX: 00007f277344ebe9
[  223.190747][ T6691] RDX: 0000000000000000 RSI: 00000000000089e2 RDI: 0000000000000006
[  223.190757][ T6691] RBP: 00007f2771674090 R08: 0000000000000000 R09: 0000000000000000
[  223.190768][ T6691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.190778][ T6691] R13: 00007f2773686218 R14: 00007f2773686180 R15: 00007ffc91e49098
[  223.190808][ T6691]  </TASK>
[  223.190841][ T6691] ERROR: Out of memory at tomoyo_realpath_from_path.
[  223.654425][ T6421] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.654569][ T6421] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.654810][ T6421] bridge_slave_1: entered allmulticast mode
[  223.924660][ T6421] bridge_slave_1: entered promiscuous mode
[  224.571726][    C0] vkms_vblank_simulate: vblank timer overrun
[  225.135167][    C0] vkms_vblank_simulate: vblank timer overrun
[  225.159416][    C0] vkms_vblank_simulate: vblank timer overrun
[  225.231049][    C0] vkms_vblank_simulate: vblank timer overrun
[  225.249101][   T59] Bluetooth: hci0: command tx timeout
[  225.932404][ T6705] Zero length message leads to an empty skb
[  226.519046][ T6713] FAULT_INJECTION: forcing a failure.
[  226.519046][ T6713] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.519114][ T6713] CPU: 1 UID: 0 PID: 6713 Comm: syz.3.194 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  226.519135][ T6713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  226.519145][ T6713] Call Trace:
[  226.519152][ T6713]  <TASK>
[  226.519160][ T6713]  dump_stack_lvl+0x189/0x250
[  226.519189][ T6713]  ? __pfx____ratelimit+0x10/0x10
[  226.519211][ T6713]  ? __pfx_dump_stack_lvl+0x10/0x10
[  226.519235][ T6713]  ? __pfx__printk+0x10/0x10
[  226.519250][ T6713]  ? lock_acquire+0x175/0x360
[  226.519286][ T6713]  should_fail_ex+0x46c/0x600
[  226.519314][ T6713]  _copy_from_user+0x2d/0xb0
[  226.519335][ T6713]  ___sys_sendmsg+0x158/0x2a0
[  226.519362][ T6713]  ? __pfx____sys_sendmsg+0x10/0x10
[  226.519428][ T6713]  ? __fget_files+0x2a/0x420
[  226.519450][ T6713]  ? __fget_files+0x3a6/0x420
[  226.519483][ T6713]  __x64_sys_sendmsg+0x1a1/0x260
[  226.519509][ T6713]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  226.519557][ T6713]  do_syscall_64+0xfa/0x3b0
[  226.519580][ T6713]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.519597][ T6713]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  226.519613][ T6713]  ? clear_bhb_loop+0x60/0xb0
[  226.519634][ T6713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.519651][ T6713] RIP: 0033:0x7f02489bebe9
[  226.519666][ T6713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.519680][ T6713] RSP: 002b:00007f0246bdc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.519699][ T6713] RAX: ffffffffffffffda RBX: 00007f0248bf6180 RCX: 00007f02489bebe9
[  226.519712][ T6713] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000008
[  226.519723][ T6713] RBP: 00007f0246bdc090 R08: 0000000000000000 R09: 0000000000000000
[  226.519733][ T6713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  226.519744][ T6713] R13: 00007f0248bf6218 R14: 00007f0248bf6180 R15: 00007ffe277e07d8
[  226.519773][ T6713]  </TASK>
[  226.668928][    C0] vkms_vblank_simulate: vblank timer overrun
[  227.191574][    C0] vkms_vblank_simulate: vblank timer overrun
[  227.336381][   T59] Bluetooth: hci0: command tx timeout
[  228.005680][    C0] vkms_vblank_simulate: vblank timer overrun
[  228.166483][ T6717] vlan2: entered allmulticast mode
[  228.506511][ T6719] bridge0: port 3(veth0_to_bridge) entered blocking state
[  228.507019][ T6719] bridge0: port 3(veth0_to_bridge) entered disabled state
[  228.507249][ T6719] veth0_to_bridge: entered allmulticast mode
[  228.627125][ T6719] veth0_to_bridge: entered promiscuous mode
[  228.627268][ T6719] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  228.627659][ T6719] bridge0: port 3(veth0_to_bridge) entered blocking state
[  228.630828][ T6719] bridge0: port 3(veth0_to_bridge) entered forwarding state
[  230.291220][ T6421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  230.294159][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  230.294596][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  230.295121][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  230.295559][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  230.295897][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  230.296397][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  230.296737][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  230.297210][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  230.297546][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  230.297986][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  233.099919][ T6421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  235.296596][    C1] net_ratelimit: 19679 callbacks suppressed
[  235.296612][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  235.296796][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  235.297033][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  235.297233][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  235.297508][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  235.297687][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  235.297923][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  235.298099][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  235.298388][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  235.298614][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  237.677845][ T5843] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  237.702079][ T5843] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  237.723279][ T5843] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  237.724800][ T5843] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  237.725733][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  239.807071][ T5843] Bluetooth: hci1: command tx timeout
[  240.306471][    C1] net_ratelimit: 13516 callbacks suppressed
[  240.306486][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  240.306707][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  240.307006][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  240.307245][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  240.307532][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  240.307758][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  240.308036][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  240.308257][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  240.308541][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  240.308777][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  241.991244][ T5843] Bluetooth: hci1: command tx timeout
[  244.671616][   T59] Bluetooth: hci1: command tx timeout
[  245.316288][    C0] net_ratelimit: 22773 callbacks suppressed
[  245.316302][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  245.316636][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  245.316889][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  245.317110][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  245.317331][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  245.317551][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  245.317794][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  245.318014][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  245.318250][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  245.318469][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  246.945407][ T5843] Bluetooth: hci1: command tx timeout
[  250.326421][    C1] net_ratelimit: 22560 callbacks suppressed
[  250.326442][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  250.326455][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  250.326771][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  250.326879][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  250.327176][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  250.327283][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  250.327655][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  250.327680][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  250.328012][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  250.328078][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  255.336324][    C0] net_ratelimit: 22660 callbacks suppressed
[  255.336351][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  255.336440][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  255.336752][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  255.336774][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  255.337148][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  255.337199][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  255.337583][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  255.337678][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  255.337991][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  255.338000][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  256.367113][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  258.506745][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  260.346289][    C1] net_ratelimit: 18583 callbacks suppressed
[  260.346310][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  260.346425][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  260.346666][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  260.346825][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  260.347060][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  260.347258][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  260.347656][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  260.348089][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  260.348469][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  260.348488][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  261.416215][    C1] sched: DL replenish lagged too much
[  265.356379][    C1] net_ratelimit: 17859 callbacks suppressed
[  265.356400][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  265.356553][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  265.356794][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  265.356951][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  265.357192][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  265.357381][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  265.357779][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  265.358176][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  265.358574][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  265.358608][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  270.366544][    C0] net_ratelimit: 17589 callbacks suppressed
[  270.366566][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  270.366849][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  270.367055][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  270.367206][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  270.367503][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  270.367625][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  270.368128][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  270.368561][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  270.368966][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  270.369121][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  275.376377][    C0] net_ratelimit: 18062 callbacks suppressed
[  275.376398][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  275.376541][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  275.376830][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  275.377268][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  275.377690][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  275.378015][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  275.378118][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  275.378366][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  275.378560][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  275.378764][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  280.386313][    C0] net_ratelimit: 17900 callbacks suppressed
[  280.386335][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  280.386731][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  280.387118][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  280.387520][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  280.387914][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  280.388321][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  280.388712][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  280.389097][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  280.389493][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  280.389884][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  284.908740][   T59] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  285.396433][    C0] net_ratelimit: 17898 callbacks suppressed
[  285.396453][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  285.396910][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  285.397361][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  285.397553][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  285.397789][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  285.397878][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  285.398210][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  285.398277][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  285.398629][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  285.399055][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  286.977574][ T5843] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  290.406509][    C0] net_ratelimit: 17956 callbacks suppressed
[  290.406529][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  290.406928][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  290.407335][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  290.407435][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  290.407757][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  290.407766][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  290.408163][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  290.408220][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  290.408599][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  290.409014][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  292.789409][ T6775] Bluetooth: hci6: Opcode 0x0c03 failed: -4
[  295.416500][    C0] net_ratelimit: 17775 callbacks suppressed
[  295.416521][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  295.416947][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  295.417357][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  295.417765][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  295.418182][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  295.418593][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  295.419007][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  295.419415][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  295.419857][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  295.420483][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  300.426194][    C0] net_ratelimit: 16699 callbacks suppressed
[  300.426216][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  300.426401][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  300.426746][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  300.427272][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  300.427780][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  300.427921][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  300.428293][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  300.428327][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  300.428747][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  300.428834][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  305.436277][    C0] net_ratelimit: 17993 callbacks suppressed
[  305.436299][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  305.436696][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  305.437126][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  305.437473][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  305.437522][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  305.437806][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  305.437959][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  305.438229][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  305.438355][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  305.438733][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  310.446239][    C0] net_ratelimit: 17788 callbacks suppressed
[  310.446260][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  310.446495][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  310.446695][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  310.447110][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  310.447512][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  310.447915][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  310.447928][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  310.448260][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  310.448342][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  310.448656][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  315.456392][    C1] net_ratelimit: 17934 callbacks suppressed
[  315.456413][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  315.456534][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  315.456839][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  315.456969][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  315.457372][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  315.457778][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  315.458174][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  315.458372][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  315.458574][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  315.458717][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  320.466353][    C0] net_ratelimit: 17786 callbacks suppressed
[  320.466374][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  320.466883][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  320.467378][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  320.467480][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  320.467852][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  320.467867][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  320.468318][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  320.468399][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  320.468794][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  320.469291][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  325.478123][    C1] net_ratelimit: 18036 callbacks suppressed
[  325.478146][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  325.478581][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  325.480145][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  325.480495][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  325.480927][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  325.482914][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  325.483230][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  325.483604][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  325.485160][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  325.485508][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  330.486231][    C0] net_ratelimit: 17677 callbacks suppressed
[  330.486252][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  330.486663][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  330.486676][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  330.487009][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  330.487133][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  330.487426][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  330.487569][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  330.488018][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  330.488454][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  330.488878][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  335.496517][    C0] net_ratelimit: 17776 callbacks suppressed
[  335.496538][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  335.496670][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  335.496973][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  335.497076][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  335.497408][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  335.497522][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  335.497843][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  335.498297][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  335.498729][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  335.499105][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  338.576692][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  338.600490][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  340.506546][    C0] net_ratelimit: 17771 callbacks suppressed
[  340.506568][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  340.506985][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  340.507385][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  340.507810][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  340.508228][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  340.508643][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  340.509051][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  340.509486][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  340.509904][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  340.510316][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  345.516374][    C1] net_ratelimit: 17921 callbacks suppressed
[  345.516395][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  345.516750][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  345.517107][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  345.517136][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  345.517556][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  345.517960][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  345.518390][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  345.518574][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  345.518794][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  345.518933][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  347.582638][ T5847] Bluetooth: hci0: command 0x0406 tx timeout
[  350.526221][    C1] net_ratelimit: 17850 callbacks suppressed
[  350.526224][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  350.526241][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  350.526630][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  350.527010][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  350.527335][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  350.527631][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  350.527986][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  350.528339][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  350.528684][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  350.529070][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  355.536304][    C0] net_ratelimit: 17843 callbacks suppressed
[  355.536325][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  355.536770][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  355.537043][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  355.537262][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  355.537367][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  355.537757][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  355.537764][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  355.538240][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  355.538686][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  355.539136][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  357.964865][ T5843] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  357.973287][ T5843] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  357.974390][ T5843] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  357.975647][ T5843] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  357.976496][ T5843] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  360.546266][    C1] net_ratelimit: 17822 callbacks suppressed
[  360.546288][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  360.546386][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  360.546854][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  360.547256][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  360.547686][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  360.547897][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  360.548083][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  360.548262][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  360.548513][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  360.548714][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  361.982800][ T5843] Bluetooth: hci1: command 0x0406 tx timeout
[  365.556662][    C0] net_ratelimit: 18558 callbacks suppressed
[  365.556685][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  365.557133][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  365.557598][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  365.558038][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  365.558478][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  365.558925][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  365.559357][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  365.559784][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  365.560277][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  365.560709][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  367.814305][ T5843] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  367.823485][ T5843] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  367.823944][ T5843] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  367.825137][ T5843] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  367.826319][ T5843] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  370.566257][    C0] net_ratelimit: 19300 callbacks suppressed
[  370.566279][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  370.566398][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  370.566688][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  370.566833][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  370.567088][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  370.567272][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  370.567485][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  370.567777][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  370.567919][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  370.568152][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  375.576430][    C0] net_ratelimit: 19419 callbacks suppressed
[  375.576451][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  375.576869][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  375.576911][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  375.577237][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  375.577310][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  375.577628][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  375.577708][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  375.578017][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  375.578114][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  375.578479][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  380.586363][    C0] net_ratelimit: 19293 callbacks suppressed
[  380.586385][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  380.586707][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  380.586786][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  380.587074][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  380.587175][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  380.587507][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  380.587587][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  380.587949][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  380.587975][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  380.588436][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  384.554433][ T6803] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  384.734549][ T6803] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  385.596220][    C1] net_ratelimit: 19711 callbacks suppressed
[  385.596239][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  385.596492][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  385.597782][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  385.597923][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  385.598240][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  385.598250][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  385.598641][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  385.598667][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  385.599075][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  385.599082][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  385.725162][ T6804] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  385.732323][ T6804] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  385.733764][ T6804] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  385.734724][ T6804] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  385.737644][ T6804] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  385.740124][ T6804] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  385.741752][ T6804] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  385.742649][ T6804] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  389.190214][   T38] INFO: task kworker/u8:4:67 blocked for more than 143 seconds.
[  389.190238][   T38]       Not tainted syzkaller #0
[  389.190248][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  389.190256][   T38] task:kworker/u8:4    state:D stack:19544 pid:67    tgid:67    ppid:2      task_flags:0x4208060 flags:0x00004000
[  389.190303][   T38] Workqueue: cfg80211 cfg80211_dfs_channels_update_work
[  389.190345][   T38] Call Trace:
[  389.190351][   T38]  <TASK>
[  389.190363][   T38]  __schedule+0x16f3/0x4c20
[  389.190413][   T38]  ? __pfx___schedule+0x10/0x10
[  389.190454][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.190478][   T38]  rt_mutex_schedule+0x77/0xf0
[  389.190496][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  389.190515][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  389.190552][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  389.190573][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  389.190592][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  389.190608][   T38]  ? __lock_acquire+0xab9/0xd20
[  389.190642][   T38]  ? cfg80211_dfs_channels_update_work+0xb6/0x630
[  389.190664][   T38]  ? __lock_acquire+0xab9/0xd20
[  389.190694][   T38]  ? cfg80211_dfs_channels_update_work+0xb6/0x630
[  389.190712][   T38]  mutex_lock_nested+0x16a/0x1d0
[  389.190743][   T38]  cfg80211_dfs_channels_update_work+0xb6/0x630
[  389.190766][   T38]  ? __lock_acquire+0xab9/0xd20
[  389.190798][   T38]  ? __pfx_cfg80211_dfs_channels_update_work+0x10/0x10
[  389.190825][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.190844][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  389.190865][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  389.190888][   T38]  process_scheduled_works+0xade/0x17b0
[  389.190939][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  389.190979][   T38]  worker_thread+0x8a0/0xda0
[  389.191027][   T38]  kthread+0x711/0x8a0
[  389.191054][   T38]  ? __pfx_worker_thread+0x10/0x10
[  389.191074][   T38]  ? __pfx_kthread+0x10/0x10
[  389.191103][   T38]  ? __pfx_kthread+0x10/0x10
[  389.191127][   T38]  ret_from_fork+0x3f9/0x770
[  389.191152][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  389.191180][   T38]  ? __switch_to_asm+0x39/0x70
[  389.191196][   T38]  ? __switch_to_asm+0x33/0x70
[  389.191211][   T38]  ? __pfx_kthread+0x10/0x10
[  389.191236][   T38]  ret_from_fork_asm+0x1a/0x30
[  389.191269][   T38]  </TASK>
[  389.191291][   T38] INFO: task kworker/u8:6:794 blocked for more than 143 seconds.
[  389.191303][   T38]       Not tainted syzkaller #0
[  389.191312][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  389.191321][   T38] task:kworker/u8:6    state:D stack:22448 pid:794   tgid:794   ppid:2      task_flags:0x4208060 flags:0x00004000
[  389.191321][   T38] task:kworker/u8:6    state:D stack:22448 pid:794   tgid:794   ppid:2      task_flags:0x4208060 flags:0x00004000
[  389.191368][   T38] Workqueue: events_unbound linkwatch_event
[  389.191392][   T38] Call Trace:
[  389.191398][   T38]  <TASK>
[  389.191410][   T38]  __schedule+0x16f3/0x4c20
[  389.191457][   T38]  ? __pfx___schedule+0x10/0x10
[  389.191496][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.191520][   T38]  rt_mutex_schedule+0x77/0xf0
[  389.191537][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  389.191556][   T38]  ? task_blocks_on_rt_mutex+0x78c/0x1380
[  389.191592][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  389.191614][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  389.191632][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  389.191662][   T38]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  389.191691][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  389.191717][   T38]  ? linkwatch_event+0xe/0x60
[  389.191744][   T38]  mutex_lock_nested+0x16a/0x1d0
[  389.191761][   T38]  ? linkwatch_event+0xe/0x60
[  389.191783][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  389.191806][   T38]  linkwatch_event+0xe/0x60
[  389.191828][   T38]  process_scheduled_works+0xade/0x17b0
[  389.191879][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  389.191918][   T38]  worker_thread+0x8a0/0xda0
[  389.191942][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  389.191973][   T38]  ? __kthread_parkme+0x7b/0x200
[  389.192005][   T38]  kthread+0x711/0x8a0
[  389.192032][   T38]  ? __pfx_worker_thread+0x10/0x10
[  389.192053][   T38]  ? __pfx_kthread+0x10/0x10
[  389.192081][   T38]  ? __pfx_kthread+0x10/0x10
[  389.192105][   T38]  ret_from_fork+0x3f9/0x770
[  389.192129][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  389.192157][   T38]  ? __switch_to_asm+0x39/0x70
[  389.192173][   T38]  ? __switch_to_asm+0x33/0x70
[  389.192188][   T38]  ? __pfx_kthread+0x10/0x10
[  389.192212][   T38]  ret_from_fork_asm+0x1a/0x30
[  389.192245][   T38]  </TASK>
[  389.192274][   T38] INFO: task kworker/u8:9:1360 blocked for more than 143 seconds.
[  389.192286][   T38]       Not tainted syzkaller #0
[  389.192295][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  389.192303][   T38] task:kworker/u8:9    state:D stack:20264 pid:1360  tgid:1360  ppid:2      task_flags:0x4208060 flags:0x00004000
[  389.192349][   T38] Workqueue: ipv6_addrconf addrconf_verify_work
[  389.192368][   T38] Call Trace:
[  389.192373][   T38]  <TASK>
[  389.192385][   T38]  __schedule+0x16f3/0x4c20
[  389.192431][   T38]  ? __pfx___schedule+0x10/0x10
[  389.192471][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.192494][   T38]  rt_mutex_schedule+0x77/0xf0
[  389.192510][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  389.192529][   T38]  ? task_blocks_on_rt_mutex+0x78c/0x1380
[  389.192565][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  389.192586][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  389.192605][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  389.192635][   T38]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  389.192670][   T38]  ? addrconf_verify_work+0x19/0x30
[  389.192685][   T38]  mutex_lock_nested+0x16a/0x1d0
[  389.192703][   T38]  ? addrconf_verify_work+0x19/0x30
[  389.192724][   T38]  addrconf_verify_work+0x19/0x30
[  389.192748][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  389.192767][   T38]  process_scheduled_works+0xade/0x17b0
[  389.192818][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  389.192857][   T38]  worker_thread+0x8a0/0xda0
[  389.192905][   T38]  kthread+0x711/0x8a0
[  389.192933][   T38]  ? __pfx_worker_thread+0x10/0x10
[  389.192953][   T38]  ? __pfx_kthread+0x10/0x10
[  389.192982][   T38]  ? __pfx_kthread+0x10/0x10
[  389.193006][   T38]  ret_from_fork+0x3f9/0x770
[  389.193031][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  389.193058][   T38]  ? __switch_to_asm+0x39/0x70
[  389.193074][   T38]  ? __switch_to_asm+0x33/0x70
[  389.193089][   T38]  ? __pfx_kthread+0x10/0x10
[  389.193114][   T38]  ret_from_fork_asm+0x1a/0x30
[  389.193147][   T38]  </TASK>
[  389.193201][   T38] INFO: task dhcpcd:5503 blocked for more than 143 seconds.
[  389.193214][   T38]       Not tainted syzkaller #0
[  389.193222][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  389.193230][   T38] task:dhcpcd          state:D stack:21320 pid:5503  tgid:5503  ppid:5502   task_flags:0x400140 flags:0x00004002
[  389.193275][   T38] Call Trace:
[  389.193281][   T38]  <TASK>
[  389.193293][   T38]  __schedule+0x16f3/0x4c20
[  389.193340][   T38]  ? __pfx___schedule+0x10/0x10
[  389.193379][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.193404][   T38]  rt_mutex_schedule+0x77/0xf0
[  389.193421][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  389.193439][   T38]  ? task_blocks_on_rt_mutex+0x78c/0x1380
[  389.193475][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  389.193495][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  389.193515][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  389.193545][   T38]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  389.193573][   T38]  ? __kmalloc_node_track_caller_noprof+0x213/0x450
[  389.193602][   T38]  ? rtnl_dumpit+0x92/0x200
[  389.193620][   T38]  mutex_lock_nested+0x16a/0x1d0
[  389.193637][   T38]  ? rtnl_dumpit+0x92/0x200
[  389.193657][   T38]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  389.193678][   T38]  rtnl_dumpit+0x92/0x200
[  389.193702][   T38]  netlink_dump+0x6e4/0xe90
[  389.193742][   T38]  ? __pfx_netlink_dump+0x10/0x10
[  389.193780][   T38]  ? netlink_recvmsg+0x5b2/0xa30
[  389.193800][   T38]  ? kmem_cache_free+0x195/0x510
[  389.193826][   T38]  netlink_recvmsg+0x676/0xa30
[  389.193848][   T38]  ? skb_pull+0xc1/0x1d0
[  389.193872][   T38]  ? __pfx_netlink_recvmsg+0x10/0x10
[  389.193891][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  389.193914][   T38]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  389.193938][   T38]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  389.193955][   T38]  ? security_socket_recvmsg+0x7e/0x2e0
[  389.193974][   T38]  ? __pfx_netlink_recvmsg+0x10/0x10
[  389.193995][   T38]  sock_recvmsg+0x22c/0x270
[  389.194020][   T38]  ____sys_recvmsg+0x1ce/0x470
[  389.194053][   T38]  ? __pfx_____sys_recvmsg+0x10/0x10
[  389.194094][   T38]  ? import_iovec+0x74/0xa0
[  389.194118][   T38]  ___sys_recvmsg+0x1b5/0x510
[  389.194148][   T38]  ? __pfx____sys_recvmsg+0x10/0x10
[  389.194213][   T38]  __x64_sys_recvmsg+0x19e/0x260
[  389.194240][   T38]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  389.194274][   T38]  ? rcu_is_watching+0x15/0xb0
[  389.194305][   T38]  ? do_syscall_64+0xbe/0x3b0
[  389.194331][   T38]  do_syscall_64+0xfa/0x3b0
[  389.194352][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.194373][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.194391][   T38]  ? clear_bhb_loop+0x60/0xb0
[  389.194412][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.194437][   T38] RIP: 0033:0x7f149b0f0407
[  389.194453][   T38] RSP: 002b:00007ffd30190b10 EFLAGS: 00000202 ORIG_RAX: 000000000000002f
[  389.194472][   T38] RAX: ffffffffffffffda RBX: 00007f149b066740 RCX: 00007f149b0f0407
[  389.194484][   T38] RDX: 0000000000000000 RSI: 00007ffd30190ba0 RDI: 0000000000000008
[  389.194495][   T38] RBP: 00007ffd30190b84 R08: 0000000000000000 R09: 0000000000000000
[  389.194507][   T38] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffd301b1490
[  389.194519][   T38] R13: 00007ffd30190b90 R14: 00007ffd30190c80 R15: 00007ffd301a1260
[  389.194550][   T38]  </TASK>
[  389.194590][   T38] INFO: task kworker/0:7:6092 blocked for more than 143 seconds.
[  389.194603][   T38]       Not tainted syzkaller #0
[  389.194612][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  389.194620][   T38] task:kworker/0:7     state:D stack:22920 pid:6092  tgid:6092  ppid:2      task_flags:0x4208060 flags:0x00004000
[  389.194724][   T38] Workqueue: events switchdev_deferred_process_work
[  389.194759][   T38] Call Trace:
[  389.194764][   T38]  <TASK>
[  389.194776][   T38]  __schedule+0x16f3/0x4c20
[  389.194823][   T38]  ? __pfx___schedule+0x10/0x10
[  389.194863][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.194887][   T38]  rt_mutex_schedule+0x77/0xf0
[  389.194904][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  389.194922][   T38]  ? task_blocks_on_rt_mutex+0x78c/0x1380
[  389.194958][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  389.194978][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  389.194998][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  389.195028][   T38]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  389.195056][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  389.195082][   T38]  ? switchdev_deferred_process_work+0xe/0x20
[  389.195104][   T38]  mutex_lock_nested+0x16a/0x1d0
[  389.195121][   T38]  ? switchdev_deferred_process_work+0xe/0x20
[  389.195143][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  389.195166][   T38]  switchdev_deferred_process_work+0xe/0x20
[  389.195188][   T38]  process_scheduled_works+0xade/0x17b0
[  389.195240][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  389.195279][   T38]  worker_thread+0x8a0/0xda0
[  389.195303][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  389.195334][   T38]  ? __kthread_parkme+0x7b/0x200
[  389.195365][   T38]  kthread+0x711/0x8a0
[  389.195393][   T38]  ? __pfx_worker_thread+0x10/0x10
[  389.195413][   T38]  ? __pfx_kthread+0x10/0x10
[  389.195442][   T38]  ? __pfx_kthread+0x10/0x10
[  389.195466][   T38]  ret_from_fork+0x3f9/0x770
[  389.195489][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  389.195517][   T38]  ? __switch_to_asm+0x39/0x70
[  389.195533][   T38]  ? __switch_to_asm+0x33/0x70
[  389.195549][   T38]  ? __pfx_kthread+0x10/0x10
[  389.195573][   T38]  ret_from_fork_asm+0x1a/0x30
[  389.195606][   T38]  </TASK>
[  389.195621][   T38] INFO: task syz-executor:6661 blocked for more than 143 seconds.
[  389.195633][   T38]       Not tainted syzkaller #0
[  389.195642][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  389.195651][   T38] task:syz-executor    state:D stack:23912 pid:6661  tgid:6661  ppid:1      task_flags:0x400140 flags:0x00004006
[  389.195698][   T38] Call Trace:
[  389.195705][   T38]  <TASK>
[  389.195716][   T38]  __schedule+0x16f3/0x4c20
[  389.195768][   T38]  ? __pfx___schedule+0x10/0x10
[  389.195809][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.195833][   T38]  rt_mutex_schedule+0x77/0xf0
[  389.195850][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  389.195868][   T38]  ? task_blocks_on_rt_mutex+0x78c/0x1380
[  389.195905][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  389.195926][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  389.195945][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  389.195974][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.195999][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  389.196031][   T38]  ? ip_tunnel_init_net+0x2ab/0x800
[  389.196048][   T38]  mutex_lock_nested+0x16a/0x1d0
[  389.196065][   T38]  ? ip_tunnel_init_net+0x2ab/0x800
[  389.196087][   T38]  ip_tunnel_init_net+0x2ab/0x800
[  389.196112][   T38]  ? __pfx_ip_tunnel_init_net+0x10/0x10
[  389.196204][   T38]  ops_init+0x35c/0x5c0
[  389.196238][   T38]  setup_net+0x10c/0x320
[  389.196256][   T38]  ? copy_net_ns+0x304/0x4d0
[  389.196277][   T38]  ? __pfx_setup_net+0x10/0x10
[  389.196300][   T38]  ? __mutex_rt_init+0x3b/0x50
[  389.196325][   T38]  copy_net_ns+0x31b/0x4d0
[  389.196349][   T38]  create_new_namespaces+0x3f3/0x720
[  389.196376][   T38]  ? security_capable+0x7e/0x2e0
[  389.196407][   T38]  unshare_nsproxy_namespaces+0x11c/0x170
[  389.196431][   T38]  ksys_unshare+0x4c8/0x8c0
[  389.196462][   T38]  ? __pfx_ksys_unshare+0x10/0x10
[  389.196485][   T38]  ? rt_spin_unlock+0x65/0x80
[  389.196514][   T38]  __x64_sys_unshare+0x38/0x50
[  389.196537][   T38]  do_syscall_64+0xfa/0x3b0
[  389.196558][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.196578][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.196596][   T38]  ? clear_bhb_loop+0x60/0xb0
[  389.196617][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.196634][   T38] RIP: 0033:0x7f30652a03e7
[  389.196649][   T38] RSP: 002b:00007ffecd807bc8 EFLAGS: 00000202 ORIG_RAX: 0000000000000110
[  389.196668][   T38] RAX: ffffffffffffffda RBX: 00007f30654d5f40 RCX: 00007f30652a03e7
[  389.196682][   T38] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[  389.196693][   T38] RBP: 00007f30654d67b8 R08: 0000000000000000 R09: 0000000000000000
[  389.196705][   T38] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[  389.196716][   T38] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  389.196750][   T38]  </TASK>
[  389.196758][   T38] INFO: task syz.2.204:6745 blocked for more than 143 seconds.
[  389.196770][   T38]       Not tainted syzkaller #0
[  389.196779][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  389.196788][   T38] task:syz.2.204       state:D stack:29080 pid:6745  tgid:6744  ppid:5848   task_flags:0x400140 flags:0x00004004
[  389.196838][   T38] Call Trace:
[  389.196844][   T38]  <TASK>
[  389.196855][   T38]  __schedule+0x16f3/0x4c20
[  389.196902][   T38]  ? __pfx___schedule+0x10/0x10
[  389.196941][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.196966][   T38]  rt_mutex_schedule+0x77/0xf0
[  389.196983][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  389.197001][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  389.197038][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  389.197059][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  389.197078][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  389.197095][   T38]  ? __lock_acquire+0xab9/0xd20
[  389.197127][   T38]  ? raw_setsockopt+0x818/0x1160
[  389.197164][   T38]  ? raw_setsockopt+0x818/0x1160
[  389.197185][   T38]  mutex_lock_nested+0x16a/0x1d0
[  389.197208][   T38]  raw_setsockopt+0x818/0x1160
[  389.197238][   T38]  ? __pfx_raw_setsockopt+0x10/0x10
[  389.197261][   T38]  ? __fget_files+0x2a/0x420
[  389.197287][   T38]  ? __fget_files+0x2a/0x420
[  389.197308][   T38]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  389.197325][   T38]  ? __pfx_raw_setsockopt+0x10/0x10
[  389.197349][   T38]  do_sock_setsockopt+0x17c/0x1b0
[  389.197377][   T38]  __x64_sys_setsockopt+0x145/0x1b0
[  389.197406][   T38]  do_syscall_64+0xfa/0x3b0
[  389.197426][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.197447][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.197465][   T38]  ? clear_bhb_loop+0x60/0xb0
[  389.197485][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.197501][   T38] RIP: 0033:0x7f33baccebe9
[  389.197515][   T38] RSP: 002b:00007f33b8f36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  389.197534][   T38] RAX: ffffffffffffffda RBX: 00007f33baf05fa0 RCX: 00007f33baccebe9
[  389.197547][   T38] RDX: 0000000000000002 RSI: 0000000000000065 RDI: 0000000000000005
[  389.197558][   T38] RBP: 00007f33bad51e19 R08: 0000000000000004 R09: 0000000000000000
[  389.197569][   T38] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000000
[  389.197581][   T38] R13: 00007f33baf06038 R14: 00007f33baf05fa0 R15: 00007ffcdacfeeb8
[  389.197612][   T38]  </TASK>
[  389.197619][   T38] INFO: task syz.2.204:6748 blocked for more than 143 seconds.
[  389.197631][   T38]       Not tainted syzkaller #0
[  389.197641][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  389.197649][   T38] task:syz.2.204       state:D stack:28936 pid:6748  tgid:6744  ppid:5848   task_flags:0x400040 flags:0x00004004
[  389.197700][   T38] Call Trace:
[  389.197706][   T38]  <TASK>
[  389.197717][   T38]  __schedule+0x16f3/0x4c20
[  389.197758][   T38]  ? __lock_acquire+0xab9/0xd20
[  389.197790][   T38]  ? __pfx___schedule+0x10/0x10
[  389.197829][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.197854][   T38]  rt_mutex_schedule+0x77/0xf0
[  389.197871][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  389.197890][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  389.197926][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  389.197948][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  389.197967][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  389.197997][   T38]  ? raw_bind+0x98/0x740
[  389.198025][   T38]  ? __might_fault+0xb0/0x130
[  389.198053][   T38]  ? raw_bind+0x98/0x740
[  389.198073][   T38]  mutex_lock_nested+0x16a/0x1d0
[  389.198089][   T38]  ? tomoyo_socket_bind_permission+0x150/0x290
[  389.198118][   T38]  raw_bind+0x98/0x740
[  389.198143][   T38]  ? bpf_lsm_socket_bind+0x9/0x20
[  389.198163][   T38]  __sys_bind+0x2c9/0x3e0
[  389.198186][   T38]  ? __pfx___sys_bind+0x10/0x10
[  389.198221][   T38]  ? rcu_is_watching+0x15/0xb0
[  389.198253][   T38]  __x64_sys_bind+0x7a/0x90
[  389.198273][   T38]  do_syscall_64+0xfa/0x3b0
[  389.198294][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.198315][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.198333][   T38]  ? clear_bhb_loop+0x60/0xb0
[  389.198354][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.198371][   T38] RIP: 0033:0x7f33baccebe9
[  389.198386][   T38] RSP: 002b:00007f33b8f15038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  389.198404][   T38] RAX: ffffffffffffffda RBX: 00007f33baf06090 RCX: 00007f33baccebe9
[  389.198417][   T38] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000005
[  389.198430][   T38] RBP: 00007f33bad51e19 R08: 0000000000000000 R09: 0000000000000000
[  389.198442][   T38] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  389.198453][   T38] R13: 00007f33baf06128 R14: 00007f33baf06090 R15: 00007ffcdacfeeb8
[  389.198483][   T38]  </TASK>
[  389.198490][   T38] INFO: task syz-executor:6751 blocked for more than 143 seconds.
[  389.198502][   T38]       Not tainted syzkaller #0
[  389.198510][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  389.198519][   T38] task:syz-executor    state:D stack:26952 pid:6751  tgid:6751  ppid:1      task_flags:0x400140 flags:0x00004004
[  389.198568][   T38] Call Trace:
[  389.198573][   T38]  <TASK>
[  389.198585][   T38]  __schedule+0x16f3/0x4c20
[  389.198632][   T38]  ? __pfx___schedule+0x10/0x10
[  389.198672][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  389.198697][   T38]  rt_mutex_schedule+0x77/0xf0
[  389.198713][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  389.198738][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  389.198775][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  389.198795][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  389.198815][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  389.198831][   T38]  ? __lock_acquire+0xab9/0xd20
[  389.198864][   T38]  ? inet_rtm_newaddr+0x3b0/0x18b0
[  389.198895][   T38]  ? is_bpf_text_address+0x26/0x2b0
[  389.198922][   T38]  ? inet_rtm_newaddr+0x3b0/0x18b0
[  389.198943][   T38]  mutex_lock_nested+0x16a/0x1d0
[  389.198967][   T38]  inet_rtm_newaddr+0x3b0/0x18b0
[  389.199002][   T38]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  389.199045][   T38]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[  389.199068][   T38]  rtnetlink_rcv_msg+0x7cc/0xb70
[  389.199088][   T38]  ? __lock_acquire+0xab9/0xd20
[  389.199112][   T38]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  389.199131][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  389.199169][   T38]  netlink_rcv_skb+0x205/0x470
[  389.199188][   T38]  ? __lock_acquire+0xab9/0xd20
[  389.199210][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  389.199233][   T38]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  389.199266][   T38]  ? netlink_deliver_tap+0x2e/0x1b0
[  389.199295][   T38]  netlink_unicast+0x843/0xa10
[  389.199324][   T38]  ? __pfx_netlink_unicast+0x10/0x10
[  389.199346][   T38]  ? netlink_sendmsg+0x642/0xb30
[  389.199364][   T38]  ? skb_put+0x11b/0x210
[  389.199390][   T38]  netlink_sendmsg+0x805/0xb30
[  389.199422][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[  389.199451][   T38]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  389.199468][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[  389.199508][   T38]  __sock_sendmsg+0x219/0x270
[  389.199531][   T38]  __sys_sendto+0x3c7/0x520
[  389.199556][   T38]  ? __pfx___sys_sendto+0x10/0x10
[  389.199605][   T38]  ? exc_page_fault+0x76/0xf0
[  389.199630][   T38]  ? do_user_addr_fault+0xc8a/0x1390
[  389.199655][   T38]  __x64_sys_sendto+0xde/0x100
[  389.199681][   T38]  do_syscall_64+0xfa/0x3b0
[  389.199702][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.199722][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.199746][   T38]  ? clear_bhb_loop+0x60/0xb0
[  389.199767][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.199784][   T38] RIP: 0033:0x7fabe5150a7c
[  389.199799][   T38] RSP: 002b:00007ffc16639ef0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  389.199817][   T38] RAX: ffffffffffffffda RBX: 00007fabe5eb4620 RCX: 00007fabe5150a7c
[  389.199830][   T38] RDX: 0000000000000028 RSI: 00007fabe5eb4670 RDI: 0000000000000003
[  389.199842][   T38] RBP: 0000000000000000 R08: 00007ffc16639f44 R09: 000000000000000c
[  389.199853][   T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  389.199865][   T38] R13: 0000000000000000 R14: 00007fabe5eb4670 R15: 0000000000000000
[  389.199895][   T38]  </TASK>
[  389.199929][   T38] 
[  389.199929][   T38] Showing all locks held in the system:
[  389.199938][   T38] 4 locks held by kworker/0:0/9:
[  389.199948][   T38]  #0: ffff888032971138 ((wq_completion)wg-kex-wg0#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.199999][   T38]  #1: ffffc900000e7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.200056][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.200099][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.200143][   T38] 5 locks held by kworker/0:1/10:
[  389.200153][   T38]  #0: ffff8880369b9938 ((wq_completion)wg-kex-wg1#10){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.200202][   T38]  #1: ffffc900000f7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.200260][   T38]  #2: ffff88802400a3c0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x38/0xbe0
[  389.200302][   T38]  #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.200345][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.200390][   T38] 5 locks held by kworker/u8:0/12:
[  389.200400][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.200443][   T38]  #1: ffffc90000117bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.200486][   T38]  #2: ffff88805dfa0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  389.200530][   T38]  #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.200572][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.200615][   T38] 5 locks held by kworker/u8:1/13:
[  389.200626][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.200669][   T38]  #1: ffffc90000127bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.200713][   T38]  #2: ffff88805e1b0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  389.200762][   T38]  #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.200804][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.200848][   T38] 2 locks held by ksoftirqd/0/15:
[  389.200858][   T38]  #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.200901][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.200945][   T38] 2 locks held by ktimers/0/16:
[  389.200955][   T38]  #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.200997][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.201041][   T38] 2 locks held by rcuc/0/20:
[  389.201050][   T38]  #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.201093][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.201137][   T38] 2 locks held by rcuc/1/28:
[  389.201147][   T38]  #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.201190][   T38]  #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.201234][   T38] 4 locks held by ktimers/1/29:
[  389.201245][   T38] 1 lock held by khungtaskd/38:
[  389.201255][   T38]  #0: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  389.201296][   T38] 6 locks held by kworker/u8:2/43:
[  389.201306][   T38]  #0: ffff888038183138 ((wq_completion)wg-kex-wg2#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.201354][   T38]  #1: ffffc90000b47bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.201398][   T38]  #2: ffff888032f215f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  389.201440][   T38]  #3: ffff88805c8ece20 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  389.201481][   T38]  #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.201522][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.201568][   T38] 5 locks held by kworker/u9:0/59:
[  389.201578][   T38]  #0: ffff888067b17938 ((wq_completion)hci0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.201622][   T38]  #1: ffffc9000125fbc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.201666][   T38]  #2: ffff88805d390e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  389.201713][   T38]  #3: ffff88805d3900a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[  389.201756][   T38]  #4: ffffffff8ee39c78 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  389.201797][   T38] 3 locks held by kworker/u8:4/67:
[  389.201806][   T38]  #0: ffff888144ef0138 ((wq_completion)cfg80211){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.201846][   T38]  #1: ffffc9000152fbc0 ((work_completion)(&(&rdev->dfs_update_channels_wk)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.201889][   T38]  #2: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: cfg80211_dfs_channels_update_work+0xb6/0x630
[  389.201936][   T38] 3 locks held by kworker/u8:5/189:
[  389.201947][   T38] 3 locks held by kworker/u8:6/794:
[  389.201957][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.201999][   T38]  #1: ffffc9000455fbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.202042][   T38]  #2: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  389.202090][   T38] 6 locks held by kworker/u8:7/1106:
[  389.202100][   T38]  #0: ffff888038180138 ((wq_completion)wg-kex-wg1#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.202148][   T38]  #1: ffffc90004d87bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.202192][   T38]  #2: ffff88803d3795f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  389.202234][   T38]  #3: ffff888037136350 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  389.202275][   T38]  #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.202319][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.202361][   T38] 5 locks held by kworker/u8:8/1127:
[  389.202372][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.202414][   T38]  #1: ffffc90004ec7bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.202456][   T38]  #2: ffff888049410898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  389.202498][   T38]  #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.202540][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.202585][   T38] 2 locks held by aoe_tx0/1324:
[  389.202595][   T38]  #0: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.202637][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.202680][   T38] 3 locks held by kworker/u8:9/1360:
[  389.202690][   T38]  #0: ffff8880302aa138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.202739][   T38]  #1: ffffc90005607bc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.202784][   T38]  #2: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  389.202826][   T38] 7 locks held by kworker/u8:10/1380:
[  389.202836][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.202879][   T38]  #1: ffffc900056f7bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.202924][   T38]  #2: ffff88805c8a9300 (&devlink->lock_key#4){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  389.202974][   T38]  #3: ffff88805c871920 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  389.203020][   T38]  #4: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  389.203060][   T38]  #5: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.203103][   T38]  #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.203146][   T38] 5 locks held by kworker/u8:11/1409:
[  389.203156][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.203198][   T38]  #1: ffffc90005717bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.203242][   T38]  #2: ffff888049470898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  389.203284][   T38]  #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.203326][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.203382][   T38] 5 locks held by kworker/u8:12/3542:
[  389.203392][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.203436][   T38]  #1: ffffc9000daa7bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.203480][   T38]  #2: ffff88805e4e0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  389.203521][   T38]  #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.203564][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.203607][   T38] 7 locks held by kworker/u8:13/3651:
[  389.203617][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.203660][   T38]  #1: ffffc9000dda7bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.203705][   T38]  #2: ffff8880199e0300 (&devlink->lock_key#2){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  389.203759][   T38]  #3: ffff88805c700520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  389.203804][   T38]  #4: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  389.203844][   T38]  #5: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.203887][   T38]  #6: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.203931][   T38] 5 locks held by kworker/u8:14/4576:
[  389.203940][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.203984][   T38]  #1: ffffc9000f437bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.204027][   T38]  #2: ffff88805dd20898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  389.204070][   T38]  #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.204112][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.204156][   T38] 4 locks held by kworker/u9:1/5157:
[  389.204166][   T38]  #0: ffff88805d865938 ((wq_completion)hci6#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.204215][   T38]  #1: ffffc900100cfbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.204258][   T38]  #2: ffff8880517740a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  389.204300][   T38]  #3: ffffffff8ee39c78 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  389.204342][   T38] 3 locks held by udevd/5208:
[  389.204352][   T38]  #0: ffff888028608350 (sk_lock-AF_NETLINK){+.+.}-{0:0}, at: netlink_insert+0xd3/0x1370
[  389.204393][   T38]  #1: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.204436][   T38]  #2: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.204479][   T38] 2 locks held by dhcpcd/5503:
[  389.204488][   T38]  #0: ffff88804aa0c908 (nlk_cb_mutex-ROUTE){+.+.}-{4:4}, at: netlink_dump+0xbd/0xe90
[  389.204529][   T38]  #1: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_dumpit+0x92/0x200
[  389.204571][   T38] 2 locks held by getty/5603:
[  389.204581][   T38]  #0: ffff88823bf3c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  389.204627][   T38]  #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410
[  389.204669][   T38] 3 locks held by sshd-session/5825:
[  389.204679][   T38]  #0: ffff888038c41290 (sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_sendmsg+0x21/0x50
[  389.204721][   T38]  #1: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.204771][   T38]  #2: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.204814][   T38] 6 locks held by syz-executor/5826:
[  389.204824][   T38]  #0: ffff888038c421d0 (sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_recvmsg+0xd3/0x560
[  389.204865][   T38]  #1: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: __ip_queue_xmit+0x63/0x1b00
[  389.204911][   T38]  #2: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: ip_output+0x60/0x3c0
[  389.204956][   T38]  #3: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: ip_finish_output2+0x452/0x11d0
[  389.204995][   T38]  #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.205037][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.205080][   T38] 4 locks held by kworker/0:3/5828:
[  389.205091][   T38]  #0: ffff888019899938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.205135][   T38]  #1: ffffc90004b27bc0 ((work_completion)(&(&tbl->gc_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.205178][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.205220][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.205263][   T38] 4 locks held by kworker/u9:2/5843:
[  389.205273][   T38]  #0: ffff88803093a138 ((wq_completion)krxrpcd){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.205316][   T38]  #1: ffffc90004c47bc0 ((work_completion)(&rxnet->peer_keepalive_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.205360][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.205402][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.205446][   T38] 5 locks held by kworker/u9:3/5847:
[  389.205456][   T38]  #0: ffff888030ee1138 ((wq_completion)hci1){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.205498][   T38]  #1: ffffc90004c97bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.205542][   T38]  #2: ffff88805bce8e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  389.205589][   T38]  #3: ffff88805bce80a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[  389.205632][   T38]  #4: ffffffff8ee39c78 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  389.205676][   T38] 4 locks held by syz-executor/5853:
[  389.205686][   T38]  #0: ffff8880599b0e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  389.205727][   T38]  #1: ffff8880599b00a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  389.205776][   T38]  #2: ffffffff8ee39c78 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  389.205821][   T38]  #3: ffff888029202358 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  389.205873][   T38] 4 locks held by kworker/1:3/5904:
[  389.205883][   T38]  #0: ffff88805aace138 ((wq_completion)wg-kex-wg1#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.205931][   T38]  #1: ffffc90005067bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.205987][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.206030][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.206075][   T38] 5 locks held by kworker/0:5/5926:
[  389.206085][   T38]  #0: ffff88805aace138 ((wq_completion)wg-kex-wg1#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.236212][   T38]  #1: ffffc90005267bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.236274][   T38]  #2: ffff88805c8e8e90 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x38/0xbe0
[  389.236319][   T38]  #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.236361][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.236407][   T38] 2 locks held by kworker/0:6/5953:
[  389.236418][   T38]  #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.236461][   T38]  #1: ffffc90005317bc0 (key_gc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.236504][   T38] 5 locks held by kworker/u8:15/5979:
[  389.236515][   T38]  #0: ffff88801a6f4138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.236558][   T38]  #1: ffffc900053c7bc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.236601][   T38]  #2: ffffffff8ecc5400 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[  389.236645][   T38]  #3: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: ieee80211_unregister_hw+0x55/0x2c0
[  389.236686][   T38]  #4: ffff888049270898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: ieee80211_remove_interfaces+0x133/0x6e0
[  389.236740][   T38] 2 locks held by kworker/u8:16/6024:
[  389.236751][   T38] 4 locks held by kworker/1:7/6035:
[  389.236761][   T38]  #0: ffff888032971138 ((wq_completion)wg-kex-wg0#6){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.236809][   T38]  #1: ffffc90005577bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.236865][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.236908][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.236952][   T38] 6 locks held by kworker/u8:17/6079:
[  389.236962][   T38]  #0: ffff888038181938 ((wq_completion)wg-kex-wg0#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.237010][   T38]  #1: ffffc90005677bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.237055][   T38]  #2: ffff888035c815f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  389.237098][   T38]  #3: ffff8880371323c0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  389.237139][   T38]  #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.237182][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.237225][   T38] 3 locks held by kworker/0:7/6092:
[  389.237235][   T38]  #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.237278][   T38]  #1: ffffc90005707bc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.237321][   T38]  #2: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[  389.237369][   T38] 4 locks held by kworker/0:8/6166:
[  389.237379][   T38]  #0: ffff88805ad50138 ((wq_completion)wg-kex-wg0#10){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.237427][   T38]  #1: ffffc90005d57bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.237484][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.237525][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.237569][   T38] 2 locks held by syz-executor/6421:
[  389.237580][   T38]  #0: ffff8880533f4e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  389.237621][   T38]  #1: ffff8880533f40a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  389.237665][   T38] 5 locks held by kworker/u8:18/6451:
[  389.237675][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.237719][   T38]  #1: ffffc9000646fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.237769][   T38]  #2: ffff88804a160898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  389.237812][   T38]  #3: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.237854][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.237899][   T38] 6 locks held by kworker/u8:19/6452:
[  389.237909][   T38]  #0: ffff888038180138 ((wq_completion)wg-kex-wg1#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.237957][   T38]  #1: ffffc9000647fbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.238001][   T38]  #2: ffff88803d3795f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  389.238042][   T38]  #3: ffff8880371358b8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  389.238083][   T38]  #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.238126][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.238169][   T38] 4 locks held by kworker/u8:21/6461:
[  389.238180][   T38]  #0: ffff888030abc938 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.238223][   T38]  #1: ffffc900061e7bc0 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.238267][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.238310][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.238357][   T38] 4 locks held by kworker/u8:22/6581:
[  389.238367][   T38]  #0: ffff88802405a938 ((wq_completion)wg-kex-wg2#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.238415][   T38]  #1: ffffc9000ac57bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.238459][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.238501][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.238545][   T38] 2 locks held by syz-executor/6661:
[  389.238555][   T38]  #0: ffffffff8ecc5400 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  389.238597][   T38]  #1: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2ab/0x800
[  389.238639][   T38] 1 lock held by syz.2.204/6745:
[  389.238649][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: raw_setsockopt+0x818/0x1160
[  389.238696][   T38] 1 lock held by syz.2.204/6748:
[  389.238705][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: raw_bind+0x98/0x740
[  389.238755][   T38] 1 lock held by syz-executor/6751:
[  389.238765][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  389.238811][   T38] 4 locks held by kworker/0:9/6755:
[  389.238822][   T38] 6 locks held by kworker/u8:23/6756:
[  389.238832][   T38]  #0: ffff88805b1f7938 ((wq_completion)wg-kex-wg0#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.238879][   T38]  #1: ffffc90005d37bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.238924][   T38]  #2: ffff88803655d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  389.238966][   T38]  #3: ffff8880240083f8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  389.239007][   T38]  #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.239050][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.239094][   T38] 4 locks held by kworker/u8:25/6758:
[  389.239104][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.239148][   T38]  #1: ffffc90005e07bc0 ((work_completion)(&port->bc_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.239192][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.239234][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.239277][   T38] 6 locks held by kworker/u8:26/6759:
[  389.239287][   T38]  #0: ffff88803d221138 ((wq_completion)wg-kex-wg1#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.239336][   T38]  #1: ffffc90005697bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.239380][   T38]  #2: ffff88803738d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  389.239417][   T38]  #3: ffff888024009928 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  389.239454][   T38]  #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.239511][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.239552][   T38] 4 locks held by kworker/0:10/6760:
[  389.239561][   T38]  #0: ffff88805ae5ad38 ((wq_completion)wg-crypt-wg2#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.239604][   T38]  #1: ffffc900053f7bc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.239647][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.239689][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.239737][   T38] 4 locks held by kworker/u8:27/6762:
[  389.239747][   T38]  #0: ffff88803d16c938 ((wq_completion)wg-kex-wg0#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.239794][   T38]  #1: ffffc90005e47bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.239839][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.239880][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.239923][   T38] 7 locks held by kworker/u8:28/6763:
[  389.239933][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.239975][   T38]  #1: ffffc90005657bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.240020][   T38]  #2: ffff8880374c0300 (&devlink->lock_key#5){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  389.240069][   T38]  #3: ffff88805cc2c920 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  389.240113][   T38]  #4: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  389.240153][   T38]  #5: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.240195][   T38]  #6: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.240238][   T38] 4 locks held by kworker/u8:29/6765:
[  389.240248][   T38]  #0: ffff88805b1f7938 ((wq_completion)wg-kex-wg0#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.240294][   T38]  #1: ffffc90005397bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.240333][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.240368][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.240409][   T38] 4 locks held by kworker/1:10/6766:
[  389.240420][   T38] 6 locks held by kworker/u8:30/6767:
[  389.240430][   T38]  #0: ffff88803d16c938 ((wq_completion)wg-kex-wg0#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.240476][   T38]  #1: ffffc90005387bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.240519][   T38]  #2: ffff8880238215f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  389.240559][   T38]  #3: ffff88805c8eb8f0 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  389.240600][   T38]  #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.240641][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.240683][   T38] 4 locks held by kworker/u8:31/6769:
[  389.240693][   T38]  #0: ffff888038185938 ((wq_completion)wg-kex-wg1#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.240749][   T38]  #1: ffffc90005367bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.240792][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.240834][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.240876][   T38] 6 locks held by kworker/u8:32/6770:
[  389.240887][   T38]  #0: ffff88805ae46938 ((wq_completion)wg-kex-wg1#7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.240935][   T38]  #1: ffffc90005357bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.240979][   T38]  #2: ffff88805affd5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  389.241021][   T38]  #3: ffff888037137880 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  389.241061][   T38]  #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.241103][   T38]  #5: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.241147][   T38] 4 locks held by kworker/u8:33/6771:
[  389.241157][   T38]  #0: ffff888038182138 ((wq_completion)wg-kex-wg2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.241201][   T38]  #1: ffffc90005347bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.241246][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.241288][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.241332][   T38] 7 locks held by kworker/u8:35/6773:
[  389.241342][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.241386][   T38]  #1: ffffc90005327bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.241431][   T38]  #2: ffff88805c4bc300 (&devlink->lock_key){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  389.241475][   T38]  #3: ffff88805c541920 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  389.241518][   T38]  #4: ffffffff8d9a8bc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  389.241557][   T38]  #5: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.241600][   T38]  #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.241643][   T38] 4 locks held by kworker/1:12/6777:
[  389.241653][   T38]  #0: ffff88805ad50138 ((wq_completion)wg-kex-wg0#10){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.241701][   T38]  #1: ffffc9000497fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.241764][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.241806][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.241850][   T38] 6 locks held by kworker/u8:36/6779:
[  389.241860][   T38]  #0: ffff88805aa6a938 ((wq_completion)wg-kex-wg0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.241904][   T38]  #1: ffffc900048dfbc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.241948][   T38]  #2: ffff888034f155f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  389.241990][   T38]  #3: ffff88805c8e83f8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  389.242031][   T38]  #4: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.242073][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.242117][   T38] 4 locks held by kworker/0:13/6782:
[  389.242127][   T38]  #0: ffff888019899138 ((wq_completion)events_long){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.242170][   T38]  #1: ffffc900052f7bc0 ((work_completion)(&br->mcast_gc_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.242214][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.242258][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.242302][   T38] 2 locks held by kworker/0:14/6783:
[  389.242311][   T38]  #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.242354][   T38]  #1: ffffc90005307bc0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.242398][   T38] 4 locks held by kworker/0:15/6785:
[  389.242408][   T38]  #0: ffff88802ef42d38 ((wq_completion)wg-crypt-wg2#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.242456][   T38]  #1: ffffc90005e57bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.242510][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.242552][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.242596][   T38] 4 locks held by kworker/0:17/6787:
[  389.242606][   T38]  #0: ffff88805ae0e538 ((wq_completion)wg-crypt-wg1#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  389.242654][   T38]  #1: ffffc900053d7bc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  389.242698][   T38]  #2: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.242746][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.242791][   T38] 1 lock held by syz-executor/6793:
[  389.242801][   T38]  #0: ffffffff8ecd22f8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  389.242848][   T38] 1 lock held by syz-executor/6797:
[  389.242859][   T38] 3 locks held by syz-executor/6799:
[  389.242869][   T38]  #0: ffff888033524350 (sk_lock-AF_BLUETOOTH-BTPROTO_HCI){+.+.}-{0:0}, at: hci_sock_ioctl+0x247/0x910
[  389.242914][   T38]  #1: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.242956][   T38]  #2: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.242999][   T38] 3 locks held by syz-executor/6800:
[  389.243010][   T38]  #0: ffff888021ac8350 (sk_lock-AF_BLUETOOTH-BTPROTO_HCI){+.+.}-{0:0}, at: hci_sock_ioctl+0x247/0x910
[  389.243054][   T38]  #1: ffffffff8d84a7a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  389.243097][   T38]  #2: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  389.243144][   T38] 
[  389.243148][   T38] =============================================
[  389.243148][   T38] 
[  389.243172][   T38] NMI backtrace for cpu 1
[  389.243197][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  389.243246][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  389.243271][   T38] Call Trace:
[  389.243281][   T38]  <TASK>
[  389.243288][   T38]  dump_stack_lvl+0x189/0x250
[  389.243317][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  389.243340][   T38]  ? __pfx__printk+0x10/0x10
[  389.243371][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[  389.243394][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  389.243415][   T38]  ? __pfx__printk+0x10/0x10
[  389.243438][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  389.243461][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  389.243482][   T38]  watchdog+0xf93/0xfe0
[  389.243508][   T38]  ? watchdog+0x1de/0xfe0
[  389.243534][   T38]  kthread+0x711/0x8a0
[  389.243561][   T38]  ? __pfx_watchdog+0x10/0x10
[  389.243580][   T38]  ? __pfx_kthread+0x10/0x10
[  389.243607][   T38]  ? __pfx_kthread+0x10/0x10
[  389.243631][   T38]  ret_from_fork+0x3f9/0x770
[  389.243654][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  389.243681][   T38]  ? __switch_to_asm+0x39/0x70
[  389.243696][   T38]  ? __switch_to_asm+0x33/0x70
[  389.243711][   T38]  ? __pfx_kthread+0x10/0x10
[  389.243746][   T38]  ret_from_fork_asm+0x1a/0x30
[  389.243777][   T38]  </TASK>
[  389.243783][   T38] Sending NMI from CPU 1 to CPUs 0:
[  389.243808][    C0] NMI backtrace for cpu 0
[  389.243825][    C0] CPU: 0 UID: 0 PID: 189 Comm: kworker/u8:5 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  389.243853][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  389.243864][    C0] Workqueue: events_unbound cfg80211_wiphy_work
[  389.243885][    C0] RIP: 0010:kasan_check_range+0x1d4/0x2c0
[  389.243908][    C0] Code: 01 f3 49 8d 5c 24 07 4d 85 e4 49 0f 49 dc 48 83 e3 f8 49 29 dc 74 12 41 80 3b 00 0f 85 b8 00 00 00 49 ff c3 49 ff cc 75 ee 5b <41> 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 45 84 ff 75 63 41 f7
[  389.243922][    C0] RSP: 0018:ffffc90003bcdb50 EFLAGS: 00000256
[  389.243936][    C0] RAX: ffffffff88df2c01 RBX: 0000000000000000 RCX: ffffffff88df2c55
[  389.243948][    C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8f1d4a30
[  389.243959][    C0] RBP: 0000000000000000 R08: ffffffff8f1d4a37 R09: 1ffffffff1e3a946
[  389.243970][    C0] R10: dffffc0000000000 R11: fffffbfff1e3a947 R12: 0000000000000001
[  389.243982][    C0] R13: 0000000000000000 R14: fffffbfff1e3a947 R15: 1ffffffff1e3a946
[  389.243994][    C0] FS:  0000000000000000(0000) GS:ffff8881268c2000(0000) knlGS:0000000000000000
[  389.244008][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  389.244020][    C0] CR2: 00007feec4846d00 CR3: 000000003e232000 CR4: 00000000003526f0
[  389.244035][    C0] Call Trace:
[  389.244041][    C0]  <TASK>
[  389.244049][    C0]  dev_hard_start_xmit+0x3e5/0x870
[  389.244080][    C0]  __dev_queue_xmit+0x1b50/0x3b70
[  389.244100][    C0]  ? __dev_queue_xmit+0x26f/0x3b70
[  389.244116][    C0]  ? kasan_save_track+0x3e/0x80
[  389.244133][    C0]  ? kasan_save_free_info+0x46/0x50
[  389.244147][    C0]  ? kmem_cache_free+0x195/0x510
[  389.244167][    C0]  ? br_nf_dev_queue_xmit+0x52d/0x2090
[  389.244188][    C0]  ? NF_HOOK+0x61b/0x6b0
[  389.244205][    C0]  ? br_nf_post_routing+0xb66/0xfe0
[  389.244225][    C0]  ? nf_hook_slow+0xc5/0x220
[  389.244244][    C0]  ? NF_HOOK+0x215/0x3c0
[  389.244261][    C0]  ? br_forward_finish+0xd3/0x130
[  389.244279][    C0]  ? br_nf_forward_finish+0xa40/0xe60
[  389.244298][    C0]  ? NF_HOOK+0x61b/0x6b0
[  389.244316][    C0]  ? br_nf_forward_ip+0x647/0x7e0
[  389.244337][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  389.244350][    C0]  ? br_nf_hook_thresh+0x3c6/0x4a0
[  389.244369][    C0]  ? br_nf_pre_routing_finish_ipv6+0x948/0xd00
[  389.244391][    C0]  ? br_nf_pre_routing_ipv6+0x37e/0x6b0
[  389.244411][    C0]  ? br_handle_frame+0x982/0x14d0
[  389.244431][    C0]  ? __netif_receive_skb_core+0x10b6/0x4020
[  389.244447][    C0]  ? __netif_receive_skb+0x72/0x380
[  389.244463][    C0]  ? process_backlog+0x31e/0x900
[  389.244487][    C0]  ? __napi_poll+0xb6/0x540
[  389.244502][    C0]  ? net_rx_action+0x707/0xe00
[  389.244519][    C0]  ? handle_softirqs+0x22c/0x710
[  389.244537][    C0]  ? __local_bh_enable_ip+0x179/0x270
[  389.244555][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0x11e5/0x2ae0
[  389.244572][    C0]  ? ieee80211_iface_work+0x85f/0x12d0
[  389.244589][    C0]  ? cfg80211_wiphy_work+0x2bb/0x470
[  389.244606][    C0]  ? process_scheduled_works+0xade/0x17b0
[  389.244623][    C0]  ? worker_thread+0x8a0/0xda0
[  389.244641][    C0]  ? kthread+0x711/0x8a0
[  389.244660][    C0]  ? ret_from_fork+0x3f9/0x770
[  389.244678][    C0]  ? ret_from_fork_asm+0x1a/0x30
[  389.244707][    C0]  br_dev_queue_push_xmit+0x6c5/0x890
[  389.244729][    C0]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[  389.244752][    C0]  ? NF_HOOK+0x9e/0x6b0
[  389.244771][    C0]  NF_HOOK+0x61b/0x6b0
[  389.244793][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  389.244816][    C0]  ? net_generic+0x1e/0x240
[  389.244834][    C0]  ? net_generic+0x1e/0x240
[  389.244852][    C0]  ? net_generic+0x1e/0x240
[  389.244870][    C0]  ? skb_pull+0xc1/0x1d0
[  389.244886][    C0]  br_nf_post_routing+0xb66/0xfe0
[  389.244906][    C0]  ? __pfx_br_nf_dev_queue_xmit+0x10/0x10
[  389.244930][    C0]  ? __pfx_br_nf_post_routing+0x10/0x10
[  389.244952][    C0]  nf_hook_slow+0xc5/0x220
[  389.244971][    C0]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[  389.244989][    C0]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[  389.245008][    C0]  NF_HOOK+0x215/0x3c0
[  389.245027][    C0]  ? NF_HOOK+0x9e/0x3c0
[  389.245044][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  389.245063][    C0]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[  389.245088][    C0]  br_forward_finish+0xd3/0x130
[  389.245105][    C0]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[  389.245125][    C0]  br_nf_forward_finish+0xa40/0xe60
[  389.245151][    C0]  ? __pfx_br_nf_forward_finish+0x10/0x10
[  389.245174][    C0]  ? __pfx_br_forward_finish+0x10/0x10
[  389.245194][    C0]  ? NF_HOOK+0x9e/0x6b0
[  389.245213][    C0]  ? NF_HOOK+0x9e/0x6b0
[  389.245232][    C0]  NF_HOOK+0x61b/0x6b0
[  389.245254][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  389.245280][    C0]  br_nf_forward_ip+0x647/0x7e0
[  389.245300][    C0]  ? __pfx_br_nf_forward_finish+0x10/0x10
[  389.245323][    C0]  ? __pfx_br_nf_forward+0x10/0x10
[  389.245344][    C0]  nf_hook_slow+0xc5/0x220
[  389.245363][    C0]  ? __pfx_br_forward_finish+0x10/0x10
[  389.245382][    C0]  ? __pfx_br_forward_finish+0x10/0x10
[  389.245400][    C0]  NF_HOOK+0x215/0x3c0
[  389.245419][    C0]  ? NF_HOOK+0x9e/0x3c0
[  389.245435][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  389.245454][    C0]  ? __pfx_br_forward_finish+0x10/0x10
[  389.245482][    C0]  __br_forward+0x41e/0x600
[  389.245499][    C0]  ? __pfx_br_forward_finish+0x10/0x10
[  389.245517][    C0]  ? skb_clone+0x246/0x3a0
[  389.245540][    C0]  ? __pfx___br_forward+0x10/0x10
[  389.245563][    C0]  br_handle_frame_finish+0x14b4/0x19b0
[  389.245583][    C0]  ? stack_depot_save_flags+0x40/0x860
[  389.245609][    C0]  ? __pfx_br_handle_frame_finish+0x10/0x10
[  389.245629][    C0]  ? br_handle_frame+0x982/0x14d0
[  389.245649][    C0]  ? __netif_receive_skb+0x72/0x380
[  389.245664][    C0]  ? process_backlog+0x31e/0x900
[  389.245681][    C0]  ? __napi_poll+0xb6/0x540
[  389.245696][    C0]  ? handle_softirqs+0x22c/0x710
[  389.245713][    C0]  ? __local_bh_enable_ip+0x179/0x270
[  389.245730][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0x11e5/0x2ae0
[  389.245747][    C0]  ? cfg80211_wiphy_work+0x2bb/0x470
[  389.245764][    C0]  ? process_scheduled_works+0xade/0x17b0
[  389.245782][    C0]  ? worker_thread+0x8a0/0xda0
[  389.245799][    C0]  ? kthread_create_worker_on_node+0x60/0x3a0
[  389.245820][    C0]  ? ret_from_fork+0x3f9/0x770
[  389.245838][    C0]  ? __switch_to_asm+0x23/0x70
[  389.245856][    C0]  ? nf_hook_slow+0x176/0x220
[  389.245875][    C0]  ? __pfx_br_handle_frame_finish+0x10/0x10
[  389.245896][    C0]  br_nf_hook_thresh+0x3c6/0x4a0
[  389.245920][    C0]  ? __pfx_br_nf_hook_thresh+0x10/0x10
[  389.245941][    C0]  ? __pfx_br_handle_frame_finish+0x10/0x10
[  389.245967][    C0]  br_nf_pre_routing_finish_ipv6+0x948/0xd00
[  389.245989][    C0]  ? __pfx_br_handle_frame_finish+0x10/0x10
[  389.246013][    C0]  ? br_nf_pre_routing_ipv6+0x42f/0x6b0
[  389.246035][    C0]  br_nf_pre_routing_ipv6+0x37e/0x6b0
[  389.246058][    C0]  ? __pfx_br_nf_pre_routing_ipv6+0x10/0x10
[  389.246081][    C0]  ? __pfx_br_nf_pre_routing_finish_ipv6+0x10/0x10
[  389.246103][    C0]  ? br_nf_pre_routing+0x720/0x1470
[  389.246129][    C0]  ? __pfx_br_nf_pre_routing+0x10/0x10
[  389.246146][    C0]  br_handle_frame+0x982/0x14d0
[  389.246169][    C0]  ? __pfx_br_handle_frame+0x10/0x10
[  389.246188][    C0]  ? try_to_take_rt_mutex+0x840/0xb00
[  389.246207][    C0]  ? __pfx_br_handle_frame_finish+0x10/0x10
[  389.246231][    C0]  ? __pfx_br_handle_frame+0x10/0x10
[  389.246252][    C0]  __netif_receive_skb_core+0x10b6/0x4020
[  389.246269][    C0]  ? __lock_acquire+0xab9/0xd20
[  389.246293][    C0]  ? do_raw_spin_lock+0x121/0x290
[  389.246315][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  389.246336][    C0]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  389.246354][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  389.246374][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  389.246397][    C0]  ? __lock_acquire+0xab9/0xd20
[  389.246422][    C0]  ? process_backlog+0x27b/0x900
[  389.246440][    C0]  ? process_backlog+0x27b/0x900
[  389.246457][    C0]  __netif_receive_skb+0x72/0x380
[  389.246473][    C0]  ? rt_spin_unlock+0x65/0x80
[  389.246496][    C0]  ? process_backlog+0x27b/0x900
[  389.246513][    C0]  process_backlog+0x31e/0x900
[  389.246537][    C0]  __napi_poll+0xb6/0x540
[  389.246555][    C0]  net_rx_action+0x707/0xe00
[  389.246581][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  389.246598][    C0]  ? rtlock_slowlock_locked+0xd8/0x4010
[  389.246617][    C0]  ? kvm_sched_clock_read+0x11/0x20
[  389.246640][    C0]  ? __pfx_sched_clock_cpu+0x10/0x10
[  389.246661][    C0]  ? do_raw_spin_lock+0x121/0x290
[  389.246686][    C0]  handle_softirqs+0x22c/0x710
[  389.246709][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  389.246732][    C0]  __local_bh_enable_ip+0x179/0x270
[  389.246751][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  389.246776][    C0]  ? cfg80211_put_bss+0x20e/0x270
[  389.246790][    C0]  ? cfg80211_put_bss+0x45/0x270
[  389.246807][    C0]  ieee80211_ibss_rx_queued_mgmt+0x11e5/0x2ae0
[  389.246832][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  389.246852][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0xf93/0x2ae0
[  389.246869][    C0]  ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10
[  389.246885][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  389.246906][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  389.246928][    C0]  ? __lock_acquire+0xab9/0xd20
[  389.246949][    C0]  ? rt_mutex_slowunlock+0x493/0x8a0
[  389.246967][    C0]  ? migrate_enable+0x29c/0x3c0
[  389.246985][    C0]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  389.247012][    C0]  ieee80211_iface_work+0x85f/0x12d0
[  389.247035][    C0]  cfg80211_wiphy_work+0x2bb/0x470
[  389.247054][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  389.247074][    C0]  process_scheduled_works+0xade/0x17b0
[  389.247106][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  389.247132][    C0]  worker_thread+0x8a0/0xda0
[  389.247163][    C0]  kthread+0x711/0x8a0
[  389.247186][    C0]  ? __pfx_worker_thread+0x10/0x10
[  389.247204][    C0]  ? __pfx_kthread+0x10/0x10
[  389.247227][    C0]  ? __pfx_kthread+0x10/0x10
[  389.247249][    C0]  ret_from_fork+0x3f9/0x770
[  389.247268][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  389.247290][    C0]  ? __switch_to_asm+0x39/0x70
[  389.247305][    C0]  ? __switch_to_asm+0x33/0x70
[  389.247318][    C0]  ? __pfx_kthread+0x10/0x10
[  389.247340][    C0]  ret_from_fork_asm+0x1a/0x30
[  389.247362][    C0]  </TASK>
[  390.606333][    C0] net_ratelimit: 19640 callbacks suppressed
[  390.606353][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  390.606752][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  390.606948][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  390.607154][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  390.607312][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  390.607542][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  390.607754][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  390.607949][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  390.608184][    C1] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  390.608366][    C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:9e:05:03:9b:0c:84, vlan:0)
[  391.119894][ T6610] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  391.256232][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[  391.256254][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  391.256277][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  391.256287][   T38] Call Trace:
[  391.256295][   T38]  <TASK>
[  391.256303][   T38]  dump_stack_lvl+0x99/0x250
[  391.256332][   T38]  ? __asan_memcpy+0x40/0x70
[  391.256351][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  391.256381][   T38]  ? __pfx__printk+0x10/0x10
[  391.256412][   T38]  vpanic+0x281/0x750
[  391.256438][   T38]  ? __pfx_vpanic+0x10/0x10
[  391.256459][   T38]  ? preempt_schedule+0xae/0xc0
[  391.256482][   T38]  ? preempt_schedule_common+0x83/0xd0
[  391.256508][   T38]  panic+0xb9/0xc0
[  391.256529][   T38]  ? __pfx_panic+0x10/0x10
[  391.256552][   T38]  ? preempt_schedule_thunk+0x16/0x30
[  391.256578][   T38]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  391.256600][   T38]  watchdog+0xfd2/0xfe0
[  391.256626][   T38]  ? watchdog+0x1de/0xfe0
[  391.256651][   T38]  kthread+0x711/0x8a0
[  391.256679][   T38]  ? __pfx_watchdog+0x10/0x10
[  391.256698][   T38]  ? __pfx_kthread+0x10/0x10
[  391.256726][   T38]  ? __pfx_kthread+0x10/0x10
[  391.256749][   T38]  ret_from_fork+0x3f9/0x770
[  391.256775][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  391.256801][   T38]  ? __switch_to_asm+0x39/0x70
[  391.256816][   T38]  ? __switch_to_asm+0x33/0x70
[  391.256831][   T38]  ? __pfx_kthread+0x10/0x10
[  391.256855][   T38]  ret_from_fork_asm+0x1a/0x30
[  391.256886][   T38]  </TASK>
[  391.257229][   T38] Kernel Offset: disabled