last executing test programs:

5m44.545087932s ago: executing program 0 (id=69):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
r1 = socket$netlink(0x10, 0x3, 0x15)
sendmsg$netlink(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000000100)}, 0x0)

5m43.631520271s ago: executing program 0 (id=73):
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="6d706f6c3d625e0efebadfdee3bf1a405f099626bc6a9d6e643a302d4e3a"])
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r2, 0x107, 0x9, &(0x7f0000000080)=0xffffffff, 0x4)
connect$inet6(r0, 0x0, 0x0)
socket(0x2a, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r3}, 0x10)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x20001400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1206"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$TUNSETOFFLOAD(r4, 0x4010744d, 0x20000000)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r5, 0x5420, &(0x7f00000000c0)=0x3ff)
sendfile(r1, r5, 0x0, 0x10ffff)
ioctl$TCSETS(r5, 0x5402, &(0x7f0000000080)={0x768, 0x0, 0x100000, 0x0, 0x0, "f694b8000000000000cc29e1f5eba328020016"})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000b40), 0x600, 0x0)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
shutdown(r7, 0x0)
r8 = dup3(r7, r6, 0x0)
recvmmsg(r8, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0}}], 0xf00, 0xf0, 0x0)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r9, &(0x7f0000000080)="b3019c28", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
recvmmsg(r9, &(0x7f0000002d00)=[{{&(0x7f00000000c0)=@generic, 0x80, &(0x7f0000000580)=[{&(0x7f0000000240)=""/84, 0x54}, {&(0x7f0000002f40)=""/228, 0xe4}], 0x2, &(0x7f00000002c0)=""/42, 0x2a}, 0x7f}, {{&(0x7f0000000300)=@x25={0x9, @remote}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000380)=""/87, 0x57}, {&(0x7f0000000400)=""/252, 0xfc}, {&(0x7f0000000500)=""/52, 0x34}], 0x3, &(0x7f0000002e40)=""/55, 0x37}, 0x3}, {{&(0x7f00000005c0)=@pppoe={0x18, 0x0, {0x0, @remote}}, 0x80, &(0x7f0000000700)=[{&(0x7f0000002e80)=""/176, 0xb0}], 0x1, &(0x7f0000000840)=""/4096, 0x1000}, 0x6}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000001840)=""/212, 0xd4}], 0x1}, 0x46c5}, {{&(0x7f0000001940)=@l2tp={0x2, 0x0, @broadcast}, 0x80, &(0x7f0000002c80)=[{&(0x7f00000019c0)=""/178, 0xb2}, {&(0x7f0000001a80)=""/4096, 0x1000}, {&(0x7f0000002a80)=""/214, 0xd6}, {&(0x7f0000000640)=""/28, 0x1c}, {&(0x7f0000002b80)=""/211, 0xd3}], 0x5}, 0x2}], 0x5, 0x0, 0x0)
readv(r9, &(0x7f0000000140)=[{&(0x7f00000007c0)=""/110, 0x6e}], 0x1)
modify_ldt$read_default(0x2, &(0x7f0000000180)=""/180, 0xb4)

5m42.560811396s ago: executing program 0 (id=82):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000040)="05000000", 0x4)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000700)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000005c0)=@file={0x0, './bus/file0\x00'}, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
pipe2$watch_queue(&(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r7, 0x0)
read$watch_queue(r6, &(0x7f0000000740)=""/251, 0xfb)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r6, 0x5760, 0x11)
keyctl$KEYCTL_WATCH_KEY(0x20, r5, r7, 0xffffffffffffffff)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CHANNEL(r8, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x2c, r9, 0x3, 0x70bd29, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_PHY={0x8}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x2}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1d}]}, 0x2c}}, 0x802)
write(r1, &(0x7f0000000040)="05000000010001", 0x7)

5m41.615562939s ago: executing program 0 (id=83):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
r1 = socket$netlink(0x10, 0x3, 0x15)
sendmsg$netlink(r1, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000000100)}, 0x0)

5m40.956964519s ago: executing program 0 (id=88):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0x747, 0x3, 0x4, 0xfb, 0x8, 0x101}, 0xc)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000001240)={'batadv0\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000001280)={r2, 0x1, 0x6, @broadcast}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x7, <r3=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f00000002c0)=0x20)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001180)={0x1b, 0x0, 0x0, 0x31, 0x0, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1, 0x9, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001200)=@bloom_filter={0x1e, 0x1, 0x2, 0x7fffffff, 0x2e, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x2, 0x2, @void, @value, @void, @value}, 0x50)
r7 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r7, 0x40049366, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
move_pages(0x0, 0x10, &(0x7f0000000140)=[&(0x7f0000000000/0x1000)=nil], &(0x7f0000000040)=[0x1], 0x0, 0x0)
munlockall()
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001280)={0xffffffffffffffff, 0x7, 0x18}, 0xc)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
unshare(0x8000000)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)={@cgroup=r9, 0xffffffffffffffff, 0x9, 0x0, 0x0, @void, @value}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x18, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, [@exit, @generic={0x1, 0x7, 0x4, 0xe0, 0x1}, @cb_func={0x18, 0xd, 0x4, 0x0, 0x8}, @ldst={0x3, 0x2, 0x6, 0x0, 0xa052fc4793834e09, 0x0, 0x10}]}, &(0x7f0000000080)='GPL\x00', 0xff, 0x1000, &(0x7f0000000100)=""/4096, 0x41100, 0x8, '\x00', r2, @fallback=0xe, 0xffffffffffffffff, 0x8, &(0x7f0000001100)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000001140)={0x3, 0xa, 0x2, 0x2}, 0x10, r3, r4, 0x0, &(0x7f00000012c0)=[r5, 0x1, r6, r7, 0xffffffffffffffff, r8, r9], &(0x7f0000001300), 0x10, 0xa519, @void, @value}, 0x94)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write(r0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r4, 0xc0189374, &(0x7f0000001400)={{0x1, 0x1, 0x18, <r10=>r8, {0x1}}, './cgroup\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001440)={&(0x7f0000001300)='io_uring_cqring_wait\x00', r10, 0x0, 0xfc}, 0x18)

5m40.17299129s ago: executing program 0 (id=92):
r0 = openat$vicodec1(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_G_PRIORITY(r0, 0x80045643, 0x914f989e7507b04d)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x18c)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000100)={[{@xino_off}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
io_setup(0xa, &(0x7f0000000180)=<r1=>0x0)
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r3 = dup3(r0, r0, 0x80000)
io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x4, r2, &(0x7f0000000380)="06811ec18c25ae4497677c3508a4a64387eaa7a3f46bd456d2db47ddd292f8b47a0fc6a999215a4b3f46f5f1b3af38bb830280237f3c913347c567a20771ec0a296f", 0x42, 0xffffffffffffffa6, 0x0, 0x2, r3}])
readlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)=""/237, 0xed)

5m25.052813229s ago: executing program 32 (id=92):
r0 = openat$vicodec1(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_G_PRIORITY(r0, 0x80045643, 0x914f989e7507b04d)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x18c)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000100)={[{@xino_off}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
io_setup(0xa, &(0x7f0000000180)=<r1=>0x0)
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
r3 = dup3(r0, r0, 0x80000)
io_submit(r1, 0x1, &(0x7f0000000300)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x4, r2, &(0x7f0000000380)="06811ec18c25ae4497677c3508a4a64387eaa7a3f46bd456d2db47ddd292f8b47a0fc6a999215a4b3f46f5f1b3af38bb830280237f3c913347c567a20771ec0a296f", 0x42, 0xffffffffffffffa6, 0x0, 0x2, r3}])
readlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)=""/237, 0xed)

26.87092982s ago: executing program 4 (id=1114):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_usb_connect(0x0, 0x34, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0x6d, 0x80, 0xa1, 0x40, 0x12d1, 0x8869, 0x3b15, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x22, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x33, 0x0, 0x1, 0xff, 0x2, 0x46, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x7, 0xb, "0d7832208c"}]}}]}}]}}]}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1857cc401095553e0a000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
writev(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
prlimit64(r0, 0xa, &(0x7f0000000100)={0xf07, 0x165}, &(0x7f0000000240))
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
set_mempolicy(0x4005, &(0x7f0000000080)=0x41, 0xb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
lseek(0xffffffffffffffff, 0x68, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)

19.492208035s ago: executing program 4 (id=1135):
syz_open_dev$usbfs(&(0x7f0000000240), 0x0, 0x191601)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setownex(r1, 0xf, &(0x7f0000000100))
read$FUSE(0xffffffffffffffff, &(0x7f0000002880)={0x2020, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x2029)
prlimit64(r2, 0xe, &(0x7f0000000200)={0x6, 0x8b}, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_OPER(0xffffffffffffffff, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000002780)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100b7773fdf1c452600000000ffdbdf25080000000800030047e9623d7cfae42265d28349231d800a290101159e0c4cdec14f9a534c0bd829e05f473fc017cc8732cbbec47e8a0b2517191e433ddd84fbeaaf916312786ac1bc6265256aa8c1", @ANYRES32=0x0, @ANYBLOB="6fe6b22add10b08302000000"], 0x28}, 0x1, 0x0, 0x0, 0x4008050}, 0x4c009)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
socket$packet(0x11, 0x2, 0x300)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r4, 0x0, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000840)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd6d00000000481100fc000000000000000000000000000001ff0100000000000000000000000000014e224e230048907803000000020000004e828d13df6b7a76cb9ae28c1469fbc8b9d37e15c47057b1b6ba03cbadf7de055e25811fda433f7ba2c6"], 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000002840)='./binderfs2/custom0\x00', 0x801, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffd8a, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeb2, 0x0, 0x0, 0x0, 0x4003b, &(0x7f0000001200), 0x4c, 0x0, 0x0, 0x0, 0xffffffffffffffc6, 0x80000000, 0x8, 0x0, 0x0}}, 0x10)
dup3(0xffffffffffffffff, r5, 0x0)
socket(0x1d, 0x80002, 0x0)

16.784408831s ago: executing program 4 (id=1146):
pipe(0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r0=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = epoll_create1(0x0)
r2 = socket$inet(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='xfrm0\x00', 0x10)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000300))
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000c00)=ANY=[@ANYBLOB="240000001200010a00"/21], 0x24}}, 0x0)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7ffffffd, 0x4)
write$binfmt_script(r0, 0x0, 0x6f4000)

15.769109931s ago: executing program 4 (id=1149):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x34000, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x30}}, 0x0)

15.750150875s ago: executing program 1 (id=1150):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x123a02, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001880)=ANY=[@ANYBLOB="ac0300001000010000001000fbdbdf25fe8800000000000000000000000000010000000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc0100000000000000000000000000010000000032000000e00000020000000000000000000000000200000000000000000000000000000000000000000000000000000000000000ffffffffffffffff0000000000000000ffffffffffffff7f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000a000000af0000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00170000000000000000002abd70000000400000000000000000004c001400636d61632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000de00120070"], 0x3ac}}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x1c1280, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_DYNSET_OP={0x8}, @NFTA_DYNSET_SREG_KEY={0x8}, @NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_DYNSET_FLAGS={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x90}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
ioctl$KVM_CREATE_PIT2(r5, 0x4040ae77, &(0x7f0000000040))
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000003c0)={[0x200, 0x0, 0x0, 0x40, 0x0, 0x0, 0x802004cb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000], 0xffff1000, 0x202})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
mq_getsetattr(r3, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
writev(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000001680)}], 0x1)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='westwood\x00', 0x9)
write$binfmt_script(r2, &(0x7f0000000200), 0xfffffd9d)
ioctl$EXT4_IOC_CHECKPOINT(r2, 0x4004662b, &(0x7f0000000080)=0x5)
pwritev(r0, &(0x7f0000000040)=[{&(0x7f00000000c0)="b2", 0xfdef}], 0x10000000000000bb, 0x7, 0x1)

15.401034416s ago: executing program 4 (id=1152):
r0 = io_uring_setup(0x1fc4, &(0x7f0000000bc0)={0x0, 0x0, 0x12, 0x0, 0x320})
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e22, 0xfffffffd, @initdev={0xfe, 0x88, '\x00', 0xfa, 0x0}, 0x80000}, 0x2)
listen(r3, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmsg$alg(r5, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000170100000300000001000800000000001800000000000000170100000200"], 0x30}, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
bind$netlink(r5, &(0x7f0000000200)={0x10, 0x0, 0x25dfdbfd, 0x20000000}, 0xc)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
ioctl$SNDRV_TIMER_IOCTL_GINFO(r7, 0xc0f85403, &(0x7f0000000100)={{0xffffffffffffffff, 0x1, 0x317c, 0x0, 0x1}, 0x7, 0x7f, 'id0\x00', 'timer0\x00', 0x0, 0x3, 0x4, 0x5})
getdents(r7, 0xfffffffffffffffd, 0x3b)
accept4(r2, &(0x7f0000000040)=@pppoe={0x18, 0x0, {0x0, @multicast}}, &(0x7f00000000c0)=0x80, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

15.121081634s ago: executing program 1 (id=1153):
syz_emit_ethernet(0x46, &(0x7f0000000680)={@local, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '!\x00', 0x10, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x19, 0xfffffffd, 0x4000}}}}}}, 0x0)

15.120641558s ago: executing program 2 (id=1154):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x4, &(0x7f0000000240)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000, @void, @value}, 0x94)
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)={0x2c, r1, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x90)
ioperm(0x802, 0x6, 0x5)

7.070236917s ago: executing program 5 (id=1168):
r0 = socket$igmp6(0xa, 0x3, 0x2)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2400, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x52, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd61669f2800002f"], 0x0)

6.927882307s ago: executing program 5 (id=1169):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x880, 0x0)
r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000001580), 0x2, 0x0)
timerfd_create(0x8, 0x80000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000040)={'syztnl1\x00', &(0x7f00000002c0)={'tunl0\x00', 0x0, 0x40, 0x20, 0x7ff, 0x91, {{0xd, 0x4, 0x1, 0x1b, 0x34, 0x67, 0x0, 0xfb, 0x2f, 0x0, @private=0xa010101, @broadcast, {[@rr={0x7, 0x3, 0x5}, @lsrr={0x83, 0x13, 0xbd, [@initdev={0xac, 0x1e, 0x1, 0x0}, @remote, @dev={0xac, 0x14, 0x14, 0x30}, @multicast1]}, @lsrr={0x83, 0x7, 0xb0, [@local]}]}}}}})
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x3, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @local, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @local, @remote, @link_local, @broadcast}}}}, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB(r3, 0xc01c64ae, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x20})
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000001600)={0x7, "81b3cf1e0a024af0359b795357c58197e08134525957032d0960e3a7e79530b9", 0x2, 0x1})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000000))
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f00000000c0)={[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x98}, {0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xde, 0x0, 0x0, 0x8}, {0x3fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)

5.976627433s ago: executing program 5 (id=1170):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0)

5.710685391s ago: executing program 5 (id=1171):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
write$binfmt_elf32(r1, &(0x7f0000000140)=ANY=[@ANYBLOB='T{'], 0x69) (async)
close(r1) (async)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) (async)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) (async)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x40086602, &(0x7f00000000c0)={@id={0x2, 0x0, @auto="66f5598b24cf53ed619cc48fed438026"}})
r2 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000140)=ANY=[], 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000001c0)={0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8) (async)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18f50000030010850000000702000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
r5 = gettid() (async)
r6 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r6, &(0x7f0000000100)={0xa, 0x4e40, 0x0, @mcast1, 0x4}, 0x1c) (async)
r7 = socket$inet6(0xa, 0x6, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r3, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x40, 0x1412, 0x400, 0x70bd27, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x2}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x5}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
bind$inet6(r7, &(0x7f0000000480)={0xa, 0x4e40, 0x0, @mcast1, 0x1}, 0x1c) (async)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r4, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=[0x4], 0x0, 0x2, 0x1, 0x0, r5}}, 0x40) (async)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) (async)
io_setup(0x6, &(0x7f00000000c0)=<r9=>0x0) (async)
recvfrom$inet(r3, &(0x7f00000004c0)=""/68, 0x44, 0x1, &(0x7f0000000440)={0x2, 0x4e24, @rand_addr=0x64010100}, 0x10)
io_submit(r9, 0x1, &(0x7f0000000080)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, r8, &(0x7f0000000140)='-3', 0x2}]) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) (async)
sendmmsg$inet6(r0, &(0x7f0000000080)=[{{&(0x7f0000000180)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000100)='a', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000380)="e306", 0x2}], 0x1}}], 0x2, 0x600c050)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r10 = syz_io_uring_setup(0x10d, 0x0, &(0x7f0000000240), &(0x7f0000000280))
io_uring_enter(r10, 0x47f9, 0x0, 0x5, 0x0, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)

4.45498557s ago: executing program 3 (id=1151):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x7, 0x3, &(0x7f00000007c0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1190e95fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9b24be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa56d59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e59a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d0faab186d94af98af1da2b5952eb15855933a202304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad9433269af3be5fa6a9a5c24e392955f4e979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a992810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ede62fc28839b5301160ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a142a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce3c7c56cd31121624d76517fd3666276c3c0e812b28e2f30d035cee5d0e77a3c70008ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856cf24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31651e0ecea5ece8fb11a4ee288eb149f1fa33669cc8d901fa8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463baf28345bde0c195bc9f021da8f3025ee9c8e3168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262fa3f1dabeb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a4601adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a8640724a5f4e12ad99012a2e01ce79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d014e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5671820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427a7f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d17eb0000000000000000000000fa08ad0731c4b839688b22c4da2a6b00008a1949a6ba49fbf981f8265e7f1f4c2d97f4680b135f87c228ce69418a282bffff2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae05334d5a44a020000001c0d882a564d74a7c72bf9a2152b261e58fea6d2f93589cfe261dc0410b5ccc92a5a0eab327a33431d62d2b7c75ce654d556c9e1817c1abca762ab53d40da51560351b673363652e1ecb56cfe4a746a45ab13c6014e9f361ab687d1cd1795ce9e05c817b83d76046bdb3709de5df7499a02d2f636a454b85b987580ada025d83bd7b8df28a540d5ec5537942e79f2f1ab25ea5f563bc77e4f9468bd309469880c7e34150ca886d1f13dff7e82dbe296c877d925c38c54cc8137b29028854b6bd57ca893927c331300e16aba792289e135589d93302fc37c73c303e383cdf8ef3f6d6265fe5ee01759d24027475c8901039a898582022bc95992b86dce0710887c8a625d9cbb897bdbfaf49a3f642a169827a9bae4fcfa5212461db000000000000e6ed75ca8fcda7ef3ee336189fef3b3ffb9f38fefc5ff39c4e69e3fa1f8b10ee97123e99b61eba065b1ad67530e7c4f11f9da7ae000002000000610101ad7f79cb9bbf64a0fc109f49fe50151f5ddfe51833ec65ece70e07ce8ab5d97db47da8f80000664dc0b86ae2b3ff9d4e220752a6b2f3ea9f793612386496dca5af7b8952aafa332482e6137e994d3f5259b7f51544cdc6d8cb4becc20dd3a57545b0c2621e4c5f94a23f73ee02c22ee7e27c2cc491a85947baac523c347c9b9ede5d6265997f2ad6e9719aafdb323988e62b7ec84545cd63b7a7"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffdf2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_BIND_MAP(0x1c, &(0x7f0000000040)={r0, 0xffffffffffffffff, 0x29}, 0xc)
r1 = syz_usb_connect$uac1(0x0, 0x85, &(0x7f0000000480)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x73, 0x3, 0x1, 0x0, 0x0, 0x0, {{}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x9, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0x7f, 0x2, 0x0, 0x1, "8b7c", "d2edca"}, @as_header={0x7}]}, {{0x9, 0x5, 0x82, 0x9, 0x10, 0x0, 0x0, 0x0, {0x7, 0x25, 0x1, 0x81}}}}}}}]}}, 0x0)
syz_usb_control_io$uac1(r1, &(0x7f0000001100)={0x14, 0x0, &(0x7f0000001040)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
syz_usb_control_io(r1, &(0x7f00000021c0)={0x2c, 0x0, &(0x7f0000002080)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_connect(0x3, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201100335f9e7108304341266100000000109021200017f7f00040904"], &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0})
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006007c09e8fe55a10a0015000600142603600e1208000f0000000401a80016000900014003000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x810)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001440), 0x2202, 0x0)
io_setup(0x104, &(0x7f0000000180)=<r4=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_submit(r4, 0x3, &(0x7f0000000340)=[&(0x7f00000000c0)={0x0, 0x0, 0x3, 0x1, 0x0, r3, &(0x7f0000000000)="de", 0xfdef}])
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="2000000010000305000000022000000000000000", @ANYRES32=0x0, @ANYBLOB="0efb9864000200004716ae3f425ee3d64b7bbf3d29c2d79099a9eecf06666e6e96d99dc99dd25ed1247c4ebd87ade98c79c05deba9677e9fd3f7d727537d22d72b164144dc79bead5403471346b417058cb6ed880a343f94acbcc69d559bdd4ab7a2d572c6abe0aa104ee4cb64130464a7817e787286f098aa4fe6816f43d0823ff59c76a96adca45225d4130afe19d9be2f009a3647bc271d168ba5c012425bcd50c9771b3501f73a5d3b55ab5dd733383364ef40221be054b1536af3bc9d37ab254e9ea934e7a3aa56540a47b062bdff7fdf59423b78b86fbc782aed422c6352be15457453a543eb29e8c29356052b42544b3d1fd882d9b0d395b895ea79ffe113bd1b6866de7fb97703f9b65770d4187e2bb98e368ad1c554dfa22280c079956bdfb511f0cc8f564e68"], 0x20}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, 0x3, 0x2, 0x101, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x40800}, 0x200c0894)
recvfrom(r5, 0x0, 0x0, 0x40000000, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$sock_int(r7, 0x1, 0x13, 0x0, &(0x7f0000000040))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r9=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r9, @ANYBLOB="0000000000000000300012800b00010065727370616e0000200002800400120005001600020000000600180040"], 0x50}}, 0x0)
r10 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000240)={0x0, <r11=>0x0}, &(0x7f0000000280)=0x5)
setreuid(0x0, r11)
r12 = getuid()
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000600)=@acquire={0x134, 0x17, 0x4, 0xffff, 0x25dfdbff, {{@in6=@private2, 0x4d6, 0x3c}, @in=@private=0xa010100, {@in=@dev={0xac, 0x14, 0x14, 0x17}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e23, 0x4, 0x4e23, 0x0, 0xa, 0x80, 0x80, 0x2b, 0x0, r11}, {{@in6=@mcast1, @in6=@local, 0x4e24, 0x0, 0x4e20, 0xaf6d, 0x2, 0x180, 0x20, 0x6c, r9, r12}, {0x3, 0x0, 0xc, 0x7, 0x5, 0x3, 0x4, 0x7}, {0x2, 0x7, 0x3, 0x3}, 0x8, 0x6e6bbf, 0x0, 0x0, 0x0, 0x3}, 0xe, 0xc, 0x1, 0x70bd2b}, [@lastused={0xc, 0xf, 0x6}]}, 0x134}, 0x1, 0x0, 0x0, 0x20000001}, 0x4080)

3.629952346s ago: executing program 2 (id=1154):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x4, &(0x7f0000000240)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000, @void, @value}, 0x94)
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)={0x2c, r1, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x90)
ioperm(0x802, 0x6, 0x5)

3.469039754s ago: executing program 2 (id=1172):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x2000000000200000, &(0x7f0000000140)=@base={0x6, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

3.2881958s ago: executing program 2 (id=1173):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x260079e92e484ee)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r2}, 0x18)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000240), 0x8042, 0x0)
ppoll(&(0x7f0000000300)=[{r3, 0x9000}], 0x1, 0x0, 0x0, 0x0)
write$vga_arbiter(r3, &(0x7f0000000200)=ANY=[@ANYBLOB='unlock mem'], 0xb)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES16=r5, @ANYBLOB], 0x1c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0xffffffffffffffff, 0x2, 0x0)
syz_clone(0x80102300, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r6, 0x11, 0x1, &(0x7f0000000040)=0x94, 0x4)
sendmmsg$inet6(r6, 0x0, 0x0, 0x4001c00)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
write$vga_arbiter(r7, &(0x7f0000000000)=@other={'lock', ' ', 'io+mem'}, 0xc)
write$vga_arbiter(r7, &(0x7f0000000040)=@other={'decodes', ' ', 'none'}, 0xd)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x5c, 0x2, 0x6, 0x401, 0x0, 0x2000000, {0x0, 0x0, 0x5}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000014}, 0x0)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x200001, 0x0)
ioctl$PPPIOCSPASS(r8, 0x40107447, &(0x7f0000000300)={0x2, &(0x7f00000002c0)=[{0xb2b, 0x5, 0xd7, 0x4}, {0xc425, 0x9, 0xf, 0x3}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_queued\x00', 0x26e1, 0x0)

3.089788102s ago: executing program 3 (id=1174):
r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000495"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
eventfd(0x100)
syz_emit_ethernet(0xbe, &(0x7f00000005c0)={@multicast, @remote, @val={@val={0x88a8, 0x7, 0x1, 0x2}, {0x8100, 0x3, 0x1, 0x4}}, {@llc_tr={0x11, {@snap={0xaa, 0xab, "cb48", "eb4644", 0x0, "39f4d5e4caefd7d9244e8e646f1566163c128f11fc3a83455472f90d3ff98580be218f7ccb5ee51f5e8054ed1ffba15804683af614c909b5534f4f6139322111db9bc0d45aac7fdbad5d99341e2c355fbc9c0f11adf84ba3dbe0b6a62418690f3d77e003bad3c929e194fafdc9227949589fd77744ed6e5796e9d0184e474a1c09e82be6078e8f6d05d34a26ca0d20a8df9ccfa4924cda4eba1b968170288d"}}}}}, &(0x7f0000000580)={0x1, 0x1, [0xf3a, 0x26a, 0x419, 0xf72]})
read$alg(0xffffffffffffffff, &(0x7f00000001c0)=""/68, 0x44)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='mpol=bind:0-N:3/'])
unshare(0x20060000)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000002100)={0x0, 0x0, 0x0, 0x1000000})
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_ACTIVATE(r5, 0x4b31, 0x10000000000ed9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000380)=ANY=[@ANYBLOB="54010000100013070000000000000000ac1414aa000000000100000000000000fe80000000000000ff0300000000000000000000000000000000000000d00000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000003200000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c001c"], 0x154}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)

2.677026471s ago: executing program 5 (id=1175):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010800000000000000000b00000008000300", @ANYRES32=r3, @ANYBLOB='\x00'/12], 0x28}}, 0x0)
sendmsg$NL80211_CMD_GET_REG(r0, &(0x7f0000000800)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYRES16=r1, @ANYRES8], 0x284}, 0x1, 0x0, 0x0, 0x4000015}, 0x40180)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
r4 = fcntl$getown(0xffffffffffffffff, 0x9)
sched_setscheduler(r4, 0x3, &(0x7f0000000080)=0x47)
r5 = getpid()
prlimit64(r4, 0xa, 0x0, &(0x7f0000000840))
sched_setscheduler(r5, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r8)
ioctl$VFAT_IOCTL_READDIR_BOTH(r6, 0x82307201, &(0x7f0000000300)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r10 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r10, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r10, 0x84, 0x5, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e24, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3c922b94}}}, 0x84)
listen(r9, 0x4000000)
r11 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r11, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
accept(r8, 0x0, 0x0)
recvfrom(r11, &(0x7f00000001c0)=""/60, 0x3c, 0x42, 0x0, 0x0)

2.495683003s ago: executing program 3 (id=1176):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'macvtap0\x00', <r1=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r1, 0x1, 0x1, 0x6, @broadcast}, 0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="5800000010002104000000003ddbdf25000000003051e27b756c934a16fb5dfebbc0065729167150f2f6c183726ea10eb1e3cd532cb72ec3b904d073ff3361e02bb662a5b00cdb00cf8438ca31a449e0a8b57269bd3c240a927504f328771b9c8ad6fb032a7dc6c1e86074e7972666954fb193fe60fc3d51f750303290e25aea88f45bf8", @ANYRES32=0x0, @ANYBLOB="adffa888000000002800128009000100766c616e00000000180002800c0002000e0000000a000000060001000000000008000500", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r6, @ANYBLOB], 0x58}}, 0x0)

2.428379695s ago: executing program 1 (id=1153):
syz_emit_ethernet(0x46, &(0x7f0000000680)={@local, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '!\x00', 0x10, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x19, 0xfffffffd, 0x4000}}}}}}, 0x0)

2.310510521s ago: executing program 1 (id=1177):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r0, 0x0)
ioctl$SIOCX25SFACILITIES(r0, 0x8918, &(0x7f0000000100)={0x5, 0x800000, 0xb, 0xa, 0xfffffffc, 0x81})

2.277088752s ago: executing program 3 (id=1178):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.kill\x00', 0x0, 0x0)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000400)=0x200002)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000001600)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f00000001c0)="ef981d3a46d034e04b64fe1d7953aaa0bb113060dafdb55b7b1f07ba3f1104ad75cc38aae176569ddf1a8a5e5d0e917709de92ced3bbb1cef0021469c5730b00000000000000496d4992", 0x4a}, 0x68)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r2 = io_uring_setup(0x3eae, &(0x7f0000000380)={0x0, 0x0, 0x2, 0x3, 0x1f4})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000040)="00000097c3199945e3eadae14708c82ec713c20000070002", 0x18)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000040)={0x1, 0x2, 0x3, 0xfffffffffffffffe, 0x6})

2.275290668s ago: executing program 2 (id=1179):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r1}, @generic={0x66}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {0x3, 0x3, 0x6}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0xa, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)

1.504946986s ago: executing program 1 (id=1180):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_pts(0xffffffffffffffff, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x44)
inotify_init1(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, &(0x7f00000000c0)=0x13)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="020100090a000000000000000000000002001000000000020000000000000000030005000000000002000000ac1414000000000000000000030006003300000002000000ac1414000000000000000000f3fbaa77df267a76a9742adb6a001bdac26678cbae2a1ca3d8e7932b8a18bc4df7f311b644b572f734f8978d619193d4e14f4f553abce63f53a72e2124a8b97379b4663b1d656c3023aabb55b57cad37c00a7700e83bdc27b060d2a1786241db0543e3120fa75350c7a9e1339cac41e2b985073a80cf23f92d5ea73780904039c8ca653f360f0347acdbad23f46329f5d2b5b2be0460b0194a9ef63681a4e801e41fb9eaee2dad23d8ff07000000007ba3762e874e9e625c7da1988a31745e000052e34ec0058b35b02cd25a2c08a01d5da8489b275dc1af55ce0000000000000000000000ebfc9e3941495d075f0c347b93e5ebef9d256dd7bddb94d0cb1c7a17e0"], 0x50}}, 0x0)
clock_nanosleep(0x9, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000/0x3000)=nil, 0x4000})
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000280)={0x1f, 0xffff, 0x4}, 0x6)

1.168193586s ago: executing program 2 (id=1181):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6}]})
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001900)=[{{&(0x7f00000001c0)={0x2, 0x4e20, @multicast2=0x3000000}, 0x10, 0x0}}], 0x1, 0x20000000)
epoll_create(0x1020)
mkdir(&(0x7f0000002880)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='nfsd\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r1, &(0x7f00000000c0)=""/74, 0x2a)
getdents64(r1, 0x0, 0x44)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x4, @private1, 0x1000}, 0x1c)
r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0)
unshare(0x22020600)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r4, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000000041}, 0xc)
ioctl$RTC_AIE_OFF(r3, 0x7002)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000200), 0xb00, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r5, 0x8010500c, &(0x7f0000000040))
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0502103, 0x0)

1.031723314s ago: executing program 3 (id=1182):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x4, &(0x7f0000000240)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000, @void, @value}, 0x94)
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)={0x2c, r1, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_CHANNEL={0x5}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x90)
ioperm(0x802, 0x6, 0x5)

365.11006ms ago: executing program 1 (id=1183):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r4, 0x2285, 0x0)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r5, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@cswp={0x58, 0x114, 0x7, {{}, 0x0, 0x0}}], 0x58}, 0x0)
add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x20000023892)
ioctl$TIOCSERGETLSR(r6, 0x5459, &(0x7f0000000040))
symlink(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000fd0f000003"], 0x48)
ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x4004f506, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x40, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$netlink(0x10, 0x3, 0x0)

76.958035ms ago: executing program 5 (id=1184):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000040), &(0x7f0000048000), 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
open(0x0, 0x14507e, 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, 0x0)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000280), 0x80a00, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f00000000c0)={"921e42d938c0dba531f880e313cb5db6b849c1869e742fbeb818f3a2555609a2", 0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, 0x0)
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f0000000140)={"9ef24469ba7bcf25f9ede2385d03eaf556ec788b3e5f4f9715dd7d64e313098b"})
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000080)={0x1, "0600000000000000c64c3b6e6ff82a75e5318fca4288c2ffbdbec772020acd2c", <r3=>0xffffffffffffffff})
r4 = syz_usbip_server_init(0x1)
dup(r4)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
sendmsg$NL802154_CMD_SET_ACKREQ_DEFAULT(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x44, 0x0, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_ACKREQ_DEFAULT={0x5}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x1}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x4044010)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000008c0)=""/143, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000000)=0x20000)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
dup3(r3, r1, 0x0)

1.819783ms ago: executing program 4 (id=1152):
r0 = io_uring_setup(0x1fc4, &(0x7f0000000bc0)={0x0, 0x0, 0x12, 0x0, 0x320})
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f00000002c0)={0xa, 0x4e22, 0xfffffffd, @initdev={0xfe, 0x88, '\x00', 0xfa, 0x0}, 0x80000}, 0x2)
listen(r3, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmsg$alg(r5, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000170100000300000001000800000000001800000000000000170100000200"], 0x30}, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
bind$netlink(r5, &(0x7f0000000200)={0x10, 0x0, 0x25dfdbfd, 0x20000000}, 0xc)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
ioctl$SNDRV_TIMER_IOCTL_GINFO(r7, 0xc0f85403, &(0x7f0000000100)={{0xffffffffffffffff, 0x1, 0x317c, 0x0, 0x1}, 0x7, 0x7f, 'id0\x00', 'timer0\x00', 0x0, 0x3, 0x4, 0x5})
getdents(r7, 0xfffffffffffffffd, 0x3b)
accept4(r2, &(0x7f0000000040)=@pppoe={0x18, 0x0, {0x0, @multicast}}, &(0x7f00000000c0)=0x80, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 3 (id=1185):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000580), r0)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000400)={0x0, 0xfffc, &(0x7f00000001c0)={&(0x7f0000000000)={0x30, r1, 0x94c3ef5bbe1aa9af, 0x70bd28, 0x25dfdc03, {}, [@IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x5}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x5}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x40001}, 0xc0080)

kernel console output (not intermixed with test programs):


[  335.960974][ T8779] 8021q: adding VLAN 0 to HW filter on device team0
[  336.023960][ T8779] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  336.057966][ T8779] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  336.082514][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  336.123490][ T6294] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.130710][ T6294] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.175523][ T6294] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.182665][ T6294] bridge0: port 2(bridge_slave_1) entered forwarding state
[  336.263564][ T6853] IPVS: stop unused estimator thread 0...
[  336.432527][ T5899] usb 4-1: USB disconnect, device number 23
[  336.687248][ T8779] 8021q: adding VLAN 0 to HW filter on device batadv0
[  336.759614][   T29] kauditd_printk_skb: 30 callbacks suppressed
[  336.759633][   T29] audit: type=1326 audit(1734148307.929:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8992 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8169f85d19 code=0x7ffc0000
[  336.904715][   T29] audit: type=1326 audit(1734148307.969:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8992 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8169f85d19 code=0x7ffc0000
[  336.977773][   T29] audit: type=1326 audit(1734148307.969:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8992 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8169f85d19 code=0x7ffc0000
[  337.084380][   T29] audit: type=1326 audit(1734148307.969:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8992 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8169f85d19 code=0x7ffc0000
[  337.122593][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  337.193721][   T29] audit: type=1326 audit(1734148307.969:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8992 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8169f85d19 code=0x7ffc0000
[  337.220444][ T8883] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  337.251042][ T8883] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  337.286298][   T29] audit: type=1326 audit(1734148307.969:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8992 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8169f85d19 code=0x7ffc0000
[  337.337351][ T8883] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  337.355204][ T8883] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  337.401186][ T9007] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  337.407745][ T9007] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  337.432285][   T29] audit: type=1326 audit(1734148307.969:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8992 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8169f85d19 code=0x7ffc0000
[  337.485327][ T9007] vhci_hcd vhci_hcd.0: Device attached
[  337.499371][   T29] audit: type=1326 audit(1734148308.029:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8992 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8169f85d19 code=0x7ffc0000
[  337.567627][ T9011] vhci_hcd: connection closed
[  337.568031][ T1079] vhci_hcd: stop threads
[  337.592988][ T1079] vhci_hcd: release socket
[  337.606368][ T8883] 8021q: adding VLAN 0 to HW filter on device bond0
[  337.613513][ T1079] vhci_hcd: disconnect device
[  337.635061][   T29] audit: type=1326 audit(1734148308.049:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8992 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8169f85d19 code=0x7ffc0000
[  337.650352][ T8779] veth0_vlan: entered promiscuous mode
[  337.657264][   T29] audit: type=1326 audit(1734148308.049:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8992 comm="syz.3.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8169f85d19 code=0x7ffc0000
[  337.662883][ T5899] vhci_hcd: vhci_device speed not set
[  337.737990][ T8883] 8021q: adding VLAN 0 to HW filter on device team0
[  337.755054][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.762226][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  337.779126][ T8779] veth1_vlan: entered promiscuous mode
[  337.867217][ T8779] veth0_macvtap: entered promiscuous mode
[  337.876459][ T8779] veth1_macvtap: entered promiscuous mode
[  337.929067][ T3588] bridge0: port 2(bridge_slave_1) entered blocking state
[  337.936337][ T3588] bridge0: port 2(bridge_slave_1) entered forwarding state
[  338.009689][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.022334][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.033551][ T8779] batman_adv: batadv0: Interface activated: batadv_slave_0
[  338.043351][ T8779] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.054752][ T8779] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.066232][ T8779] batman_adv: batadv0: Interface activated: batadv_slave_1
[  338.131488][ T8779] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  338.142651][ T8779] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  338.152588][ T8779] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  338.161352][ T8779] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  338.162512][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  338.213702][ T8883] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  338.629912][ T9020] FAULT_INJECTION: forcing a failure.
[  338.629912][ T9020] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  338.643719][ T9020] CPU: 1 UID: 0 PID: 9020 Comm: syz.2.875 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  338.654780][ T9020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  338.664879][ T9020] Call Trace:
[  338.668622][ T9020]  <TASK>
[  338.671575][ T9020]  dump_stack_lvl+0x241/0x360
[  338.676289][ T9020]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.681509][ T9020]  ? __pfx__printk+0x10/0x10
[  338.686120][ T9020]  ? __pfx_lock_release+0x10/0x10
[  338.691170][ T9020]  should_fail_ex+0x3b0/0x4e0
[  338.695964][ T9020]  _copy_from_user+0x2f/0xc0
[  338.700579][ T9020]  snd_seq_event_dup+0x5ab/0x8c0
[  338.705540][ T9020]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  338.711939][ T9020]  ? __pfx_snd_seq_event_dup+0x10/0x10
[  338.717544][ T9020]  snd_seq_client_enqueue_event+0x321/0x530
[  338.723601][ T9020]  ? preempt_schedule_thunk+0x1a/0x30
[  338.729448][ T9020]  ? __pfx_snd_seq_client_enqueue_event+0x10/0x10
[  338.736246][ T9020]  ? __might_fault+0xc6/0x120
[  338.740951][ T9020]  snd_seq_write+0x6c7/0xaa0
[  338.745664][ T9020]  ? __pfx_snd_seq_write+0x10/0x10
[  338.750801][ T9020]  ? rw_verify_area+0x12e/0x6f0
[  338.755800][ T9020]  ? rw_verify_area+0x1c3/0x6f0
[  338.760680][ T9020]  ? __pfx_snd_seq_write+0x10/0x10
[  338.765822][ T9020]  vfs_write+0x2a3/0xd30
[  338.770091][ T9020]  ? __pfx_vfs_write+0x10/0x10
[  338.774876][ T9020]  ? __fget_files+0x2a/0x410
[  338.779508][ T9020]  ? __fget_files+0x395/0x410
[  338.784202][ T9020]  ? __fget_files+0x2a/0x410
[  338.788829][ T9020]  ksys_write+0x18f/0x2b0
[  338.793183][ T9020]  ? __pfx_ksys_write+0x10/0x10
[  338.798074][ T9020]  ? do_syscall_64+0x100/0x230
[  338.802878][ T9020]  ? do_syscall_64+0xb6/0x230
[  338.807591][ T9020]  do_syscall_64+0xf3/0x230
[  338.812142][ T9020]  ? clear_bhb_loop+0x35/0x90
[  338.816959][ T9020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.822881][ T9020] RIP: 0033:0x7f53e7385d19
[  338.828133][ T9020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.849601][ T9020] RSP: 002b:00007f53e80ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  338.858855][ T9020] RAX: ffffffffffffffda RBX: 00007f53e7576160 RCX: 00007f53e7385d19
[  338.866947][ T9020] RDX: 000000000000ffc8 RSI: 0000000020000000 RDI: 0000000000000005
[  338.874949][ T9020] RBP: 00007f53e80ff090 R08: 0000000000000000 R09: 0000000000000000
[  338.882937][ T9020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  338.890945][ T9020] R13: 0000000000000000 R14: 00007f53e7576160 R15: 00007ffc248e4418
[  338.898976][ T9020]  </TASK>
[  338.946311][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  338.979305][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  339.017498][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  339.047468][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  339.147725][ T8883] 8021q: adding VLAN 0 to HW filter on device batadv0
[  339.202714][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  339.311032][ T8883] veth0_vlan: entered promiscuous mode
[  339.395379][ T8883] veth1_vlan: entered promiscuous mode
[  339.484479][ T8883] veth0_macvtap: entered promiscuous mode
[  339.514931][ T8883] veth1_macvtap: entered promiscuous mode
[  340.242495][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  340.314118][ T8883] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  340.388520][ T8883] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.481583][ T8883] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  340.502022][ T8883] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.520356][ T8883] batman_adv: batadv0: Interface activated: batadv_slave_0
[  340.617207][ T8883] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.648651][ T8883] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.692567][ T8883] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  340.710604][ T8883] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  340.751495][ T8883] batman_adv: batadv0: Interface activated: batadv_slave_1
[  340.806117][ T8883] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  340.832209][ T8883] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  340.843608][ T8883] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  340.853785][ T8883] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  341.282598][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  342.322515][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  342.468954][ T9056] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  342.475558][ T9056] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  342.493632][ T9046] can: request_module (can-proto-0) failed.
[  342.501204][ T1079] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.553435][ T1079] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.580133][ T9056] vhci_hcd vhci_hcd.0: Device attached
[  342.589818][ T3588] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.605109][ T3588] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.770080][ T9060] vhci_hcd: connection closed
[  342.771868][ T6294] vhci_hcd: stop threads
[  342.790140][ T6294] vhci_hcd: release socket
[  342.803585][ T6294] vhci_hcd: disconnect device
[  342.813278][   T51] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[  343.262575][   T29] kauditd_printk_skb: 8 callbacks suppressed
[  343.262619][   T29] audit: type=1326 audit(1734148314.359:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9065 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53e7385d19 code=0x7ffc0000
[  343.362542][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  343.613028][   T29] audit: type=1326 audit(1734148314.359:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9065 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53e7385d19 code=0x7ffc0000
[  343.735513][   T29] audit: type=1326 audit(1734148314.359:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9065 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f53e7385d19 code=0x7ffc0000
[  343.802996][ T5894] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  343.879099][   T29] audit: type=1326 audit(1734148314.359:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9065 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53e7385d19 code=0x7ffc0000
[  343.955833][   T29] audit: type=1326 audit(1734148314.359:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9065 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53e7385d19 code=0x7ffc0000
[  343.992610][ T5894] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  344.001173][ T5894] usb 5-1: config 0 has an invalid interface association descriptor of length 7, skipping
[  344.019004][ T5894] usb 5-1: config 0 has no interface number 0
[  344.025549][   T29] audit: type=1326 audit(1734148314.369:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9065 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f53e7385d19 code=0x7ffc0000
[  344.055614][ T5894] usb 5-1: config 0 interface 51 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  344.070692][   T29] audit: type=1326 audit(1734148314.369:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9065 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53e7385d19 code=0x7ffc0000
[  344.095676][   T29] audit: type=1326 audit(1734148314.369:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9065 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53e7385d19 code=0x7ffc0000
[  344.118396][   T29] audit: type=1326 audit(1734148314.369:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9065 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f53e7385d19 code=0x7ffc0000
[  344.135894][ T5894] usb 5-1: New USB device found, idVendor=12d1, idProduct=8869, bcdDevice=3b.15
[  344.140559][  T977] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  344.160490][   T29] audit: type=1326 audit(1734148314.379:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9065 comm="syz.2.886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53e7385d19 code=0x7ffc0000
[  344.170140][ T5894] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  344.220464][ T5894] usb 5-1: Product: syz
[  344.225391][ T5894] usb 5-1: Manufacturer: syz
[  344.230224][ T5894] usb 5-1: SerialNumber: syz
[  344.295259][ T9090] FAULT_INJECTION: forcing a failure.
[  344.295259][ T9090] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  344.315567][ T9090] CPU: 1 UID: 0 PID: 9090 Comm: syz.3.895 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  344.326303][ T9090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  344.336462][ T9090] Call Trace:
[  344.339749][ T9090]  <TASK>
[  344.342776][ T9090]  dump_stack_lvl+0x241/0x360
[  344.347485][ T9090]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.352711][ T9090]  ? __pfx__printk+0x10/0x10
[  344.357342][ T9090]  should_fail_ex+0x3b0/0x4e0
[  344.362052][ T9090]  strncpy_from_user+0x36/0x270
[  344.366977][ T9090]  getname_flags+0xf1/0x540
[  344.371490][ T9090]  user_path_at+0x24/0x60
[  344.375926][ T9090]  __se_sys_mount+0x297/0x3c0
[  344.380624][ T9090]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  344.386632][ T9090]  ? __pfx___se_sys_mount+0x10/0x10
[  344.391861][ T9090]  ? do_syscall_64+0x100/0x230
[  344.396625][ T9090]  ? __x64_sys_mount+0x20/0xc0
[  344.401411][ T9090]  do_syscall_64+0xf3/0x230
[  344.405918][ T9090]  ? clear_bhb_loop+0x35/0x90
[  344.410598][ T9090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.417399][ T9090] RIP: 0033:0x7f8169f85d19
[  344.421813][ T9090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.443169][ T9090] RSP: 002b:00007f816adcf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  344.452395][ T9090] RAX: ffffffffffffffda RBX: 00007f816a176080 RCX: 00007f8169f85d19
[  344.461092][ T9090] RDX: 0000000020000140 RSI: 00000000200000c0 RDI: 0000000020000100
[  344.469078][ T9090] RBP: 00007f816adcf090 R08: 0000000000000000 R09: 0000000000000000
[  344.477135][ T9090] R10: 0000000000808800 R11: 0000000000000246 R12: 0000000000000001
[  344.485116][ T9090] R13: 0000000000000000 R14: 00007f816a176080 R15: 00007ffd5baa0c28
[  344.493279][ T9090]  </TASK>
[  344.497255][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  344.520727][ T5894] usb 5-1: config 0 descriptor??
[  344.529697][ T5894] huawei_cdc_ncm 5-1:0.51: CDC Union missing and no IAD found
[  344.567719][  T977] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  344.578772][  T977] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  344.590302][  T977] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  344.595801][ T5894] huawei_cdc_ncm 5-1:0.51: bind() failure
[  344.617835][  T977] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  344.628029][  T977] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  344.639921][  T977] usb 3-1: Product: syz
[  344.644695][  T977] usb 3-1: Manufacturer: syz
[  344.649426][  T977] usb 3-1: SerialNumber: syz
[  344.986019][  T977] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[  344.993069][  T977] cdc_ncm 3-1:1.0: bind() failure
[  345.522492][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  345.926201][ T9094] can: request_module (can-proto-0) failed.
[  346.302637][ T5866] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  346.562489][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  346.957525][   T95] usb 5-1: USB disconnect, device number 21
[  347.065439][ T5866] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  347.073857][ T5866] usb 4-1: config 0 has no interface number 0
[  347.084521][ T5866] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  347.094582][ T5866] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.102942][ T5866] usb 4-1: Product: syz
[  347.107649][ T5866] usb 4-1: Manufacturer: syz
[  347.112509][ T5866] usb 4-1: SerialNumber: syz
[  347.119747][ T5866] usb 4-1: config 0 descriptor??
[  347.130796][ T9113] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(7)
[  347.137539][ T9113] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  347.152231][ T9113] vhci_hcd vhci_hcd.0: Device attached
[  347.177886][ T9117] vhci_hcd: connection closed
[  347.178469][   T35] vhci_hcd: stop threads
[  347.187748][   T35] vhci_hcd: release socket
[  347.196737][   T35] vhci_hcd: disconnect device
[  347.340810][ T9103] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.352099][ T9103] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.371737][ T5866] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  347.382750][ T5866] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  347.396560][ T5866] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  347.405013][ T5866] usb 4-1: media controller created
[  347.420035][ T5866] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  347.573765][ T9103] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.590729][ T9103] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.602487][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  347.627812][ T5866] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  347.672742][ T5866] usb 4-1: USB disconnect, device number 24
[  347.750339][ T9127] sctp: [Deprecated]: syz.1.904 (pid 9127) Use of int in maxseg socket option.
[  347.750339][ T9127] Use struct sctp_assoc_value instead
[  347.872339][ T9135] netlink: 4 bytes leftover after parsing attributes in process `syz.5.907'.
[  347.914754][   T51] vhci_hcd: vhci_device speed not set
[  348.037154][ T5866] usb 3-1: USB disconnect, device number 31
[  348.642744][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  349.682510][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  349.937473][ T9155] netlink: 40 bytes leftover after parsing attributes in process `syz.1.910'.
[  350.579609][ T9150] could not allocate digest TFM handle sha3-384-ce
[  350.722491][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  351.155901][ T9169] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  351.162479][ T9169] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  351.192687][ T9169] vhci_hcd vhci_hcd.0: Device attached
[  351.233071][ T9177] vhci_hcd: connection closed
[  351.233750][   T55] vhci_hcd: stop threads
[  351.244042][   T55] vhci_hcd: release socket
[  351.248599][   T55] vhci_hcd: disconnect device
[  351.560331][ T9189] syz.5.920: attempt to access beyond end of device
[  351.560331][ T9189] nbd5: rw=0, sector=64, nr_sectors = 8 limit=0
[  351.573698][ T9189] syz.5.920: attempt to access beyond end of device
[  351.573698][ T9189] nbd5: rw=0, sector=120, nr_sectors = 8 limit=0
[  351.586566][ T9189] Mount JFS Failure: -5
[  351.729149][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  351.729192][   T29] audit: type=1326 audit(1734148322.899:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9191 comm="syz.5.921" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4f5e185d19 code=0x0
[  351.762547][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  352.802502][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  353.842530][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  353.848949][ T9220] vivid-000: disconnect
[  353.889234][ T9220] vivid-000: reconnect
[  354.361118][ T9221] syz.3.928: attempt to access beyond end of device
[  354.361118][ T9221] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[  354.374155][ T9221] syz.3.928: attempt to access beyond end of device
[  354.374155][ T9221] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[  354.387079][ T9221] Mount JFS Failure: -5
[  354.440435][ T9231] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  354.463778][ T9232] netlink: 28 bytes leftover after parsing attributes in process `syz.1.931'.
[  354.533702][ T9231] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  354.603035][    T9] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  354.882499][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  355.556150][ T9234] syz.1.931 (9234): drop_caches: 2
[  355.618480][ T9240] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  355.625109][ T9240] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  355.663801][    T9] usb 5-1: config 0 has an invalid interface number: 156 but max is 0
[  355.671991][    T9] usb 5-1: config 0 has no interface number 0
[  355.694490][ T9240] vhci_hcd vhci_hcd.0: Device attached
[  355.720505][    T9] usb 5-1: config 0 interface 156 has no altsetting 0
[  355.731125][ T9243] vhci_hcd: connection closed
[  355.731390][ T6294] vhci_hcd: stop threads
[  355.731506][    T9] usb 5-1: New USB device found, idVendor=257a, idProduct=2609, bcdDevice=7e.22
[  355.756171][ T6294] vhci_hcd: release socket
[  355.760702][ T6294] vhci_hcd: disconnect device
[  355.861677][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.922528][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  355.924307][    T9] usb 5-1: config 0 descriptor??
[  355.947151][    T9] hub 5-1:0.156: bad descriptor, ignoring hub
[  355.953547][    T9] hub 5-1:0.156: probe with driver hub failed with error -5
[  355.962297][    T9] option 5-1:0.156: GSM modem (1-port) converter detected
[  355.972584][   T95] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  356.102597][   T95] usb 6-1: device descriptor read/64, error -71
[  356.383892][   T95] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  356.623602][   T95] usb 6-1: device descriptor read/64, error -71
[  356.765722][ T9257] vlan2: entered promiscuous mode
[  356.770882][ T9257] team0: entered promiscuous mode
[  356.780810][ T9257] vlan2: entered allmulticast mode
[  356.786639][   T51] usb 5-1: USB disconnect, device number 22
[  356.793174][   T95] usb usb6-port1: attempt power cycle
[  356.798886][ T9257] team0: entered allmulticast mode
[  356.811216][   T51] option 5-1:0.156: device disconnected
[  356.826537][ T9253] can: request_module (can-proto-0) failed.
[  356.962503][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  357.572690][   T95] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  357.605119][   T95] usb 6-1: device descriptor read/8, error -71
[  358.002476][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  358.522543][   T95] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  358.554952][   T95] usb 6-1: device descriptor read/8, error -71
[  358.970257][   T95] usb usb6-port1: unable to enumerate USB device
[  359.042488][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  359.372509][   T95] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  359.591666][   T95] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  359.628967][   T95] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  359.692478][   T95] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  359.713030][   T95] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  359.727508][   T95] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  359.737046][   T95] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.749541][   T95] usb 6-1: config 0 descriptor??
[  359.755398][ T9282] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  360.082482][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  360.194813][   T95] plantronics 0003:047F:FFFF.0008: unknown main item tag 0xd
[  360.205619][   T95] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[  360.230208][   T95] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  360.485945][ T5864] usb 6-1: USB disconnect, device number 21
[  361.122499][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  362.162559][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  363.202480][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  363.507447][ T9337] netlink: 'syz.4.963': attribute type 10 has an invalid length.
[  363.508578][   T29] audit: type=1400 audit(1734148334.679:210): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=9335 comm="syz.4.963"
[  363.516441][ T9337] netlink: 40 bytes leftover after parsing attributes in process `syz.4.963'.
[  363.544440][ T9337] bridge0: port 1(hsr0) entered blocking state
[  363.550828][ T9337] bridge0: port 1(hsr0) entered disabled state
[  363.557999][ T9337] hsr0: entered allmulticast mode
[  363.563167][ T9337] hsr_slave_0: entered allmulticast mode
[  363.568981][ T9337] hsr_slave_1: entered allmulticast mode
[  363.576257][ T9337] hsr0: entered promiscuous mode
[  363.582217][ T9337] bridge0: port 1(hsr0) entered blocking state
[  363.588646][ T9337] bridge0: port 1(hsr0) entered forwarding state
[  364.242554][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  365.282621][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  365.381299][ T9363] overlayfs: conflicting lowerdir path
[  366.322561][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  366.390932][ T9381] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  366.432653][ T9377] can: request_module (can-proto-0) failed.
[  367.362505][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  368.402495][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  369.010622][ T9413] FAULT_INJECTION: forcing a failure.
[  369.010622][ T9413] name failslab, interval 1, probability 0, space 0, times 0
[  369.027229][ T9413] CPU: 1 UID: 0 PID: 9413 Comm: syz.1.983 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  369.038287][ T9413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  369.048374][ T9413] Call Trace:
[  369.051683][ T9413]  <TASK>
[  369.054636][ T9413]  dump_stack_lvl+0x241/0x360
[  369.059382][ T9413]  ? __pfx_dump_stack_lvl+0x10/0x10
[  369.064631][ T9413]  ? __pfx__printk+0x10/0x10
[  369.069270][ T9413]  ? __kmalloc_cache_noprof+0x48/0x390
[  369.074763][ T9413]  ? __pfx___might_resched+0x10/0x10
[  369.080153][ T9413]  ? arch_stack_walk+0xfd/0x150
[  369.085128][ T9413]  should_fail_ex+0x3b0/0x4e0
[  369.089823][ T9413]  should_failslab+0xac/0x100
[  369.094516][ T9413]  __kmalloc_cache_noprof+0x70/0x390
[  369.099790][ T9413]  ? rtnl_newlink+0x131/0x2150
[  369.104548][ T9413]  rtnl_newlink+0x131/0x2150
[  369.109163][ T9413]  ? kasan_save_track+0x51/0x80
[  369.114027][ T9413]  ? kasan_save_free_info+0x40/0x50
[  369.119253][ T9413]  ? __kasan_slab_free+0x59/0x70
[  369.124288][ T9413]  ? __pfx_rtnl_newlink+0x10/0x10
[  369.129403][ T9413]  ? __netlink_deliver_tap+0x56b/0x7f0
[  369.134882][ T9413]  ? __pfx_validate_chain+0x10/0x10
[  369.140160][ T9413]  ? __sock_sendmsg+0x221/0x270
[  369.145088][ T9413]  ? ____sys_sendmsg+0x52a/0x7e0
[  369.150060][ T9413]  ? __sys_sendmsg+0x269/0x350
[  369.154820][ T9413]  ? do_syscall_64+0xf3/0x230
[  369.160328][ T9413]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.166616][ T9413]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  369.172606][ T9413]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  369.178960][ T9413]  ? mark_lock+0x9a/0x360
[  369.183336][ T9413]  ? __lock_acquire+0x1397/0x2100
[  369.188433][ T9413]  ? rcu_read_unlock+0x87/0xa0
[  369.193249][ T9413]  ? __dev_queue_xmit+0x1775/0x3f50
[  369.198501][ T9413]  ? __pfx_lock_release+0x10/0x10
[  369.203724][ T9413]  ? cap_capable+0x1b4/0x250
[  369.208385][ T9413]  ? safesetid_security_capable+0xb2/0x1d0
[  369.214796][ T9413]  ? __pfx_rtnl_newlink+0x10/0x10
[  369.220155][ T9413]  rtnetlink_rcv_msg+0x791/0xcf0
[  369.225673][ T9413]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  369.230838][ T9413]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  369.236349][ T9413]  ? ref_tracker_free+0x643/0x7e0
[  369.241567][ T9413]  netlink_rcv_skb+0x1e3/0x430
[  369.246613][ T9413]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  369.252580][ T9413]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  369.258784][ T9413]  ? netlink_deliver_tap+0x2e/0x1b0
[  369.263991][ T9413]  netlink_unicast+0x7f6/0x990
[  369.268782][ T9413]  ? __pfx_netlink_unicast+0x10/0x10
[  369.274076][ T9413]  ? __virt_addr_valid+0x45f/0x530
[  369.279299][ T9413]  ? __phys_addr_symbol+0x2f/0x70
[  369.284327][ T9413]  ? __check_object_size+0x47a/0x730
[  369.289649][ T9413]  netlink_sendmsg+0x8e4/0xcb0
[  369.294417][ T9413]  ? __pfx_netlink_sendmsg+0x10/0x10
[  369.299721][ T9413]  ? __pfx_netlink_sendmsg+0x10/0x10
[  369.305008][ T9413]  __sock_sendmsg+0x221/0x270
[  369.309989][ T9413]  ____sys_sendmsg+0x52a/0x7e0
[  369.315277][ T9413]  ? __pfx_____sys_sendmsg+0x10/0x10
[  369.320596][ T9413]  ? __fget_files+0x2a/0x410
[  369.325227][ T9413]  ? __fget_files+0x2a/0x410
[  369.329842][ T9413]  __sys_sendmsg+0x269/0x350
[  369.334448][ T9413]  ? __pfx_lock_release+0x10/0x10
[  369.339508][ T9413]  ? __pfx___sys_sendmsg+0x10/0x10
[  369.344768][ T9413]  ? __pfx_vfs_write+0x10/0x10
[  369.350014][ T9413]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  369.356641][ T9413]  ? do_syscall_64+0x100/0x230
[  369.361530][ T9413]  ? do_syscall_64+0xb6/0x230
[  369.366220][ T9413]  do_syscall_64+0xf3/0x230
[  369.370740][ T9413]  ? clear_bhb_loop+0x35/0x90
[  369.375508][ T9413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.381407][ T9413] RIP: 0033:0x7ffb2fb85d19
[  369.385824][ T9413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.405433][ T9413] RSP: 002b:00007ffb30a2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  369.415677][ T9413] RAX: ffffffffffffffda RBX: 00007ffb2fd75fa0 RCX: 00007ffb2fb85d19
[  369.423730][ T9413] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  369.431735][ T9413] RBP: 00007ffb30a2f090 R08: 0000000000000000 R09: 0000000000000000
[  369.440007][ T9413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  369.447983][ T9413] R13: 0000000000000000 R14: 00007ffb2fd75fa0 R15: 00007ffd3aadc9b8
[  369.456063][ T9413]  </TASK>
[  369.459192][    C1] vkms_vblank_simulate: vblank timer overrun
[  369.466084][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  369.654422][   T51] usb 6-1: new full-speed USB device number 22 using dummy_hcd
[  369.855895][   T51] usb 6-1: unable to get BOS descriptor or descriptor too short
[  369.917856][   T51] usb 6-1: not running at top speed; connect to a high speed hub
[  369.927655][   T51] usb 6-1: config 3 has an invalid interface number: 118 but max is 0
[  369.940602][   T51] usb 6-1: config 3 has no interface number 0
[  369.947617][   T51] usb 6-1: config 3 interface 118 has no altsetting 0
[  369.962122][   T51] usb 6-1: New USB device found, idVendor=07ca, idProduct=b808, bcdDevice=78.a1
[  369.978968][   T51] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.987259][   T51] usb 6-1: Product: syz
[  369.998575][   T51] usb 6-1: Manufacturer: syz
[  370.003568][   T51] usb 6-1: SerialNumber: syz
[  370.187390][ T9427] PKCS8: Unsupported PKCS#8 version
[  370.246260][ T9426] netlink: 'syz.2.990': attribute type 1 has an invalid length.
[  370.308080][ T9403] netlink: 16 bytes leftover after parsing attributes in process `syz.5.985'.
[  370.345456][ T9403] RDS: rds_bind could not find a transport for fc00::1, load rds_tcp or rds_rdma?
[  370.416537][   T51] dvb-usb: found a 'AVerMedia AVerTV DVB-T Volar' in cold state, will try to load a firmware
[  370.482494][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  370.514604][   T51] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  370.549593][   T51] dib0700: firmware download failed at 7 with -22
[  370.593114][   T51] usb 6-1: USB disconnect, device number 22
[  370.808096][ T5864] usb 4-1: new full-speed USB device number 25 using dummy_hcd
[  370.943159][ T9440] netlink: 'syz.2.996': attribute type 4 has an invalid length.
[  370.953445][ T5864] usb 4-1: device descriptor read/64, error -71
[  370.997554][   T95] lo speed is unknown, defaulting to 1000
[  371.155511][ T9440] netlink: 'syz.2.996': attribute type 4 has an invalid length.
[  371.522482][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  371.596282][    T9] lo speed is unknown, defaulting to 1000
[  371.712637][ T5864] usb 4-1: new full-speed USB device number 26 using dummy_hcd
[  371.862768][ T5864] usb 4-1: device descriptor read/64, error -71
[  371.982895][ T5864] usb usb4-port1: attempt power cycle
[  372.476101][ T5864] usb 4-1: new full-speed USB device number 27 using dummy_hcd
[  372.503087][ T5864] usb 4-1: device descriptor read/8, error -71
[  372.562471][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  372.800013][ T5864] usb 4-1: new full-speed USB device number 28 using dummy_hcd
[  372.897046][ T5864] usb 4-1: device descriptor read/8, error -71
[  373.167488][ T5864] usb usb4-port1: unable to enumerate USB device
[  373.401822][ T9473] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1005'.
[  373.454640][ T9472] program syz.3.1004 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  373.602500][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  374.642475][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  375.021795][ T9487] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1009'.
[  375.682498][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  376.722556][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  377.699377][ T9517] FAULT_INJECTION: forcing a failure.
[  377.699377][ T9517] name failslab, interval 1, probability 0, space 0, times 0
[  377.713246][ T9517] CPU: 0 UID: 0 PID: 9517 Comm: syz.2.1018 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  377.724575][ T9517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  377.735021][ T9517] Call Trace:
[  377.738421][ T9517]  <TASK>
[  377.741425][ T9517]  dump_stack_lvl+0x241/0x360
[  377.746612][ T9517]  ? __pfx_dump_stack_lvl+0x10/0x10
[  377.751853][ T9517]  ? __pfx__printk+0x10/0x10
[  377.756928][ T9517]  ? __kmalloc_cache_noprof+0x48/0x390
[  377.762440][ T9517]  ? __pfx___might_resched+0x10/0x10
[  377.762569][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  377.767914][ T9517]  ? arch_stack_walk+0xfd/0x150
[  377.779729][ T9517]  should_fail_ex+0x3b0/0x4e0
[  377.784452][ T9517]  should_failslab+0xac/0x100
[  377.789163][ T9517]  __kmalloc_cache_noprof+0x70/0x390
[  377.794481][ T9517]  ? rtnl_newlink+0x131/0x2150
[  377.799369][ T9517]  rtnl_newlink+0x131/0x2150
[  377.804005][ T9517]  ? kasan_save_track+0x51/0x80
[  377.810080][ T9517]  ? kasan_save_free_info+0x40/0x50
[  377.815413][ T9517]  ? __kasan_slab_free+0x59/0x70
[  377.820503][ T9517]  ? __pfx_rtnl_newlink+0x10/0x10
[  377.827092][ T9517]  ? __netlink_deliver_tap+0x56b/0x7f0
[  377.834173][ T9517]  ? __pfx_validate_chain+0x10/0x10
[  377.840574][ T9517]  ? __sock_sendmsg+0x221/0x270
[  377.848355][ T9517]  ? ____sys_sendmsg+0x52a/0x7e0
[  377.853890][ T9517]  ? __sys_sendmsg+0x269/0x350
[  377.858973][ T9517]  ? do_syscall_64+0xf3/0x230
[  377.863782][ T9517]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.869913][ T9517]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  377.876183][ T9517]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  377.882930][ T9517]  ? mark_lock+0x9a/0x360
[  377.887310][ T9517]  ? __lock_acquire+0x1397/0x2100
[  377.892488][ T9517]  ? rcu_read_unlock+0x87/0xa0
[  377.897293][ T9517]  ? __dev_queue_xmit+0x1775/0x3f50
[  377.902527][ T9517]  ? __pfx_lock_release+0x10/0x10
[  377.907692][ T9517]  ? cap_capable+0x1b4/0x250
[  377.912427][ T9517]  ? safesetid_security_capable+0xb2/0x1d0
[  377.919237][ T9517]  ? __pfx_rtnl_newlink+0x10/0x10
[  377.925485][ T9517]  rtnetlink_rcv_msg+0x791/0xcf0
[  377.930643][ T9517]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  377.935801][ T9517]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  377.941400][ T9517]  ? ref_tracker_free+0x643/0x7e0
[  377.946500][ T9517]  netlink_rcv_skb+0x1e3/0x430
[  377.952067][ T9517]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  377.957742][ T9517]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  377.963057][ T9517]  ? netlink_deliver_tap+0x2e/0x1b0
[  377.968260][ T9517]  netlink_unicast+0x7f6/0x990
[  377.973120][ T9517]  ? __pfx_netlink_unicast+0x10/0x10
[  377.978406][ T9517]  ? __virt_addr_valid+0x45f/0x530
[  377.983516][ T9517]  ? __phys_addr_symbol+0x2f/0x70
[  377.988538][ T9517]  ? __check_object_size+0x47a/0x730
[  377.993828][ T9517]  netlink_sendmsg+0x8e4/0xcb0
[  377.998599][ T9517]  ? __pfx_netlink_sendmsg+0x10/0x10
[  378.003894][ T9517]  ? __pfx_netlink_sendmsg+0x10/0x10
[  378.009450][ T9517]  __sock_sendmsg+0x221/0x270
[  378.014131][ T9517]  ____sys_sendmsg+0x52a/0x7e0
[  378.019187][ T9517]  ? __pfx_____sys_sendmsg+0x10/0x10
[  378.024812][ T9517]  ? __fget_files+0x2a/0x410
[  378.030144][ T9517]  ? __fget_files+0x2a/0x410
[  378.035109][ T9517]  __sys_sendmsg+0x269/0x350
[  378.039716][ T9517]  ? __pfx_lock_release+0x10/0x10
[  378.046245][ T9517]  ? __pfx___sys_sendmsg+0x10/0x10
[  378.052002][ T9517]  ? __pfx_vfs_write+0x10/0x10
[  378.057243][ T9517]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  378.063583][ T9517]  ? do_syscall_64+0x100/0x230
[  378.068358][ T9517]  ? do_syscall_64+0xb6/0x230
[  378.073046][ T9517]  do_syscall_64+0xf3/0x230
[  378.077555][ T9517]  ? clear_bhb_loop+0x35/0x90
[  378.082238][ T9517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.088135][ T9517] RIP: 0033:0x7f53e7385d19
[  378.092702][ T9517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  378.112574][ T9517] RSP: 002b:00007f53e8141038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  378.121662][ T9517] RAX: ffffffffffffffda RBX: 00007f53e7575fa0 RCX: 00007f53e7385d19
[  378.129752][ T9517] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  378.137786][ T9517] RBP: 00007f53e8141090 R08: 0000000000000000 R09: 0000000000000000
[  378.146474][ T9517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  378.155427][ T9517] R13: 0000000000000000 R14: 00007f53e7575fa0 R15: 00007ffc248e4418
[  378.163587][ T9517]  </TASK>
[  378.802495][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  379.192084][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  379.252583][ T5864] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  379.780541][ T5864] usb 5-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30
[  379.842479][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  379.854751][ T5864] usb 5-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81
[  380.246339][ T5864] usb 5-1: config 4 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 116
[  380.539743][ T5864] usb 5-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101
[  380.547076][ T9538] bridge_slave_0: left allmulticast mode
[  380.560089][ T9538] bridge_slave_0: left promiscuous mode
[  380.572037][ T9538] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.591804][ T5864] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  380.602907][ T5864] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.855728][ T9538] bridge_slave_1: left allmulticast mode
[  380.882504][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  380.905438][ T9543] netlink: 120 bytes leftover after parsing attributes in process `syz.1.1027'.
[  380.926673][ T9543] FAULT_INJECTION: forcing a failure.
[  380.926673][ T9543] name failslab, interval 1, probability 0, space 0, times 0
[  380.946820][ T9543] CPU: 1 UID: 0 PID: 9543 Comm: syz.1.1027 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  380.957651][ T9543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  380.967735][ T9543] Call Trace:
[  380.971042][ T9543]  <TASK>
[  380.974108][ T9543]  dump_stack_lvl+0x241/0x360
[  380.978907][ T9543]  ? __pfx_dump_stack_lvl+0x10/0x10
[  380.984168][ T9543]  ? __pfx__printk+0x10/0x10
[  380.988780][ T9543]  ? __kmalloc_cache_noprof+0x48/0x390
[  380.994272][ T9543]  ? __pfx___might_resched+0x10/0x10
[  380.999622][ T9543]  should_fail_ex+0x3b0/0x4e0
[  381.004355][ T9543]  should_failslab+0xac/0x100
[  381.009104][ T9543]  __kmalloc_cache_noprof+0x70/0x390
[  381.014449][ T9543]  ? ctnetlink_alloc_filter+0xb0/0xbf0
[  381.019936][ T9543]  ctnetlink_alloc_filter+0xb0/0xbf0
[  381.025261][ T9543]  ? __pfx_ctnetlink_alloc_filter+0x10/0x10
[  381.031179][ T9543]  ? __mutex_trylock_common+0x183/0x2e0
[  381.036792][ T9543]  ctnetlink_start+0x13c/0x1b0
[  381.041614][ T9543]  __netlink_dump_start+0x45c/0x790
[  381.046848][ T9543]  ctnetlink_get_conntrack+0x2be/0x870
[  381.052310][ T9543]  ? __pfx_ctnetlink_get_conntrack+0x10/0x10
[  381.058280][ T9543]  ? nfnetlink_rcv_msg+0xa5c/0x1180
[  381.063505][ T9543]  ? __pfx___mutex_lock+0x10/0x10
[  381.068550][ T9543]  ? __pfx_ctnetlink_start+0x10/0x10
[  381.073844][ T9543]  ? __pfx_ctnetlink_dump_table+0x10/0x10
[  381.079837][ T9543]  ? __pfx_ctnetlink_done+0x10/0x10
[  381.085060][ T9543]  ? nfnetlink_rcv_msg+0x225/0x1180
[  381.090280][ T9543]  nfnetlink_rcv_msg+0xbec/0x1180
[  381.095327][ T9543]  ? nfnetlink_rcv_msg+0x225/0x1180
[  381.100577][ T9543]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  381.106047][ T9543]  ? stack_trace_save+0x118/0x1d0
[  381.111088][ T9543]  ? dev_hard_start_xmit+0x27a/0x7d0
[  381.116596][ T9543]  ? __dev_queue_xmit+0x1b73/0x3f50
[  381.121832][ T9543]  ? __netlink_deliver_tap+0x56b/0x7f0
[  381.127360][ T9543]  ? netlink_deliver_tap+0x19d/0x1b0
[  381.132792][ T9543]  ? netlink_unicast+0x7c4/0x990
[  381.137860][ T9543]  ? netlink_sendmsg+0x8e4/0xcb0
[  381.142953][ T9543]  ? __sock_sendmsg+0x221/0x270
[  381.148077][ T9543]  ? ____sys_sendmsg+0x52a/0x7e0
[  381.153328][ T9543]  ? __sys_sendmsg+0x269/0x350
[  381.158265][ T9543]  netlink_rcv_skb+0x1e3/0x430
[  381.163151][ T9543]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  381.168630][ T9543]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  381.173948][ T9543]  ? cap_capable+0x1b4/0x250
[  381.178558][ T9543]  ? safesetid_security_capable+0xb2/0x1d0
[  381.184385][ T9543]  ? bpf_lsm_capable+0x9/0x10
[  381.189083][ T9543]  ? security_capable+0x7e/0x2d0
[  381.194048][ T9543]  nfnetlink_rcv+0x297/0x2ab0
[  381.198756][ T9543]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  381.204499][ T9543]  ? __dev_queue_xmit+0x2f4/0x3f50
[  381.209636][ T9543]  ? __dev_queue_xmit+0x1775/0x3f50
[  381.215394][ T9543]  ? kasan_save_track+0x51/0x80
[  381.220336][ T9543]  ? ____sys_sendmsg+0x52a/0x7e0
[  381.225302][ T9543]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  381.230536][ T9543]  ? __dev_queue_xmit+0x2f4/0x3f50
[  381.235674][ T9543]  ? __pfx___dev_queue_xmit+0x10/0x10
[  381.241066][ T9543]  ? ref_tracker_free+0x643/0x7e0
[  381.246118][ T9543]  ? __asan_memcpy+0x40/0x70
[  381.250752][ T9543]  ? __pfx_ref_tracker_free+0x10/0x10
[  381.256178][ T9543]  ? netlink_deliver_tap+0x2e/0x1b0
[  381.261435][ T9543]  ? skb_clone+0x240/0x390
[  381.265903][ T9543]  ? __pfx_lock_release+0x10/0x10
[  381.270974][ T9543]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  381.276459][ T9543]  ? netlink_deliver_tap+0x2e/0x1b0
[  381.281757][ T9543]  netlink_unicast+0x7f6/0x990
[  381.286577][ T9543]  ? __pfx_netlink_unicast+0x10/0x10
[  381.291897][ T9543]  ? __virt_addr_valid+0x45f/0x530
[  381.297039][ T9543]  ? __phys_addr_symbol+0x2f/0x70
[  381.302080][ T9543]  ? __check_object_size+0x47a/0x730
[  381.307413][ T9543]  netlink_sendmsg+0x8e4/0xcb0
[  381.312285][ T9543]  ? __pfx_netlink_sendmsg+0x10/0x10
[  381.317609][ T9543]  ? __pfx_netlink_sendmsg+0x10/0x10
[  381.323366][ T9543]  __sock_sendmsg+0x221/0x270
[  381.328084][ T9543]  ____sys_sendmsg+0x52a/0x7e0
[  381.332884][ T9543]  ? __pfx_____sys_sendmsg+0x10/0x10
[  381.338189][ T9543]  ? __fget_files+0x2a/0x410
[  381.342808][ T9543]  ? __fget_files+0x2a/0x410
[  381.347592][ T9543]  __sys_sendmsg+0x269/0x350
[  381.352232][ T9543]  ? __pfx_lock_release+0x10/0x10
[  381.357290][ T9543]  ? __pfx___sys_sendmsg+0x10/0x10
[  381.362468][ T9543]  ? __pfx_vfs_write+0x10/0x10
[  381.367323][ T9543]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  381.373678][ T9543]  ? do_syscall_64+0x100/0x230
[  381.378458][ T9543]  ? do_syscall_64+0xb6/0x230
[  381.383178][ T9543]  do_syscall_64+0xf3/0x230
[  381.387751][ T9543]  ? clear_bhb_loop+0x35/0x90
[  381.392465][ T9543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.398395][ T9543] RIP: 0033:0x7ffb2fb85d19
[  381.402828][ T9543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  381.422725][ T9543] RSP: 002b:00007ffb30a2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  381.431190][ T9543] RAX: ffffffffffffffda RBX: 00007ffb2fd75fa0 RCX: 00007ffb2fb85d19
[  381.439276][ T9543] RDX: 0000000024000010 RSI: 00000000200016c0 RDI: 0000000000000003
[  381.447816][ T9543] RBP: 00007ffb30a2f090 R08: 0000000000000000 R09: 0000000000000000
[  381.456252][ T9543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  381.464232][ T9543] R13: 0000000000000000 R14: 00007ffb2fd75fa0 R15: 00007ffd3aadc9b8
[  381.472261][ T9543]  </TASK>
[  381.475461][    C1] vkms_vblank_simulate: vblank timer overrun
[  381.512738][ T9538] bridge_slave_1: left promiscuous mode
[  381.519000][ T9538] bridge0: port 2(bridge_slave_1) entered disabled state
[  381.528993][ T5864] usb 5-1: can't set config #4, error -71
[  381.545152][ T5864] usb 5-1: USB disconnect, device number 23
[  381.779999][ T9549] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1029'.
[  381.809802][ T9538] bond0: (slave bond_slave_0): Releasing backup interface
[  381.843438][ T9556] FAULT_INJECTION: forcing a failure.
[  381.843438][ T9556] name failslab, interval 1, probability 0, space 0, times 0
[  381.922506][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  381.972652][ T9556] CPU: 1 UID: 0 PID: 9556 Comm: syz.3.1031 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  381.983831][ T9556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  381.993920][ T9556] Call Trace:
[  381.997198][ T9556]  <TASK>
[  382.000131][ T9556]  dump_stack_lvl+0x241/0x360
[  382.004814][ T9556]  ? __pfx_dump_stack_lvl+0x10/0x10
[  382.010283][ T9556]  ? __pfx__printk+0x10/0x10
[  382.014889][ T9556]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  382.020979][ T9556]  ? __pfx___might_resched+0x10/0x10
[  382.026295][ T9556]  should_fail_ex+0x3b0/0x4e0
[  382.031350][ T9556]  should_failslab+0xac/0x100
[  382.036613][ T9556]  kmem_cache_alloc_node_noprof+0x77/0x380
[  382.043428][ T9556]  ? __alloc_skb+0x1c3/0x440
[  382.048124][ T9556]  __alloc_skb+0x1c3/0x440
[  382.052595][ T9556]  ? __pfx___alloc_skb+0x10/0x10
[  382.057636][ T9556]  ? netlink_ack_tlv_len+0x6e/0x200
[  382.062843][ T9556]  netlink_ack+0x145/0xa50
[  382.067300][ T9556]  ? __sock_sendmsg+0x221/0x270
[  382.072155][ T9556]  ? ____sys_sendmsg+0x52a/0x7e0
[  382.077144][ T9556]  netlink_rcv_skb+0x262/0x430
[  382.081927][ T9556]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  382.087508][ T9556]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  382.092840][ T9556]  ? cap_capable+0x1b4/0x250
[  382.097610][ T9556]  ? safesetid_security_capable+0xb2/0x1d0
[  382.103486][ T9556]  ? bpf_lsm_capable+0x9/0x10
[  382.108190][ T9556]  ? security_capable+0x7e/0x2d0
[  382.113140][ T9556]  nfnetlink_rcv+0x297/0x2ab0
[  382.118027][ T9556]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  382.123953][ T9556]  ? __dev_queue_xmit+0x2f4/0x3f50
[  382.129269][ T9556]  ? __dev_queue_xmit+0x1775/0x3f50
[  382.134571][ T9556]  ? kasan_save_track+0x51/0x80
[  382.139568][ T9556]  ? ____sys_sendmsg+0x52a/0x7e0
[  382.144524][ T9556]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  382.149652][ T9556]  ? __dev_queue_xmit+0x2f4/0x3f50
[  382.154792][ T9556]  ? __pfx___dev_queue_xmit+0x10/0x10
[  382.160202][ T9556]  ? ref_tracker_free+0x643/0x7e0
[  382.165246][ T9556]  ? __asan_memcpy+0x40/0x70
[  382.169850][ T9556]  ? __pfx_ref_tracker_free+0x10/0x10
[  382.175226][ T9556]  ? netlink_deliver_tap+0x2e/0x1b0
[  382.180436][ T9556]  ? skb_clone+0x240/0x390
[  382.184868][ T9556]  ? __pfx_lock_release+0x10/0x10
[  382.189894][ T9556]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  382.195357][ T9556]  ? netlink_deliver_tap+0x2e/0x1b0
[  382.200555][ T9556]  netlink_unicast+0x7f6/0x990
[  382.205331][ T9556]  ? __pfx_netlink_unicast+0x10/0x10
[  382.210701][ T9556]  ? __virt_addr_valid+0x45f/0x530
[  382.215851][ T9556]  ? __phys_addr_symbol+0x2f/0x70
[  382.221378][ T9556]  ? __check_object_size+0x47a/0x730
[  382.226694][ T9556]  netlink_sendmsg+0x8e4/0xcb0
[  382.231616][ T9556]  ? __pfx_netlink_sendmsg+0x10/0x10
[  382.236933][ T9556]  ? __pfx_netlink_sendmsg+0x10/0x10
[  382.242223][ T9556]  __sock_sendmsg+0x221/0x270
[  382.246997][ T9556]  ____sys_sendmsg+0x52a/0x7e0
[  382.251775][ T9556]  ? __pfx_____sys_sendmsg+0x10/0x10
[  382.257076][ T9556]  ? __fget_files+0x2a/0x410
[  382.261678][ T9556]  ? __fget_files+0x2a/0x410
[  382.266277][ T9556]  __sys_sendmsg+0x269/0x350
[  382.270868][ T9556]  ? __pfx_lock_release+0x10/0x10
[  382.275894][ T9556]  ? __pfx___sys_sendmsg+0x10/0x10
[  382.281029][ T9556]  ? __pfx_vfs_write+0x10/0x10
[  382.285828][ T9556]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  382.292165][ T9556]  ? do_syscall_64+0x100/0x230
[  382.296936][ T9556]  ? do_syscall_64+0xb6/0x230
[  382.301620][ T9556]  do_syscall_64+0xf3/0x230
[  382.306132][ T9556]  ? clear_bhb_loop+0x35/0x90
[  382.310821][ T9556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.316906][ T9556] RIP: 0033:0x7f8169f85d19
[  382.321519][ T9556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.342006][ T9556] RSP: 002b:00007f816adf0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  382.350437][ T9556] RAX: ffffffffffffffda RBX: 00007f816a175fa0 RCX: 00007f8169f85d19
[  382.358439][ T9556] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000003
[  382.366419][ T9556] RBP: 00007f816adf0090 R08: 0000000000000000 R09: 0000000000000000
[  382.374396][ T9556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  382.382372][ T9556] R13: 0000000000000000 R14: 00007f816a175fa0 R15: 00007ffd5baa0c28
[  382.390384][ T9556]  </TASK>
[  382.393509][    C1] vkms_vblank_simulate: vblank timer overrun
[  382.785200][ T9538] bond0: (slave bond_slave_1): Releasing backup interface
[  382.962497][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  383.791380][ T9538] team0: Port device team_slave_0 removed
[  383.824519][ T9538] team0: Port device team_slave_1 removed
[  383.846281][ T9538] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  383.872596][ T9538] batman_adv: batadv0: Removing interface: batadv_slave_0
[  383.901326][ T9538] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  383.921358][ T9538] batman_adv: batadv0: Removing interface: batadv_slave_1
[  384.002524][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  385.042477][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  385.212572][   T29] audit: type=1326 audit(1734148356.309:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9576 comm="syz.1.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb2fb85d19 code=0x7ffc0000
[  385.234820][    C1] vkms_vblank_simulate: vblank timer overrun
[  385.298806][   T29] audit: type=1326 audit(1734148356.319:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9576 comm="syz.1.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7ffb2fb85d19 code=0x7ffc0000
[  385.320478][    C1] vkms_vblank_simulate: vblank timer overrun
[  385.407263][   T29] audit: type=1326 audit(1734148356.319:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9576 comm="syz.1.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb2fb85d19 code=0x7ffc0000
[  385.510911][   T29] audit: type=1326 audit(1734148356.319:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9576 comm="syz.1.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7ffb2fb85d19 code=0x7ffc0000
[  385.580162][   T29] audit: type=1326 audit(1734148356.319:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9576 comm="syz.1.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb2fb85d19 code=0x7ffc0000
[  385.601804][    C1] vkms_vblank_simulate: vblank timer overrun
[  385.640125][   T29] audit: type=1326 audit(1734148356.329:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9576 comm="syz.1.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ffb2fb85d19 code=0x7ffc0000
[  385.692597][   T29] audit: type=1326 audit(1734148356.329:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9576 comm="syz.1.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb2fb85d19 code=0x7ffc0000
[  385.791680][   T29] audit: type=1326 audit(1734148356.329:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9576 comm="syz.1.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ffb2fb85d19 code=0x7ffc0000
[  385.866812][   T29] audit: type=1326 audit(1734148356.329:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9576 comm="syz.1.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb2fb85d19 code=0x7ffc0000
[  385.893163][ T9591] FAULT_INJECTION: forcing a failure.
[  385.893163][ T9591] name failslab, interval 1, probability 0, space 0, times 0
[  385.978244][   T29] audit: type=1326 audit(1734148356.329:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9576 comm="syz.1.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7ffb2fb85d19 code=0x7ffc0000
[  385.999787][    C1] vkms_vblank_simulate: vblank timer overrun
[  386.082585][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  386.146870][ T9597] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1043'.
[  386.852567][ T9591] CPU: 0 UID: 0 PID: 9591 Comm: syz.4.1042 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  386.863321][ T9591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  386.873417][ T9591] Call Trace:
[  386.876730][ T9591]  <TASK>
[  386.879699][ T9591]  dump_stack_lvl+0x241/0x360
[  386.884430][ T9591]  ? __pfx_dump_stack_lvl+0x10/0x10
[  386.889667][ T9591]  ? __pfx__printk+0x10/0x10
[  386.894290][ T9591]  ? kmem_cache_alloc_noprof+0x48/0x380
[  386.899878][ T9591]  ? __pfx___might_resched+0x10/0x10
[  386.905199][ T9591]  should_fail_ex+0x3b0/0x4e0
[  386.910180][ T9591]  should_failslab+0xac/0x100
[  386.914895][ T9591]  ? fuse_get_req+0x469/0xc80
[  386.919601][ T9591]  kmem_cache_alloc_noprof+0x70/0x380
[  386.925071][ T9591]  fuse_get_req+0x469/0xc80
[  386.929651][ T9591]  ? __pfx_fuse_get_req+0x10/0x10
[  386.934825][ T9591]  ? __pfx_validate_chain+0x10/0x10
[  386.940075][ T9591]  ? __pfx_lock_acquire+0x10/0x10
[  386.945166][ T9591]  ? is_bpf_text_address+0x26/0x2a0
[  386.950406][ T9591]  __fuse_simple_request+0x13c/0x1850
[  386.955814][ T9591]  ? mark_lock+0x9a/0x360
[  386.960187][ T9591]  ? __pfx___fuse_simple_request+0x10/0x10
[  386.966058][ T9591]  fuse_do_getattr+0x3e6/0x870
[  386.970864][ T9591]  ? __pfx_fuse_do_getattr+0x10/0x10
[  386.976242][ T9591]  fuse_update_get_attr+0x9f6/0x18b0
[  386.981579][ T9591]  ? __pfx_fuse_update_get_attr+0x10/0x10
[  386.987339][ T9591]  ? unwind_get_return_address+0x4d/0x90
[  386.993014][ T9591]  ? arch_stack_walk+0xfd/0x150
[  386.998001][ T9591]  ? __pfx_validate_chain+0x10/0x10
[  387.003236][ T9591]  ? stack_trace_save+0x118/0x1d0
[  387.008306][ T9591]  ? __pfx_stack_trace_save+0x10/0x10
[  387.014145][ T9591]  ? validate_chain+0x11e/0x5920
[  387.019115][ T9591]  ? lockdep_unlock+0x16a/0x300
[  387.024002][ T9591]  ? __pfx_lockdep_unlock+0x10/0x10
[  387.029231][ T9591]  ? mark_lock+0x2ae/0x360
[  387.033683][ T9591]  ? __lock_acquire+0x1397/0x2100
[  387.038757][ T9591]  fuse_file_write_iter+0x444/0xf70
[  387.043992][ T9591]  ? __pfx_fuse_file_write_iter+0x10/0x10
[  387.049880][ T9591]  ? aio_write+0x4ff/0x7c0
[  387.054338][ T9591]  ? __pfx_lock_release+0x10/0x10
[  387.059823][ T9591]  ? rcu_read_lock_any_held+0xb7/0x160
[  387.065331][ T9591]  ? rw_verify_area+0x1c3/0x6f0
[  387.070214][ T9591]  aio_write+0x56b/0x7c0
[  387.074490][ T9591]  ? __pfx_aio_write+0x10/0x10
[  387.079292][ T9591]  ? __might_fault+0xaa/0x120
[  387.084095][ T9591]  ? __pfx_lock_release+0x10/0x10
[  387.089279][ T9591]  ? __fget_files+0x2a/0x410
[  387.093900][ T9591]  ? __might_fault+0xaa/0x120
[  387.098696][ T9591]  io_submit_one+0x8a7/0x18a0
[  387.103418][ T9591]  ? __pfx_io_submit_one+0x10/0x10
[  387.108557][ T9591]  ? __might_fault+0xaa/0x120
[  387.113749][ T9591]  ? __pfx_lock_release+0x10/0x10
[  387.119186][ T9591]  ? lookup_ioctx+0x94/0x6a0
[  387.122504][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  387.124154][ T9591]  ? __might_fault+0xaa/0x120
[  387.135887][ T9591]  ? __might_fault+0xc6/0x120
[  387.140599][ T9591]  __se_sys_io_submit+0x171/0x2e0
[  387.145662][ T9591]  ? __pfx___se_sys_io_submit+0x10/0x10
[  387.151307][ T9591]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  387.157310][ T9591]  ? do_syscall_64+0x100/0x230
[  387.162088][ T9591]  ? do_syscall_64+0xb6/0x230
[  387.166773][ T9591]  do_syscall_64+0xf3/0x230
[  387.171299][ T9591]  ? clear_bhb_loop+0x35/0x90
[  387.175992][ T9591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.181898][ T9591] RIP: 0033:0x7f991d585d19
[  387.186313][ T9591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.206006][ T9591] RSP: 002b:00007f991e469038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  387.214423][ T9591] RAX: ffffffffffffffda RBX: 00007f991d775fa0 RCX: 00007f991d585d19
[  387.222405][ T9591] RDX: 0000000020000700 RSI: 0000000000000001 RDI: 00007f991e427000
[  387.230371][ T9591] RBP: 00007f991e469090 R08: 0000000000000000 R09: 0000000000000000
[  387.238337][ T9591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  387.246307][ T9591] R13: 0000000000000000 R14: 00007f991d775fa0 R15: 00007ffdce849f18
[  387.254287][ T9591]  </TASK>
[  388.162535][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  388.310033][ T9606] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  389.202469][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  389.384286][ T9605] Bluetooth: hci3: command 0x0405 tx timeout
[  390.242469][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  391.282470][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  392.322465][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  392.945360][ T9679] can: request_module (can-proto-0) failed.
[  393.362466][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  393.638531][ T9690] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  394.398182][ T9724] FAULT_INJECTION: forcing a failure.
[  394.398182][ T9724] name failslab, interval 1, probability 0, space 0, times 0
[  394.411518][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  394.418732][ T9724] CPU: 1 UID: 0 PID: 9724 Comm: syz.5.1077 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  394.429617][ T9724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  394.440270][ T9724] Call Trace:
[  394.443585][ T9724]  <TASK>
[  394.446545][ T9724]  dump_stack_lvl+0x241/0x360
[  394.451255][ T9724]  ? __pfx_dump_stack_lvl+0x10/0x10
[  394.456480][ T9724]  ? __pfx__printk+0x10/0x10
[  394.461106][ T9724]  should_fail_ex+0x3b0/0x4e0
[  394.465816][ T9724]  should_failslab+0xac/0x100
[  394.470535][ T9724]  __kmalloc_noprof+0xdd/0x4c0
[  394.475331][ T9724]  ? ___neigh_create+0x72b/0x2320
[  394.480384][ T9724]  ___neigh_create+0x72b/0x2320
[  394.485263][ T9724]  ? ip6_finish_output2+0x63a/0x17b0
[  394.490663][ T9724]  ? __ipv6_neigh_lookup_noref+0x49d/0x680
[  394.496586][ T9724]  ? ip6_finish_output2+0x63a/0x17b0
[  394.501892][ T9724]  ip6_finish_output2+0xb84/0x17b0
[  394.507048][ T9724]  ? ip6_mtu+0x81/0x3f0
[  394.511242][ T9724]  ? __pfx_ip6_finish_output2+0x10/0x10
[  394.516830][ T9724]  ? ip6_mtu+0x81/0x3f0
[  394.521014][ T9724]  ip6_finish_output+0x41e/0x840
[  394.526062][ T9724]  ip6_send_skb+0x1b1/0x3b0
[  394.530628][ T9724]  ? ip6_send_skb+0xfd/0x3b0
[  394.535344][ T9724]  udp_v6_send_skb+0xbc5/0x1880
[  394.540250][ T9724]  udpv6_sendmsg+0x23bc/0x32b0
[  394.545053][ T9724]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  394.550780][ T9724]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  394.555913][ T9724]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  394.561947][ T9724]  ? irqentry_exit+0x63/0x90
[  394.566655][ T9724]  ? sock_rps_record_flow+0x1a/0x400
[  394.571959][ T9724]  ? inet_send_prepare+0x21/0x260
[  394.577000][ T9724]  ? inet_send_prepare+0x5a/0x260
[  394.582046][ T9724]  __sock_sendmsg+0xef/0x270
[  394.586665][ T9724]  ____sys_sendmsg+0x52a/0x7e0
[  394.591457][ T9724]  ? __pfx_____sys_sendmsg+0x10/0x10
[  394.596767][ T9724]  ? __fget_files+0x2a/0x410
[  394.601388][ T9724]  ? __fget_files+0x2a/0x410
[  394.606007][ T9724]  __sys_sendmmsg+0x36a/0x720
[  394.610718][ T9724]  ? __pfx___sys_sendmmsg+0x10/0x10
[  394.616123][ T9724]  ? __pfx_lock_release+0x10/0x10
[  394.621166][ T9724]  ? kstrtouint_from_user+0x128/0x190
[  394.626674][ T9724]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  394.632590][ T9724]  ? ksys_write+0x22a/0x2b0
[  394.637200][ T9724]  ? __pfx_lock_release+0x10/0x10
[  394.642255][ T9724]  ? vfs_write+0x730/0xd30
[  394.646700][ T9724]  ? __mutex_unlock_slowpath+0x21e/0x790
[  394.652387][ T9724]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  394.658395][ T9724]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  394.664738][ T9724]  ? do_syscall_64+0x100/0x230
[  394.669533][ T9724]  __x64_sys_sendmmsg+0xa0/0xb0
[  394.674493][ T9724]  do_syscall_64+0xf3/0x230
[  394.679021][ T9724]  ? clear_bhb_loop+0x35/0x90
[  394.684331][ T9724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.690395][ T9724] RIP: 0033:0x7f4f5e185d19
[  394.694844][ T9724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  394.715359][ T9724] RSP: 002b:00007f4f5efc8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  394.723795][ T9724] RAX: ffffffffffffffda RBX: 00007f4f5e376160 RCX: 00007f4f5e185d19
[  394.731778][ T9724] RDX: 0400000000000172 RSI: 0000000020003cc0 RDI: 0000000000000003
[  394.739776][ T9724] RBP: 00007f4f5efc8090 R08: 0000000000000000 R09: 0000000000000000
[  394.748377][ T9724] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001
[  394.756360][ T9724] R13: 0000000000000000 R14: 00007f4f5e376160 R15: 00007ffc93f670b8
[  394.764377][ T9724]  </TASK>
[  395.442468][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  395.552087][ T9729] can: request_module (can-proto-0) failed.
[  396.202543][ T5899] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  396.374421][ T5899] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  396.383603][ T5899] usb 5-1: config 0 has an invalid interface association descriptor of length 7, skipping
[  396.435241][ T5899] usb 5-1: config 0 has no interface number 0
[  396.462924][ T5899] usb 5-1: config 0 interface 51 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  396.482496][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  396.497866][ T5899] usb 5-1: New USB device found, idVendor=12d1, idProduct=8869, bcdDevice=3b.15
[  396.513008][ T5899] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  396.528961][ T5899] usb 5-1: Product: syz
[  396.539521][ T5899] usb 5-1: Manufacturer: syz
[  396.546162][ T9762] FAULT_INJECTION: forcing a failure.
[  396.546162][ T9762] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  396.559854][ T5899] usb 5-1: SerialNumber: syz
[  396.566179][ T9762] CPU: 1 UID: 0 PID: 9762 Comm: syz.1.1091 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  396.576898][ T9762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  396.587008][ T9762] Call Trace:
[  396.590293][ T9762]  <TASK>
[  396.593228][ T9762]  dump_stack_lvl+0x241/0x360
[  396.597922][ T9762]  ? __pfx_dump_stack_lvl+0x10/0x10
[  396.603125][ T9762]  ? __pfx__printk+0x10/0x10
[  396.607724][ T9762]  ? snprintf+0xda/0x120
[  396.611966][ T9762]  should_fail_ex+0x3b0/0x4e0
[  396.616648][ T9762]  _copy_to_user+0x31/0xb0
[  396.621066][ T9762]  simple_read_from_buffer+0xca/0x150
[  396.626467][ T9762]  proc_fail_nth_read+0x1e9/0x250
[  396.631514][ T9762]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  396.637071][ T9762]  ? rw_verify_area+0x55e/0x6f0
[  396.641931][ T9762]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  396.647481][ T9762]  vfs_read+0x1fc/0xb70
[  396.651726][ T9762]  ? __pfx___mutex_lock+0x10/0x10
[  396.656761][ T9762]  ? __pfx_vfs_read+0x10/0x10
[  396.661461][ T9762]  ? __fget_files+0x2a/0x410
[  396.666051][ T9762]  ? __fget_files+0x395/0x410
[  396.670721][ T9762]  ? __fget_files+0x2a/0x410
[  396.675314][ T9762]  ksys_read+0x18f/0x2b0
[  396.680083][ T9762]  ? __pfx_ksys_read+0x10/0x10
[  396.684873][ T9762]  ? do_syscall_64+0x100/0x230
[  396.689653][ T9762]  ? do_syscall_64+0xb6/0x230
[  396.694334][ T9762]  do_syscall_64+0xf3/0x230
[  396.698854][ T9762]  ? clear_bhb_loop+0x35/0x90
[  396.703554][ T9762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.709446][ T9762] RIP: 0033:0x7ffb2fb8472c
[  396.713855][ T9762] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  396.733577][ T9762] RSP: 002b:00007ffb30a2f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  396.742043][ T9762] RAX: ffffffffffffffda RBX: 00007ffb2fd75fa0 RCX: 00007ffb2fb8472c
[  396.750030][ T9762] RDX: 000000000000000f RSI: 00007ffb30a2f0a0 RDI: 0000000000000004
[  396.758030][ T9762] RBP: 00007ffb30a2f090 R08: 0000000000000000 R09: 0000000000000000
[  396.766031][ T9762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.774005][ T9762] R13: 0000000000000000 R14: 00007ffb2fd75fa0 R15: 00007ffd3aadc9b8
[  396.781993][ T9762]  </TASK>
[  396.786699][ T5899] usb 5-1: config 0 descriptor??
[  396.811357][ T5899] huawei_cdc_ncm 5-1:0.51: CDC Union missing and no IAD found
[  396.819499][ T5899] huawei_cdc_ncm 5-1:0.51: bind() failure
[  397.522478][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  398.374529][ T9794] FAULT_INJECTION: forcing a failure.
[  398.374529][ T9794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  398.562851][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  399.203721][ T9796] lo speed is unknown, defaulting to 1000
[  399.602507][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  399.648353][ T9794] CPU: 1 UID: 0 PID: 9794 Comm: syz.3.1101 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  399.659626][ T9794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  399.669727][ T9794] Call Trace:
[  399.673029][ T9794]  <TASK>
[  399.675981][ T9794]  dump_stack_lvl+0x241/0x360
[  399.680721][ T9794]  ? __pfx_dump_stack_lvl+0x10/0x10
[  399.685950][ T9794]  ? __pfx__printk+0x10/0x10
[  399.690565][ T9794]  ? __pfx_lock_release+0x10/0x10
[  399.695623][ T9794]  should_fail_ex+0x3b0/0x4e0
[  399.700309][ T9794]  _copy_from_iter+0x1e9/0x1c20
[  399.705809][ T9794]  ? __virt_addr_valid+0x183/0x530
[  399.711482][ T9794]  ? __alloc_skb+0x28f/0x440
[  399.716239][ T9794]  ? __pfx__copy_from_iter+0x10/0x10
[  399.721726][ T9794]  ? __virt_addr_valid+0x183/0x530
[  399.727041][ T9794]  ? __virt_addr_valid+0x183/0x530
[  399.732282][ T9794]  ? __virt_addr_valid+0x45f/0x530
[  399.737489][ T9794]  ? __phys_addr_symbol+0x2f/0x70
[  399.742704][ T9794]  ? __check_object_size+0x47a/0x730
[  399.748012][ T9794]  pfkey_sendmsg+0x235/0x1050
[  399.752736][ T9794]  ? smack_socket_sendmsg+0x178/0x540
[  399.758147][ T9794]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  399.763296][ T9794]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  399.769057][ T9794]  ? tomoyo_socket_sendmsg_permission+0x288/0x420
[  399.775574][ T9794]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  399.782340][ T9794]  ? __might_fault+0xaa/0x120
[  399.787023][ T9794]  ? __pfx_lock_release+0x10/0x10
[  399.792047][ T9794]  ? __import_iovec+0x590/0x870
[  399.796915][ T9794]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  399.802043][ T9794]  __sock_sendmsg+0x221/0x270
[  399.806999][ T9794]  ____sys_sendmsg+0x52a/0x7e0
[  399.811864][ T9794]  ? __pfx_____sys_sendmsg+0x10/0x10
[  399.817407][ T9794]  ? __fget_files+0x2a/0x410
[  399.822096][ T9794]  ? __fget_files+0x2a/0x410
[  399.826873][ T9794]  __sys_sendmsg+0x269/0x350
[  399.831828][ T9794]  ? __pfx_lock_release+0x10/0x10
[  399.836874][ T9794]  ? __pfx___sys_sendmsg+0x10/0x10
[  399.842199][ T9794]  ? __pfx_vfs_write+0x10/0x10
[  399.846982][ T9794]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  399.853317][ T9794]  ? do_syscall_64+0x100/0x230
[  399.858091][ T9794]  ? do_syscall_64+0xb6/0x230
[  399.862833][ T9794]  do_syscall_64+0xf3/0x230
[  399.867351][ T9794]  ? clear_bhb_loop+0x35/0x90
[  399.872051][ T9794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.877982][ T9794] RIP: 0033:0x7f8169f85d19
[  399.882415][ T9794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  399.902045][ T9794] RSP: 002b:00007f816adf0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  399.910821][ T9794] RAX: ffffffffffffffda RBX: 00007f816a175fa0 RCX: 00007f8169f85d19
[  399.918798][ T9794] RDX: 0000000000010000 RSI: 0000000020000800 RDI: 0000000000000003
[  399.926858][ T9794] RBP: 00007f816adf0090 R08: 0000000000000000 R09: 0000000000000000
[  399.935105][ T9794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  399.943106][ T9794] R13: 0000000000000000 R14: 00007f816a175fa0 R15: 00007ffd5baa0c28
[  399.951304][ T9794]  </TASK>
[  400.102470][ T5866] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  400.229099][   T51] usb 5-1: USB disconnect, device number 24
[  400.262510][ T5866] usb 6-1: Using ep0 maxpacket: 8
[  400.275225][ T5866] usb 6-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  400.293254][ T5866] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  400.321499][ T5866] usb 6-1: Product: syz
[  400.331661][ T5866] usb 6-1: Manufacturer: syz
[  400.341807][ T5866] usb 6-1: SerialNumber: syz
[  400.358140][ T5866] usb 6-1: config 0 descriptor??
[  400.595865][ T5866] usb 6-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  400.642481][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  400.916857][ T5866] usb write operation failed. (-71)
[  400.929311][ T5866] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  400.942469][    T9] IPVS: starting estimator thread 0...
[  400.961815][ T5866] dvbdev: DVB: registering new adapter (Terratec H7)
[  400.979423][ T5866] usb 6-1: media controller created
[  400.985901][ T5866] usb read operation failed. (-71)
[  400.991967][ T5866] usb write operation failed. (-71)
[  401.003936][ T5866] dvb_usb_az6007 6-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[  401.123295][ T9813] IPVS: using max 24 ests per chain, 57600 per kthread
[  401.153175][ T5866] usb 6-1: USB disconnect, device number 23
[  401.257194][ T9817] FAULT_INJECTION: forcing a failure.
[  401.257194][ T9817] name failslab, interval 1, probability 0, space 0, times 0
[  401.270164][ T9817] CPU: 0 UID: 0 PID: 9817 Comm: syz.4.1106 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  401.280963][ T9817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  401.291043][ T9817] Call Trace:
[  401.294322][ T9817]  <TASK>
[  401.297258][ T9817]  dump_stack_lvl+0x241/0x360
[  401.301954][ T9817]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.307155][ T9817]  ? __pfx__printk+0x10/0x10
[  401.311753][ T9817]  should_fail_ex+0x3b0/0x4e0
[  401.317315][ T9817]  should_failslab+0xac/0x100
[  401.321999][ T9817]  ? skb_clone+0x20c/0x390
[  401.326414][ T9817]  kmem_cache_alloc_noprof+0x70/0x380
[  401.332508][ T9817]  skb_clone+0x20c/0x390
[  401.337101][ T9817]  __netlink_deliver_tap+0x3cc/0x7f0
[  401.342400][ T9817]  ? netlink_deliver_tap+0x2e/0x1b0
[  401.347685][ T9817]  netlink_deliver_tap+0x19d/0x1b0
[  401.352802][ T9817]  netlink_unicast+0x7c4/0x990
[  401.357574][ T9817]  ? __pfx_netlink_unicast+0x10/0x10
[  401.363207][ T9817]  ? __virt_addr_valid+0x45f/0x530
[  401.368315][ T9817]  ? __phys_addr_symbol+0x2f/0x70
[  401.373519][ T9817]  ? __check_object_size+0x47a/0x730
[  401.378812][ T9817]  netlink_sendmsg+0x8e4/0xcb0
[  401.383583][ T9817]  ? __pfx_netlink_sendmsg+0x10/0x10
[  401.388881][ T9817]  ? __pfx_netlink_sendmsg+0x10/0x10
[  401.394335][ T9817]  __sock_sendmsg+0x221/0x270
[  401.399125][ T9817]  ____sys_sendmsg+0x52a/0x7e0
[  401.403922][ T9817]  ? __pfx_____sys_sendmsg+0x10/0x10
[  401.409222][ T9817]  ? __fget_files+0x2a/0x410
[  401.413997][ T9817]  ? __fget_files+0x2a/0x410
[  401.418683][ T9817]  __sys_sendmsg+0x269/0x350
[  401.423475][ T9817]  ? __pfx_lock_release+0x10/0x10
[  401.428781][ T9817]  ? __pfx___sys_sendmsg+0x10/0x10
[  401.434102][ T9817]  ? __pfx_vfs_write+0x10/0x10
[  401.438992][ T9817]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  401.445432][ T9817]  ? do_syscall_64+0x100/0x230
[  401.450644][ T9817]  ? do_syscall_64+0xb6/0x230
[  401.455381][ T9817]  do_syscall_64+0xf3/0x230
[  401.459899][ T9817]  ? clear_bhb_loop+0x35/0x90
[  401.464590][ T9817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.470487][ T9817] RIP: 0033:0x7f991d585d19
[  401.474988][ T9817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.494785][ T9817] RSP: 002b:00007f991e40e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  401.503227][ T9817] RAX: ffffffffffffffda RBX: 00007f991d776160 RCX: 00007f991d585d19
[  401.511840][ T9817] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000007
[  401.519932][ T9817] RBP: 00007f991e40e090 R08: 0000000000000000 R09: 0000000000000000
[  401.528166][ T9817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.536141][ T9817] R13: 0000000000000000 R14: 00007f991d776160 R15: 00007ffdce849f18
[  401.544209][ T9817]  </TASK>
[  401.547309][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.556111][ T9817] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1106'.
[  401.565224][ T9817] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1106'.
[  401.682526][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  402.231617][ T9823] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  402.435000][ T9830] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1110'.
[  402.504070][ T9838] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1110'.
[  402.546345][ T9834] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  402.720786][ T9843] FAULT_INJECTION: forcing a failure.
[  402.720786][ T9843] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.722571][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  402.742814][ T9843] CPU: 0 UID: 0 PID: 9843 Comm: syz.1.1115 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  402.753890][ T9843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  402.764232][ T9843] Call Trace:
[  402.767531][ T9843]  <TASK>
[  402.770540][ T9843]  dump_stack_lvl+0x241/0x360
[  402.775220][ T9843]  ? __pfx_dump_stack_lvl+0x10/0x10
[  402.780464][ T9843]  ? __pfx__printk+0x10/0x10
[  402.785062][ T9843]  ? __pfx_lock_release+0x10/0x10
[  402.790095][ T9843]  should_fail_ex+0x3b0/0x4e0
[  402.794779][ T9843]  _copy_to_iter+0x1f8/0x1c50
[  402.799549][ T9843]  ? __pfx__copy_to_iter+0x10/0x10
[  402.805265][ T9843]  ? __pfx_default_wake_function+0x10/0x10
[  402.811239][ T9843]  ? __check_object_size+0x8e/0x730
[  402.816624][ T9843]  tty_read+0x2ca/0x6a0
[  402.821069][ T9843]  ? __pfx_tty_read+0x10/0x10
[  402.825763][ T9843]  ? bpf_lsm_file_permission+0x9/0x10
[  402.831148][ T9843]  ? security_file_permission+0x74/0x280
[  402.836923][ T9843]  vfs_read+0x991/0xb70
[  402.841713][ T9843]  ? __pfx_vfs_read+0x10/0x10
[  402.847230][ T9843]  ? __fget_files+0x2a/0x410
[  402.852056][ T9843]  ? __fget_files+0x2a/0x410
[  402.856836][ T9843]  ksys_read+0x18f/0x2b0
[  402.861107][ T9843]  ? __pfx_ksys_read+0x10/0x10
[  402.865971][ T9843]  ? do_syscall_64+0x100/0x230
[  402.870745][ T9843]  ? do_syscall_64+0xb6/0x230
[  402.875424][ T9843]  do_syscall_64+0xf3/0x230
[  402.879928][ T9843]  ? clear_bhb_loop+0x35/0x90
[  402.884608][ T9843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.890510][ T9843] RIP: 0033:0x7ffb2fb85d19
[  402.894919][ T9843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.915658][ T9843] RSP: 002b:00007ffb30a2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  402.924594][ T9843] RAX: ffffffffffffffda RBX: 00007ffb2fd75fa0 RCX: 00007ffb2fb85d19
[  402.932903][ T9843] RDX: 0000000000002020 RSI: 000000002001aa80 RDI: 0000000000000004
[  402.940889][ T9843] RBP: 00007ffb30a2f090 R08: 0000000000000000 R09: 0000000000000000
[  402.948968][ T9843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.957029][ T9843] R13: 0000000000000000 R14: 00007ffb2fd75fa0 R15: 00007ffd3aadc9b8
[  402.965038][ T9843]  </TASK>
[  402.968103][    C0] vkms_vblank_simulate: vblank timer overrun
[  403.062658][    T9] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  403.225579][    T9] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  403.244744][    T9] usb 5-1: config 0 has an invalid interface association descriptor of length 7, skipping
[  403.260681][    T9] usb 5-1: config 0 has no interface number 0
[  403.276114][    T9] usb 5-1: config 0 interface 51 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  403.415800][    T9] usb 5-1: New USB device found, idVendor=12d1, idProduct=8869, bcdDevice=3b.15
[  403.430573][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.440754][    T9] usb 5-1: Product: syz
[  403.452282][    T9] usb 5-1: Manufacturer: syz
[  403.457856][    T9] usb 5-1: SerialNumber: syz
[  403.708571][    T9] usb 5-1: config 0 descriptor??
[  403.715983][ T5866] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  403.732340][    T9] huawei_cdc_ncm 5-1:0.51: CDC Union missing and no IAD found
[  403.741104][    T9] huawei_cdc_ncm 5-1:0.51: bind() failure
[  403.762472][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  403.882687][ T5866] usb 4-1: Using ep0 maxpacket: 32
[  403.890595][ T5866] usb 4-1: config 255 has an invalid interface number: 168 but max is 3
[  403.913045][ T5866] usb 4-1: config 255 has an invalid descriptor of length 1, skipping remainder of the config
[  403.926574][ T5866] usb 4-1: config 255 has 1 interface, different from the descriptor's value: 4
[  403.940246][ T5866] usb 4-1: config 255 has no interface number 0
[  403.950459][ T5866] usb 4-1: config 255 interface 168 altsetting 6 endpoint 0x7 has invalid maxpacket 32769, setting to 1024
[  403.965113][ T5866] usb 4-1: config 255 interface 168 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  403.982210][ T5866] usb 4-1: config 255 interface 168 has no altsetting 0
[  403.994033][ T5866] usb 4-1: New USB device found, idVendor=0846, idProduct=6100, bcdDevice=b7.7d
[  404.028710][ T5866] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.045328][ T5866] usb 4-1: Product: syz
[  404.049914][ T5866] usb 4-1: Manufacturer: syz
[  404.057146][ T5866] usb 4-1: SerialNumber: syz
[  404.233609][ T9856] FAULT_INJECTION: forcing a failure.
[  404.233609][ T9856] name failslab, interval 1, probability 0, space 0, times 0
[  404.247557][ T9856] CPU: 1 UID: 0 PID: 9856 Comm: syz.1.1119 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  404.258294][ T9856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  404.268395][ T9856] Call Trace:
[  404.271694][ T9856]  <TASK>
[  404.274644][ T9856]  dump_stack_lvl+0x241/0x360
[  404.279373][ T9856]  ? __pfx_dump_stack_lvl+0x10/0x10
[  404.284605][ T9856]  ? __pfx__printk+0x10/0x10
[  404.289231][ T9856]  ? kmem_cache_alloc_noprof+0x48/0x380
[  404.294813][ T9856]  ? __pfx___might_resched+0x10/0x10
[  404.300136][ T9856]  should_fail_ex+0x3b0/0x4e0
[  404.304855][ T9856]  should_failslab+0xac/0x100
[  404.309573][ T9856]  ? security_file_alloc+0x32/0x310
[  404.314938][ T9856]  kmem_cache_alloc_noprof+0x70/0x380
[  404.320384][ T9856]  security_file_alloc+0x32/0x310
[  404.325443][ T9856]  init_file+0x91/0x280
[  404.330430][ T9856]  alloc_empty_file+0xb8/0x1d0
[  404.336379][ T9856]  alloc_file_pseudo+0x1da/0x290
[  404.341810][ T9856]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  404.347444][ T9856]  anon_inode_getfd+0xce/0x1e0
[  404.352347][ T9856]  ? btf_get_fd_by_id+0x7a/0x4a0
[  404.357424][ T9856]  btf_get_fd_by_id+0x386/0x4a0
[  404.362319][ T9856]  ? btf_get_fd_by_id+0x7a/0x4a0
[  404.367370][ T9856]  ? __pfx_btf_get_fd_by_id+0x10/0x10
[  404.372754][ T9856]  ? bpf_lsm_capable+0x9/0x10
[  404.377439][ T9856]  ? security_capable+0x7e/0x2d0
[  404.382389][ T9856]  ? capable+0x89/0xe0
[  404.386470][ T9856]  __sys_bpf+0x459/0x810
[  404.390717][ T9856]  ? __pfx___sys_bpf+0x10/0x10
[  404.395499][ T9856]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  404.401506][ T9856]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  404.407865][ T9856]  ? do_syscall_64+0x100/0x230
[  404.412745][ T9856]  __x64_sys_bpf+0x7c/0x90
[  404.417267][ T9856]  do_syscall_64+0xf3/0x230
[  404.421803][ T9856]  ? clear_bhb_loop+0x35/0x90
[  404.426594][ T9856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.432518][ T9856] RIP: 0033:0x7ffb2fb85d19
[  404.436947][ T9856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.456921][ T9856] RSP: 002b:00007ffb30a2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  404.465417][ T9856] RAX: ffffffffffffffda RBX: 00007ffb2fd75fa0 RCX: 00007ffb2fb85d19
[  404.473409][ T9856] RDX: 0000000000000004 RSI: 0000000020000440 RDI: 0000000000000013
[  404.481387][ T9856] RBP: 00007ffb30a2f090 R08: 0000000000000000 R09: 0000000000000000
[  404.489538][ T9856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  404.497545][ T9856] R13: 0000000000000000 R14: 00007ffb2fd75fa0 R15: 00007ffd3aadc9b8
[  404.505542][ T9856]  </TASK>
[  404.534185][ T5866] usb 4-1: USB disconnect, device number 29
[  404.802495][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  405.842501][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  405.985654][ T9878] Invalid ELF header magic: != ELF
[  405.996806][ T9878] ntfs3(nullb0): Primary boot signature is not NTFS.
[  406.004635][ T9878] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  406.882687][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  407.450625][ T9887] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1126'.
[  407.470141][ T9883] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1125'.
[  407.653730][ T9892] FAULT_INJECTION: forcing a failure.
[  407.653730][ T9892] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  407.689567][ T9892] CPU: 0 UID: 0 PID: 9892 Comm: syz.3.1127 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  407.700314][ T9892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  407.711456][ T9892] Call Trace:
[  407.714755][ T9892]  <TASK>
[  407.717790][ T9892]  dump_stack_lvl+0x241/0x360
[  407.722499][ T9892]  ? __pfx_dump_stack_lvl+0x10/0x10
[  407.727896][ T9892]  ? __pfx__printk+0x10/0x10
[  407.732662][ T9892]  ? __pfx_lock_release+0x10/0x10
[  407.738495][ T9892]  should_fail_ex+0x3b0/0x4e0
[  407.743331][ T9892]  _copy_from_iter+0x1e9/0x1c20
[  407.748210][ T9892]  ? __virt_addr_valid+0x183/0x530
[  407.753375][ T9892]  ? __alloc_skb+0x28f/0x440
[  407.757975][ T9892]  ? __pfx__copy_from_iter+0x10/0x10
[  407.763267][ T9892]  ? __virt_addr_valid+0x183/0x530
[  407.768386][ T9892]  ? __virt_addr_valid+0x183/0x530
[  407.773492][ T9892]  ? __virt_addr_valid+0x45f/0x530
[  407.778603][ T9892]  ? __phys_addr_symbol+0x2f/0x70
[  407.783627][ T9892]  ? __check_object_size+0x47a/0x730
[  407.788919][ T9892]  netlink_sendmsg+0x73d/0xcb0
[  407.793698][ T9892]  ? __pfx_netlink_sendmsg+0x10/0x10
[  407.799372][ T9892]  ? __pfx_netlink_sendmsg+0x10/0x10
[  407.804688][ T9892]  __sock_sendmsg+0x221/0x270
[  407.809415][ T9892]  ____sys_sendmsg+0x52a/0x7e0
[  407.814218][ T9892]  ? __pfx_____sys_sendmsg+0x10/0x10
[  407.819528][ T9892]  ? __fget_files+0x2a/0x410
[  407.825180][ T9892]  ? __fget_files+0x2a/0x410
[  407.830151][ T9892]  __sys_sendmsg+0x269/0x350
[  407.834862][ T9892]  ? __pfx_lock_release+0x10/0x10
[  407.839990][ T9892]  ? __pfx___sys_sendmsg+0x10/0x10
[  407.845205][ T9892]  ? __pfx_vfs_write+0x10/0x10
[  407.850181][ T9892]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  407.856544][ T9892]  ? do_syscall_64+0x100/0x230
[  407.861331][ T9892]  ? do_syscall_64+0xb6/0x230
[  407.866018][ T9892]  do_syscall_64+0xf3/0x230
[  407.870553][ T9892]  ? clear_bhb_loop+0x35/0x90
[  407.875295][ T9892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.881232][ T9892] RIP: 0033:0x7f8169f85d19
[  407.885662][ T9892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.905279][ T9892] RSP: 002b:00007f816adf0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  407.913699][ T9892] RAX: ffffffffffffffda RBX: 00007f816a175fa0 RCX: 00007f8169f85d19
[  407.922599][ T9892] RDX: 0000000020000080 RSI: 0000000020003700 RDI: 0000000000000003
[  407.930942][ T9892] RBP: 00007f816adf0090 R08: 0000000000000000 R09: 0000000000000000
[  407.939528][ T9892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  407.942539][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  407.948463][ T9892] R13: 0000000000000000 R14: 00007f816a175fa0 R15: 00007ffd5baa0c28
[  407.963758][ T9892]  </TASK>
[  407.966936][    C0] vkms_vblank_simulate: vblank timer overrun
[  408.962480][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  409.427701][ T5866] usb 5-1: USB disconnect, device number 25
[  409.843523][ T9914] bridge_slave_0: left allmulticast mode
[  409.850971][ T9914] bridge_slave_0: left promiscuous mode
[  409.858398][ T9914] bridge0: port 1(bridge_slave_0) entered disabled state
[  410.002511][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  410.004265][ T9914] bridge_slave_1: left allmulticast mode
[  410.016551][ T9914] bridge_slave_1: left promiscuous mode
[  410.023645][ T9914] bridge0: port 2(bridge_slave_1) entered disabled state
[  410.091385][ T9914] bond0: (slave bond_slave_0): Releasing backup interface
[  410.156920][ T9914] bond0: (slave bond_slave_1): Releasing backup interface
[  410.795174][ T9914] team0: Port device team_slave_0 removed
[  410.889409][ T9914] team0: Port device team_slave_1 removed
[  410.890266][ T9914] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  410.890302][ T9914] batman_adv: batadv0: Removing interface: batadv_slave_0
[  410.891729][ T9914] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  410.891759][ T9914] batman_adv: batadv0: Removing interface: batadv_slave_1
[  410.945248][ T9932] wg2: entered promiscuous mode
[  410.945275][ T9932] wg2: entered allmulticast mode
[  410.975850][ T9933] FAULT_INJECTION: forcing a failure.
[  410.975850][ T9933] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  410.975886][ T9933] CPU: 1 UID: 0 PID: 9933 Comm: syz.2.1137 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  410.975908][ T9933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  410.975921][ T9933] Call Trace:
[  410.975929][ T9933]  <TASK>
[  410.975938][ T9933]  dump_stack_lvl+0x241/0x360
[  410.975969][ T9933]  ? __pfx_dump_stack_lvl+0x10/0x10
[  410.975993][ T9933]  ? __pfx__printk+0x10/0x10
[  410.976018][ T9933]  ? __pfx_lock_release+0x10/0x10
[  410.976048][ T9933]  should_fail_ex+0x3b0/0x4e0
[  410.976080][ T9933]  _copy_from_user+0x2f/0xc0
[  410.976105][ T9933]  copy_msghdr_from_user+0xae/0x680
[  410.976136][ T9933]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  410.976159][ T9933]  ? __fget_files+0x2a/0x410
[  410.976182][ T9933]  ? __fget_files+0x2a/0x410
[  410.976223][ T9933]  __sys_sendmsg+0x209/0x350
[  410.976245][ T9933]  ? __pfx_lock_release+0x10/0x10
[  410.976268][ T9933]  ? __pfx___sys_sendmsg+0x10/0x10
[  410.976300][ T9933]  ? __pfx_vfs_write+0x10/0x10
[  410.976354][ T9933]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  410.976377][ T9933]  ? do_syscall_64+0x100/0x230
[  410.976406][ T9933]  ? do_syscall_64+0xb6/0x230
[  410.976444][ T9933]  do_syscall_64+0xf3/0x230
[  410.976468][ T9933]  ? clear_bhb_loop+0x35/0x90
[  410.976505][ T9933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.976530][ T9933] RIP: 0033:0x7f53e7385d19
[  410.976548][ T9933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  410.976565][ T9933] RSP: 002b:00007f53e8120038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  410.976590][ T9933] RAX: ffffffffffffffda RBX: 00007f53e7576080 RCX: 00007f53e7385d19
[  410.976605][ T9933] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  410.976619][ T9933] RBP: 00007f53e8120090 R08: 0000000000000000 R09: 0000000000000000
[  410.976632][ T9933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  410.976645][ T9933] R13: 0000000000000001 R14: 00007f53e7576080 R15: 00007ffc248e4418
[  410.976675][ T9933]  </TASK>
[  410.985878][ T9923] can: request_module (can-proto-0) failed.
[  410.995421][ T9931] wg2: left promiscuous mode
[  410.995449][ T9931] wg2: left allmulticast mode
[  411.052467][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  412.082502][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  413.122499][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  413.233877][ T9957] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1146'.
[  413.643180][   T51] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  413.819205][   T51] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  413.843558][   T51] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  413.873515][   T51] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  413.892997][   T51] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.901059][   T51] usb 6-1: Product: syz
[  413.913938][   T51] usb 6-1: Manufacturer: syz
[  413.918604][   T51] usb 6-1: SerialNumber: syz
[  413.987882][   T55] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  414.137702][ T9956] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  414.162594][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  414.172891][   T55] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  414.378331][   T55] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  414.544066][   T55] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  414.733596][ T9605] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  414.748043][ T9605] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  414.757555][ T9956] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  414.771302][ T9605] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  414.792687][ T9605] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  414.802625][ T9605] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  414.810759][ T9605] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  414.949900][ T5134] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  414.961164][ T5134] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  414.973008][ T5134] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  414.978808][   T51] cdc_ncm 6-1:1.0: MAC-Address: 42:42:42:42:42:42
[  414.985034][ T5134] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  415.010212][   T51] cdc_ncm 6-1:1.0: dwNtbInMaxSize=3 is too small. Using 2048
[  415.028665][ T5134] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  415.036984][   T51] cdc_ncm 6-1:1.0: setting rx_max = 2048
[  415.037003][ T5134] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  415.114098][ T9605] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  415.127870][ T9605] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  415.152732][ T9605] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  415.178042][   T51] cdc_ncm 6-1:1.0: setting tx_max = 184
[  415.195841][ T9605] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  415.202986][    C1] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  415.218012][ T9605] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  415.232177][ T9605] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  415.340867][ T9605] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  415.362842][ T9605] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  415.371853][ T9605] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  415.395209][ T9605] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  415.419474][ T9605] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  415.432009][ T9605] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  415.640412][   T55] bond0 (unregistering): Released all slaves
[  415.666261][   T51] cdc_ncm 6-1:1.0 eth9: register 'cdc_ncm' at usb-dummy_hcd.5-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  415.687904][   T51] usb 6-1: USB disconnect, device number 24
[  415.697321][   T51] cdc_ncm 6-1:1.0 eth9: unregister 'cdc_ncm' usb-dummy_hcd.5-1, CDC NCM (NO ZLP)
[  415.851811][ T9967] lo speed is unknown, defaulting to 1000
[  415.875526][ T9971] lo speed is unknown, defaulting to 1000
[  415.890947][   T55] tipc: Disabling bearer <udp:s>
[  415.896470][   T55] tipc: Left network mode
[  415.896545][ T9969] lo speed is unknown, defaulting to 1000
[  415.949110][ T9973] lo speed is unknown, defaulting to 1000
[  416.250791][ T9967] chnl_net:caif_netlink_parms(): no params data found
[  416.272161][   T55] hsr_slave_0: left promiscuous mode
[  416.282279][   T55] hsr_slave_1: left promiscuous mode
[  416.380389][   T55] veth1_macvtap: left promiscuous mode
[  416.386931][   T55] veth0_macvtap: left promiscuous mode
[  416.392697][   T55] veth1_vlan: left promiscuous mode
[  416.398065][   T55] veth0_vlan: left promiscuous mode
[  416.703527][   T29] kauditd_printk_skb: 47 callbacks suppressed
[  416.703547][   T29] audit: type=1400 audit(1734148387.879:268): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=9987 comm="syz.5.1156"
[  416.738471][   T29] audit: type=1400 audit(1734148387.909:269): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=9987 comm="syz.5.1156"
[  416.766938][ T9990] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1156'.
[  416.889384][ T5134] Bluetooth: hci0: command tx timeout
[  417.122647][ T5134] Bluetooth: hci1: command tx timeout
[  417.291556][ T5134] Bluetooth: hci2: command tx timeout
[  417.522813][ T5134] Bluetooth: hci3: command tx timeout
[  417.629996][ T9988] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1156'.
[  417.643517][ T9990] erspan0: entered promiscuous mode
[  417.655146][ T9990] erspan0: left promiscuous mode
[  417.758711][ T9971] chnl_net:caif_netlink_parms(): no params data found
[  417.856186][ T9969] chnl_net:caif_netlink_parms(): no params data found
[  417.956581][ T9967] bridge0: port 1(bridge_slave_0) entered blocking state
[  417.976817][ T9967] bridge0: port 1(bridge_slave_0) entered disabled state
[  417.997726][ T9967] bridge_slave_0: entered allmulticast mode
[  418.019133][ T9967] bridge_slave_0: entered promiscuous mode
[  418.040073][ T9967] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.047824][ T9967] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.055183][ T9967] bridge_slave_1: entered allmulticast mode
[  418.062245][ T9967] bridge_slave_1: entered promiscuous mode
[  418.363983][ T9973] chnl_net:caif_netlink_parms(): no params data found
[  418.419087][ T9967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  418.470695][ T9967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  418.494201][ T9969] bridge0: port 1(bridge_slave_0) entered blocking state
[  418.501856][ T9969] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.509497][ T9969] bridge_slave_0: entered allmulticast mode
[  418.517079][ T9969] bridge_slave_0: entered promiscuous mode
[  418.526356][ T9971] bridge0: port 1(bridge_slave_0) entered blocking state
[  418.533626][ T9971] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.540880][ T9971] bridge_slave_0: entered allmulticast mode
[  418.547709][ T9971] bridge_slave_0: entered promiscuous mode
[  418.584801][ T9969] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.591920][ T9969] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.599996][ T9969] bridge_slave_1: entered allmulticast mode
[  418.607503][ T9969] bridge_slave_1: entered promiscuous mode
[  418.614091][ T9971] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.621356][ T9971] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.629752][ T9971] bridge_slave_1: entered allmulticast mode
[  418.638188][ T9971] bridge_slave_1: entered promiscuous mode
[  418.659871][ T9967] team0: Port device team_slave_0 added
[  418.667586][ T9967] team0: Port device team_slave_1 added
[  418.743855][   T55] IPVS: stop unused estimator thread 0...
[  418.855156][ T9969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  418.895019][ T9969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  418.921223][ T9971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  418.939200][ T9971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  418.962550][ T5134] Bluetooth: hci0: command tx timeout
[  418.970837][ T9967] batman_adv: batadv0: Adding interface: batadv_slave_0
[  418.986040][ T9967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.013583][ T9967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  419.025215][ T9973] bridge0: port 1(bridge_slave_0) entered blocking state
[  419.042540][ T9973] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.050316][ T9973] bridge_slave_0: entered allmulticast mode
[  419.067812][ T9973] bridge_slave_0: entered promiscuous mode
[  419.121602][ T9967] batman_adv: batadv0: Adding interface: batadv_slave_1
[  419.133409][ T9967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  419.160877][ T9967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  419.182518][ T9973] bridge0: port 2(bridge_slave_1) entered blocking state
[  419.192173][ T9973] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.201516][ T9973] bridge_slave_1: entered allmulticast mode
[  419.217415][ T9973] bridge_slave_1: entered promiscuous mode
[  419.218054][ T5134] Bluetooth: hci1: command tx timeout
[  419.308706][ T9969] team0: Port device team_slave_0 added
[  419.365102][ T5134] Bluetooth: hci2: command tx timeout
[  419.603375][ T5134] Bluetooth: hci3: command tx timeout
[  419.743518][ T9969] team0: Port device team_slave_1 added
[  419.777253][ T9971] team0: Port device team_slave_0 added
[  419.821477][ T9973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  419.834385][ T9973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  419.876993][ T9971] team0: Port device team_slave_1 added
[  419.944575][   T29] audit: type=1326 audit(1734148391.119:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10024 comm="syz.5.1163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f5e185d19 code=0x7ffc0000
[  419.969198][   T29] audit: type=1326 audit(1734148391.119:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10024 comm="syz.5.1163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f5e185d19 code=0x7ffc0000
[  419.991837][   T29] audit: type=1326 audit(1734148391.119:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10024 comm="syz.5.1163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4f5e185d19 code=0x7ffc0000
[  420.012050][ T9969] batman_adv: batadv0: Adding interface: batadv_slave_0
[  420.014219][   T29] audit: type=1326 audit(1734148391.119:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10024 comm="syz.5.1163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f5e185d19 code=0x7ffc0000
[  420.014260][   T29] audit: type=1326 audit(1734148391.119:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10024 comm="syz.5.1163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f5e185d19 code=0x7ffc0000
[  420.014294][   T29] audit: type=1326 audit(1734148391.149:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10024 comm="syz.5.1163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4f5e185d19 code=0x7ffc0000
[  420.014328][   T29] audit: type=1326 audit(1734148391.149:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10024 comm="syz.5.1163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f5e185d19 code=0x7ffc0000
[  420.014361][   T29] audit: type=1326 audit(1734148391.149:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10024 comm="syz.5.1163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f5e185d19 code=0x7ffc0000
[  420.132213][ T9969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  420.159009][ T9969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  420.184161][ T9967] hsr_slave_0: entered promiscuous mode
[  420.190430][ T9967] hsr_slave_1: entered promiscuous mode
[  420.200090][ T9967] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  420.208011][ T9967] Cannot create hsr debugfs directory
[  420.221889][ T9973] team0: Port device team_slave_0 added
[  420.229896][ T9969] batman_adv: batadv0: Adding interface: batadv_slave_1
[  420.237570][ T9969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  420.265327][ T9969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  420.279302][ T9971] batman_adv: batadv0: Adding interface: batadv_slave_0
[  420.288976][ T9971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  420.315246][ T9971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  420.327955][ T9971] batman_adv: batadv0: Adding interface: batadv_slave_1
[  420.335160][ T9971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  420.362034][ T9971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  420.374816][ T9973] team0: Port device team_slave_1 added
[  420.434971][ T9973] batman_adv: batadv0: Adding interface: batadv_slave_0
[  420.448034][ T9973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  420.479064][ T9973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  420.522870][ T9973] batman_adv: batadv0: Adding interface: batadv_slave_1
[  420.531093][ T9973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  420.558818][ T9973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  420.579107][ T9969] hsr_slave_0: entered promiscuous mode
[  420.585873][ T9969] hsr_slave_1: entered promiscuous mode
[  420.592741][ T9969] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  420.600385][ T9969] Cannot create hsr debugfs directory
[  420.619454][ T9971] hsr_slave_0: entered promiscuous mode
[  420.626021][ T9971] hsr_slave_1: entered promiscuous mode
[  420.633249][ T9971] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  420.640922][ T9971] Cannot create hsr debugfs directory
[  420.707202][ T9973] hsr_slave_0: entered promiscuous mode
[  420.715095][ T9973] hsr_slave_1: entered promiscuous mode
[  420.721232][ T9973] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  420.729422][ T9973] Cannot create hsr debugfs directory
[  421.042687][ T5134] Bluetooth: hci0: command tx timeout
[  421.050069][T10030] netlink: 'syz.5.1165': attribute type 1 has an invalid length.
[  421.282570][ T5134] Bluetooth: hci1: command tx timeout
[  421.345963][ T9969] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.387659][ T9967] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  421.406346][ T9967] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  421.442565][ T5134] Bluetooth: hci2: command tx timeout
[  421.640821][ T9969] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.682972][ T5134] Bluetooth: hci3: command tx timeout
[  421.740128][ T9967] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  421.843425][ T9967] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  421.957541][ T9969] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.115719][ T9969] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.234823][ T9967] 8021q: adding VLAN 0 to HW filter on device bond0
[  422.298454][ T9967] 8021q: adding VLAN 0 to HW filter on device team0
[  422.318003][ T9969] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  422.419968][ T9973] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.443165][ T9969] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  422.461669][ T6294] bridge0: port 1(bridge_slave_0) entered blocking state
[  422.468858][ T6294] bridge0: port 1(bridge_slave_0) entered forwarding state
[  422.486967][ T9969] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  422.515725][ T9969] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  422.574649][ T9973] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.873129][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  422.880344][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  423.032980][ T9973] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.131005][ T5134] Bluetooth: hci0: command tx timeout
[  423.268113][ T9973] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.362785][ T5134] Bluetooth: hci1: command tx timeout
[  423.520212][ T9969] 8021q: adding VLAN 0 to HW filter on device bond0
[  423.522761][ T5134] Bluetooth: hci2: command tx timeout
[  423.550271][ T9967] 8021q: adding VLAN 0 to HW filter on device batadv0
[  423.576620][ T9969] 8021q: adding VLAN 0 to HW filter on device team0
[  423.590213][ T9973] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  423.655606][ T9971] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.697915][ T9973] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  423.724762][ T9973] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  423.737849][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  423.745185][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  423.763149][ T5134] Bluetooth: hci3: command tx timeout
[  423.789508][ T9971] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.811532][ T9973] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  423.832439][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  423.839569][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  423.882734][ T9971] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.970517][ T9971] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.981633][  T977] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  424.016418][ T9967] veth0_vlan: entered promiscuous mode
[  424.079037][ T9967] veth1_vlan: entered promiscuous mode
[  424.142603][  T977] usb 6-1: device descriptor read/64, error -71
[  424.173379][ T9967] veth0_macvtap: entered promiscuous mode
[  424.230642][ T9973] 8021q: adding VLAN 0 to HW filter on device bond0
[  424.263569][ T9967] veth1_macvtap: entered promiscuous mode
[  424.290406][ T9969] 8021q: adding VLAN 0 to HW filter on device batadv0
[  424.298242][ T9971] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  424.331291][ T9971] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  424.341136][ T9971] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  424.357475][ T9973] 8021q: adding VLAN 0 to HW filter on device team0
[  424.370530][ T9971] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  424.382785][  T977] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  424.396094][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  424.403747][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  424.421013][ T9967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  424.431796][ T9967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.444460][ T9967] batman_adv: batadv0: Interface activated: batadv_slave_0
[  424.463437][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  424.470567][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  424.487496][ T9967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  424.498284][ T9967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.510661][ T9967] batman_adv: batadv0: Interface activated: batadv_slave_1
[  424.531229][ T9967] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  424.541354][ T9967] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  424.550308][ T9967] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  424.560235][  T977] usb 6-1: device descriptor read/64, error -71
[  424.566948][ T9967] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  424.680080][ T9969] veth0_vlan: entered promiscuous mode
[  424.687451][  T977] usb usb6-port1: attempt power cycle
[  424.731717][ T9969] veth1_vlan: entered promiscuous mode
[  424.762923][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  424.770779][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  424.814506][ T6853] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  424.837331][ T6853] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  424.859856][ T9969] veth0_macvtap: entered promiscuous mode
[  424.909146][ T9969] veth1_macvtap: entered promiscuous mode
[  424.999547][ T9971] 8021q: adding VLAN 0 to HW filter on device bond0
[  425.042757][  T977] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  425.047268][ T9971] 8021q: adding VLAN 0 to HW filter on device team0
[  425.068236][ T9969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  425.079655][ T9969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.090315][  T977] usb 6-1: device descriptor read/8, error -71
[  425.096795][ T9969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  425.108000][ T9969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.119104][ T9969] batman_adv: batadv0: Interface activated: batadv_slave_0
[  425.142747][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  425.149937][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  425.161168][ T9969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  425.173174][ T9969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.183343][ T9969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  425.194328][ T9969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.205569][ T9969] batman_adv: batadv0: Interface activated: batadv_slave_1
[  425.230467][ T9969] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  425.245930][ T9969] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  425.257391][ T9969] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  425.267499][ T9969] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  425.280034][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  425.287359][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  425.315994][ T9973] 8021q: adding VLAN 0 to HW filter on device batadv0
[  425.322567][T10051] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  425.352761][  T977] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  425.383994][  T977] usb 6-1: device descriptor read/8, error -71
[  425.493876][T10051] usb 4-1: Using ep0 maxpacket: 16
[  425.499101][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  425.510144][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  425.518416][  T977] usb usb6-port1: unable to enumerate USB device
[  425.521662][T10073] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  425.544992][ T9973] veth0_vlan: entered promiscuous mode
[  425.560305][T10073] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  425.584668][ T6294] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  425.587948][ T9973] veth1_vlan: entered promiscuous mode
[  425.611059][ T6294] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  425.623093][T10073] netlink: 'syz.3.1151': attribute type 21 has an invalid length.
[  425.641449][T10073] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1151'.
[  425.651185][T10073] netlink: 5 bytes leftover after parsing attributes in process `syz.3.1151'.
[  425.704052][T10073] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1151'.
[  425.713960][ T9973] veth0_macvtap: entered promiscuous mode
[  425.737744][ T9973] veth1_macvtap: entered promiscuous mode
[  425.760378][T10051] usb 4-1: unable to get BOS descriptor or descriptor too short
[  425.769492][ T9973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  425.781891][ T9973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.828835][T10051] usb 4-1: unable to read config index 0 descriptor/start: -71
[  425.831674][ T9973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  425.836684][T10051] usb 4-1: can't read configurations, error -71
[  425.861035][ T9973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.872787][ T9973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  425.884454][ T9973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.895464][ T9973] batman_adv: batadv0: Interface activated: batadv_slave_0
[  425.921420][ T9973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  425.952251][ T9973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.971708][ T9973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  425.983037][ T9973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.993698][ T9973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  426.004779][ T9973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  426.023806][ T9973] batman_adv: batadv0: Interface activated: batadv_slave_1
[  426.107833][ T9971] 8021q: adding VLAN 0 to HW filter on device batadv0
[  426.127077][ T9973] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  426.138263][ T9973] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  426.156651][ T9973] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  426.176540][ T9973] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  426.394133][T10091] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  426.412155][ T6294] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  426.436824][ T6294] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  426.583408][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  426.603954][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  426.787656][T10099] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1175'.
[  426.991250][T10102] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1176'.
[  427.023074][ T9971] veth0_vlan: entered promiscuous mode
[  427.048228][ T9971] veth1_vlan: entered promiscuous mode
[  427.175209][ T9971] veth0_macvtap: entered promiscuous mode
[  427.198943][ T9971] veth1_macvtap: entered promiscuous mode
[  427.217251][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.227901][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.261430][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.272534][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.287847][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.304728][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.314879][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  427.325633][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.336999][ T9971] batman_adv: batadv0: Interface activated: batadv_slave_0
[  427.624090][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  427.840967][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.893366][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  427.916433][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.926784][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  427.937536][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.947599][ T9971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  427.958180][ T9971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  427.970637][ T9971] batman_adv: batadv0: Interface activated: batadv_slave_1
[  427.981260][ T9971] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  427.990344][ T9971] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  427.999329][ T9971] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  428.009091][ T9971] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  428.977752][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  428.977775][   T29] audit: type=1326 audit(1734148400.119:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10118 comm="syz.2.1181" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe1de585d19 code=0x0
[  429.224016][ T3417] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  429.231889][ T3417] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  429.239597][ T3417] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  429.249151][ T3417] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  429.922640][    C0] 
[  429.925103][    C0] ============================================
[  429.931331][    C0] WARNING: possible recursive locking detected
[  429.937991][    C0] 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0 Not tainted
[  429.945090][    C0] --------------------------------------------
[  429.951339][    C0] syz.1.1183/10128 is trying to acquire lock:
[  429.957408][    C0] ffff88804c274f30 (&hsr->seqnr_lock){+.-.}-{3:3}, at: hsr_dev_xmit+0x18a/0x210
[  429.966473][    C0] 
[  429.966473][    C0] but task is already holding lock:
[  429.973862][    C0] ffff888063708f30 (&hsr->seqnr_lock){+.-.}-{3:3}, at: hsr_dev_xmit+0x18a/0x210
[  429.982919][    C0] 
[  429.982919][    C0] other info that might help us debug this:
[  429.990968][    C0]  Possible unsafe locking scenario:
[  429.990968][    C0] 
[  429.998488][    C0]        CPU0
[  430.001872][    C0]        ----
[  430.005293][    C0]   lock(&hsr->seqnr_lock);
[  430.009791][    C0]   lock(&hsr->seqnr_lock);
[  430.014303][    C0] 
[  430.014303][    C0]  *** DEADLOCK ***
[  430.014303][    C0] 
[  430.022815][    C0]  May be due to missing lock nesting notation
[  430.022815][    C0] 
[  430.031393][    C0] 10 locks held by syz.1.1183/10128:
[  430.036722][    C0]  #0: ffff88805f835850 (&u->iolock){+.+.}-{4:4}, at: __unix_dgram_recvmsg+0x246/0x12f0
[  430.046667][    C0]  #1: ffffc90000007be0 ((&ndev->rs_timer)){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[  430.056326][    C0]  #2: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: ndisc_send_skb+0x563/0x1450
[  430.065837][    C0]  #3: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: ip6_finish_output2+0x63a/0x17b0
[  430.075749][    C0]  #4: ffffffff8e937b40 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x2f4/0x3f50
[  430.085722][    C0]  #5: ffff888063708f30 (&hsr->seqnr_lock){+.-.}-{3:3}, at: hsr_dev_xmit+0x18a/0x210
[  430.095225][    C0]  #6: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: hsr_forward_skb+0xb6/0x2b50
[  430.104711][    C0]  #7: ffffffff8e937b40 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x2f4/0x3f50
[  430.114642][    C0]  #8: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: br_dev_xmit+0x21d/0x1b40
[  430.124412][    C0]  #9: ffffffff8e937b40 (rcu_read_lock_bh){....}-{1:3}, at: __dev_queue_xmit+0x2f4/0x3f50
[  430.134883][    C0] 
[  430.134883][    C0] stack backtrace:
[  430.140772][    C0] CPU: 0 UID: 0 PID: 10128 Comm: syz.1.1183 Not tainted 6.13.0-rc2-syzkaller-00159-gf932fb9b4074 #0
[  430.151545][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  430.161610][    C0] Call Trace:
[  430.164910][    C0]  <IRQ>
[  430.167748][    C0]  dump_stack_lvl+0x241/0x360
[  430.172430][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  430.177656][    C0]  ? __pfx__printk+0x10/0x10
[  430.182265][    C0]  ? lockdep_unlock+0x16a/0x300
[  430.187134][    C0]  print_deadlock_bug+0x483/0x620
[  430.192172][    C0]  validate_chain+0x15e2/0x5920
[  430.197036][    C0]  ? __pfx_virtqueue_add+0x10/0x10
[  430.202152][    C0]  ? __pfx_lock_release+0x10/0x10
[  430.207364][    C0]  ? __virt_addr_valid+0x183/0x530
[  430.212471][    C0]  ? __pfx_validate_chain+0x10/0x10
[  430.217760][    C0]  ? __pfx_validate_chain+0x10/0x10
[  430.222951][    C0]  ? check_sq_full_and_disable+0x1e7/0x360
[  430.228754][    C0]  ? virtqueue_kick_prepare+0x2cb/0x4d0
[  430.234384][    C0]  ? mark_lock+0x9a/0x360
[  430.239259][    C0]  __lock_acquire+0x1397/0x2100
[  430.244150][    C0]  lock_acquire+0x1ed/0x550
[  430.248661][    C0]  ? hsr_dev_xmit+0x18a/0x210
[  430.253347][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  430.258364][    C0]  ? hsr_dev_xmit+0x18a/0x210
[  430.263029][    C0]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  430.268841][    C0]  ? netif_skb_features+0x8b6/0xc90
[  430.274036][    C0]  ? hsr_dev_xmit+0x18a/0x210
[  430.278716][    C0]  _raw_spin_lock_bh+0x35/0x50
[  430.283482][    C0]  ? hsr_dev_xmit+0x18a/0x210
[  430.288150][    C0]  hsr_dev_xmit+0x18a/0x210
[  430.292649][    C0]  dev_hard_start_xmit+0x27a/0x7d0
[  430.297790][    C0]  __dev_queue_xmit+0x1b73/0x3f50
[  430.302865][    C0]  ? __dev_queue_xmit+0x2f4/0x3f50
[  430.308073][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  430.314422][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  430.319792][    C0]  ? __local_bh_enable_ip+0x168/0x200
[  430.325259][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  430.330492][    C0]  ? __local_bh_enable_ip+0x168/0x200
[  430.335871][    C0]  ? ebt_do_table+0x2840/0x2a40
[  430.340731][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  430.346475][    C0]  ? ebt_do_table+0x2840/0x2a40
[  430.351968][    C0]  ? skb_push+0x97/0x100
[  430.356223][    C0]  br_dev_queue_push_xmit+0x726/0x900
[  430.361686][    C0]  ? __pfx_lock_release+0x10/0x10
[  430.366704][    C0]  ? ebt_do_table+0x2840/0x2a40
[  430.371553][    C0]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[  430.377445][    C0]  NF_HOOK+0x3a7/0x460
[  430.381515][    C0]  ? NF_HOOK+0x9f/0x460
[  430.385674][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  430.390263][    C0]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[  430.396149][    C0]  ? __pfx_lock_release+0x10/0x10
[  430.401171][    C0]  br_forward_finish+0xd8/0x130
[  430.406024][    C0]  ? __pfx_br_dev_queue_push_xmit+0x10/0x10
[  430.412028][    C0]  NF_HOOK+0x3a7/0x460
[  430.416136][    C0]  ? NF_HOOK+0x9f/0x460
[  430.420312][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  430.424923][    C0]  ? br_multicast_count+0xf8/0xcd0
[  430.430058][    C0]  ? __pfx_br_forward_finish+0x10/0x10
[  430.435524][    C0]  __br_forward+0x489/0x660
[  430.440118][    C0]  ? __pfx_br_forward_finish+0x10/0x10
[  430.445573][    C0]  ? __pfx___br_forward+0x10/0x10
[  430.450589][    C0]  ? br_flood+0x40d/0x660
[  430.454915][    C0]  br_dev_xmit+0x1202/0x1b40
[  430.460025][    C0]  ? br_dev_xmit+0x21d/0x1b40
[  430.464700][    C0]  ? __pfx_br_dev_xmit+0x10/0x10
[  430.469638][    C0]  ? __pfx_validate_xmit_xfrm+0x10/0x10
[  430.475223][    C0]  ? netif_skb_features+0x8b6/0xc90
[  430.480416][    C0]  ? sysvec_apic_timer_interrupt+0xa6/0xc0
[  430.486234][    C0]  ? validate_xmit_skb+0x9b8/0xff0
[  430.491347][    C0]  dev_hard_start_xmit+0x27a/0x7d0
[  430.496455][    C0]  __dev_queue_xmit+0x1b73/0x3f50
[  430.501477][    C0]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  430.507016][    C0]  ? __dev_queue_xmit+0x2f4/0x3f50
[  430.512129][    C0]  ? __build_skb_around+0x245/0x3d0
[  430.517757][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  430.523231][    C0]  ? __alloc_skb+0x28f/0x440
[  430.527830][    C0]  ? __copy_skb_header+0x437/0x5b0
[  430.532943][    C0]  ? __asan_memcpy+0x40/0x70
[  430.537543][    C0]  ? __copy_skb_header+0x437/0x5b0
[  430.542648][    C0]  ? __pskb_copy_fclone+0x9a1/0x10c0
[  430.548364][    C0]  ? hsr_create_tagged_frame+0x4df/0xef0
[  430.553999][    C0]  ? __asan_memmove+0x40/0x70
[  430.558671][    C0]  ? hsr_addr_subst_dest+0x30a/0xac0
[  430.563950][    C0]  hsr_forward_skb+0x179d/0x2b50
[  430.568885][    C0]  ? hsr_forward_skb+0xb6/0x2b50
[  430.573815][    C0]  ? __pfx_hsr_forward_skb+0x10/0x10
[  430.579098][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  430.584482][    C0]  ? netif_skb_features+0x8b6/0xc90
[  430.589794][    C0]  hsr_dev_xmit+0x195/0x210
[  430.594310][    C0]  dev_hard_start_xmit+0x27a/0x7d0
[  430.599464][    C0]  __dev_queue_xmit+0x1b73/0x3f50
[  430.604507][    C0]  ? __dev_queue_xmit+0x2f4/0x3f50
[  430.609627][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  430.615611][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  430.620977][    C0]  ? neigh_connected_output+0x1d5/0x450
[  430.626516][    C0]  ? read_seqbegin+0x157/0x2b0
[  430.631300][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  430.636525][    C0]  ? read_seqbegin+0x208/0x2b0
[  430.641290][    C0]  ? __pfx_read_seqbegin+0x10/0x10
[  430.646396][    C0]  ? eth_header+0x11c/0x1f0
[  430.650985][    C0]  ? __asan_memcpy+0x40/0x70
[  430.655572][    C0]  ? eth_header+0x11c/0x1f0
[  430.660070][    C0]  ? __pfx_eth_header+0x10/0x10
[  430.664908][    C0]  ? neigh_connected_output+0x3a7/0x450
[  430.670449][    C0]  ip6_finish_output2+0x12c7/0x17b0
[  430.675657][    C0]  ? ip6_mtu+0x81/0x3f0
[  430.679807][    C0]  ? ip6_finish_output2+0x63a/0x17b0
[  430.685195][    C0]  ? __pfx_ip6_finish_output2+0x10/0x10
[  430.690775][    C0]  ? ip6_mtu+0x81/0x3f0
[  430.694957][    C0]  ip6_finish_output+0x41e/0x840
[  430.699893][    C0]  ndisc_send_skb+0xb30/0x1450
[  430.704741][    C0]  ? ndisc_send_skb+0x563/0x1450
[  430.709860][    C0]  ? __pfx_ndisc_send_skb+0x10/0x10
[  430.715305][    C0]  ? __pfx_dst_output+0x10/0x10
[  430.720442][    C0]  ? skb_set_owner_w+0x246/0x380
[  430.725420][    C0]  ? ndisc_send_rs+0x536/0x6c0
[  430.730215][    C0]  addrconf_rs_timer+0x371/0x670
[  430.735171][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  430.740914][    C0]  ? call_timer_fn+0xa8/0x650
[  430.745738][    C0]  call_timer_fn+0x187/0x650
[  430.750336][    C0]  ? call_timer_fn+0xc0/0x650
[  430.755010][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  430.760476][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  430.765583][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  430.771210][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  430.776683][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  430.782152][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  430.787367][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  430.792672][    C0]  ? __pfx_addrconf_rs_timer+0x10/0x10
[  430.798263][    C0]  __run_timer_base+0x66a/0x8e0
[  430.803223][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  430.808696][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  430.815032][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  430.820519][    C0]  run_timer_softirq+0xb7/0x170
[  430.825408][    C0]  handle_softirqs+0x2d4/0x9b0
[  430.830187][    C0]  ? __irq_exit_rcu+0xf7/0x220
[  430.834949][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  430.840250][    C0]  ? irqtime_account_irq+0xd4/0x1e0
[  430.845446][    C0]  __irq_exit_rcu+0xf7/0x220
[  430.850134][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  430.855516][    C0]  irq_exit_rcu+0x9/0x30
[  430.859749][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  430.865369][    C0]  </IRQ>
[  430.868280][    C0]  <TASK>
[  430.871196][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  430.877188][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[  430.883691][    C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 2e 19 40 f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 53 57 aa f5 65 8b 05 c4 b9 40 74 85 c0 74 43 48 c7 04 24 0e 36
[  430.903282][    C0] RSP: 0018:ffffc90003d1f600 EFLAGS: 00000206
[  430.909793][    C0] RAX: d861cb611b94f300 RBX: 1ffff920007a3ec4 RCX: ffffffff817b117a
[  430.917776][    C0] RDX: dffffc0000000000 RSI: ffffffff8c0a9760 RDI: 0000000000000001
[  430.926036][    C0] RBP: ffffc90003d1f690 R08: ffffffff9426e93f R09: 1ffffffff284dd27
[  430.934012][    C0] R10: dffffc0000000000 R11: fffffbfff284dd28 R12: dffffc0000000000
[  430.942084][    C0] R13: 1ffff920007a3ec0 R14: ffffc90003d1f620 R15: 0000000000000246
[  430.950246][    C0]  ? mark_lock+0x9a/0x360
[  430.954684][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  430.961008][    C0]  ? autoremove_wake_function+0x37/0x110
[  430.966648][    C0]  __wake_up_common_lock+0x18c/0x1e0
[  430.971953][    C0]  __unix_dgram_recvmsg+0x5f4/0x12f0
[  430.977266][    C0]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[  430.982995][    C0]  ? iovec_from_user+0x61/0x240
[  430.987873][    C0]  ? __import_iovec+0x3a8/0x870
[  430.992711][    C0]  ? unix_dgram_recvmsg+0xb6/0xe0
[  430.997731][    C0]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[  431.003874][    C0]  sock_recvmsg_nosec+0x18e/0x1d0
[  431.009001][    C0]  ____sys_recvmsg+0x3cd/0x480
[  431.014060][    C0]  ? __pfx_____sys_recvmsg+0x10/0x10
[  431.019856][    C0]  ? do_recvmmsg+0x44e/0xab0
[  431.024732][    C0]  ? __might_fault+0xaa/0x120
[  431.029457][    C0]  do_recvmmsg+0x426/0xab0
[  431.033868][    C0]  ? __pfx_do_recvmmsg+0x10/0x10
[  431.038813][    C0]  ? __pfx_futex_wake_mark+0x10/0x10
[  431.044089][    C0]  ? futex_wait+0x285/0x360
[  431.048574][    C0]  ? __pfx_futex_wait+0x10/0x10
[  431.053413][    C0]  ? fd_install+0x9c/0x5d0
[  431.058187][    C0]  ? __pfx_lock_release+0x10/0x10
[  431.063246][    C0]  ? __pfx_do_futex+0x10/0x10
[  431.067926][    C0]  __x64_sys_recvmmsg+0x199/0x250
[  431.072953][    C0]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  431.078568][    C0]  ? do_syscall_64+0x100/0x230
[  431.083375][    C0]  ? do_syscall_64+0xb6/0x230
[  431.088084][    C0]  do_syscall_64+0xf3/0x230
[  431.092586][    C0]  ? clear_bhb_loop+0x35/0x90
[  431.097289][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.103201][    C0] RIP: 0033:0x7f10f2185d19
[  431.107608][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.127459][    C0] RSP: 002b:00007f10f306f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  431.136046][    C0] RAX: ffffffffffffffda RBX: 00007f10f2376080 RCX: 00007f10f2185d19
[  431.144028][    C0] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000005
[  431.152034][    C0] RBP: 00007f10f2201a20 R08: 0000000000000000 R09: 0000000000000000
[  431.160017][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  431.168010][    C0] R13: 0000000000000000 R14: 00007f10f2376080 R15: 00007ffda0251a68
[  431.175970][    C0]  </TASK>
[  431.319734][T10130] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(7)
[  431.326292][T10130] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  431.340655][T10130] vhci_hcd vhci_hcd.0: Device attached
[  431.361685][T10139] vhci_hcd: connection closed
[  431.364656][   T11] vhci_hcd: stop threads
[  431.375414][   T11] vhci_hcd: release socket
[  431.379926][   T11] vhci_hcd: disconnect device
[  437.122440][ T5134] Bluetooth: hci4: command 0x0406 tx timeout