last executing test programs:

15.111420067s ago: executing program 3 (id=979):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000000)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000007780)="afe28a28263ffd9dbc5af980196765a3c1f82c4a1fae7a322fdf0f6eec50303f6104db417704a701a8d6c5e7f5c99a5cf3eed4e0e1c82545122d6933469933ec605aaf61a5b8b1f8aacbafca498796976da62837e4a0d818ea71474d0412cfe162a7260456c425f2604cbd262e2aef92d09d6d2e105b7e7d377c95ccfe1d0f9af9f7e6a6d85d4a8ebee6fa703efd8c4a106793205a405938d47f97266eaa5fda88f11a03a8305399889ccc48f85c4b6a7747f489dc76c93b06be84635190224018e13954cd2fe714fec88f6aac3c57d5fec99307b8c8327e8854000e81d781e2f5bc37e96bbc3077555f696c6fadd199d9bfbf0997e76925fe17923ac5976e32f52ee407c43070cd8a709a2326ac96b94051cd0cc8f29b43edbc4ed850ae7a30b45db7e72114aeb46bd3a91775582c9206a638456a0e3da847a7be2e21620df89ea7e2da53f77f39cf0eb2d0b601d507d4dd57a534b5c77076052cdb03dd0c241f75f442fdb07624ad9d9fcbba92a4f20b20b424e3c9c92f2831e5efe0be454f3b4dbb9dbe6152bb152206ff0451edeffdbaba54deb39f00e74297c676effb60950dce7a847031ca85a1b3690f573bc31094d6e7d95f5821c0eae6a2685958619d94108eefcbc0dc5dda47ca509878dd8caa875d69af6c88997b5d67e5c67bf9daf89547a55061eb0cc55e2c696b71c7384ba16928fa81f7394a048329c467ef813df172236464f9d1418e5d5386b0eb6d5c4f765d0246ee91ab39c07310b61680788e3a57dab96d1eabe1a0efc2b6c882aed50d993d15f8561bc1f6bde7e79b711bb206685344aae196c1c4b97cd515911341cd60c6ad108e0013f87d063385ea5f057de4315284cb6f8545436981ce1c4bbf13f178e3a504bc0c8b1bead105f7e7622c288aca7206ee18dbb97b1b393d102d9c65e3a765e87f554d98383e4e49ad1c600d8fac4acb970ce04e0c866806bd44b21b5c891c3bccefb87bdf389d6a36992cacfe52b96e7e1014cc58ec29fe0ac221ea6d49f759f2a746e7603272d572515fbbb33d2b6f94eb9c6571118b606e18ef88ff88366aa3ecccd6c845f9b8534f49997c940a930693fcdf742fde3676c6cee9eda06ab856a4dfee75c7c9cda6b11da6441644b62116e6fdcae5b5e0148047028a5842c21fb9637771a5ac84ba9740c9c9b56b58c08730a48e81c05b312449edd27843c173d1875c28aeca43761a06fed193378129243aa514bf74d6b76ccd70807440401948d6f3bd9a352cd432e1289f2d4e78add381e4477dd8ac2f2ccd3b6533121ac51c393dc773b9e120ea8194e51d76749b4f0c4e6e40132ba1535015d5ff224ff77310be5a31a6defa004262918136b9db98a94a1fd244be1f5a7cf6762e7bea536df1d312a72776baa881833d295f1a60f2ac98d54f302d8fc72f135ab3256d065a618b60d2a6982ee89c60bac90dd81e0cfc24118c568e8e3a29a9f29e55f479a8fb5638d6cd724605b69aaacafd440020f4776652537454041acc13cdb0bf1489fbac78c4bfae755b259764756407204b22cfe838ddf82523c03b4bc1eeb55c43b1f50b7d03fd4da448ae51cc4a844fd0240e0d131c2693ed770844bf25e3bbea974a5c2a40ed65f1c3a729ed93ec22b93899aa861ce301e1cc1f3e98846a39a49169cbe3eef35e3595207f1014a8dc89d6b512dc05cd23ed4b4741f6ac778794cd1282f42a72301f37816859cb92d53db6793f294df19d0ef1bb453685f3c666b3941c25c92b204c8307c0e83469032f276cef4ce538a4570d652aa212de6fae8ae4d62399de49f0d4bfc0a47fbd79e7a86e12c9d863dde004f9e9d605dac7d688dc5daff78c27bbe727fbab0cd3058e75544261d5d83468ef23e3a224f0ec460855aad927c5c5b3bfce0a3e3c45abb0ee6dbd04242ec765e324209bdf07f4ed21eb15e2f030476fbc3cd05554f54858232625e9b37ac41b8e354ebc85a0282fbf9ad5d6e0c2d7b093bc1f887646faa1e7622f110b546dadf44eff6bafb2a58631a93e560bd67b42ab96d4a9f044f26a481feb8b3f2018a7236799c2d1877a63e5fe64dd207be729eb1cda7977d59bc139e1d2f6cae1defe90b8f6a99ae4dbac317413745521247f3691e894af33c7484afb11f4d2f858ee87e93ad202f9853c6ceee0a92e052225ebf283a017ae2e7cfcf924ea4e3b319a05a9bfe3f476308aa5039fb8a7d3642043957a2090e0727120a7aea16d16e7a4b15d5676966041f76188fb69d89080b6eb2d4d42bc84e298dedda4db06b78df5c7198230ab439f0c3b4f3f649d531664c59eee2d73fe14f01133776b717f6b7118afdb264ace9e44af5bfdf35bfa7f7ab538004c0085c11da725ed284a34c7f27da78acf488bd0f54e6026efbf81af934558c36473d0fdc85519e11b4f30fa3b7ef757c35f4c88a360549def898cc460557433e44621589e71f3118003b4695f3130dc005d32c0330b950c12e430d2a2a6b9a68995bc9e1345dcfa30585603f09e74296cffe8d758b216de00e8302eed0e06f94e7bdf835cf27fcbe57651f36d6d2de82f179f42fc8e7fed4f5c7f5b691c6e038a76cab3e604e42ceda945e155db89cc0013564726053ccd77cd8e626bac72468ae0998f686450d5e0a17ce88e1b15d05f212c336d7cb5013eb94fa861b588be01ed252b487b4d1918c87a341b5daf74f3083bd49ccc6ee26ff8993b5398145ae7f9505c1398f1bdd2cb90636f9e99da243cedccc97252fe15ee10e886c187e5c614f33bbf630c654b1d87e693b765f3a36b67bd1fb46afcd24c96a0b7784e4cabb8a8a5abca853d51694da85296a430b8856f51173946c9f143db65fd1b51b9534657d3a7953ba7186651ddc6f0a625563c3b43cfbc83330507d399ae87731e1ab1f15320779da21d2000d85155a8c9cbd6f642695a565dec615d7bdf8a47a76005b3607cde6176b8303b7eeb2212179d6f5176e45b1759810fcec418e6c41e7b33da9f92211631a070257cea55e644498466d5fc5744f903e6c4a2d3809eb6e70d50a82f66a1a05079ebe9ae0b756bb2781dafd14b1a06c0eb2c9b77b0d8d005d47aacf5447a104f85df3decb0ef8bf1483b47be9c945b95634c474f9cebdc97a91f85aba7172d05cd7b06afa043b8900ab400770fa270029e34ebab31a69367a18057ce532cd66e52b807b8665475977a56ec5407c778994ce9c85e8b96f1313e468cf83d266f14250acee2a4a52001de174d2208bc2a679916e4231fb30a99263a0398e99e9f8236010f17a5de367d673a95b374158d2baae4612ec6898d0fec2f95b45c6bd760a0cabcac1067470492c5e66c11ea745ae803dd24a5c89cac5a0d64bcc15648b1d812be638d10311d640b3251a8001619d09f138bf04e35c02807c2c87c222a6f54da320f0169cece864f4d37af54f0fdcfd455051c0effe17d2c04b3b67807af05cd8176017cd8e35c1ca1b13112f2dddde84be95ef67a6c8ad8a4ab0e7175fd124bda62656c4afec4dc8c0261a855e75575ddbb375e45a5b635fc7bc528ba387dd24f485ba69a9ba2761c243d359bce078d0ba0cdc13b6ee7d66a8546c49a4429af5866f866ba2e1e0a10ff4a3c3b5e240d918f6a896c35f51ad7b02e6d0747ee80a99c8812577600e359b703e571ec18d6b88866f28aef250de65f39b266f6795237f7d3f741127f3d47cefb255d1b3c06c7d8fec9bb8e5c666d7ca7b803dbabc6cacecbca1ed8e89ddc2140f45c4f8572c146d7ab2be20eb72baaee4b1d371aa9f06833ba1a0cb66b701c1fd90e8bcdcfb9bd57a8cad381e7cb2b99250d21384ebf771833ac6f32f4115fcb0ffa177dcae6673b1ff80cbefbaec2c863b263035ad2a0d0a340fed260d4fbf008745bc1b51e5b011b54584f6c0cf3a401f8cfd23f23e830a311bec365064895cbe8a664184aff212bac6f164f6b619e4d8521ae447abc8f59b284aa2e94061aa15afd9070fef452d4fd644da4b6b716784109d92abd31d3221a76eaf592e6529e70a67bd92cdb431c7af9f658b2ace3d954c4a5208f1edcdb8a04461262ed26b24bb3df41b1c28ec42880590b3685f56a3982250ae96c7e1fcb9aa6a9887639d2209cf190e9ea82d5634513eb36c5c0e0769250948967240e29921da36aa0c07c76c81c7bd8b7f1c1c9063b4b1fcd88f63aaf568a7cc9249fad5c996853dd160d80f5251673643fb5e0067c97b0d2b513c1d22a3c2e73786c3c5c17f14c57c2df7c830216e5c3ef066468069428501e1a78c935f4c520c5cfe9daa89ca4bb4895fec8a328453ff630848eeac719bcc09d7bee73e58f4b7cf90f098bb7019c73912b630af92ed9b309c53c5c4edaa3788f9e6d486bd363619cd2c140d9a7175f6c5f977eb6e6f58f18c8d0ace671570e0dd6ed78ca228782ddb71c6f137cf0e27fa85b52b1c15ddf184a72dab098a8b1c1f6746238a8a92848f2478b690b80c131c85e90b69953f5eb54c0b47d59b7e440190e1c9b2d72fdd94c64296ca33aab32cc8f69091df05aaefd4ea00303a3522672f01b5373abae33d34844831a1af2e51276b61e637a93e02e09c306e5fb9619e82bbcf0e43e2f5e8ec8a458b9f1c612634645eb82051fa34f4b13439c3ba2e016972df37f197d09121bd377b1472a2da64698efb11cc88fa36ac173c83ee155b73716639f5d73a29fb783fb27e5ccbab5f9b95a4dca6a7406cd053a7ac9ff25f42ebddd9afe7df308979c314acaacecea602267c6d57fb5f5222e4ccd4b18573b32d6a19f1798a1d78b36b32f0723f7b33b06c2ca43b22e4cce6cda741b3e68a056a0cd6d51b6929cf4a16fb7b2490cbe87e5612dfa7d26ad40ec412021f9033aa2884ee86c7610623fb64663ac5554e694e84877708e77d243bcdb198714fff672b0f927f9cbe5b2436002f02a559dda5232cc150170d7b32d547a080f852c6838809f8ae1995e7ad4b24c7d1ecdb6b5dabca5da671493a3a1b4da1e7ad13ca4b4dbcf53a71348366cef7ee45cb719a8321205aa70da47104e66f344393e64dcfcd015b9d6bc75ec3dd31551de4b614bdc4d89c8de1254a91c4f33cdddf98d8ddf36e8cdc537a7d11dbf51913ca87ca9f644a2a08905e15c0f2bc58168e425b52055e7878ba468909dbed30815e01720df5a1be196471d30c1525070efa59fe62720960e473dc237d7866d77e8ac69cbaa50cea6205b7ccef9437b132f41e87906f3b9c48e9750e7ed1993597f8e599ab8596f4378853ee10e26289e72b92c425f5f0ad0f94d4694415739ccfc06bc5a49237157071116578df4f8aaa1eb4c123c8ada753e4a631f3f9660fbc9404d8af9ef1af380ccee1f2e520c03615fe7c5d276e917d84061f8cc0e5814caac9ecb0ebdf8bfae551197d66ff22236832a0ac38586b059a4ae9054d1810d361f50da921b33904cb6ea7faf44b811e7f7348d07cd32c8f83da01d4d74092493ef5cd3d2cbb9eeed6986f3e4615b8d341cbe13d6eac3bc1e9217fc2f86dd0cab958a6b4e0f0604501b48d352118611e96a974e3642fa785538e7d5b3bc7a363ca95a98a0816e6179bb438f3c110036770da0978987ebcd241464136b2a8d45bf1c2b499b6dba8e44448c73163ae7df71d7c98b705af886dc195cc918c2552fc1696d6749222a4e83279a14001ccb540a64a713fa1691c30e99ae0bf8fdacaaf4aea9d4f89db7d4f364f7a30c80b782f5cd7af01347d78769902f2ed675b6b859b5467cad1bed59a64f13a4b5a827e029c9a3107b08e5f18b930855f7d85f1d78d45d7d3c909b87213158dbe5cfda90936388885a32a61529ab30bf31fcc1d6df9ead0f49ada899dc8be042d2289383f6d09411aea11e6002359ff2e36345b8454ec5f126db94349666a3666323ca164a0f72873b63c9dcc0c60785a66862655d4ab5749bc00bd98ba9e20325e78a572fc93739ce884f3398218c614f8ea33cdff4b797dc2c2874d20670733f30acf52ae4d14c9e83f54533acd42931ea42fcbf89f7a8e68c3c8ecefa4a1e1c693244d4604f9488df30718c455f719a6d93b30173305264c9bdb21e8a68a74e7310dbecdc27afc7b162466c444ce4bda0d937104e683349828a4f0ca8723d54fe13287286f7a6dbb8ece6a7ece355fbee7424e7e524ec33ed5fed03a1ea964af0830108c5e69a071606d9d28450977245cba4d0e1ed8177752526e218cb5e113dff2236c663808533c580da3d83ad502a3d5d30949ca2cea660ccb613cc7661d6857b3b70588976ac8ceed944f7f738e43101369bea05a26ff31692ab45b6c95f794a5c92d8bd42ce8803162cc730782e0c1e468c9d090488763d9d1f1471c2ab1cd8599e078d81a0e84707ea02a0f91c3d588bb54f1f5ba58845617b80263ab8fb2c6757d72eebe00591c7b6cffddb969f6fee2ef9f016f641aa2ccfd59c839ba40ac1a10bb9d94f96e1c6829dd4d2dcb9d0f71726c31d813fa78af8b7621fa47f4b0ed9d9d98e4209676969728a00a92dd592dfee41c806076f0e4100e371c7427f888ef91f03c5b16d87b2ade294f69b77afb199de38bfebfa3ec9285d1829c7c0714bd100c84efc8eb71146a1d4c7f659d77c42119b738d6bcfede23855780a6627d4a417aab498ec60bf69c44fc1f3fd4f99ed941a1234ad1f3120dcc71275c464be23453749841dc1c36a76b28b3659e809a1216aea67658ff76e99580cb202eedb9d4cab23e879723d11f8d4086362271f8f2e6816d47eaeaa5066c3c4338868fd3c8b832581490b6801278e9d1d59771dcc73eef6b9903ba9b9f5e565eece392568c878662ad9cbb931242a27d883fe7839e7e502c368e736f5dc057ed2e4b5c963c54712c772535e22e94c61a13ed50682c065cad0d861b3888ef332ed0236e2747720f97793b46eb39b51057b44f2b9e05de8c077cff7ef5afb56a5d28754d76161909a05573f8aaee5fdf260d80eda7e1b83539e09362a4f9aa0e8f069e0cf221eca87593457b342de27c99cf14c4bc0d8050aa19c8e4a56b3b5d2c3fcc23633f5ab20ec063270c9922292b645a5523f9bba5c6f66368c227bb4b2ad6c1f4c8927552f6b41a312a4bec49669e2968a7d6bf30cf09f8d3fb473ce5a839ed27fa906dbf504aec3a5a2884bf4c569235202dffa763b14f4501ecb8608e77aeb4fda0e4177fad0bc02da3224f183355ad62f6c50efa3c8f8e02bf3cf47ff31210606bb87ce4acb53ead7eff942d65d9905e9bf6acf5829eed4855da2488e0896ad346da16a5c988e31b0632592a2dc3030d28b6d62a3a4638a0a3736f5103ce5fe72baac7fa23d5295c42cd81075ca9f7a9a7fe3cf418f50f7eccd8a7c3e6fb1e8b30c5d8dbb0772a8b44f44cebd8249ce10eb24d1f668765796b4a56a482580456ac49db677284f3b2deaa9514973ad5c156bb4961b2ad05bcde1bcea522790765208eab6eb27777c2ef643ab0c85e9625d259ae29a3b2e864bf936cefd90b63ba2281f8bf8505ef6040335c258d338c014c31810a324dfe382699ac0b92a2747973a297e94fcd75ec7d156bd61cf848d7144f9a9dd89c72b9c323ed6f37110f722da90396816050ad800fb33a92651b0356fd15c4cf876a3509ab32cca3f5bd6906ce5ec186391effb13fac0a10525622023645bfb9742472695c81461db0298f84af1983b6e5e94ae355e0e790fb51fe558bd70e889744872c9ababf42b930340e192ab4295ee72e1392f2bbb137533a919d72e651cbafa37a88232d0f464bd4531e49c65abd629f3e8b920ae3bde61a3538514866f18a937848f7bd99e4a0fbea506b9ee5ab47e41cad31dc261020f91d65c88bf2251c617cfde3314ec540c8128adf417f1ee716473c3d3c049dc7714a832c128869bb4a9bad6f8be1b0a6bb5c0e40417d594a876a5fb50055e7c67e2519698e5ca89fada7c84032a811b0eb5c67364ea809c6be960c9a7b98afc8e6315e780d8f556b97ea65b7fd27ca6fab61164d60a109d182b9b8f7995ee915eb68be320000db4b0bb821ce13a8d55ff70629a5f2bb89a1c7a4b874b49bcb13105493a9560344f89877e7c5e409a15bcda6d27073c3b744b386b0b82098d307dc3aab1ead4306a73cf8382bd3451c0aaa14a8333c6f34e6b5e5d3b240e01243749b3938840c835e16129ddca5d9439511b4fd22752d904dcd60f9405467918e48fa17547493e51a14ccb47128c7449b51cef63178f32cb06155b9e9cb65dba65f8a6f9a45d8d49852609dd0cf8418f463cb15eaaea77c1c89f530c1f6c6c7820d66957ff2fe731628a328f4e7896d5cf6fcc0782c05c47b8f01d28908913e379334fa90ea01906e865202fc6386fc69fb683a1dfd037ec5bbdb368b3530a3cbbbecf2107faeaf32081c65b48a3bd352998df0a781dd86c7c8112407db1bf1ac6446a0c77e8f2e3374fb8217abd59b3d40c9582a3ab663f278a83b22685914b4b2bacc973ffb2dec5e6eb98d6c16463c1e9a896ca4e65206687ca4423c359b4e1ce06a57ecb083b750026719dff109a1d823b4ccff79e5ce416bf3756d913b31faad8c0bab1c62276a581ba8830da7c59c5224db7dd38b032db7cf7022502a8f3cef31dc8344a2d02af978d6f901b1b0097dc425f4f34b73c6ee02a8b48d7a23299c1c6e5190221f84c2ecfe5bdb67b36c5dc23455ae466722c5e4f52b07aa667a6cb55c6a411225e88cf513c7cdd2065a1e044c0008f8b6a5b28f3f00f14e7da47e944ca666cec951593ac26ce5e75f17ca2d438dd8f926ac57d1761a72024187a2f77ef42a7d246f906166afecdcdcf8db8cef6f8855ecd97185fda05bae717eaf3165b99021fbdcee50384a22c8c025c8f82d4839dcb0a6075642dc453c21a4dcdc997d70315dce9a3ac7eb0185924436965d1376624b5c08772ba59b142a066bcd0ad044628e463921d78f1efcf8e8cd1e0fcf525115ae2b104c31561574003770c21e847ab80b65d3a2b53e6ad4a3d5227e3bc82b58b5feabc9c70b55264b32b658227851518664baa871f8128bd826ce818be1edef708e033155ed69a0bd83b246d83ac85b33d7370dcc7f930c25609e2e5f86f1738ba266b079a3743180b9b84a24e4915b1743834ec319e5b238ba6942e4128348be821b21892477e4c5ad3a2031f0ef11d9d54cc90f87cf093e582b1384c8960c36421969f7ee247001f37c66f10ff6dc3edc7de984acb599e9b8bd3e792855ddc703698578edfe74bd27e967dbe77bd4cd0bcbe08ebfa7c5bf95745e670438097ee29215d3ecbde9e8e50e14ec41a9d746de20230140d854e36e95f7c13446db26715b9a30a3d3afa3a5645e0afd3eaf8457a87c528792241e99a415b8709ae334bfa81fd8508c77b50e3d1f2ecf8f7b6b1d187bbac0bd3d49f00fb5c21836a2bd79ea2839bd3a1d396422699dfe0958479c36964efdb2f602d25f202a534df612f347696de6fecffb673d2162f2572c6d04895fc22b638dbf54dfad4d6058683919ec47cc3d3d1f5e4528bae31632081b9b80770ce0e7d44287e18fde786801e7beda77c0b9ee3965f3a4956496fe8e892b65e137d9e47e8e164f7c6fe9c6ac9ece1b7eead32a5a188df5539537e1b736f1c5d67b604d064eda6b6730c51e182cae81e65290f12f68a7146888e438a799d04931f2a0b9b6c565d47d9d322e7358ccdbc08eafc2470414c44f97e33013b976b995bcf96409789bc2bc97d7add4b6eaaa84c18ea936f0eb332185f9de597d6f7793215df2c0be4b5b4085910adb83d248be16deeac399070ad00a24a67cebef51694726a612ea5763f1bbff03a77357d867ec5461c33d73a47db4a51b496be6960ca7c8cb92a51dd578f99e4b1d2b18ce406b2751aeb065ad0225aeb1eedce3b26e3feec915361cd6b4acc105a2962edcd6547691a557f4deb9ca96d39bd92ebc96e763b6139a0421f42c561a7a20ffebef94bc0b7538466064610134ede0221cde98d085531471c0e9761880904952234f0ae34502b3790aad682fe6e7fd7977816e21aa3f7793ca99312ee07ef9b34a31102710bbaa31dcd57d941e6d5fd6b6607d3449bbffb1434d67edc10727230c3283ab7e212152039e9403bc7ae082cb3934794468dc7549aa35cdf35d3c0f754b7fdf47dbb5bc5047923f6841b9a4054a0eef23de222f0ecc04410fccfe3779820d2ac659b84ea56eeefaae980f1bd43aef8e78705ce1995cee4f88400903f66e6d24307090e23d04387909a62a3394890118549baec01b6f2a5c416f68b71bfc2b7a0bf289587664a2b6194d4eccb51bd4177c9487b724f91d088ce68f20882a8dd633b17ad73584e68382877eba4fae1af839baca07f3adc4c9796e07dc69e90bd5efe3a84d3ca40fa8209c2bc9c9303ff2c7979a9508d925c021cea6c7f1483b5c5b00232c292f302fad79aa5fa4820b04a5aed1f9be4cbf4430bd2b6b559133979e5239f514e87559950808fd098792c0b1bd0b9cb94463b22be92962692dca35a8bd0fe0edc28e7e759d2d753177fc29860d419a29fd89c0a2c11e957483f9c13637e2f66e96bf3454b943b7dd368b71243ef58b0b3d469cdf5572a990a5c998c5796b80031f56bc98f5bf70a717cc5ff4febbfc32b29543548d8862f1ab57fbdbeda2a9901593c0d92d4eca205312c18ce649ed5a3263b66d8ca52734a16035daaa182c24e9ae2851e8dd153d2fe34978e8df50402f133190ada04cfaaac56ca6fa20771a195c76a84651ca4aa9c7c4eb16007ef1e965055ab6cb08a02db6c1a82f8c695ec370095c0afd535ed8abf17ff514451055854a99de69863f393e1679ddf5326e1f4de42220df3839ee71c8fab2c3faee9af0f5e9ee5a3c4c146ae7d36536064a11644a9a195290f3d75f64652050ca8a1ef17eed6f5077a651af1ce5304f2e6fa781a83df2a7c4f5e1c8337d35f93633d684803b7bec4fea60e1f9925580f9199f40f307bfd84de2d51f1df191eeb52a48ed4a19c4f524cc26f7043bbabb1c43c4f20d950e218dbcf09a8bda0e1ca1759466938dd764c85c3d8de92b3534ff5c492d024e6ca87952243fe8b6379ba189032926685afcd3839a4423ba19cb0c5488982ce7cad134c60bc329f855ba4be63475ade6110d6db66613c3c7647e76e3949f8e5299738014743523662fd6b1626bcc0cffdb3b757ddcbeefa2facc49da06d907d21888b9344a3167d143e5f8e022d8c75229fd491145c451ac92f000aeee43219215a8136c7c17327f6e0a3eef7fe1861930d143d92f33aa74984c89f9ba3e9ee887bef4f9b16654cbc739fd6b2eebb255596dfd6639896685b72b0e1ea92019884468f5c78d21a3a69df24a3d8d517cec2122417bad0ac7db0182cc87b8b752e7474a36acb8508d118d44d509cd8594dea3a3a611a6c1c0b3bcf48b4834d8bb5cd18f420ed7aea21810c0303ca2d5fc67b116491f1bbd055221c79ec0dfcfc22c17cba3eb4fea49127615fdcef9cbecba603dd2e01e07af17ab0f4a6179f54edb34db2dc0c937a0aa1151c8a9474afd1af7c0a83174aa1fdd8e4bfb9b10841df5ccf068a5612627c8724b1c68fd3879a57265836409a6d851f1baf0023ca", 0x2000, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x78, 0x0, 0x0, {0x88, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0xffffffffffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x21, 0x0, 0x128200}}, 0x50)
lstat(&(0x7f00000003c0)='./file0\x00', 0x0)
stat(&(0x7f00000008c0)='./file0/file0\x00', 0x0)
syz_fuse_handle_req(r0, &(0x7f0000009780)="d5da2027014f42e9179e671dfef0273da2451f530cde0bbe89f39532060f3470f54fd9848bad326cd937468850365ff57c595e46942d4c5d4b5bc0bfc08822160595db3970d60169baa3d8f7fb015baa2b5b2b7ae779d642864b91c5feb765c7d5f65cab649414e828a4066af04d0570c473fd5f77b0429eec895e586906e535320b92fe2f3c039219a7c32d1c9ce2f15d377d3a7e30a6880ddefd7ffd71838b198e7315b6460988ec6a8846f86e57bd62bb18a29bda4489cc4159547b99fa5254a999f70ef45a0680506147b638a981ee2d74a231ca27c79f68c1a08f0fa72cf55aaeafc5535ee808155b1d1b9c073af1852241de02db9f57dc59396bc6147aacf864963c3619ae1c7b6074d9d8e71fb57548a83a751981b0de25e71bd87ad1971a99b0f0a0488205ef60364a742ac342f288536958aabe5fbfe83623db30e9899d5005d75e0dee86340740016feeb9a0be63c62c17039d00baba9223ee75791be43789d25da3381113dcfdf8b6b0f03da9d60d6449371356e3784b81912537067ded1b9a5baa49ef2ecd7038d32972432b093ac8f848ef24849669b57a4228a8b797f0a84e9e6d1717039c5690df9f8ccf2b771318f52b7a17a2d64fd51d64eb3ce97f44daa1b179f0f7c48286ac90ccfa26411d6242a8cdbb60024dc6f577a726bbf13370fcf07421d3f362812245699a4a24c62e81f914cf5b1fa6194dd69709affd09c244a81dc34e43ad4fe6c6cbf8e0cd97040a868c4aa7bd1dfa83af4819ab27d039b9e19cd1d5f74befdc0e1a3d5342181e0b33aaa06cdfaa0ca731c1a99891b5f16e060b17a1ef0b0e6597cb1be7268893c6582a12f7826e99c1c493c0e664166e001b3c68d7b8824a2b18be3a374467dd1b2c2ba645e20c2c27a63f172d61ba97b6114b9c6bc981e086a19065c48248e7b8f5a5b0ed8df95bea2e071f647a10c9620293fd7c926a11256e83d3317f6a7f9124b9a9dc0153bc57b495e97a900b28001dcf808293235546e2d7e99b613087788e3bd74860cb67bbde9c5ef9557e21f45b4f91e87c9f30b753af24613a22d9f80acf71a1d165e50c3bd4ddaf006ad0b76d639c16538dfdd7b092afab4ad74e4b11e97618cadda7a13b6f65efefc1f20a8ad7ed915ef5c67b71ddbcbbddf2f80058495d726506f31cd168c9ec19957707144905bd877bb24799b6e4ea76949091c6e365510db52089118f30b2245ca142e3d48b86d15a56b97639db6920da2fefb0f9614ff391fc1cc23258ea27e5b05f201c8bdd905737f06999c86b96ba655616d033d38fa4b1ca103fe16b9be156d53f29adf1effde7148aed6be59191146762bc4d8f9f81e08a4053ba5c04dc0db7a23895a6d5b804ad955e6cf6dfda433b560048cb0324498c4d60c50436bcdad167bc08488134f4d9ff0aa598c24ec61019e0e6fa9ef6e2585f0b46150a88c0470f21d20df8614484990a0054c3185ffc318506726629ab61c2ec7c2ff0247900c401e13b9a5189386e3696a60d52049bd84537f0df24eb3e229898adef4deee8747a1c51d4e72938856bb2edb34816701be4a42464a1c989dea266e1f338d838ae8932a9fe5c9ce6540a70fd49286728ce2e7c48a4cbde06018fe503395a93108c82cf599be26d0a3700869a0246f1e40ac1886a879cfe68b21231592088296c622d7222df9e0949952b2607f32fa8af005121305f89beaca84bd4cffb00922fa4cb940612eaacf8497a8affc4e2f83ae2487d77b201dfaaedad8bceb177905487f36c124ce4abeb1db224484d1d75cf7718aa9641dc1e23e11e6f20a98cb0c9a4175c7965af1b50db333cc67f891ae500b8fed461b4b9f91a82859060eb197dccb1079996bb6f8d39ab87dd60789c073b9c494106010c68d4cd2fec252e4760eb692eb38f0fdc3eed47fad2d0c945f8b8e51beeb6baf3640d631ab25784ff84d3b7fbf8b26178791b8e4eb0b94284e92224a1fd86a6fed756b9f960bf3c32f2ffbcbfda3e6b4650e3bd4bc2f5315aec59eaf534608ffe3e7300eda02f794d052d107f0fe63ae4971f96fca8edb119ef4fc77e7fd8ff271bd9c5dd4b6495728b838bd8f28bb64235e583b4f4aa2bf04229051a87970f066f2ba165b2e4744119566d260dcee9f24943b518228816cda724bac7fcb7feafbb2afe1ec029a3f3b5f925099a9328f1a9114c0401b2bef31386f1a6fcfa453a5ca3968f41a28d41bc1e955fd38c66624f578679656aa327707e157d0bbedf48bcedfeb0bd9a3a4904c343e4ca76fbdb0c737966f13aeb3f6040d264ccaa71673c49345c045b901055198bf31350fa3f8d6f0db8ddcbb7803109da2a61215dc33a6597be3ed4324249ea03603b4e10de6c0dec6007b2c3d70b3836ad9eff2aaa69e87c6b3b0fe31acf67763bca1b89c884aa25eda1e846ea69ead234e3b0b0c3c3398678f0e0c5eac77882707ddc75e67c254ac32773cbbd40b9ffd47cbe69bd44c5cb87ed4e3d3b7cc5f85eb66a041a3d70b23c68f8d6584cdadfd8aeaacd52a45b750f39abb18230d497dda69ac04844e6510611f0d152f3061a55692352d499f4e51c000144ee98df1af8b8e7a73e84d72e9554239bc823059c0d11d56c104ffce3542adcfbf7ae63eb27caef69ca656f1247fddb100ac11d6ed925a7941fbd2be29a0f7debb4e3779d4bc97cc6c2426f86fbdc8e7576100e185f55c809f4590ff49d18c9e4354de21173c01d91ebfce6ed751eb6713a7ee53445673d5b78b2393dd98535f923c37466e93caedb6897b0e34f3b0455dbd3b58364f1840fedd5e8c5d84425e8cbbe20e5cae7442829df518836323264af0dec197ff723db4c3d361eaa8363a6bebcfd79da13e705b9a001118e7c1fa92a9466ba2dbe4569438d3d5d536ce246db855c59eebee88f64723b571dfdeac4a0d2f85316b6a6c1db210ac49c6aa7625dd57fde0de1206688ba1da8dac62bf187179dfaa290c7ee1669263ce07ac865b41f912ba9dcfbc7b554051406dd41aaa21c692be7dec99f25f5648dd370a0cfc504e626086d4e983d300a2fe34cce71ff3ad51e9a460eb72266d8ffc89e6acf3295a66debecbb2b584bdf895a08bcf054b462601c329f654dd9fb96ab0f590076fdc2c9febb631867ec2c9f2f1471755a6495d83394ae1517b2cc0de8aacc15aaf55ea897b4ecc39c5ce2a0a3a3fca619d5984a46ec4508638f7710c60b6575ae99114d55cd0701485a2a96265c463bb1f6f3aa18da3d916ea21d6d4d9e603a78910ba28449480deeedb22bfe3cb3ccb0c658913d9e6eac529ef8b447fdc3d48b195468d0f32b8d3d006bcdeb103664a317d5545bcb4bddaa4e86a4962904676e4c10fcb00d95e22b871c62a4d95021b18ffe69d954a94d6b11c9144db18ec3db77b346d1819f11e30c466b9fc341f3c3cc1f3c8f2cc0233131162630e590bc0ade55ced781ed4c3cf9946e53ec3932f33731b37ec059cc7a542f34b33604b39eb89f8a2a0c9b6acbbcec4293862063c1936c9cefa65082d592cec6afad002559d202e1a1b05a71588739c8e977204326b90dbefe5fbee01dac5180b96c8731f3fce60b0b647d30044a7cec2e7d7d9ff493cd56b4922980b48197031c5b566afe265cdde7c7b5a6291f866ca852f33c0d2d147094095835e3d6b28a6f24247e8ad0ab227882c7988ba3262fe67a6272e27832d460f3ce78ca731f16504fb6f421a091b06743d0047eac601521b6d22efcd5073dbbf677d86f69e46fcf86202ca70ee8ed28c2e30dbfa768e61138752f96d3cacafd78427b33edd0e3d646269fc943aa2c1daf9349de4edaf0ed5cd717d4a7d8f85e9f6f04b6623675e91c51ee528463db8f7a870f207f693511f4e1a6cf07e38668f3abc15f304abfb33455e568a8ba740a3d3e8eb3e0c2b2137e1eff602ef09c27b0687cd831860166534652d8cc26f9abba8b172cfc35ab88755cdce5565c023eabcacb0a00e127fc877ef39cb65dcc1217ab906ce121c6178dd1b0cf93fe907196dccd59f62c6e1675679e316cd6ab2480ccf492c577552e6ccb3e53221bf20fbd8a2b2803b4ed3a4bf0100cf3c588a267f516d2f40a4572978a68ea144baa8aa5d43fa79b19adb381f04bc007778c86030465c62294e3ab8253d0f2ff9f268c976e35acb85bb0e4d40c0149ea3c9bbe2805807b9fbbbcf30daac9b69e9706f8688d3d9764f27019f1c34564e5a48906f3819b8bd2c5db4e393d037d50ee3d2f38c7f320ea94b6e7a0b8bc1e834eb50807048ecda69be983f52718b187e449a0ca606fc0c906f298a33b29deb6fdc81d14fda4766d9fd9ee9f863a8a097fa5b90486056c5c31e8e28c29fb9585e0870fda159687f64274ae1ceb3f8708524c72629981223ba8d17317b32a83d175a041cb07345492be16e537b88d583f2bd50be361e9a1e34530c2b59ebe3a392e26568dee8e76a4f0e26ab7eae4a4da49791acbe8aa986af726a1c902888e47f13271404bfe5e2d07c2ffa7bdfe78d5770b95df39e73c78ad0408d000dda19e2218a85330fad9d2e7412b4647ee797cbf9c8f8da1cff39bb50b0baa01cb6a474fff49c96d0beaf77a1326ec20bf1a6b23607f7dcbf005704294626f66e412653d16ff1346879b88d0a5ee5dd04e8fe94d4b2e4b82387c9d89722fa994f05c5cb402f933143fbe9ab9f44f6fbb0fd1b7af5b678d18b307ace288f53f8dd8beede40f1f4114a785d59142ddc333f803790c487aba9b75c6d2b6f5a9040253e7417d5c89b1f04d61e4eebb5092171459746d9c51a947e065db94256a2c89905a7e38d68f96fa8ee6d68fcea61e928415973c6cd22158f98f57cced6ae8ab879a01a65b91c55b548cba310fb47379d11c8dd862c84d0ea5f58b9c1e376646ef6b4f819c8c62d4cbacb4cedb71d30e54ffbc9131d6327f58fd8dbf218d1b5753e23e04620485a473c4fde128a39512ecdfb5f2d9a41e0815a703a52d951737e1c692f8a96484e392139a53ee17b53f59e4b18ccaad6d49f23ff639b47afb5e1939cb840b7433cbfed737597c7fda734b8ff363ac6a8771aba3b10bd3e612b420f47540b54ee928a386cd8831c233430a29ac2b1448e7353492198b79e29680517c522e14507f49681b62bb39ead01db4dacc8b1e27ea21b01668d7865f8bbbf5ca563c8bb04e4dbe4d05b482c4f166149ada24f2db169c66ea17bf715bcf1a2709f51f4b46e7b7dff0d2cb7b0955283290ed4d19be2b467e90348ca426679dfda3912e192dd0826338b3a28155eff49e2e96248d7fee4c75aff2e590910f92498d2ee3e8bec4c1f5fdee702ad97700fb2d2bb81e2dec303cdebc2483f1a51ea134d1e7631af01c6742aec6a4d55215afb73e9e8d899d6b200ac09e5cbe1892e0f806c9341dde6823c4273864fbc2ead895f96813981503bf9a8c43652681a5de93def2ac76d8935ba31ec532bf07d1cf8c18d6c0331ada2d13c962eaa02918557067c32a278e6ed0bd62bf7ad6b3e40f3bca9e5d60d3b8c505a4d5eae37fc179108fce84523b29df4bd05c26f51b9a8cad79b1a418c902556b308eaac252c925027ee94433efbe213b7c5a9d358ec81ea1153e9905e15c7eb2a6c8757f0ca910730d49d7cbae78a8637ef0dc373e7cf671102e7fc275b0e73eccd80caddf804f1d676db3247a7c334b3ec08baf2393a7e1ca9ab50917be504cc9dbda1284ff9bfdd48749e48941bcf70fcbd8f66b773a2e0d33b0b0289511f2decdfd0b1c4181ff38da2af05d6918d4d99b0f2fcd6c929d89389f669d3666b18449c5805315cc17995b6c993c89c8bc7bb4e6fa396e859385b897ca7fed3a5f484c5a49f6e8986284c13a4416acedc767b7799fe083fc07fc3171987181aec6f6173a7634cc1edbbfd512902bd28ffd5f2154c557ca516c743b390cc3e7cd9156a34239aa3b8f02ee2f008d406c8922f36150de065df3d22d93312b6823503bc7f53d33b5e04471d02a8e194f4978e16de0b2469cc083dcfe2b70c2ec5f8e103a045068f334464dad9cdece1034feecf34f9dfd14f31b29425948cac1e0674b0bb01b5aca4b9c9c0015e19dc1f7ae221844e5303bb68f884aee45742b07d1f184b4f24093681acc5d266180328bcdc5946022ed00bb701723c65a183cd2190ab9692c1fc117fac08171f7642893335421ae223d814e43f8cfb88859c9796784e1fea58b18daa2567be8d288e7e630e925ed21ad5fa6a0d700124ad8b036b7ad66c3769132c07b02d0314f4f009445d6fe5b13fc600c611743d36e2894ea6c1c40c448d56a355d305f20b2119f1f8aeb5689634a0a7ac7a7d8af621b676e805284dd027af65bce5a9557bbc09a38e0b3fa42cbf018c51b0e0f2d8a62d1154f1cb658c4320716d112ab837eacebccaa5f6d61f96b0280e1c0ff51b4a8d0659f2e7b9d12f0c739f59a13868d3888e21ce3a5a8e5aa22e8ecb2da9a1bc2fa3fa954ea8ec4f1d94b2a9dd222b9f4edd36a4fe261ec30bc8ad92bfadce8d7311ac99a9ea10d016e4fd8d784d7ead4956f1e57cb441950b268f8c45b377a0e2378e0fd2ffcc1a73c1c4c177f199c119a8671764fb9f411025309af8a2b99fb1ef9d90fb623f83eeee0a5d9b12a02a841c80b904876f344fdc45e043b7098ec856646ca1fc4dc66112d24fb72b06dabb15ca7e8d026bf8143f0c8e2e8f7eb31ffd97fd337b1d25933a3dc4c6913f478c85435e80afd7de2fdf262cb8b06ef2c4149ffd7cb34b800bc36a0dbe421bdb6356112af3e0b1d1bfc5882454ee48f4193b95d0103af9aa4a79283d0ef00dff5155a87938fcb7b184eba0b222d44b2f55cd81de4d9e3db9a8b6759bcdd69b46a0c722116359dd461b25c2829c842e4a6537be4a55332c9df6503d787c7d9abf90b2f07bcea3c9e21f489781a31cda1acb5fcba2908e79fe39b4f05f9d93cd43b05d19bf942142cfd5ecba59706c48ec8196b77f62b41fa88791d1f66d6ebaccb86ecbf6e70d811f8f95ef8c89f0c433e7a5ad2c4fa7595b55bf785df7632d5c080b8ba687942015db55525f3b3fb09362519e088e676b2d75ce64644cbbb80d31830c2a5c0595e3200d37add5eb4eba4af80019cac818fafa279f533fcda55efc1871ffd32de30190d1e4ee4af534a52a1a27d537386e088505a89e26600f62f611ea4b48a66faa51e6e3a5c7f511b466395ac0c71914672731d14a079e8054c2e3c8c1826a4d3f45fa77669e968cc867f5c8fd76ff9d0db77836fd3ac47eed072fedb51064d9ecc6046c4d7d97c817c5eab5e825afc2d665be9248ba1be05298ed1e060d1ed91c2cc8802e093f4ffcf7bae26868706060548886877b9bfb97b9c84bb59581772b71252491a43bfc2dee650865e0f7eda7f47d1367ca08ae0d9ae98b29d0913c6471e54bbe016f041f83961b6ea643be93d79016da40c500da3bc97903042db88b52b6596d07064b69eccf13f78c8b8974d12a5ac2c08605c2d6cba104a12a0c68c74017d31a495c7db5507513ec10e4542463119c0941cfffcae498a4e7a32072478193d71da5132f508e0f1dc665dc02d48fbbaa46f73cae39b997eb709ee744364d6e8a0a7691547952d14574cdfa5902a00825a8ba71f01e7920bcde28c14cc34f9c9beb83c888189d0ffde01a0f2455fe316b4d7b87196d6e63eed4ed6157b20660c51d053b36102acb6b943ad881c292645df49485e0b419cc55b245b67b86271b131b99e660cf780290f8c21f6d7bbeada10f4eeb8ce0eee0d719aae9fcf09c0ec6749413696d669c2bb84a8f66197234e951deb2c46cad55af8fe913847081f9873699b19260f348dbb723d6301d34bcc6cbc1d303d8a8c60b051dab190ac0a6e4b394c9ed7883e7e0bc0a7552184f9e0f36379554894106fcb80c26cfb986b24cdbc9d5324158fd271c52d0a640abf5d082d5a244a25cb86b235c48fc000c3d819595b1779639c352a38989e17bc5a09e57bfd59d6ceb52b47367df8b2ae78e432add5fac0a365e57f54c3146427bddc2fbfae6bea9f2e848a45fb4611b4993f9605f2fed42c83f2af7f944889983506863ad69fe19e8fc5dc5e17a1e8c49f8f2e4815cede67d1743454f437de3cd2445e78a86ed80bd2d2305d2aee571e7fc2b38d756a17796c70686ec715fbb92d4c8d254f6bc568b6c993a8166ac3ea9903e1891cbaa8f5f05be2fe059681cf719652332216b5abca8ee5d2e4f576541c65102b7ffb168d11ea702e2b59f962e2870ed619254d703bdc881f86ef747640daf7e4a5728fa94afad4066900e6fd0510311dc94010bba5bf144c4de235caa18fcd6ce3f8f13b65434e6acd12a266acf0e179b589833474e747cafe2512183a8bad7a43d8afde20f4ec567cc03ee3c839784eacd1a80a2eb45fb25be78c7e642fb781f1a374cb910bebe705288e0c6f3eaf09d0d6996daa3afc9ef4d8ad5f81d5aeef4f1d350fb2e612bb03a7cce946fa1ad66717b670739f57c068c16cd80591fd9b012af8a90bb1d3d04f704d3a3533996bfe0c41feb75abf3f83433561c57f1ce1d9b06d721e700d40313394e92f784d2ae828fc45ba4b7f3e65bdf9f281a350f0992f0d36d4d91a07c9bcb0612e2d59ffe44d0a049b83851ecefa63ba4f4ad1500cb0fcb632f6613016e88697c4d5f7e211eb3c640342f9653eb1090596787acc36f04f4449613152b04fb580960d4cea9c21837d9b1695291c5ebeadd5f8292d178d11c2b380a8ef2020aa0cf82eef27d08b6dbf4deb74afc27758aa0895f616a1d1e638dc9f798dbcc0f24cdb6c5d11a53bc93f514341af76c62952e588970b214a3a36a3d573953c0b9508696651ab4825ebeb3afa1c8fb4b55545cd79a7f0d028bb1b55f2f31bd5cde82ab43450ab06ecca272e95f6cf176024e77acb398c6ad339c4f167da54870cdc6b684bb9f280bb4ffc37fbce24e21af733785ec163f8c690cebaeea0747544f9cc37df1bf85f713adf08043645f521db3023e1bacf69fbc7767503f14c34c9b49106dd6f20bbd118b280c69f779bd9d2209ba65f149dbae02cc0e641fefcbf817a9be8ab9de3ec9b1ad22f34164727a3d2e6a739cbe6b2af95680b44c18216c0a034e3ce435265fd4c9e3b9f2edf9497ebe6f01394995f35b7ba22f2deafa8745dbb3ab2bf57b28d8cf7f0ecc76ff28a93dba9d8410a97772f83a0ae0ec1192dd643c6014d94a47eaf1eeaa072bb4e23cf9417e19483f7040cdf26509850f3981e7e46c754c17932e9cfb5a54f03624b4c5a6bb5424f7ab75b32197dfcf8a56d932529d50a630440e4feed06ce2c356c5d41163b080fb6ca01e349b7d1cbae033e2d9334287baf37036d11ae0835e21cfe5d347b1d23571b4690dcd585b5435b1064bd4db8dcaaf97fd035427490692a791022be48d1294336228d07d0ab2fc20199e9d0483c9aff9b783f24a7bcf6b2021debd944ccf02270f3ed37fed2f889d2ff40a61d19f0b74a18ed2a12bce6d010eb0633dbf34e1b3042ff6cb516662c5cc0ded32480d6c439fab4873090b8ae0bd63507e9afa7f6d7ee29439d16257321a1289474628e14134518c9cb6c80c602ce6cf419daa566322fc6dac193665b1cfe833eb220f0b752f754d61210a99da1b3755c6926a8b10e884942610ff5ae27b9b77d5b7d19ba099f73c8f4c221f8531bbc35f6549d3ae3ba728342d9c13ed5c492c1832efba204fb00d96b8621f3d1b7d583055036ca8df6602d83d61d0dd133addf8109ed7f49db87abece6da2ad5dc9e49b78b156feae6ab89ca816cd592c4ca153f0320257b32f1b2e9eba2633b5f5a4cc90fcc68b98918b49aebb5c2e9e239e438b607cf2b742a332d1fad29adb4b9101018e0672d4d093a5edb7077d6ed5a26eead0c019cf6e177088ee986c80220f370de6103841f3bb283f011334af382d2ead64bc1c906223f8ac5baf759c8daf47b2711237d1f8ad94ce12d21fbe59db0467ed8f2056dcff5b9562a51410c1118d81155a87174e93386bb850759db6634b31bb335a9ff7510b25499898ad191f887f2f5483da94d828a0df0f73b1a1d0ac99bd34d59ce5ae43e91fc91d2eca526457b3307812a4c99295e1f4072177f2a457e831f9a429baf30e6216a673de9ef2efcc149b1625983a392546d50ffb1a8acbbccf96dd8ec79b600edc916a900d324f6ce2209c4e9c27e97eee191ce9482c87846d0d5cb3821e97c07b41f1e5d570790d14d60074aafe9707abe8d6a0171ecbb12603863907ecac805e988f8aba3f817f143242afdb2223751ea1fb1d3682f0bdefc7bc443e26f7aa2135135cdc79fdaf8bbb4b63e2012834e8cf69a6ef70e6bdf5b3b6a4a9c9533b13d0c011979a3959a093505da840b1f82871220df3698aed58ea225fb1ac33e6a90dd8ee250e45a128a23d2431227d8c7ba2ab265065b1607088e557318ef0ad3f2c6a80e36e46f02057d20a81c77a4ec188f562b5846363285ffd5015fa9d2fcc1f3e774e951ed3092a8e385fdbe269449231fba456d48b7cae8252a4d46c58ba7890d34a8fd4af6b0b4df5c2f52773ec38da86b83022098d21e099d5549a08bbf99675299d3fe43d3c635f8bcf7078ad9e8cdfedf60f50f1b29e7b33796c39b509a2cb4b9fd022afd46e3ec5b00369e98ae520eeba7183d6c7515dce79dc59b8c4a79fe9d77fc7397859378ddcd243c8cf68a1a067da7aa242fdfea6b40c0acfb40afaa7e10eed20da945a4a97706ab872b66280827b09736ff167de213f5a54a8932135015fab15aadded87f0bd472b4835f61cc262f1cdb914512cdd7e1cf218205a6e02e6c398428192fc0f91c2cced8645855b5bd6107734c156272a2f62e25a06e03699bdfa4f9e808871b2ed9559c5a1b27050422da921df4385158b01e1ab51842376390f47436a7b55a36bdc7c1a617fe43d198507e0ec49ac04f0911b033ceb1fe352719fd6aa3c7b369e0fdd718929718571edd1661e528a21971f216d1bd2cdc223ec17d826b57caea31eb504cd56175cafc97d6335ca35bee00b441ae2633e1753b47315fd85b7e8ca62d5bdefcc616becc4862bdb5615ad5d95caa54e222964ff50a2c7a8fd3dbba7e3a6641219739224f0a703ac36e727df03380d70a202018f3bb60fdc99f1a64dfc5fc5d9b435bf3f62d1ef0c047f9ade8c3ea512600a71eead192cf662551266dc6bbf1fcb44c0ec775ef72b5c5f3ab5a38d0f1defceb4fc7960d4dd12182f429084e04d607b13f2981caf503ccc685beb7e37faa0082188f45acd5301b101912dbd180bb73583f6c1f49e74f96c02e28846fd0ddfc6d46d61570272b3b3fad689867db8b15e831ba26effec94c99b02ad4e44b02e38548e9c6c19b5fa44e36629411d1162b7493ec27e6a8cfb21d5591baf885f5d3ab6c7ab0773263af1a9ab18d5cad32285379475951ceb422fb0a4c3f95ae78d0c55991927e5a79ac68e4aec12aa9344217a66b1ef2e0b22596760b19671bfa1f99631f96ed5d95c4a510159e868ec2b1395e8568d13de46665b5f12a3ffbfa133fce8a7cc096ce8e6c363adf4e0457a4a751431ab07c3aa6e5fd22ad76666f0ca31f1b71ba931b2ccb9e", 0x2000, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x78}, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup(r4)
getpeername$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
openat(r5, &(0x7f0000000080)='./file0\x00', 0x0, 0x10)
write$binfmt_register(r3, &(0x7f0000000140)={0x3a, 'syz1', 0x3a, 'E', 0x3a, 0x0, 0x3a, '!\x00\x00\x00\x00\x00\x00\x00\x00I#\x00', 0x3a, '\xe2\x1e\rc\v\xde\xc8-$', 0x3a, './file0', 0x3a, [0x46, 0x4f, 0x46]}, 0x3f)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000002000010000000000000000000a00000000000000000000001400100064766d7270310000000000000000000008000a"], 0x38}}, 0x0)

14.75151731s ago: executing program 3 (id=984):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x8983, &(0x7f0000000180)={0x9, 'vlan1\x00'})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40018000, 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[], 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000003837d0e4000421885395a93e7ca09b8aaddad9145f8f6c99faf85b287610bcd7bf58902e75dd689da7f7282df563064748d87ab3fa781c95636615c5dd3ac35f6def8e43ff05c91f969e51f4915fb61763794a6bd2acd76b8f13f6c6d8f886e48e", @ANYRES16=r3], 0x14}}, 0x0)
syz_usb_control_io$printer(r2, 0x0, 0x0)
r4 = openat$ubi_ctrl(0xffffff9c, 0x0, 0x8000, 0x0)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r4, 0xc0285628, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f00000000c0))
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013000100000000000000000014000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r7, @ANYBLOB="14003500776c616e31000000000000000000"], 0x3c}}, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x8914, &(0x7f0000000000)={'wlan1\x00'})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c40), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000c80)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_DEL_INTERFACE(r9, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000cc0)={0x1c, r10, 0x201, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}}, 0x1c}, 0x1, 0x700}, 0x0)
r12 = dup(r1)
ioctl$TIOCSWINSZ(r12, 0x5414, &(0x7f0000000000)={0xc2, 0x8, 0x5, 0x7})
socket$inet6(0xa, 0x2, 0x0)

14.431331914s ago: executing program 3 (id=986):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="850000002f000000370000000000000095000000000000008560fc2b2062f611fc2f864ef177d634e46e8dcfe61b4fb9f600344d592fee49e176fe6ad28fbcb1f9259bfc63e9030971917e30b6f42e8f9dd6ab0ce07312a135cd363aa7e5bcef8fd0e8c7d2082584156c52ebfd69e8e13b7a8b477abc86468e11b6242133ce882f05e16b91c37b3437347f6058b4489c759783b9d4dfb55d0085a26e41201a6d8c8ced33e10048e756a40538b32bf653fa3c831a4e60599ed7a0f999d18de9984522a7cdb6fc30015633a0132c9578b7da5bd7280a5f7e28fd858ba712020b23ef8a2785b6c146c48b48ca7e232d0489661396e9303b38aa5d26d06e2e676795fd2733f95da570bab301000000ffffffff2a2792a630d8fcdc"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

8.735247618s ago: executing program 2 (id=1001):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc)
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x4000000000, 0x94b382)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eN\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
pwritev(r1, &(0x7f0000000600)=[{&(0x7f0000000380)="b9", 0x1}], 0x1, 0x400, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
sendfile(r0, r0, 0x0, 0x24002de8)

8.625576407s ago: executing program 2 (id=1003):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="680000000206011e0000000000000000000000000e0003006269746d61703a697000000005000400000000000900020073797a300000000020000780050003001c0000000c0001800800014008000000050014002000000005000500020000000500010006"], 0x68}, 0x1, 0x0, 0xfc}, 0x0)

8.40711092s ago: executing program 2 (id=1005):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000000)=0x5, 0x4)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000020c0)=ANY=[@ANYBLOB="20c300bc90c3777167ad35c7a9d3d326a7000000", @ANYRES16=r1, @ANYBLOB="01000000000000000000250000000c0017010000000000000000"], 0x20}}, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000002140), 0x20000, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x1, 0x1)
mmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x1000005, 0x110, r2, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000080)={0x19, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r3, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r3, 0x0, <r4=>0xffffffffffffffff, 0x1})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r5, 0x3ba0, &(0x7f0000002200)={0x48, 0x7, r4, 0x0, 0x1, 0x0, 0x9, 0x87})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(0xffffffffffffffff, 0x3ba0, &(0x7f0000000240)={0x48, 0x7, r4, 0x0, 0x1, 0x0, 0x0, 0x3, 0x20ffa000})
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$inet6(0xa, 0xa, 0x0)
bind$inet6(r6, &(0x7f0000f5dfe4)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4a, &(0x7f0000000040), 0x4)
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r2, &(0x7f0000000040)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_OPEN(r7, &(0x7f0000002080)={0x20, 0x0, r8}, 0x20)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[], 0x1c}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r10, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c)
listen(r10, 0x0)
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r11, &(0x7f00000001c0)={0x2, 0x2, @local}, 0x10)

8.003435348s ago: executing program 2 (id=1009):
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000060000402505a1a440000102030109025c0002010000000901000100020d0000052406000105240000000d240f0100000000000000000006241a0000000905810300020000000904010000020d00000904010120ee0ea6"], 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102371, 0x18fe3}], 0x1, 0xffff7fff, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000000)="047938e82681aab7386a52aa88726976f00cf5e76e91", 0x16}, {&(0x7f0000000140)="c1569271ee572138b6ccd5ffd5bf2c18e47ee04522ae7f8e5e81070acbcf50ef75e994c0c904f31dc4831a973929f525d1031f3cca769b03b22f5058ca8bcaf7b867124af9d01b69f1ff85814afa422fb69dbfeab2962adeff35ef", 0x5b}], 0x2)
pipe(&(0x7f0000000680)={<r2=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f0000000300)={0x3, 0x70, 0x14}, 0x18)
readlinkat(r5, &(0x7f0000000340)='./file0\x00', &(0x7f0000000440)=""/123, 0x7b)
tee(r2, r4, 0xaf5, 0x0)
write$binfmt_elf32(r4, &(0x7f0000000640)=ANY=[@ANYBLOB="7f454c4602fc02cd0e000000000000000200000000010000b700000038000000160000000200000008002000030005000600010000000000010000001ac6000009000000090000000500000005000000040000000600000004000000ff01000003000000ffffffff0900000009000000030000008e46ffff07000000f80a000000000000000000000600000005000000ffffffff4a1e00007afa9f5fb89c5ac140c971dc5704d6f0745bda78f38f34ca270422ef13e691db2a2c5868a1430eb21d39543538b26992461aa0e4715f2468bf21b5bc0b08a6b9a7a216e0c59275962a58e90cc9a97add9978355ca2d86b75a572a77e4e033594490cd176e7e6124362a3fa1b587190197a742d6d00320f0b396729cf12ad48e84b8c0cf58b5224526079998bb83f36c71fcaae389b4df48f4f52e5131203ff0df4fbf1269b4401d1c8bc8fa7f2cfb4e7abe567aba21a5714594680ddc48f99dfab59c76f8e1a3601afedcd780fdce4eefb44659c0aa4e98a2c9d78cfc5684450e9d142cc26ba71f1f13acb8258ec07a34c216d08906f6927bba49451d17d13786a81c210c57019b0bf5eb59eb7d3fbeb0262a247c598cb56e7ff593ece2a46a3297e081cd51b412712dfa9f18773eb93ca475c611cbe4c6361c1a9cf8776e36fe7a5cdd7781f2a1ae8062dd5a4ee15341392db436ef16db086ab5e660354da3a1de8fba3688929a198b1d52e6c2050ab21c3540311b1a863350c28ecb5c140515bad17b54e7c361d4e32d7ef536d90cc77b5d4856415e9b53355df4e464cb92c4a4e47aea40c4bcdb4c89427714c05e319672fde92a823b25f464c79e0f06b228759609c31ab413743ce4ff4c81adb3f0be409cabdac081dd016eef2b02ee032b55ed62af0b5be9150eb3c038ecf2937ba8ecc3b958ddb52b7fb72b9953c5e6a78ed1517507b119ad2afb1f6cf2c8e1572d2a295998d7d9c7fea554b1ccd18344f4cbf1d3f534ad861afb9c4b05a73be311843f963f7d5eca197aff6429a51ff2cd3cb86efbfa11924143b218bbb50dbccf5d508bb525661a07cd4f65ac3e7902eb2f294dfc8b2ad7af888b56bd9454f96f860ef339c5350a5bba0e815fefc7ad8792cf5472064c69c8a42609e1e53876cfc91891473e5f53e03eee2f7f927376f8d959a18d9ac140e1c62a8f7c02a53a480aae9861081f1405b46e32ba6e14eefeade16c5a4ec86555a62a4eb7009e696b4c760cf40b67b9e6c9e61a1100327cb18da951de2ff699769a2a632e6f5fffc63967178e4440de435ff4f078edc1d33abb5687f975fa40e46a265884a240950df99b832a7906ae0528d7686690c396e3a4130afd08e2d8a4c62652800bb1378b5e9cac129de7675da7e7f2cf5ab5d8f74e56ab4d4e8c7266c1a07e24a3d9d209adb5bf658e75dbeb8650d9f9f34bb5c8f069b78d50215bf561a8bc956aeeaf2d0fab82dab1f99add43656e0b27d6ecd9e15360b74c466304fad275c0091c6c235db48b39383c5884659c9d7828e3b2d39d40aa83f8ecdfb6bd993d10d2d3aca4bd0038b868a32c06c8365fcd2fb483b9f241273b0b21aa21589b2037b52021243eef0c76d0721937d4617662cc26593ad6a16dd055d04ad765cf1ce32dd7adca09e3eab079833bf76b7e8f3ec12404e43113b7dc3b2f8d5795d709b0c71f585628a4710a349beea5ac08355f46cac63b07cca6374dfd3392f46559061a9181e7804ffddb8ed5f43783f1293083270724ee0d97f7fbb2e62b2de0d4e562c65eb5caf7bf79027a0c29926b04441b4b68b36b12cd607f2b90c6faf35392db4a78dfe24a028f572820015a13759e28afe36b2ed3a0b778380486798e7b15470af861198782ee16065fedf45f0c1ae00be9a0855aca8dac367e585285d5b3103428f5cfea02e4ad0623456b99e5bedbddfb0cc3d33052b4822ee3f412191409c8f57afc70057d542fe9fb000f62a7c3e3935102c34a4abd5dee536bab32e6224377f8ac2fa9c079c5954eaf5694d07713ab718571ca64f211fafa91d3fb7c0f92d984bffb5f2541b5c89177d5b61e063784fecfc299f184dffabf35fda03612b114b0b19ef7e40d790e86593887530f80e22e1dd2284c8e51f71f989072ed308c059bec38d9f636201e59b2a745f11a0c42f12573435e764feaffa684b059524eee4d36772d30c99e5359f456723e1ce2fd470b722fcce637ac93714f602b4207cae63e9edf95ac7e6c5dc5cb1ff236c7b4c4d17a887d219e7283aff4b215875e8b123efb36a613fd00684b9e3baea379eba645e146084655c2c8a05a3902ce7750c5bebd7e1d9619e03a1bcb0ef3056d29acc732d31a7826a5ba042c7b85f5786edc994f1bdea059eb667c5f5e068362edfbe1890f608e12f2a6117303499d875c53da38adc13d2871c82a4667a56e50ca048fd195708dece60046a806da4ce5440bcf41ebc1d5f6465d7b6c56eb1cb42ef50691d9df49cc95f1a430e6415cf37b92a7a10e1fb80ce125e0cc95672e5443e1c70bc6218c1d29df20c20f9c19be8d4d25b161f90a7e854a36614aeb611ee5258b33bab0253ef7696485d859ce6ce0d8d5e1766740d760ed26984685195f9fc2e1e174fab39d4351b08c29c5bd3e773dc75b76a21f8c92b69efb5d7570aa1bfb916a9c0da10740a34396070b90fd7c7b0d6e01575269cb50e1504da431a228084de6c204871494f57116c3700c8ce007b2dd92c11ed732c09a00161461b228f42753ccb8152ea24dec52026e3aac58ade5f46dac66a1586e300731df17889410371a8b52435c1c75ea336a617e53cbb674955ee9a067d7f60fb95fcabde04646cf198ca91fb449b1f8be42792e84bccb14b05253a4df0b355849116d64f864f11472060021b3077309dc38a4f9f7d903dd262107e754aea1a4d6e015d3aead4d1fbfb2e6c8f53dcb47e6975dac85dfa6b48317c83923b550a1ebd8e7eaa09b0eaafe2e04b937f6f97d998587111eeb7c0bbbe7bb2ac1e6f609068d43d2002f9ca11aa9ecf20a7c394b5f44bfb46ef75272be9b559bf4513509b5c413fe8e4487fd3d3af78efefd3c90418b9fabfc9866a71d8c7e72e3625ac08118fa37c141c1723b5ab45f815ad2c55c15ad72fcd457ff6e09e0b52586fddc27f0b5e82642ae9f3bfcb3f2296a08c87919f046685e42ddb528117c33962840e9266fce980092f957afd7104611dc127b4f45432cbcdf95eae83cf30b2ab60156b4c5dc1c709e441410d06697852cb85b82aee4b15c3f29b2333328a37b21c96181a6f5b40c58e56296aef4cd54f549bbb13d0b17ba7c8efb8188ed1f52a9279ec1a411cb7ad6389e626194cf256981883d35db564332afb90de601aa6dd7c61300a3db54f0b287c1ed73c844a107c808a2a6f25f4d455e0313b46b7744a29a864ab5dea98482962d7eb084935db5cae21f8280ef671a6963947bdeefec13d4e6d694ef4bbf7a581c18300bb63522e6ea56d628aeff191cf8ed6a30e237f9ce22c196479ef865c28b6baae805c8da83e32381a364a1501ca0834f1dcd8a5b59161d4ba27e709c399fc9af360129074f045932ecbeafb3609c28beae4316abdc389fa1076c20e43362a2fd5ba549070813b4ff6234ca6682b1c08771bf05c533fa2a9a2788c19359b514869f4519656523d2f00ac17a70ee345c4716ccb364aea9867f1d416e89961ba4a13d26d14b576a17f028ce868f868ae20740a0047db292e5a23e304757b4b5b93f99191d67b3feb7fa9bb458ddd8a8d9c4d876f655eea81e7645afac6d0500f9eca999329c9931e3e73bae404915ade5a7e449e3ffa1a3c9fa331bee120897685db3d5e969bd5a7de7b3dac7bb364fc73301f2ac4e29643e28d6483ba023c6e5ef64bd1b834912d275f54ef16b245dd1079f393ad2805807221fe7ecae8d4798024e1b0a1aacd4a5c9383ae517b9b61e3c92986bf99867fe80f43e8011fecb4078400925dbf7f1d602addbc410423d436822e293252f08c9ae4dfa710285cbaf4871c680ba257d5a4e9b83a1880b5473d89e1b7c8d28a8d5effdeec9abda20f4747e48a7ac67ecd2921c3ff41ca95cdaa3a76b48aec5ccbcc93531da538a7f7109e7e8e1e3144ae6d935a5adae980d3e307f57ce922d6c40019fd5299e001c3b688689e6fc0c425a2b5ae5f5b2a67478d7781f7a6719b37587eed9a540764e9dcb167d79f811adaf7cbdfe594cb48d4f8d13b39f87b2fa7446dc0b2088239d89b3378b4156b96fb60993c8b12f89c18788931e659afcff05b49fea88017702460211c376e23a3edf0173798504f7a53d33c1f629f2d7cb52e3ef3e272ff347ad1aec25816a7802e3feb9882d91964186abade82b6debbd2708528a7d11c705000a15ce83803b3710e45b899cef8322054f02210c91e33ccc6ea7de705027cec50ff14cc9cfa3d4750e7f9ee635ccbe5457277ba44cf56ef4e6570ba228d70fef8c642edd07b48b00b6f3df6953252dc9362e7e88370c79b00aac25a07f1918fb729cb67e8b55821ae9981ee26afc89b2470d27c70dcd4799c4335b1eb439360b03b97f501a6b8766086d8107e597ce0343845616931579519e34b89a0d958265f866e88c068e08e91c654250c02480928abd2424ea9945f8f7ed7b045f6fc2d7357e4b02af7efca0a98e9a1d93ff990add7a7f774ccb93fc397f5b3d6fdcb2eb7d0b05081caf15f4b71218147f6ba37b73f0cb9a4e860b4c06d13f7d6c82f165e48ca58764a8be3d7f0f74aa54fe65924792280cae8a45d3f58a14b1c7d49adbcb5d4ec3950ddcd5246d28c2aee049cd8050698cc2e57fdc66d4724cc209ed0091aa8fae86e02a9dfda00421571c30a26f0226efc8cf82b94ea164e1ff2ec4764afcbf38bda466c85b9e4dbdabc39ce1899e094397243b6208d861bacc9bf0fe309fa4d42eeaafe9b6042767c81103d9b26f022e15e72850ab4a47e4925508d7eb3c66393aedfc529743e257321ad3c2d550258ab972ce1a78e18ee050ec5fe929149410312cf37153ede32daad3e8aa5f44e8a21c52e4748f7323da93e28d54215af47788ea7b10ba37c897e1ed1c400f309a8cbb07136cc0c232a0481ce556b2ff422243ae4c04dfdf825f073e0a7a08f2e2407453ae72dd69878621574477b40b091a36ed5957576f1f29b97d01deadb177319b5050b0c4628458c5f69d64a9a5e1d404c5d97e95fef213d3039098be79c5ed8a341722f0881d15f86c1c4ac82d95a71b0fd06704c83e5465212403787c09411bea60c5602a0eade57a889cd2d657c8e77ba949e1a7ce97877ae04815bc43f1d99def8640b1a6504ec7f0903de14c19d290e7df447ab3ab09b02e3ef669b49d35a49e06febce451705b16565f8bceb0e04b8db7a297d3f9dcda9ea6f640dba1ed78c6c7a4aefca766e0eeec63ce94f31da3c8fce2108b096261e5d0e87771978d024c194562d1d63d644304a6f7cca11ab3e02fc2032302c4c8af7013d7242cbb999733f25ad3e1ceca154fe8440591bf70f447f167872b85ba6211f2238255e5dad992c6a29c7ef67c588ed9a2c983e0b14517c2dc7703b4696201557540205a0011d05fc56c6e96c479751553f13a8648718632652272145dfe63ecf03a342160d3d5e12989f6290ffcef60c73f9e5ee8bf952298fcbd9e2f3808ed4c632aae6748102e53e480a1748b71f2a55acae1f42bdd3644e2fd7c8f7a6fa264c104e9555a2680b95cb2c9de36793ba59262419c7ce9954c6a90150d3cafe458cf55e52bbd968004429085cdd8cf46ab24fa9c8d627ccbdc16b4b87aba914b65ecaaea45f4644739f52d6e7b49d11d4eb0ac758954e35d37ca03e101271854cc828613d8de691150f373ff24b1c884a7f75559af0afb21e5888eb5a7646484d0f611e4a3f583cb15421b0e131e837cf69b0b3050eb83ca9f4a8e5c12bc67bf743f749af41e15da058cbf1099b02500979783ce9614f1bfd224700"/5771], 0x1698)
write$binfmt_script(r1, &(0x7f0000000040), 0x18a3c85)
r6 = socket$alg(0x26, 0x5, 0x0)
r7 = creat(&(0x7f0000000180)='./file0\x00', 0x0)
write$cgroup_pressure(r7, &(0x7f00000001c0)={'some'}, 0x4cdad095)
unlink(&(0x7f00000000c0)='./file0\x00')
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x40000000}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8}, @NFTA_NAT_FAMILY={0x8}, @NFTA_NAT_REG_PROTO_MIN={0x8, 0x5, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc8}}, 0x0)
mount$fuse(0x0, &(0x7f0000002540)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000036c0)=ANY=[@ANYRESHEX=0x0, @ANYRESHEX=r8, @ANYBLOB="2c726f6f746d6f64653d3030303030303030303030304c30cee42c757365725f69643d0000000000cb261dd1393ea400aadaa1000000000000006c19e659f3e5eabda1b7615fe7b8aacfe887c13a33e623c658cb91af882978fbf4bc22548defad50eed9caa403ac1ebf6510390539031894a5ef76786a4138d62c1a19070f0f55ac05e9ddba8195049d4de1066afaa1e8cef7f9493c83319d413b5ad90d794562ea48ce3e3f70aee8e280d8c6a30f69c6587e2af27535f8c154a388b23e028fd085187c019c3fc24c4431d65da175c93b3f33db1e136c67d9953f6928cbcc676e570fe4b7ac7d5f14be04bfb1d8edde17f49afdbb9a85d6a6be98c43b76c507eca961c163ce966fef", @ANYRES8=r3, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
bind$alg(r6, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x77)
r10 = accept$alg(r6, 0x0, 0x0)
sendfile(r10, r1, 0x0, 0xf)
syz_usb_connect$uac1(0x0, 0xae, &(0x7f0000000580)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9c, 0x3, 0x1, 0x0, 0x10, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@input_terminal={0xc}, @input_terminal={0xc, 0x24, 0x2, 0x0, 0x0, 0x0, 0x3, 0x800}, @processing_unit={0xd, 0x24, 0x7, 0x0, 0x0, 0x0, "4336d88b1a56"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x8, 0x0, 0x0, {0x7, 0x25, 0x1, 0x0, 0x0, 0xfffe}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x11, 0x24, 0x2, 0x1, 0x0, 0x1, 0x1, 0x3, "6087e8b56f82e3abae"}, @as_header={0x7, 0x24, 0x1, 0x4}]}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x0, 0x0, 0x0, {0x7, 0x25, 0x1, 0x0, 0x4}}}}}}}]}}, 0x0)
ioctl$sock_inet_SIOCSIFBRDADDR(r6, 0x891a, &(0x7f0000000200)={'veth0\x00', {0x2, 0x4e23, @multicast2}})

5.371984706s ago: executing program 1 (id=1018):
socket$inet6(0xa, 0x1, 0x0) (async)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendto$inet6(r0, &(0x7f0000000000)="aaf3cc6fba94a9a7bd5ff5733fef19ce8c27c78f7d8069f7d396e3cca92560bf0ee5375d0bda2396a588156b4bbff6e203c33e831e87b449c5711b49c90b8cd70416e7e4fbf5b64387cafd640b9bb732a5aa8f1be0ba9d03366d2bfc8823df462748fe7299330e4e34e540be2564b6e84791092c917a003ca6ea2a5fe2f5bc0ab927b18ac6832e588190ab921e23074e3e20b5f24e42026772a0e9838d94607d451b8a", 0xa3, 0x801, &(0x7f00000000c0)={0xa, 0x4e23, 0x3, @ipv4={'\x00', '\xff\xff', @empty}, 0x1}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_REG(r1, &(0x7f00000024c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000002540)=ANY=[@ANYBLOB="34d630ee3d057f51c2e8066a14", @ANYRES16=0x0, @ANYBLOB="08002bbd7000fddbdf251f00000008000100280000000800010004000000080001003500000008009a0002000000"], 0x34}}, 0x4000800) (async)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x4000000}, 0xc) (async)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4) (async, rerun: 32)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) (rerun: 32)
r2 = socket$kcm(0x10, 0x3, 0x10)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/custom1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000300)) (async)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) (async, rerun: 64)
r5 = socket(0x2, 0x80805, 0x0) (rerun: 64)
sendmmsg$inet(r5, &(0x7f0000000600)=[{{&(0x7f0000000080)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)='`', 0x1}], 0x1}}, {{&(0x7f00000006c0)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x10}}], 0x2, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r4, r3, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x11, r7, 0x0) (async)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040))
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000002c0)={0x4c, 0x0, &(0x7f0000000340)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x18, 0x0, &(0x7f0000000280)={0x30, 0x30, 0x30}}, 0x1000}], 0x50, 0x0, &(0x7f0000000440)="e5c0ca304a2a7b53a10a2beba492b547df36c0926c71357304fb53ff71c4381e3c952221a37fd23596966b13d4b104fa4b53ec30653382d39d2a7688b4b0b6a647f7b5234ae93f414418636de2e52987"}) (async, rerun: 64)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000500)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0}) (rerun: 64)
r8 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002500)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
read$FUSE(r8, &(0x7f0000000480)={0x2020}, 0x2020) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) (async)
io_getevents(0x0, 0x0, 0x0, 0x0, 0x0) (async)
setreuid(0x0, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b06d25a806c8c6f94f90424fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x2e}], 0x1}, 0x0) (async)
sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0xd18c9b60, &(0x7f0000000080)=[{&(0x7f0000000100)="e03f03002a000b05d25a806c8c6f94f90524fc600400037a0a000900050282c137153e370e0c1180fc0b10000300", 0x33fe0}], 0x1}, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0x5, &(0x7f0000000140)=0x4, 0x4)

5.05929351s ago: executing program 1 (id=1020):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000e0100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x0, 0x4f78]}})

4.846990567s ago: executing program 1 (id=1021):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x24, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x1d\x00'}, @typed={0x8, 0xa, 0x0, 0x0, @fd}]}, 0x24}}, 0x0)
setsockopt$sock_int(r3, 0x1, 0x2c, &(0x7f0000000400)=0x6, 0x4) (async)
setsockopt$sock_int(r3, 0x1, 0x2c, &(0x7f0000000400)=0x6, 0x4)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
syz_emit_ethernet(0x3b6, &(0x7f0000000680)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '!\x00', 0x380, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x3, 0xa, "a78ce5400659808000000000004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000000000001991319c00"}, {0x18, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a6b2600000000000055a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18989f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000"}, {0x3, 0xb, "d47ae6e8805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "fcf98a102ec1876d4e6fa3b20519bbaa8a029cee00b8d3485e3b63ed09bdb581c9fe68a356f542b01b9387f85932e740e077e1d16212fb"}, {0x0, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb7a8b065daa76ffff9ef083611ceda17b7c503f95b6ae9e9fd25ada6dd69f6ae2e1eb3d8bf9c6ab2642c4828288e62afbf03269f1f98aea6a58cf45d7c5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb"}, {0x0, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02c226a6bce65f81ed"}]}}}}}}, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000140), 0x8, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x20000003, 0x1, 0x1, 0x0, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x700, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = signalfd(0xffffffffffffffff, &(0x7f0000001200), 0x8)
fgetxattr(r6, &(0x7f0000001440)=@known='security.selinux\x00', 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r4, 0x89f9, &(0x7f0000001dc0)={'sit0\x00', &(0x7f0000001d80)={@dev={0xfe, 0x80, '\x00', 0x1f}, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x1a, 0x16}})
r7 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_control_io(r7, &(0x7f00000003c0)={0x2c, &(0x7f0000000180)={0x0, 0x10, 0xe4, {0xe4, 0x4, "aa513d19b7dd7b85f5a4c52241634ad68727155db1f28dffdf87c672c13e976accd155a832494c063657e586e30c5a0a4fb5784b03709ee0fa57300011166577a2a34d2c06d5cae9a078ec40a1be755fe580223346f310193088f854045d8ae54c1d08410faac54e5d1919842e2360d47d3e96eb0b15e9fe477181d57e1b586a1239025249867ec975939ad6b6ccd8f163a6d5b46d34ae6c5889942cd55f79ff37910ea06ae2768ba75020fb4e46ca6407e9ef4bf429e9cc5180baa0c3d547592f2673cad592a4af8d6f29a8e5de987df39e595be0c01aeb4578f6832966d97782e4"}}, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e60400000004035504db6a5aadf4a7227dea2f4ece8f137e67fc1314cc6ac4762b7b1cf2882db788a1018062bc421ea49d00ec108bc0ee67daed62e21f2256455afe443209d765db1933196f2855d32156097e8597db27d8495134c921a1800317fa119966962c25af3d61e30bf3c9db9225b0aaf08c646982552e477f472b95cd94f7afbae9aa59651a345cc675297d4a18af2816c94b9c07177f21fd1efa96c699687671514fe65b3de69e3f1d9abbc9bd22fc17d224a9d5ff9b89c5080df476682c1f7d8354652bb5c2b6ae8cb78859471441f412ee55943bc53e98d28c580700000000000000513a59b4c5cf5b825ce123242c32cf1d0b4df47c183997e5fbd9d89189bcf5db797fbabd44cf1ab9b1cae77c56ed8e21b24498e012"], &(0x7f00000002c0)={0x0, 0xf, 0xb0, {0x5, 0xf, 0xb0, 0x2, [@generic={0xa4, 0x10, 0xb, "b8acf3c5829854ba2348e0536ab12367bb74b1fbdaaabd4af6183ce1a3b433ec0eb681bad4d183c2612cdd98cfe64557c49c523c9f8efa2ce445def23202e0397124aac1143da4051b746946439dc086af78a83999835cc40167becabcd74613f03ab2e35830eb6fa432abfe532dbd786741055dfe12794627b73efe4bf14fcead22796cbe9e3f766cdc2de467fcf117b6beb95566571330b0912bc49f99be9f5d"}, @ext_cap={0x7, 0x10, 0x2, 0x16, 0x7, 0x8, 0x5}]}}, &(0x7f0000000100)={0x20, 0x29, 0xf, {0xf, 0x29, 0xbc, 0x3, 0xf9, 0x0, "9c1c234f", "cb4041c3"}}, &(0x7f0000000380)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0xde, 0x0, 0x7b, 0x47, 0x80, 0x6, 0x97}}}, &(0x7f0000000880)={0x84, &(0x7f0000000b80)=ANY=[@ANYBLOB="d57f04073858ee0ddd38490a3cc448d46ff6bf8650e368dda3f2ed3c3e7a63ada5c97fd486e712be9786a247226728842ca8182e694ed4b091e696f5d4db55d2d51834925cdd9940b9e8f5d66917c2a577df6cc573f4f525fc50e987eeb6b26a63ba2f583560ae4331c1a7913c423d0ccc63d314b51f3c9be5c85bd02654fb7e64ce24146a40f1f498369d930b7ae808ae0999732f8d2b1064e7b7cfa217eb201ec02b89a7f1636b8f092509a2d5a7895de22b625f7ab1ee51bd374d37aecc920781d65faeb079697e26de45b0bd85af37f04d9059d206178bd1981eec33635fac8e5f8dc391ef8ceb96b85ff9400599c5a0a0cd9753fb6a0ceee4a4a90f66e7e1ccff5c2aea3248f3771776a82bf6324577da"], &(0x7f00000004c0)={0x0, 0xa, 0x1, 0xc7}, &(0x7f0000000500)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000540)={0x20, 0x0, 0x4, {0x1, 0x1}}, &(0x7f0000000580)={0x20, 0x0, 0x4, {0x100, 0x80}}, &(0x7f00000005c0)={0x40, 0x7, 0x2, 0x8}, &(0x7f0000000600)={0x40, 0x9, 0x1, 0xc}, &(0x7f0000000640)={0x40, 0xb, 0x2, "0d84"}, &(0x7f0000000680)={0x40, 0xf, 0x2, 0xc}, &(0x7f00000006c0)={0x40, 0x13, 0x6, @remote}, &(0x7f0000000700)={0x40, 0x17, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, &(0x7f0000000740)={0x40, 0x19, 0x2, "1788"}, &(0x7f0000000780)={0x40, 0x1a, 0x2, 0x200}, &(0x7f00000007c0)={0x40, 0x1c, 0x1, 0x5}, &(0x7f0000000800)={0x40, 0x1e, 0x1, 0xc}, &(0x7f0000000840)={0x40, 0x21, 0x1, 0x8}})
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x56a, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) (async)
r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x56a, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r8, 0x0, 0x0) (async)
syz_usb_control_io$hid(r8, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000940)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) (async)
syz_emit_vhci(&(0x7f0000000940)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
syz_usb_control_io(r8, &(0x7f0000000280)={0x2c, &(0x7f0000000140)=ANY=[@ANYBLOB="e40005"], 0x0, 0x0, 0x0, 0x0}, 0x0) (async)
syz_usb_control_io(r8, &(0x7f0000000280)={0x2c, &(0x7f0000000140)=ANY=[@ANYBLOB="e40005"], 0x0, 0x0, 0x0, 0x0}, 0x0)

4.626216996s ago: executing program 3 (id=988):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=@newqdisc={0x24, 0x24, 0x8, 0x0, 0x2}, 0xa}, 0x1, 0x0, 0x0, 0x20040d0}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
syz_clone(0x60000400, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = getpgid(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_INVAL_INODE(r3, &(0x7f0000000180)={0x28, 0x2, 0x0, {0x1, 0x0, 0xa26}}, 0x28)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="020d00000a0000000000000000000000030005000000000002000000ac1414aa000000000000000005635628e871433e89004e2100000002000000000000000000000098000000000300000000000000"], 0x50}}, 0x0)
r5 = syz_pidfd_open(r2, 0x0)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)
pidfd_send_signal(r5, 0x21, 0x0, 0x4)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
futimesat(0xffffffffffffffff, &(0x7f0000000340)='./bus\x00', 0x0)
syz_emit_vhci(&(0x7f0000001980)=ANY=[@ANYBLOB="040f"], 0x7)
socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSLCKTRMIOS(r7, 0x542f, 0x0)
r8 = memfd_create(&(0x7f0000000100)='\vem1\xc1\xf8\xa6\x8dN\xc0\xa3w\xe2\xcb\xa2\xba\xe5\xf4\x97\xac#*\xff', 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0xda, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fffffffff]})
write(r8, &(0x7f0000000040), 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x40000000000009f, 0x0)

4.350896802s ago: executing program 2 (id=1023):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000380)=ANY=[@ANYBLOB="1201000000000040ac05418200000000000109022400010000000009040000010300000009210000000122070009058192f300000000305942f0f0d5698b7bfa47fee089ada2b56ba3a9853f5cb543938808ea737ab16b732a5123ef95da4e97735818e4915f09d645ef800dd49384287936e8a444787052fc59899704000000af4ee7c44b3a78757aa9f0fe19d1e663f011b221"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYRES8, @ANYRES8=r1], 0x0}, 0x0)
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x0, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r2, 0x80044d03, &(0x7f0000000080))
r3 = getpid()
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04350600effd997120"], 0x9)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x35, 0x0, "317f83735b4bb1eadc74dde27798c831eec04c24eeec7ff3d3137a508003d2d5c89ab0220c52ebd4687636457b9822766c1bfea4e81ff23c6a4caeaf049a582a9774d3b882ef0600000000000000025d"}, 0xd8)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)=@ccm_128={{}, "a7c0dceb48f7d18c", "c6d7eeb935ed2f71ca168f44a7ba6c6b", "d9a0376b", "2e30fc1be25e6bf5"}, 0x28)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x4, @loopback}, 0x1c)
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f00000004c0)=@assoc_value={<r7=>0x0}, &(0x7f00000001c0)=0x8)
r8 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r8, 0x84, 0x71, &(0x7f00000077c0)={r7}, 0x8)
r9 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
syz_io_uring_submit(r10, r11, &(0x7f0000000040)=@IORING_OP_TIMEOUT={0xb, 0x6, 0x0, 0x0, 0x0, &(0x7f0000001400)={0x0, 0x3938700}})
io_uring_enter(r9, 0x6b4d, 0x0, 0x0, 0x0, 0x0)
r12 = eventfd2(0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r9, 0x4, &(0x7f0000000180)=r12, 0x1)
io_uring_enter(r9, 0x0, 0x3, 0x7, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x73, &(0x7f0000000040)={r7, 0x7, 0x30, 0x1efd, 0x8}, &(0x7f00000000c0)=0x18)
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000340)=0x1)
sched_setaffinity(r3, 0x8, &(0x7f0000000140)=0x80000000000009e)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000007e40)=[{{0x0, 0x0, 0x0}}], 0x1, 0xf000000)

3.554770069s ago: executing program 3 (id=1027):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x3c, r1, 0x205, 0x0, 0x0, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x1}, @ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}]}, @ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8, 0x8, 0x1}]}, 0x3c}}, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000300)=ANY=[@ANYRES8, @ANYRES8, @ANYRES8=r1, @ANYBLOB="f12faf96b15257b69c084958adf85c7b921ef0588a1f7d10916da4e4750dbce3587046b829bfd85d6e7d7fdac1fec6a935f48e81a5c900d7a94dcdcaa361789921bd87e666049fa6b41ea7f073e78ac3c5c8ec0ef3df103f2d041f50d6af6e2fa09d911d87d683063f86b69d521e4596ff7e", @ANYRESHEX=r1, @ANYBLOB="1f3c57b06fc46381483d011539768b15f246e973772f0c1e3177e7cb7c4d0741363afa6b373ef706d706de889166eae334415ff7942e01cff118a6ee1179c07ad42d925375ebe05b79a87e949832bfd908e22100c1091fba1ca4cbd00461990d98f406df23f2bfa44debd3f10500104a2928002cc56f7e9f620d286c159f6e4fe2610f12729f142cb19cf4d9fe5cdea8b7b4de32e739be0547caa4a1c9436f3c7f6eb6f8a2aa03556ca5256012582f9b51f72bc4591880035ae686172130941d5bf60cce55950786d2ea4ae0970866b4056339d2faa8364ac8248a5bd455488239b337e095d2d33de2db6e2c01755097eb"], 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, 0x0, 0x0)

2.935364513s ago: executing program 1 (id=1032):
syz_emit_ethernet(0xae, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x26, 0x2}, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "081f20", 0x78, 0x3a, 0xff, @remote, @local, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96489269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000000400000126000400"}, {0x1, 0x1, "fe906d17efe3"}]}}}}}}, 0x0)

2.9123041s ago: executing program 1 (id=1033):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r1}, 0x38)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r3, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120110030000"], 0x0)
syz_usb_control_io(r2, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
r5 = eventfd(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x8, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$VHOST_SET_VRING_BASE(r4, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000240)=r5)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000000)=0x1)
r6 = fsopen(&(0x7f0000000300)='vfat\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000080)='iocharset', &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00\x9b\x98b\xf5i\xde\xba\x06\xba\xf2\x9f\x00\x00\x00', 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_VENDOR(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000006700000008000300", @ANYRES32=r9, @ANYBLOB="0c00990000000000000000000800c300741300000800c40001000000abffc50073ae5ff175cb456389acc3c400"/56], 0x4c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x90)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00'})

2.847118257s ago: executing program 3 (id=1035):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x28de, 0x1142, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x5, {0x5, 0x0, "b1a748"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x4000)
r1 = fsopen(&(0x7f0000000100)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
fchdir(r2)
getpeername$tipc(r2, &(0x7f0000000040)=@id, &(0x7f00000000c0)=0x10)

2.427359759s ago: executing program 4 (id=1039):
r0 = socket$nl_route(0x10, 0x3, 0x0)
connect$netlink(r0, &(0x7f0000000280)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$nl_route(r0, &(0x7f0000000300)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000021000f0000f901000000000002"], 0x1c}, 0x1, 0x1700}, 0x0)

2.204761468s ago: executing program 0 (id=1041):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x8042, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
close_range(r1, r0, 0x2)
ioctl$EXT4_IOC_GETSTATE(r1, 0x4028af11, &(0x7f0000000080))
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000140)=0x5)

2.06720735s ago: executing program 4 (id=1042):
r0 = socket$inet6(0xa, 0x80002, 0x0)
sendmmsg$inet6(r0, &(0x7f00000034c0)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @remote}, 0x1c, &(0x7f0000000040)=[{&(0x7f0000000540)="44a91c7fe96258cf33157ea1ab91ab59696d913243de26686c1f6f31d42ac31f5ea3c994b1b228ced9b5c10500c72094ec754439af9d294e2b4170cdd4f2133037ecee7b08e50336327236a905e947f2b61a3b272fd34af4f6b2d1320dc7c696a356014d04", 0x65}, {&(0x7f0000000840)="42d011483308fa5f6e3575e1109444bd1f19ee05a4e6f7a12c3d118f700256ff36d9ebc716df2cfd224580561e68532865d93f1bac308f6cfb5e89553ca075bcf05c0461b7f82dce9d977f9002e8aa5d7a199356f23081b68fde3d6c300a1e7bc51f51d67d28091adaf5605e8ca0fad58687d2ce2d303dc44ad3cc5ba13b0c4c8852a678fdaba969666f1c8d0591e35c5b2f2f5ad9d7eaad13f9f4ee8f16d02df7f1124e6207d4ad2a0734443a546d353f8f8b0d5e34b335aae0cec7fc5d5a5875bd9fc8d3a37754d0605295d05c6a6404ef69fc7dab7311d7cdaa000b7413f45c8efbe725a5f15f49faa7c4d670a2a3fcad95c58909219e6e21934b5f443e2e28c17acefefefe63db0a2465d528", 0x10e}, {&(0x7f00000001c0)="8452ed5e59bfa391ef0bf659636114100192b9544bc8bd90dc8d0f067872cf30991b389a94fcc05212bfaeff5fbb6285f471a35d929e82e9de02a33c88a9b84ddb2430f0149d0503020491c9ce6167", 0x4f}, {&(0x7f0000000400)="171c79d4355a126cc4471af2b5ba11292a7bd1ac59eb97bad432cdcffc8383a9e9961c8006511918239d8b03bd4ab3790966ec03b6945b460d5023bea4652ef963833641bf5e86f6dbad6580d730ccb1230ed5d7ab7ba09e13cf73e1b13d5c77fbb4a4e64a04d750dce210941a15b16ed775dbc865497133ff8efde88c5e05bba9df168090ae24c9d35b16c5501068d3de1bd3a68ebea4decc806cf96401447b15394dca76bca4b476c70f44b9bdd4e5a5eab58855f22af838fd6fa7c40c1d0f3edd8f2d2aaba129ca600e1f94deca2b3e24278574d5fd4d2a3b5a332f277266504c4bee6f", 0xe5}, {&(0x7f0000000980)="f5924371f36d65c05a35fe44717914da572d7f150cf9d64822f6b8037f52efaa79d10e2d366e15b7797b91be15e44447f5d532c8e308ea2b8cefe9a8c7c3ae92a7d0111580d101cb72f2e5a375c6ad20206c898bdbd7e644977d3a42b886e53e7ea8dc1ae4568e3db3770508f29f10c06365e7a23134a733e4e4d6dd75c9d6cfee1515f84a6b452851225309354895fee093d810155052a9d9c9f939960c4a8fa03bcc0e7f0d30abd3d8151d75c9bff78955de3c5ed640", 0xb7}, {&(0x7f0000000ac0)="c444dee3d7aba54e3ab0bb77e538117be266254b77b059aae07f9a279d657068776f29c9bc8ba5ab19e9ef888e3e2451732afacf5611c221ab732223a7a676fc68e4307f229cb77c3a0d52c55610b0878550a4c1448f3b7946fcbd11bf9f9c367df2c14495cb61a809e2c49aee3b97d8136ee3bfe35f52b7eba628dad0d23ecdbfbd1561bdd45fca6fb79a92b6f33d13acdf172d4e8475a2870ddfc3185249", 0x9f}, {&(0x7f0000000b80)="561dcfa919208b99d603c28b593e8048426be13cb4cdf56ad0762df564744cabaf2e04ce62b5a44ce48871150b31ebcec3a2c70d7468bf299bec75e0e2874fc5dbef5289c7287e712afc3f3c22a148443d76d4d62e3a19033449be3169c39f7136f5e54d81221b1c75b20d42103d357898864b679fa801b5c8883a6ee0e5dfdfff78bee931d65abad662f337e9976e4556e2a650c2900006c5efcd2b", 0x9c}], 0x7}}, {{0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f00000005c0)="ea6573ab9e0e237fbb5dbeaf4f237f496dfd01a784bdfa79710a45b9a9557c5a89f0727e17ee81", 0x27}, {&(0x7f0000000600)="6fd106ecc7ce7db6560c05961c49358bb30a8bb35539c70eba2c476ed422b2711394c950be70b05c027bdc10ac92ecdcc5382a0723f03fe286f68cbb41ee8067e5de1e657f4b1fc6a4dd148a814a3b00fd7fd4b914fe09ef074755bc0cc75d3357741b4aaf01e22d386427329fdbfba53b3675d437bd47cdba3fc56f4db322121ac0a7d1b8", 0x85}, {&(0x7f00000006c0)="7b98b0dee6136f9c693028003129fb", 0xf}, {&(0x7f0000000700)="5c59289ef79ac56392c15d4ff4a23806dd988de182dd51dcd2cb2f37645bc5240127778defad2105a6a10a70e2a6f8f3e1bcbe231fe648dd7daba092bee2e5", 0x3f}, {&(0x7f00000007c0)="4ff4fb4d5ec36c08919e2d63d7c2db372a5c194f5a7f0261e22e", 0x1a}], 0x5}}], 0x2, 0xc000)

2.040557939s ago: executing program 0 (id=1043):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x1e0, 0x20, 0x0, 0x0, 0x4, 0x0, {}, {0x0, 0x7ffffbff}, {0x0, 0x3}, {0x0, 0x0, 0x8}, 0x0, 0x3f0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x200, 0x0, 0x0, 0x2, 0x0, 0x2})

1.899662408s ago: executing program 4 (id=1044):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r2}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x121301)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="a5fdad88000000001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r3, @ANYBLOB="08000a008e6e2f0e3586f3083c1df5bb84bdb80c26e7e7aa891e2c58d105efe75610bbcded7a584cfe7533a514e53c7b21b5000000c889aa7ae3f71034fb1b4441bf48354221d8ebc8f3e06824dcbb54cd3a5fe2bde904fd28e5cc57ac8cc799157f0987fe3e3e454e6a0978b1908ae0e3b08691fcf34014b2d5b47858ad8983a2b8c701e189fdb8a89335b12e26d18aeccbe78f488b3b8e78ae8463665f52653dddf311e9959c00"/183, @ANYRES32=r3, @ANYBLOB="0a000100aaaaaaaaaa000000"], 0x58}}, 0x0)

1.791123221s ago: executing program 0 (id=1045):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="850000002f000000940000000000000095000000000000008560fc2b2062f611fc2f864ef177d634e46e8dcfe61b4fb9f600344d592fee49e176fe6ad28fbcb1f9259bfc63e9030971917e30b6f42e8f9dd6ab0ce07312a135cd363aa7e5bcef8fd0e8c7d2082584156c52ebfd69e8e13b7a8b477abc86468e11b6242133ce882f05e16b91c37b3437347f6058b4489c759783b9d4dfb55d0085a26e41201a6d8c8ced33e10048e756a40538b32bf653fa3c831a4e60599ed7a0f999d18de9984522a7cdb6fc30015633a0132c9578b7da5bd7280a5f7e28fd858ba712020b23ef8a2785b6c146c48b48ca7e232d0489661396e9303b38aa5d26d06e2e676795fd2733f95da570bab301000000ffffffff2a2792a630d8fcdc"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1.677325213s ago: executing program 0 (id=1046):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x30, 0xffffffffffffffff, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_open_procfs(r1, &(0x7f0000000040)='smaps\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000346000/0x3000)=nil, 0x3000, &(0x7f0000000080)='\x00')
read$FUSE(r2, &(0x7f00000007c0)={0x2020}, 0x2020)
r3 = socket$inet(0x2, 0x3, 0x8d)
ioctl$VIDIOC_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f0000000240)={0x0, @reserved})
setsockopt$inet_msfilter(r3, 0x0, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB='|'], 0x1)
getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000040)={<r4=>0x0, @local, @local}, &(0x7f0000000140)=0xc)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000080)={@loopback, 0x0, r4})
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
getuid()
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f0000000200)={0x0, 0x3, 0x0, 0x2})

1.601224189s ago: executing program 4 (id=1047):
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="e03f0300", 0x4}], 0x1}, 0x4000000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f00000004c0)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmmsg$unix(r0, &(0x7f00000000c0), 0x3f, 0x0) (fail_nth: 23)

1.163313938s ago: executing program 4 (id=1048):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000009000a20000000000a01030000000000000000010000000900010073797a310000000040000000030a010200000000000000000100000009000300739c7a320000000014000480080002401a00000008000140000000050900010073797a310000000044000000050a01020000000000000000010000000c00024000000000000000010900010073797a3100000000180004"], 0xcc}}, 0x0)

956.368005ms ago: executing program 4 (id=1049):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_RESET(r1, 0x5000, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0x8)
syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), r2)
mknodat$null(r2, &(0x7f0000000180)='./file0\x00', 0x800, 0x103)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000002100000008000300", @ANYRES32, @ANYBLOB="08009e0040bc"], 0x24}}, 0x0)
r4 = socket$inet6(0xa, 0x80003, 0x6b)
r5 = socket(0x200000000000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'team0\x00'})
bind$packet(r5, 0x0, 0x0)
syz_usb_connect(0x0, 0x46, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xcc, 0x73, 0x9f, 0x20, 0x4a4, 0x14, 0xc957, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x34, 0x1, 0x0, 0x0, 0x80, 0x0, [{{0x9, 0x4, 0x13, 0x0, 0x3, 0x4, 0xce, 0x10, 0x0, [], [{{0x9, 0x5, 0x0, 0xc, 0x40, 0xa4, 0x8, 0x8}}, {{0x9, 0x5, 0x5, 0x2, 0x10, 0x3, 0xfc, 0x1, [@generic={0x7, 0x5, "910e3a85ea"}]}}, {{0x9, 0x5, 0x8, 0x3, 0x10, 0x7, 0x1}}]}}]}}]}}, 0x0)
getsockname$packet(r5, 0x0, &(0x7f0000000000))
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000000)={'team0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2002}, [@IFLA_IFNAME={0x14, 0x3, 'wg2\x00'}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x3c}}, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x0, 0x20}, 0xc)
r9 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_CROPCAP(r9, 0xc02c563a, &(0x7f0000000040)={0xa})
sendmmsg$inet6(r0, &(0x7f0000003f00)=[{{0x0, 0xf, &(0x7f0000000300)=[{&(0x7f0000000140)="a2", 0x1a058}], 0x1}}], 0x1, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x38001)

765.621137ms ago: executing program 2 (id=1050):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
r0 = socket$netlink(0x10, 0x3, 0x1)
r1 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={0x0, <r2=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000700)={0x28, 0x2e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r2}, @nested={0x7, 0x0, 0x0, 0x1, [@generic="976b64"]}, @nested={0x5, 0x1, 0x0, 0x1, [@generic="99"]}]}, 0x28}], 0x1}, 0x0)
r3 = syz_usb_connect(0x5, 0x36, &(0x7f0000000040)=ANY=[], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
r4 = syz_create_resource$binfmt(&(0x7f0000000000)='./file0\x00')
execveat$binfmt(0xffffffffffffff9c, r4, &(0x7f0000000100)={[&(0x7f0000000040)='\x00', &(0x7f0000000080)=')\x17@[(\x00', &(0x7f00000000c0)=':+&-\'\x00']}, &(0x7f0000000180)={[&(0x7f0000000140)='\x00']}, 0x100)
syz_usb_control_io$cdc_ncm(r3, 0x0, 0x0) (async)
syz_usb_control_io$printer(r3, 0x0, 0x0)

498.814034ms ago: executing program 0 (id=1051):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x88, 0x1, 0x8, 0x101, 0x0, 0x0, {0x5, 0x0, 0x1}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x4c, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x9}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0xf343}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x7ff}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x97}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0xfffffffd}]}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @icmp=[@CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_ICMP_TIMEOUT={0x8, 0x1, 0x1, 0x0, 0x2}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x88f7}]}, 0x88}, 0x1, 0x0, 0x0, 0x20000800}, 0x20)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = getpgrp(0xffffffffffffffff)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), 0xffffffffffffffff)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x58, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000480)={@multicast2, @local, <r5=>0x0}, &(0x7f00000004c0)=0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000b40)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a80)={0x68, 0x2, 0x6, 0x201, 0x0, 0x0, {0x3, 0x0, 0x9}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_MARKMASK={0x8, 0xb, 0x1, 0x0, 0x3}, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}, @IPSET_ATTR_TIMEOUT={0x8}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x2f}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000600)={'syztnl1\x00', &(0x7f0000000500)={'gre0\x00', <r6=>0x0, 0x7800, 0x8008, 0x5, 0xffff, {{0x30, 0x4, 0x3, 0x9, 0xc0, 0x66, 0x0, 0x81, 0x4, 0x0, @empty, @remote, {[@timestamp_addr={0x44, 0x24, 0x6d, 0x1, 0x1, [{@private=0xa010102, 0x9}, {@remote, 0x2}, {@local, 0x7}, {@broadcast, 0x8}]}, @rr={0x7, 0x1f, 0x7c, [@multicast2, @multicast1, @empty, @initdev={0xac, 0x1e, 0x1, 0x0}, @local, @remote, @dev={0xac, 0x14, 0x14, 0xa}]}, @rr={0x7, 0x1f, 0xd9, [@remote, @remote, @multicast1, @dev={0xac, 0x14, 0x14, 0xa}, @private=0xa010101, @remote, @rand_addr=0x64010102]}, @noop, @timestamp_addr={0x44, 0x24, 0xed, 0x1, 0x2, [{@remote, 0x4}, {@dev={0xac, 0x14, 0x14, 0x2a}, 0x9}, {@remote, 0xfa1d}, {@multicast1, 0x8}]}, @lsrr={0x83, 0x13, 0x4f, [@empty, @private=0xa010102, @private=0xa010101, @local]}, @ssrr={0x89, 0xf, 0xe, [@empty, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000640)={'vcan0\x00', <r7=>0x0})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000700)={'erspan0\x00', &(0x7f0000000680)={'gre0\x00', <r8=>0x0, 0x40, 0x20, 0x401, 0x8, {{0xf, 0x4, 0x1, 0x28, 0x3c, 0x67, 0x0, 0x54, 0x2f, 0x0, @private=0xa010100, @local, {[@timestamp_addr={0x44, 0x24, 0x30, 0x1, 0x4, [{@private=0xa010101, 0x1}, {@multicast1, 0x9}, {@empty, 0x99e}, {@multicast2, 0xfffffc00}]}, @end]}}}}})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000740)={'batadv0\x00', <r9=>0x0})
r10 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000240)={'gre0\x00', <r11=>0x0})
sendto$packet(r10, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x11, 0x86dd, r11, 0x1, 0x0, 0x6, @remote}, 0x14)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$team(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TEAM_CMD_NOOP(r12, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x14, r13, 0x1}, 0x14}}, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000780)={@loopback, <r14=>0x0}, &(0x7f00000007c0)=0x14)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000a00)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000800)={0x1c0, r3, 0x50d, 0x70bd26, 0x25dfdbfb, {}, [@HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}]}, @HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}]}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x20004004}, 0x804)
r15 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
open_by_handle_at(r15, &(0x7f0000000280)=ANY=[], 0x10000)
r16 = syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, &(0x7f0000002000))
kcmp(r2, r16, 0x5, 0xffffffffffffffff, 0xffffffffffffffff)
r17 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r17, 0xae41, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f0000000280)={0x0, 0xfffffffffffffd64, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x4, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0xe}}, 0x200400c0)
r18 = openat$vmci(0xffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r18, 0x7a7, &(0x7f00000002c0)=0x80000)

147.076784ms ago: executing program 0 (id=1052):
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$alg(0x26, 0x5, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
socket$l2tp6(0xa, 0x2, 0x73)
socket$packet(0x11, 0x2, 0x300)
socket$unix(0x1, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
socket$unix(0x1, 0x5, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x44}, 0x1, 0xff00000000000000}, 0x0)

0s ago: executing program 1 (id=1053):
syz_emit_ethernet(0xae, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x26, 0x2}, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "081f20", 0x78, 0x3a, 0xff, @remote, @local, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96489269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000000400000126000400"}, {0x1, 0x1, "fe906d17efe3"}]}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

ng dummy_hcd
[  198.817107][ T5277] usb 5-1: device descriptor read/8, error -71
[  198.833438][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.833578][ T8210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.866903][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.876722][ T8210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.930216][ T8210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.952783][ T8210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.962891][ T8210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.974390][ T8210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  198.984604][ T8210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  198.996231][ T8210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.009108][ T8210] batman_adv: batadv0: Interface activated: batadv_slave_1
[  199.066254][ T8210] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  199.083133][ T8210] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  199.096610][ T5277] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  199.102929][ T8210] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  199.127122][ T8210] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  199.151845][ T5277] usb 5-1: device descriptor read/8, error -71
[  199.209184][ T8481] sctp: [Deprecated]: syz.2.716 (pid 8481) Use of struct sctp_assoc_value in delayed_ack socket option.
[  199.209184][ T8481] Use struct sctp_sack_info instead
[  199.246242][ T8339] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  199.266822][ T5277] usb usb5-port1: unable to enumerate USB device
[  199.274283][ T8481] loop4: detected capacity change from 0 to 2
[  199.297273][ T8339] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  199.311266][ T8484] netlink: 36 bytes leftover after parsing attributes in process `syz.0.644'.
[  199.328393][ T8339] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  199.367016][ T5233] Bluetooth: hci1: command tx timeout
[  199.375568][ T8487] binder: 8483:8487 unknown command 0
[  199.381668][ T8486] netlink: 44 bytes leftover after parsing attributes in process `syz.2.717'.
[  199.391901][ T8487] binder: 8483:8487 ioctl c0306201 20000a80 returned -22
[  199.416635][ T8339] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  199.506699][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  199.532788][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  199.616635][ T2558] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  199.626639][ T2558] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  199.777005][ T8339] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.873953][ T8339] 8021q: adding VLAN 0 to HW filter on device team0
[  199.925109][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.932285][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.972317][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.979524][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.149003][ T8339] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  200.195237][ T8339] 8021q: adding VLAN 0 to HW filter on device batadv0
[  200.247459][ T8339] veth0_vlan: entered promiscuous mode
[  200.258976][ T8339] veth1_vlan: entered promiscuous mode
[  200.286189][ T8339] veth0_macvtap: entered promiscuous mode
[  200.295194][ T8339] veth1_macvtap: entered promiscuous mode
[  200.322800][ T8339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.334075][ T8339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.343996][ T8339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.354541][ T8339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.364478][ T8339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.374969][ T8339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.384868][ T8339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.395832][ T8339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.405993][ T8339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.416838][ T8339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.430728][ T8339] batman_adv: batadv0: Interface activated: batadv_slave_0
[  200.440539][ T8339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.451087][ T8339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.461158][ T8339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.471842][ T8339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.481723][ T8339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.492340][ T8339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.502458][ T8339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.512949][ T8339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.523272][ T8339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.534211][ T8339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.545520][ T8339] batman_adv: batadv0: Interface activated: batadv_slave_1
[  200.578090][ T8531] netlink: 4 bytes leftover after parsing attributes in process `syz.2.726'.
[  200.674587][ T8339] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.686481][ T8339] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.703825][ T8339] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.717783][ T8339] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.776229][ T8542] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  200.942921][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.996222][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.121438][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  201.179131][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  201.264927][ T8559] netlink: 20 bytes leftover after parsing attributes in process `syz.0.738'.
[  201.330670][ T8564] vcan1: entered allmulticast mode
[  201.336045][ T8564] team0: Device vcan1 is of different type
[  201.387856][ T5278] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  201.454901][ T5233] Bluetooth: hci1: command tx timeout
[  201.464966][ T8570] netlink: 44 bytes leftover after parsing attributes in process `syz.2.742'.
[  201.548094][ T5278] usb 2-1: device descriptor read/64, error -71
[  201.720208][ T8577] syz.0.744 uses obsolete (PF_INET,SOCK_PACKET)
[  201.727068][ T5283] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  201.787113][ T5278] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  201.878063][ T5283] usb 4-1: Using ep0 maxpacket: 32
[  201.919070][ T5283] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[  201.943231][ T5278] usb 2-1: device descriptor read/64, error -71
[  201.954081][ T5283] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  201.975334][ T5283] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[  201.985295][ T5283] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  202.005326][ T5283] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  202.025439][ T5283] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  202.064532][ T5278] usb usb2-port1: attempt power cycle
[  202.097165][ T5283] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  202.106253][ T5283] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.144368][ T5283] usb 4-1: config 0 descriptor??
[  202.375586][ T8608] fuse: Bad value for 'fd'
[  202.382861][ T5283] usblp 4-1:0.0: usblp1: USB Bidirectional printer dev 21 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  202.413983][ T5283] usb 4-1: USB disconnect, device number 21
[  202.420187][ T5278] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  202.449340][ T5278] usb 2-1: device descriptor read/8, error -71
[  202.464470][ T5283] usblp1: removed
[  202.502315][ T8610] netlink: 16 bytes leftover after parsing attributes in process `syz.4.755'.
[  202.641656][ T8614] netlink: 40 bytes leftover after parsing attributes in process `syz.4.757'.
[  202.686711][ T5278] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  202.729918][ T5278] usb 2-1: device descriptor read/8, error -71
[  202.752459][ T8617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  202.771122][ T8617] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  202.786578][ T5283] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  202.846947][ T5278] usb usb2-port1: unable to enumerate USB device
[  202.926908][ T5283] usb 4-1: device descriptor read/64, error -71
[  203.131216][ T8625] netlink: 4 bytes leftover after parsing attributes in process `syz.2.762'.
[  203.166540][ T5283] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  203.306534][ T5283] usb 4-1: device descriptor read/64, error -71
[  203.418613][ T5283] usb usb4-port1: attempt power cycle
[  203.438081][ T5278] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  203.511928][ T8640] netlink: 20 bytes leftover after parsing attributes in process `syz.0.769'.
[  203.577452][ T5278] usb 3-1: device descriptor read/64, error -71
[  203.693325][ T8647] fuse: Bad value for 'fd'
[  203.766693][ T5283] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  203.797373][ T5283] usb 4-1: device descriptor read/8, error -71
[  203.816529][ T5278] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  203.959371][ T5278] usb 3-1: device descriptor read/64, error -71
[  204.036654][ T5283] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  204.062597][ T5283] usb 4-1: device descriptor read/8, error -71
[  204.077237][ T5278] usb usb3-port1: attempt power cycle
[  204.177124][ T5283] usb usb4-port1: unable to enumerate USB device
[  204.187864][ T8651] netlink: 4 bytes leftover after parsing attributes in process `syz.1.774'.
[  204.310075][ T8655] netlink: 'syz.1.776': attribute type 9 has an invalid length.
[  204.318970][ T8655] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.776'.
[  204.417404][ T5278] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  204.426696][ T5234] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  204.438391][ T5278] usb 3-1: device descriptor read/8, error -71
[  204.595631][ T8667] FAULT_INJECTION: forcing a failure.
[  204.595631][ T8667] name failslab, interval 1, probability 0, space 0, times 0
[  204.608554][ T8667] CPU: 0 UID: 0 PID: 8667 Comm: syz.3.780 Not tainted 6.12.0-rc1-syzkaller-00113-g8c245fe7dde3 #0
[  204.616589][ T5234] usb 5-1: Using ep0 maxpacket: 16
[  204.619142][ T8667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  204.619157][ T8667] Call Trace:
[  204.619165][ T8667]  <TASK>
[  204.619174][ T8667]  dump_stack_lvl+0x241/0x360
[  204.619201][ T8667]  ? __pfx_dump_stack_lvl+0x10/0x10
[  204.619219][ T8667]  ? __pfx__printk+0x10/0x10
[  204.619245][ T8667]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  204.619270][ T8667]  ? __pfx___might_resched+0x10/0x10
[  204.619293][ T8667]  ? unwind_get_return_address+0x4d/0x90
[  204.619315][ T8667]  should_fail_ex+0x3b0/0x4e0
[  204.619346][ T8667]  should_failslab+0xac/0x100
[  204.619369][ T8667]  ? __alloc_skb+0x1c3/0x440
[  204.619388][ T8667]  kmem_cache_alloc_node_noprof+0x71/0x320
[  204.619412][ T8667]  ? validate_chain+0x11e/0x5920
[  204.619442][ T8667]  __alloc_skb+0x1c3/0x440
[  204.619466][ T8667]  ? __pfx___alloc_skb+0x10/0x10
[  204.619486][ T8667]  ? __kasan_slab_free+0x59/0x70
[  204.619513][ T8667]  alloc_skb_with_frags+0xc3/0x820
[  204.619545][ T8667]  sock_alloc_send_pskb+0x91a/0xa60
[  204.619584][ T8667]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  204.619610][ T8667]  ? do_raw_spin_unlock+0x13c/0x8b0
[  204.619642][ T8667]  unix_dgram_sendmsg+0x6d3/0x1f80
[  204.619682][ T8667]  ? aa_sk_perm+0x96d/0xab0
[  204.619705][ T8667]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  204.639816][ T5234] usb 5-1: unable to get BOS descriptor or descriptor too short
[  204.641034][ T8667]  ? aa_sock_msg_perm+0x91/0x160
[  204.641064][ T8667]  ? unix_seqpacket_sendmsg+0x110/0x1e0
[  204.647179][ T5234] usb 5-1: config 6 has an invalid interface number: 6 but max is 1
[  204.650889][ T8667]  ? __pfx_unix_seqpacket_sendmsg+0x10/0x10
[  204.650915][ T8667]  __sock_sendmsg+0x221/0x270
[  204.650943][ T8667]  ____sys_sendmsg+0x52a/0x7e0
[  204.655633][ T5234] usb 5-1: config 6 has an invalid interface number: 25 but max is 1
[  204.661478][ T8667]  ? __pfx_____sys_sendmsg+0x10/0x10
[  204.661508][ T8667]  ? rcu_is_watching+0x15/0xb0
[  204.661531][ T8667]  ? __might_fault+0xaa/0x120
[  204.661552][ T8667]  __sys_sendmmsg+0x3ab/0x730
[  204.661578][ T8667]  ? __pfx___sys_sendmmsg+0x10/0x10
[  204.821325][ T8667]  ? __pfx_lock_release+0x10/0x10
[  204.826359][ T8667]  ? kstrtouint_from_user+0x128/0x190
[  204.831746][ T8667]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  204.837639][ T8667]  ? ksys_write+0x229/0x2b0
[  204.842134][ T8667]  ? __pfx_lock_release+0x10/0x10
[  204.847167][ T8667]  ? vfs_write+0x7bf/0xc90
[  204.851573][ T8667]  ? kmem_cache_free+0x1a2/0x420
[  204.856507][ T8667]  ? __mutex_unlock_slowpath+0x21d/0x750
[  204.862136][ T8667]  ? __fget_files+0x3f3/0x470
[  204.866818][ T8667]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  204.872799][ T8667]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  204.879122][ T8667]  ? do_syscall_64+0x100/0x230
[  204.883883][ T8667]  __x64_sys_sendmmsg+0xa0/0xb0
[  204.888729][ T8667]  do_syscall_64+0xf3/0x230
[  204.893222][ T8667]  ? clear_bhb_loop+0x35/0x90
[  204.897890][ T8667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.903778][ T8667] RIP: 0033:0x7f39ea77dff9
[  204.908188][ T8667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.927793][ T8667] RSP: 002b:00007f39eb59f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  204.936205][ T8667] RAX: ffffffffffffffda RBX: 00007f39ea935f80 RCX: 00007f39ea77dff9
[  204.944175][ T8667] RDX: 000000000000003f RSI: 00000000200000c0 RDI: 0000000000000003
[  204.952142][ T8667] RBP: 00007f39eb59f090 R08: 0000000000000000 R09: 0000000000000000
[  204.960112][ T8667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.968076][ T8667] R13: 0000000000000000 R14: 00007f39ea935f80 R15: 00007f39eaa5fa28
[  204.976051][ T8667]  </TASK>
[  204.979139][    C0] vkms_vblank_simulate: vblank timer overrun
[  204.987966][ T5234] usb 5-1: config 6 has no interface number 0
[  205.005362][ T5234] usb 5-1: config 6 has no interface number 1
[  205.011634][ T5234] usb 5-1: config 6 interface 6 has no altsetting 0
[  205.018460][ T5234] usb 5-1: config 6 interface 25 has no altsetting 0
[  205.047263][ T5234] usb 5-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=ee.60
[  205.056602][ T5278] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  205.067042][ T5234] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.088415][ T5234] usb 5-1: Product: syz
[  205.088422][ T5278] usb 3-1: device descriptor read/8, error -71
[  205.106833][ T5234] usb 5-1: Manufacturer: syz
[  205.112566][ T5234] usb 5-1: SerialNumber: syz
[  205.136946][ T8670] netlink: 40 bytes leftover after parsing attributes in process `syz.3.781'.
[  205.196943][ T5278] usb usb3-port1: unable to enumerate USB device
[  205.384028][ T5234] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  205.401750][ T5234] snd-usb-audio 5-1:6.6: probe with driver snd-usb-audio failed with error -2
[  205.426298][ T5234] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  205.465335][   T64] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.538160][ T5234] snd-usb-audio 5-1:6.25: probe with driver snd-usb-audio failed with error -2
[  205.574172][ T5234] usb 5-1: USB disconnect, device number 23
[  205.588405][ T5245] udevd[5245]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:6.25/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  205.623795][   T64] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.746229][   T64] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.762008][ T8678] netlink: 8 bytes leftover after parsing attributes in process `syz.3.787'.
[  205.850741][   T64] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.894269][ T8680] netlink: 60 bytes leftover after parsing attributes in process `syz.3.788'.
[  205.895785][ T5231] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  205.915009][ T8680] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  205.925294][ T5231] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  205.941137][ T5231] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  205.953715][ T5231] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  205.968179][ T5231] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  205.976973][ T5231] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  206.115366][   T64] bridge_slave_1: left allmulticast mode
[  206.128736][ T8686] netlink: 36 bytes leftover after parsing attributes in process `syz.4.790'.
[  206.136679][   T64] bridge_slave_1: left promiscuous mode
[  206.159154][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.175171][   T64] bridge_slave_0: left allmulticast mode
[  206.183211][ T8689] binder: 8685:8689 unknown command 0
[  206.183993][   T64] bridge_slave_0: left promiscuous mode
[  206.197338][ T8689] binder: 8685:8689 ioctl c0306201 20000a80 returned -22
[  206.271280][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.287335][ T8692] fuse: Bad value for 'fd'
[  207.082895][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  207.095100][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  207.106864][   T64] bond0 (unregistering): Released all slaves
[  207.755141][   T64] hsr_slave_0: left promiscuous mode
[  207.805493][   T64] hsr_slave_1: left promiscuous mode
[  207.887627][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  207.896182][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  207.946162][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  207.972331][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  207.998940][ T8743] fuse: Unknown parameter '0x0000000000000009'
[  208.044726][   T64] veth1_macvtap: left promiscuous mode
[  208.070218][   T64] veth0_macvtap: left promiscuous mode
[  208.076101][   T64] veth1_vlan: left promiscuous mode
[  208.089398][ T5231] Bluetooth: hci5: command tx timeout
[  208.107211][   T64] veth0_vlan: left promiscuous mode
[  208.227231][ T5233] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  208.250045][ T5233] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  208.272956][ T5233] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  208.281248][ T5233] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  208.289145][ T5233] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  208.296365][ T5233] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  208.758574][ T5233] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  208.768354][ T5233] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  208.780979][ T5233] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  208.798332][ T5233] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  208.807555][ T5233] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  208.822451][ T5233] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  209.139168][   T64] team0 (unregistering): Port device team_slave_1 removed
[  209.182664][   T64] team0 (unregistering): Port device team_slave_0 removed
[  209.593339][ T8763] sctp: [Deprecated]: syz.4.811 (pid 8763) Use of struct sctp_assoc_value in delayed_ack socket option.
[  209.593339][ T8763] Use struct sctp_sack_info instead
[  209.718308][ T8763] loop4: detected capacity change from 0 to 2
[  209.745505][ T8684] chnl_net:caif_netlink_parms(): no params data found
[  209.820778][ T8770] loop4: detected capacity change from 0 to 2
[  209.860968][ T8770] FAULT_INJECTION: forcing a failure.
[  209.860968][ T8770] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.878430][ T8770] CPU: 1 UID: 0 PID: 8770 Comm: syz.4.813 Not tainted 6.12.0-rc1-syzkaller-00113-g8c245fe7dde3 #0
[  209.889064][ T8770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  209.899143][ T8770] Call Trace:
[  209.902423][ T8770]  <TASK>
[  209.905347][ T8770]  dump_stack_lvl+0x241/0x360
[  209.910026][ T8770]  ? __pfx_dump_stack_lvl+0x10/0x10
[  209.915218][ T8770]  ? __pfx__printk+0x10/0x10
[  209.919809][ T8770]  ? __pfx_lock_release+0x10/0x10
[  209.924835][ T8770]  ? __lock_acquire+0x1384/0x2050
[  209.929862][ T8770]  should_fail_ex+0x3b0/0x4e0
[  209.934541][ T8770]  _copy_from_user+0x2f/0xe0
[  209.939131][ T8770]  kstrtouint_from_user+0xc6/0x190
[  209.944242][ T8770]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  209.949966][ T8770]  ? __pfx_lock_acquire+0x10/0x10
[  209.954998][ T8770]  proc_fail_nth_write+0xaa/0x2d0
[  209.960021][ T8770]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  209.965910][ T8770]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  209.971544][ T8770]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  209.977175][ T8770]  vfs_write+0x29c/0xc90
[  209.981419][ T8770]  ? __pfx_vfs_write+0x10/0x10
[  209.986178][ T8770]  ? __fget_files+0x3f3/0x470
[  209.990864][ T8770]  ? fdget_pos+0x24e/0x320
[  209.995275][ T8770]  ksys_write+0x183/0x2b0
[  209.999596][ T8770]  ? __pfx_ksys_write+0x10/0x10
[  210.004439][ T8770]  ? do_syscall_64+0x100/0x230
[  210.009197][ T8770]  ? do_syscall_64+0xb6/0x230
[  210.013869][ T8770]  do_syscall_64+0xf3/0x230
[  210.018366][ T8770]  ? clear_bhb_loop+0x35/0x90
[  210.023036][ T8770]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.028926][ T8770] RIP: 0033:0x7fd26137cadf
[  210.033339][ T8770] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  210.052946][ T8770] RSP: 002b:00007fd262174030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  210.061363][ T8770] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd26137cadf
[  210.069343][ T8770] RDX: 0000000000000001 RSI: 00007fd2621740a0 RDI: 0000000000000005
[  210.077323][ T8770] RBP: 00007fd262174090 R08: 0000000000000000 R09: 0000000000000000
[  210.085300][ T8770] R10: 0000000024002de8 R11: 0000000000000293 R12: 0000000000000001
[  210.093271][ T8770] R13: 0000000000000000 R14: 00007fd261535f80 R15: 00007fd26165fa28
[  210.101254][ T8770]  </TASK>
[  210.167106][ T5231] Bluetooth: hci5: command tx timeout
[  210.331437][ T5231] Bluetooth: hci3: command tx timeout
[  210.483063][ T8747] chnl_net:caif_netlink_parms(): no params data found
[  210.506542][ T8684] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.513665][ T8684] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.520899][ T5234] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  210.536245][ T8684] bridge_slave_0: entered allmulticast mode
[  210.543809][ T8684] bridge_slave_0: entered promiscuous mode
[  210.613935][ T8684] bridge0: port 2(bridge_slave_1) entered blocking state
[  210.635977][ T8684] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.646802][ T8684] bridge_slave_1: entered allmulticast mode
[  210.653866][ T8684] bridge_slave_1: entered promiscuous mode
[  210.700422][ T5234] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  210.727021][ T5234] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.735058][ T5234] usb 2-1: Product: syz
[  210.746087][ T5234] usb 2-1: Manufacturer: syz
[  210.751029][ T5234] usb 2-1: SerialNumber: syz
[  210.812897][ T5234] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  210.857951][ T8684] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.889502][ T5231] Bluetooth: hci1: command tx timeout
[  210.896932][ T8684] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.930746][   T46] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  210.990103][ T8747] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.010333][ T8747] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.026708][ T8747] bridge_slave_0: entered allmulticast mode
[  211.034240][ T8747] bridge_slave_0: entered promiscuous mode
[  211.092886][ T8761] chnl_net:caif_netlink_parms(): no params data found
[  211.127273][ T8747] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.134606][ T8747] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.147495][ T8747] bridge_slave_1: entered allmulticast mode
[  211.154973][ T8747] bridge_slave_1: entered promiscuous mode
[  211.169925][ T8684] team0: Port device team_slave_0 added
[  211.189338][ T8684] team0: Port device team_slave_1 added
[  211.272827][ T8806] block device autoloading is deprecated and will be removed.
[  211.285592][ T8684] batman_adv: batadv0: Adding interface: batadv_slave_0
[  211.294256][ T8684] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.321272][ T8684] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  211.364743][   T64] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.403281][ T8747] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.421719][ T8684] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.429615][ T8684] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.462460][ T8684] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.553032][   T64] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.579193][ T8747] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  211.700364][ T8810] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  211.726091][ T8810] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  211.739511][   T64] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.772762][ T8761] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.784933][ T8761] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.793497][ T8761] bridge_slave_0: entered allmulticast mode
[  211.802090][ T8761] bridge_slave_0: entered promiscuous mode
[  211.848402][ T8747] team0: Port device team_slave_0 added
[  211.864648][ T8747] team0: Port device team_slave_1 added
[  211.938609][   T64] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.964958][ T8761] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.975881][ T8761] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.007261][   T46] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  212.029154][ T8761] bridge_slave_1: entered allmulticast mode
[  212.036035][   T46] ath9k_htc: Failed to initialize the device
[  212.048950][ T8761] bridge_slave_1: entered promiscuous mode
[  212.085467][ T8684] hsr_slave_0: entered promiscuous mode
[  212.110995][   T46] usb 2-1: ath9k_htc: USB layer deinitialized
[  212.118470][ T8684] hsr_slave_1: entered promiscuous mode
[  212.134837][ T5234] usb 2-1: USB disconnect, device number 22
[  212.179341][ T8747] batman_adv: batadv0: Adding interface: batadv_slave_0
[  212.194882][ T8747] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.222671][ T8747] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  212.246696][ T5231] Bluetooth: hci5: command tx timeout
[  212.321522][ T8747] batman_adv: batadv0: Adding interface: batadv_slave_1
[  212.330979][ T8747] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.356862][    C0] vkms_vblank_simulate: vblank timer overrun
[  212.363246][ T8747] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  212.406743][ T5231] Bluetooth: hci3: command tx timeout
[  212.415157][ T8761] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  212.429636][ T8761] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.505678][ T8761] team0: Port device team_slave_0 added
[  212.518242][ T8761] team0: Port device team_slave_1 added
[  212.546650][ T5278] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  212.565468][   T64] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.630327][ T8747] hsr_slave_0: entered promiscuous mode
[  212.649520][ T8747] hsr_slave_1: entered promiscuous mode
[  212.657762][ T8747] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  212.665491][ T8747] Cannot create hsr debugfs directory
[  212.691598][ T8761] batman_adv: batadv0: Adding interface: batadv_slave_0
[  212.717556][ T5278] usb 5-1: Using ep0 maxpacket: 8
[  212.718179][ T8761] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.747309][ T5278] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  212.761109][ T8761] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  212.775260][ T8761] batman_adv: batadv0: Adding interface: batadv_slave_1
[  212.786590][ T5278] usb 5-1: config 179 has no interface number 0
[  212.796999][ T8761] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  212.806189][ T5278] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  212.839897][ T8761] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  212.853491][ T5278] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  212.884807][ T5278] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  212.905628][ T5278] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  212.918261][ T5278] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  212.931635][ T5278] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  212.942296][ T5278] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.958522][ T8832] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  212.976117][ T5231] Bluetooth: hci1: command tx timeout
[  212.993687][   T64] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.097319][   T46] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  213.142760][   T64] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.224204][ T5278] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input25
[  213.246717][   T46] usb 2-1: device descriptor read/64, error -71
[  213.403067][   T64] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.435386][ T8761] hsr_slave_0: entered promiscuous mode
[  213.442611][ T8761] hsr_slave_1: entered promiscuous mode
[  213.456291][ T8761] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  213.466466][ T8761] Cannot create hsr debugfs directory
[  213.486578][   T46] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  213.499786][ T8852] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  213.522192][ T8852] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  213.568714][ T8832] netlink: 32 bytes leftover after parsing attributes in process `syz.4.819'.
[  213.616958][   T46] usb 2-1: device descriptor read/64, error -71
[  213.625390][ T5278] usb 5-1: USB disconnect, device number 24
[  213.631379][    C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  213.631406][    C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  213.661419][ T5278] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  213.732563][   T46] usb usb2-port1: attempt power cycle
[  213.972978][   T64] bridge_slave_1: left allmulticast mode
[  213.986588][   T64] bridge_slave_1: left promiscuous mode
[  214.000546][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.009891][   T64] bridge_slave_0: left allmulticast mode
[  214.015550][   T64] bridge_slave_0: left promiscuous mode
[  214.022296][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.031797][   T64] bridge_slave_1: left allmulticast mode
[  214.037742][   T64] bridge_slave_1: left promiscuous mode
[  214.044199][   T64] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.053296][   T64] bridge_slave_0: left allmulticast mode
[  214.059387][   T64] bridge_slave_0: left promiscuous mode
[  214.065081][   T64] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.092593][   T46] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  214.119937][   T64] xfrm0: left allmulticast mode
[  214.132232][   T46] usb 2-1: device descriptor read/8, error -71
[  214.326669][ T5233] Bluetooth: hci5: command tx timeout
[  214.374330][   T64] team0: Port device vlan2 removed
[  214.391405][   T46] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  214.427841][   T46] usb 2-1: device descriptor read/8, error -71
[  214.480481][ T5234] usb 5-1: new low-speed USB device number 25 using dummy_hcd
[  214.488091][ T5233] Bluetooth: hci3: command tx timeout
[  214.561648][   T46] usb usb2-port1: unable to enumerate USB device
[  214.699068][ T5234] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  214.709303][ T5234] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  214.724772][ T5234] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  214.761952][ T5234] usb 5-1: string descriptor 0 read error: -22
[  214.774407][ T5234] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  214.783693][ T5234] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.812694][ T5234] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[  214.820262][ T5234] cdc_ncm 5-1:1.0: bind() failure
[  214.847273][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  214.860592][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  214.874328][   T64] bond0 (unregistering): Released all slaves
[  215.000047][   T64] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  215.015873][ T5234] usb 5-1: USB disconnect, device number 25
[  215.018899][   T64] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  215.040257][   T64] bond0 (unregistering): Released all slaves
[  215.046617][ T5233] Bluetooth: hci1: command tx timeout
[  215.218879][ T8684] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  215.234134][ T8684] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  215.245193][ T8684] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  215.297472][ T8684] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  215.498857][ T8684] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.591801][ T8684] 8021q: adding VLAN 0 to HW filter on device team0
[  215.673121][ T2558] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.680285][ T2558] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.807806][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.814956][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.013883][ T8877] FAULT_INJECTION: forcing a failure.
[  216.013883][ T8877] name failslab, interval 1, probability 0, space 0, times 0
[  216.040085][ T8877] CPU: 1 UID: 0 PID: 8877 Comm: syz.1.824 Not tainted 6.12.0-rc1-syzkaller-00113-g8c245fe7dde3 #0
[  216.050737][ T8877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  216.060817][ T8877] Call Trace:
[  216.064109][ T8877]  <TASK>
[  216.067051][ T8877]  dump_stack_lvl+0x241/0x360
[  216.071757][ T8877]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.076985][ T8877]  ? __pfx__printk+0x10/0x10
[  216.081619][ T8877]  ? __kmalloc_node_noprof+0xb7/0x440
[  216.087026][ T8877]  ? __pfx___might_resched+0x10/0x10
[  216.092348][ T8877]  should_fail_ex+0x3b0/0x4e0
[  216.097064][ T8877]  should_failslab+0xac/0x100
[  216.101768][ T8877]  __kmalloc_node_noprof+0xdf/0x440
[  216.106996][ T8877]  ? qdisc_alloc+0x9a/0xa80
[  216.111527][ T8877]  qdisc_alloc+0x9a/0xa80
[  216.115892][ T8877]  qdisc_create+0x182/0x11a0
[  216.120522][ T8877]  ? __pfx_qdisc_create+0x10/0x10
[  216.125572][ T8877]  tc_modify_qdisc+0xa26/0x1e40
[  216.130441][ T8877]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  216.135737][ T8877]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  216.141016][ T8877]  rtnetlink_rcv_msg+0x73f/0xcf0
[  216.145945][ T8877]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  216.151049][ T8877]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  216.156515][ T8877]  ? ref_tracker_free+0x643/0x7e0
[  216.161543][ T8877]  netlink_rcv_skb+0x1e3/0x430
[  216.166294][ T8877]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  216.171751][ T8877]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  216.177043][ T8877]  ? netlink_deliver_tap+0x2e/0x1b0
[  216.182235][ T8877]  netlink_unicast+0x7f6/0x990
[  216.187011][ T8877]  ? __pfx_netlink_unicast+0x10/0x10
[  216.192311][ T8877]  ? __virt_addr_valid+0x183/0x530
[  216.197417][ T8877]  ? __check_object_size+0x48e/0x900
[  216.202694][ T8877]  netlink_sendmsg+0x8e4/0xcb0
[  216.207454][ T8877]  ? __pfx_netlink_sendmsg+0x10/0x10
[  216.212729][ T8877]  ? aa_sock_msg_perm+0x91/0x160
[  216.217661][ T8877]  ? __pfx_netlink_sendmsg+0x10/0x10
[  216.222933][ T8877]  __sock_sendmsg+0x221/0x270
[  216.227602][ T8877]  ____sys_sendmsg+0x52a/0x7e0
[  216.232361][ T8877]  ? __pfx_____sys_sendmsg+0x10/0x10
[  216.237641][ T8877]  __sys_sendmsg+0x292/0x380
[  216.242221][ T8877]  ? __pfx___sys_sendmsg+0x10/0x10
[  216.247331][ T8877]  ? __pfx_vfs_write+0x10/0x10
[  216.252097][ T8877]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  216.258425][ T8877]  ? do_syscall_64+0x100/0x230
[  216.263179][ T8877]  ? do_syscall_64+0xb6/0x230
[  216.267844][ T8877]  do_syscall_64+0xf3/0x230
[  216.272333][ T8877]  ? clear_bhb_loop+0x35/0x90
[  216.276998][ T8877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.282881][ T8877] RIP: 0033:0x7fee2d97dff9
[  216.287287][ T8877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.306889][ T8877] RSP: 002b:00007fee2e6c2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  216.315295][ T8877] RAX: ffffffffffffffda RBX: 00007fee2db35f80 RCX: 00007fee2d97dff9
[  216.323257][ T8877] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  216.331223][ T8877] RBP: 00007fee2e6c2090 R08: 0000000000000000 R09: 0000000000000000
[  216.339186][ T8877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.347148][ T8877] R13: 0000000000000000 R14: 00007fee2db35f80 R15: 00007fee2dc5fa28
[  216.355121][ T8877]  </TASK>
[  216.405890][ T8880] netlink: 'syz.1.825': attribute type 9 has an invalid length.
[  216.437373][ T8880] netlink: 209836 bytes leftover after parsing attributes in process `syz.1.825'.
[  216.519057][ T8882] vlan2: entered promiscuous mode
[  216.576564][ T5233] Bluetooth: hci3: command tx timeout
[  216.602916][   T64] hsr_slave_0: left promiscuous mode
[  216.622626][   T64] hsr_slave_1: left promiscuous mode
[  216.647308][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.654782][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.677620][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.685104][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.717651][ T8886] sctp: [Deprecated]: syz.4.828 (pid 8886) Use of struct sctp_assoc_value in delayed_ack socket option.
[  216.717651][ T8886] Use struct sctp_sack_info instead
[  216.736237][   T64] hsr_slave_0: left promiscuous mode
[  216.742668][   T64] hsr_slave_1: left promiscuous mode
[  216.758669][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.766142][   T64] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.775127][   T64] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.783180][   T64] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.804338][ T8889] loop4: detected capacity change from 0 to 2
[  216.852214][   T64] veth1_macvtap: left promiscuous mode
[  216.857940][   T64] veth0_macvtap: left promiscuous mode
[  216.866789][   T64] veth1_vlan: left promiscuous mode
[  216.873712][   T64] veth0_vlan: left promiscuous mode
[  216.884693][   T64] veth1_macvtap: left promiscuous mode
[  216.891404][   T64] veth0_macvtap: left promiscuous mode
[  216.897207][   T64] veth1_vlan: left promiscuous mode
[  216.902602][   T64] veth0_vlan: left promiscuous mode
[  217.126674][ T5233] Bluetooth: hci1: command tx timeout
[  217.424765][   T64] team0 (unregistering): Port device team_slave_1 removed
[  217.466191][   T64] team0 (unregistering): Port device team_slave_0 removed
[  218.201310][   T64] team0 (unregistering): Port device team_slave_1 removed
[  218.243028][   T64] team0 (unregistering): Port device team_slave_0 removed
[  218.651651][ T8891] netlink: 36 bytes leftover after parsing attributes in process `syz.1.830'.
[  218.666078][ T8891] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  218.700911][ T8684] 8021q: adding VLAN 0 to HW filter on device batadv0
[  218.775402][ T8684] veth0_vlan: entered promiscuous mode
[  218.785949][ T8684] veth1_vlan: entered promiscuous mode
[  218.806234][ T8684] veth0_macvtap: entered promiscuous mode
[  218.815290][ T8684] veth1_macvtap: entered promiscuous mode
[  218.829853][ T8684] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  218.840446][ T8684] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.850330][ T8684] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  218.861391][ T8684] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.871882][ T8684] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  218.882574][ T8684] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.894631][ T8684] batman_adv: batadv0: Interface activated: batadv_slave_0
[  218.904377][ T8684] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.914903][ T8684] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.925053][ T8684] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.935825][ T8684] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.946000][ T8684] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.957052][ T8684] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.971861][ T8684] batman_adv: batadv0: Interface activated: batadv_slave_1
[  219.004280][ T8895] netlink: 4 bytes leftover after parsing attributes in process `syz.4.831'.
[  219.050384][ T8684] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  219.060478][ T8684] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  219.070590][ T8684] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  219.090842][ T8684] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  219.177973][ T8761] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  219.249207][ T8761] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  219.322146][ T8761] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  219.342290][ T8761] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  219.443018][ T2980] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  219.480714][ T2980] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  219.516602][ T5295] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  219.544218][ T8747] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  219.575583][ T8747] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  219.596974][ T2558] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  219.613739][ T2558] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  219.632062][ T8747] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  219.669159][ T8747] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  219.707215][ T5295] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  219.723101][ T8761] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.740722][ T5295] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 31, changing to 7
[  219.760604][ T5278] usb 2-1: new full-speed USB device number 27 using dummy_hcd
[  219.788363][ T5295] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  219.806285][ T5295] usb 5-1: New USB device found, idVendor=2013, idProduct=0251, bcdDevice=e8.6e
[  219.817413][ T8761] 8021q: adding VLAN 0 to HW filter on device team0
[  219.824308][ T5295] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.832817][ T5295] usb 5-1: Product: syz
[  219.856922][ T5295] usb 5-1: Manufacturer: syz
[  219.863510][ T5295] usb 5-1: SerialNumber: syz
[  219.870512][ T2980] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.877687][ T2980] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.885344][ T5295] usb 5-1: config 0 descriptor??
[  219.903129][ T2980] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.910328][ T2980] bridge0: port 2(bridge_slave_1) entered forwarding state
[  219.913621][ T5295] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2013:0251, interface 0, class 0)
[  219.936769][ T5278] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  219.965520][ T5278] usb 2-1: New USB device found, idVendor=0eef, idProduct=0001, bcdDevice= 0.00
[  219.975472][ T5295] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  219.982818][ T5278] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.999573][ T5278] usb 2-1: config 0 descriptor??
[  220.087380][ T8761] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  220.120445][ T8747] 8021q: adding VLAN 0 to HW filter on device bond0
[  220.175779][ T8747] 8021q: adding VLAN 0 to HW filter on device team0
[  220.177940][ T5295] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  220.205989][ T2558] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.213135][ T2558] bridge0: port 1(bridge_slave_0) entered forwarding state
[  220.226856][ T5295] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  220.234454][ T5295] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[  220.253707][ T5295] em28xx 5-1:0.0: No AC97 audio processor
[  220.258883][ T8761] 8021q: adding VLAN 0 to HW filter on device batadv0
[  220.282344][ T2558] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.289567][ T2558] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.310162][ T5295] usb 5-1: USB disconnect, device number 26
[  220.318908][ T5295] em28xx 5-1:0.0: Disconnecting em28xx
[  220.327633][ T8928] sctp: [Deprecated]: syz.0.838 (pid 8928) Use of struct sctp_assoc_value in delayed_ack socket option.
[  220.327633][ T8928] Use struct sctp_sack_info instead
[  220.362341][ T5295] em28xx 5-1:0.0: Freeing device
[  220.379249][ T8931] loop4: detected capacity change from 0 to 2
[  220.394688][ T8747] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  220.411971][ T8747] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  220.490628][ T8761] veth0_vlan: entered promiscuous mode
[  220.525935][ T8747] 8021q: adding VLAN 0 to HW filter on device batadv0
[  220.570773][ T8761] veth1_vlan: entered promiscuous mode
[  220.653601][ T5278] usbhid 2-1:0.0: can't add hid device: -71
[  220.659797][ T5278] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  220.687146][ T5278] usb 2-1: USB disconnect, device number 27
[  220.693672][ T8747] veth0_vlan: entered promiscuous mode
[  220.743860][ T8761] veth0_macvtap: entered promiscuous mode
[  220.772500][ T8761] veth1_macvtap: entered promiscuous mode
[  220.804248][ T8761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  220.846507][ T8761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.856787][ T8761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  220.867741][ T8761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.898474][ T8761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  220.916956][ T8761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.940884][ T8761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  220.962524][ T8761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.998706][ T8761] batman_adv: batadv0: Interface activated: batadv_slave_0
[  221.034608][ T8747] veth1_vlan: entered promiscuous mode
[  221.079148][ T8761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.094852][ T8761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.106883][ T8761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.119185][ T8761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.130231][ T8761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.162887][ T8761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.181070][ T8761] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.228662][ T8761] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.268667][ T8761] batman_adv: batadv0: Interface activated: batadv_slave_1
[  221.313067][ T8761] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  221.345555][ T8761] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  221.362505][ T8761] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  221.374044][ T8972] sctp: [Deprecated]: syz.0.847 (pid 8972) Use of struct sctp_assoc_value in delayed_ack socket option.
[  221.374044][ T8972] Use struct sctp_sack_info instead
[  221.396948][ T8761] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  221.473453][ T8972] loop4: detected capacity change from 0 to 2
[  221.489078][ T8747] veth0_macvtap: entered promiscuous mode
[  221.553022][ T8747] veth1_macvtap: entered promiscuous mode
[  221.674035][ T8747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.724250][ T8747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.751079][ T8747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.762029][ T8747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.772361][ T8747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.789903][ T8747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.801774][ T8747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.821808][ T8747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.833328][ T8747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.850642][ T8747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.881339][ T8747] batman_adv: batadv0: Interface activated: batadv_slave_0
[  221.936244][ T8992] tun0: tun_chr_ioctl cmd 1074812117
[  221.943275][ T8747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.978043][ T8747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.996135][ T8747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.015157][ T8747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.025059][ T8747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.039989][ T8747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.050676][ T8747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.061208][ T8747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.071046][ T8747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  222.081509][ T8747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.092624][ T8747] batman_adv: batadv0: Interface activated: batadv_slave_1
[  222.109008][ T8996] netlink: 16 bytes leftover after parsing attributes in process `syz.1.854'.
[  222.137771][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.166819][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.186624][ T8747] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  222.225994][ T8747] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  222.245720][ T8747] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  222.263143][ T8747] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.282189][ T5279] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  222.383019][ T2980] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.419542][ T9007] netlink: 20 bytes leftover after parsing attributes in process `syz.0.859'.
[  222.437491][ T2980] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.506723][ T5279] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  222.507681][ T9010] netlink: 36 bytes leftover after parsing attributes in process `syz.1.860'.
[  222.522951][ T5279] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.543873][ T5279] usb 5-1: Product: syz
[  222.553476][ T5279] usb 5-1: Manufacturer: syz
[  222.573297][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.603630][ T5279] usb 5-1: SerialNumber: syz
[  222.631299][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.651356][ T5279] usb 5-1: config 0 descriptor??
[  222.666648][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.691469][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.037527][ T5316] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  223.108272][ T8998] netlink: 'syz.4.855': attribute type 5 has an invalid length.
[  223.196675][ T5316] usb 2-1: Using ep0 maxpacket: 8
[  223.203979][ T9038] binder: 8997:9038 ioctl c0306201 20000680 returned -14
[  223.223899][ T5316] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  223.267862][ T5279] usb 5-1: Firmware: major: 152, minor: 239, hardware type: HULUSB (4)
[  223.296615][ T5316] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.337738][ T5316] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  223.386539][ T5316] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  223.476273][ T8998] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  223.524451][ T5316] usb 2-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  223.593093][ T8998] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  223.622153][ T5316] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.623513][ T5279] usb 5-1: failed to fetch extended address, random address set
[  223.704473][ T5316] usb 2-1: config 0 descriptor??
[  223.721895][ T5279] usb 5-1: USB disconnect, device number 27
[  223.770992][ T9050] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  223.784689][ T9050] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  223.830040][ T9050] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  223.860732][ T9050] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  223.879940][ T9031] dccp_close: ABORT with 30176 bytes unread
[  224.091077][ T9064] netlink: 16 bytes leftover after parsing attributes in process `syz.2.871'.
[  224.186177][ T5316] usbhid 2-1:0.0: can't add hid device: -71
[  224.216906][ T5316] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  224.246326][ T5316] usb 2-1: USB disconnect, device number 28
[  224.365056][ T9076] input: syz1 as /devices/virtual/input/input26
[  224.399304][ T9076] netlink: 'syz.3.872': attribute type 8 has an invalid length.
[  224.415541][ T9076] vivid-002: =================  START STATUS  =================
[  224.423852][ T9076] vivid-002: Radio HW Seek Mode: Bounded
[  224.430719][ T9076] vivid-002: Radio Programmable HW Seek: false
[  224.441104][ T9076] vivid-002: RDS Rx I/O Mode: Block I/O
[  224.478295][ T9076] vivid-002: Generate RBDS Instead of RDS: false
[  224.561102][ T9076] vivid-002: RDS Reception: true
[  224.566261][ T9076] vivid-002: RDS Program Type: 0 inactive
[  224.593265][ T9076] vivid-002: RDS PS Name:  inactive
[  224.606499][ T9076] vivid-002: RDS Radio Text:  inactive
[  224.612736][ T9076] vivid-002: RDS Traffic Announcement: false inactive
[  224.627884][ T9076] vivid-002: RDS Traffic Program: false inactive
[  224.646347][ T9076] vivid-002: RDS Music: false inactive
[  224.653546][ T9076] vivid-002: ==================  END STATUS  ==================
[  224.965479][ T9101] tun0: tun_chr_ioctl cmd 1074812117
[  225.120884][ T9110] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  225.189468][ T9110] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  225.193505][ T9112] FAULT_INJECTION: forcing a failure.
[  225.193505][ T9112] name failslab, interval 1, probability 0, space 0, times 0
[  225.223324][ T9112] CPU: 1 UID: 0 PID: 9112 Comm: syz.2.884 Not tainted 6.12.0-rc1-syzkaller-00113-g8c245fe7dde3 #0
[  225.233960][ T9112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  225.244027][ T9112] Call Trace:
[  225.247314][ T9112]  <TASK>
[  225.250250][ T9112]  dump_stack_lvl+0x241/0x360
[  225.254945][ T9112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  225.260154][ T9112]  ? __pfx__printk+0x10/0x10
[  225.264770][ T9112]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  225.270765][ T9112]  ? __pfx___might_resched+0x10/0x10
[  225.276063][ T9112]  ? unwind_get_return_address+0x4d/0x90
[  225.281707][ T9112]  should_fail_ex+0x3b0/0x4e0
[  225.286403][ T9112]  should_failslab+0xac/0x100
[  225.291092][ T9112]  ? __alloc_skb+0x1c3/0x440
[  225.295694][ T9112]  kmem_cache_alloc_node_noprof+0x71/0x320
[  225.301513][ T9112]  ? validate_chain+0x11e/0x5920
[  225.306469][ T9112]  __alloc_skb+0x1c3/0x440
[  225.310904][ T9112]  ? __pfx___alloc_skb+0x10/0x10
[  225.315852][ T9112]  ? __kasan_slab_free+0x59/0x70
[  225.320803][ T9112]  alloc_skb_with_frags+0xc3/0x820
[  225.325938][ T9112]  sock_alloc_send_pskb+0x91a/0xa60
[  225.331247][ T9112]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  225.336983][ T9112]  ? do_raw_spin_unlock+0x13c/0x8b0
[  225.342207][ T9112]  unix_dgram_sendmsg+0x6d3/0x1f80
[  225.347347][ T9112]  ? aa_sk_perm+0x96d/0xab0
[  225.351865][ T9112]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  225.357432][ T9112]  ? aa_sock_msg_perm+0x91/0x160
[  225.362380][ T9112]  ? unix_seqpacket_sendmsg+0x110/0x1e0
[  225.367939][ T9112]  ? __pfx_unix_seqpacket_sendmsg+0x10/0x10
[  225.373843][ T9112]  __sock_sendmsg+0x221/0x270
[  225.378535][ T9112]  ____sys_sendmsg+0x52a/0x7e0
[  225.383315][ T9112]  ? __pfx_____sys_sendmsg+0x10/0x10
[  225.388614][ T9112]  ? rcu_is_watching+0x15/0xb0
[  225.393388][ T9112]  ? __might_fault+0xaa/0x120
[  225.398076][ T9112]  __sys_sendmmsg+0x3ab/0x730
[  225.402773][ T9112]  ? __pfx___sys_sendmmsg+0x10/0x10
[  225.407997][ T9112]  ? __pfx_lock_release+0x10/0x10
[  225.413039][ T9112]  ? kstrtouint_from_user+0x128/0x190
[  225.418442][ T9112]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  225.424348][ T9112]  ? ksys_write+0x229/0x2b0
[  225.428857][ T9112]  ? __pfx_lock_release+0x10/0x10
[  225.433904][ T9112]  ? vfs_write+0x7bf/0xc90
[  225.438327][ T9112]  ? kmem_cache_free+0x1a2/0x420
[  225.443283][ T9112]  ? __mutex_unlock_slowpath+0x21d/0x750
[  225.448936][ T9112]  ? __fget_files+0x3f3/0x470
[  225.453639][ T9112]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  225.459639][ T9112]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  225.465983][ T9112]  ? do_syscall_64+0x100/0x230
[  225.470763][ T9112]  __x64_sys_sendmmsg+0xa0/0xb0
[  225.475626][ T9112]  do_syscall_64+0xf3/0x230
[  225.480140][ T9112]  ? clear_bhb_loop+0x35/0x90
[  225.484828][ T9112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.490734][ T9112] RIP: 0033:0x7fc7a537dff9
[  225.495155][ T9112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.514776][ T9112] RSP: 002b:00007fc7a622d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  225.523211][ T9112] RAX: ffffffffffffffda RBX: 00007fc7a5535f80 RCX: 00007fc7a537dff9
[  225.531206][ T9112] RDX: 000000000000003f RSI: 00000000200000c0 RDI: 0000000000000003
[  225.539192][ T9112] RBP: 00007fc7a622d090 R08: 0000000000000000 R09: 0000000000000000
[  225.547170][ T9112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  225.555152][ T9112] R13: 0000000000000000 R14: 00007fc7a5535f80 R15: 00007fc7a565fa28
[  225.563151][ T9112]  </TASK>
[  226.120723][ T9135] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  226.128446][ T9135] IPv6: NLM_F_CREATE should be set when creating new route
[  226.172604][ T9141] netlink: 24 bytes leftover after parsing attributes in process `syz.3.889'.
[  226.459601][ T9155] sctp: [Deprecated]: syz.3.896 (pid 9155) Use of struct sctp_assoc_value in delayed_ack socket option.
[  226.459601][ T9155] Use struct sctp_sack_info instead
[  226.488841][ T9155] loop4: detected capacity change from 0 to 2
[  226.635030][ T5277] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  226.752381][ T9168] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  226.762093][ T9169] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  226.781753][ T9168] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  226.794150][ T9169] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  226.809707][ T5277] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  226.832861][ T5277] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  226.847875][ T9168] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  226.855420][ T5277] usb 2-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  226.869934][ T5277] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.886189][ T9168] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  226.887244][ T5277] usb 2-1: config 0 descriptor??
[  227.119335][ T9152] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  227.149184][ T9152] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  227.177486][ T5277] usbhid 2-1:0.0: can't add hid device: -71
[  227.196859][ T5277] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  227.231906][ T5277] usb 2-1: USB disconnect, device number 29
[  227.480079][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.509363][ T9193] netlink: 4 bytes leftover after parsing attributes in process `syz.3.902'.
[  227.617429][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.820327][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.008767][ T9210] netlink: 'syz.3.912': attribute type 9 has an invalid length.
[  228.032085][ T9210] netlink: 209836 bytes leftover after parsing attributes in process `syz.3.912'.
[  228.044984][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.080531][ T5231] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  228.096566][ T5231] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  228.106184][ T5231] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  228.116204][ T5231] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  228.131975][ T5231] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  228.139694][ T5231] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  228.316287][ T9222] netlink: 36 bytes leftover after parsing attributes in process `syz.4.915'.
[  228.384242][ T9226] FAULT_INJECTION: forcing a failure.
[  228.384242][ T9226] name failslab, interval 1, probability 0, space 0, times 0
[  228.403494][ T9222] binder: 9220:9222 unknown command 0
[  228.410243][ T9226] CPU: 0 UID: 0 PID: 9226 Comm: syz.1.917 Not tainted 6.12.0-rc1-syzkaller-00113-g8c245fe7dde3 #0
[  228.420865][ T9226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  228.426484][ T9222] binder: 9220:9222 ioctl c0306201 20000a80 returned -22
[  228.430921][ T9226] Call Trace:
[  228.441239][ T9226]  <TASK>
[  228.444186][ T9226]  dump_stack_lvl+0x241/0x360
[  228.448891][ T9226]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.454113][ T9226]  ? __pfx__printk+0x10/0x10
[  228.458734][ T9226]  ? fs_reclaim_acquire+0x93/0x140
[  228.461396][   T11] bridge_slave_1: left allmulticast mode
[  228.463847][ T9226]  ? __pfx___might_resched+0x10/0x10
[  228.474786][ T9226]  should_fail_ex+0x3b0/0x4e0
[  228.479494][ T9226]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  228.481500][   T11] bridge_slave_1: left promiscuous mode
[  228.485218][ T9226]  should_failslab+0xac/0x100
[  228.495443][ T9226]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  228.501185][ T9226]  __kmalloc_noprof+0xd8/0x400
[  228.505981][ T9226]  tomoyo_realpath_from_path+0xcf/0x5e0
[  228.511326][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.511544][ T9226]  tomoyo_path_number_perm+0x23a/0x880
[  228.524018][ T9226]  ? rcu_read_lock_any_held+0xb7/0x160
[  228.529502][ T9226]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  228.535421][ T9226]  ? tomoyo_path_number_perm+0x208/0x880
[  228.541078][ T9226]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  228.547083][ T9226]  ? sb_end_write+0xe9/0x1c0
[  228.551699][ T9226]  ? vfs_write+0x7bf/0xc90
[  228.556168][ T9226]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  228.562171][ T9226]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  228.568525][ T9226]  security_file_ioctl+0xc6/0x2a0
[  228.573582][ T9226]  __se_sys_ioctl+0x47/0x170
[  228.578204][ T9226]  do_syscall_64+0xf3/0x230
[  228.582731][ T9226]  ? clear_bhb_loop+0x35/0x90
[  228.587431][ T9226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.593347][ T9226] RIP: 0033:0x7fee2d97dff9
[  228.597779][ T9226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.617400][ T9226] RSP: 002b:00007fee2e6c2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  228.625837][ T9226] RAX: ffffffffffffffda RBX: 00007fee2db35f80 RCX: 00007fee2d97dff9
[  228.633828][ T9226] RDX: 0000000000000000 RSI: 00000000c2604111 RDI: 0000000000000003
[  228.641816][ T9226] RBP: 00007fee2e6c2090 R08: 0000000000000000 R09: 0000000000000000
[  228.649803][ T9226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.657789][ T9226] R13: 0000000000000000 R14: 00007fee2db35f80 R15: 00007fee2dc5fa28
[  228.665788][ T9226]  </TASK>
[  228.679846][   T11] bridge_slave_0: left allmulticast mode
[  228.714119][   T11] bridge_slave_0: left promiscuous mode
[  228.724324][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.752638][ T9226] ERROR: Out of memory at tomoyo_realpath_from_path.
[  229.176517][ T5295] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  229.349557][ T5295] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  229.360082][ T5295] usb 4-1: New USB device found, idVendor=0b05, idProduct=17e0, bcdDevice= 0.00
[  229.375745][ T5295] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.388175][ T5295] usb 4-1: config 0 descriptor??
[  229.395338][ T5295] hub 4-1:0.0: bad descriptor, ignoring hub
[  229.402035][ T5295] hub 4-1:0.0: probe with driver hub failed with error -5
[  229.571732][ T9278] sctp: [Deprecated]: syz.1.926 (pid 9278) Use of struct sctp_assoc_value in delayed_ack socket option.
[  229.571732][ T9278] Use struct sctp_sack_info instead
[  229.654352][ T9279] loop4: detected capacity change from 0 to 2
[  229.676575][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  229.688635][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  229.700036][   T11] bond0 (unregistering): Released all slaves
[  229.714135][ T9237] netlink: 144 bytes leftover after parsing attributes in process `syz.3.919'.
[  229.729359][ T9244] vlan2: entered promiscuous mode
[  229.955819][ T9286] FAULT_INJECTION: forcing a failure.
[  229.955819][ T9286] name failslab, interval 1, probability 0, space 0, times 0
[  229.978021][ T9286] CPU: 1 UID: 0 PID: 9286 Comm: syz.0.929 Not tainted 6.12.0-rc1-syzkaller-00113-g8c245fe7dde3 #0
[  229.988678][ T9286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  229.998745][ T9286] Call Trace:
[  230.002028][ T9286]  <TASK>
[  230.004946][ T9286]  dump_stack_lvl+0x241/0x360
[  230.009618][ T9286]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.014811][ T9286]  ? __pfx__printk+0x10/0x10
[  230.019409][ T9286]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  230.025411][ T9286]  ? __pfx___might_resched+0x10/0x10
[  230.030706][ T9286]  ? unwind_get_return_address+0x4d/0x90
[  230.036326][ T9286]  should_fail_ex+0x3b0/0x4e0
[  230.040999][ T9286]  should_failslab+0xac/0x100
[  230.045674][ T9286]  ? __alloc_skb+0x1c3/0x440
[  230.050257][ T9286]  kmem_cache_alloc_node_noprof+0x71/0x320
[  230.056059][ T9286]  ? validate_chain+0x11e/0x5920
[  230.060991][ T9286]  __alloc_skb+0x1c3/0x440
[  230.065405][ T9286]  ? __pfx___alloc_skb+0x10/0x10
[  230.070334][ T9286]  ? __kasan_slab_free+0x59/0x70
[  230.075267][ T9286]  alloc_skb_with_frags+0xc3/0x820
[  230.080380][ T9286]  sock_alloc_send_pskb+0x91a/0xa60
[  230.085582][ T9286]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  230.091299][ T9286]  ? do_raw_spin_unlock+0x13c/0x8b0
[  230.096513][ T9286]  unix_dgram_sendmsg+0x6d3/0x1f80
[  230.101647][ T9286]  ? aa_sk_perm+0x96d/0xab0
[  230.106160][ T9286]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  230.111751][ T9286]  ? aa_sock_msg_perm+0x91/0x160
[  230.116702][ T9286]  ? unix_seqpacket_sendmsg+0x110/0x1e0
[  230.122254][ T9286]  ? __pfx_unix_seqpacket_sendmsg+0x10/0x10
[  230.128139][ T9286]  __sock_sendmsg+0x221/0x270
[  230.132821][ T9286]  ____sys_sendmsg+0x52a/0x7e0
[  230.137584][ T9286]  ? __pfx_____sys_sendmsg+0x10/0x10
[  230.142865][ T9286]  ? rcu_is_watching+0x15/0xb0
[  230.147626][ T9286]  ? __might_fault+0xaa/0x120
[  230.152296][ T9286]  __sys_sendmmsg+0x3ab/0x730
[  230.156973][ T9286]  ? __pfx___sys_sendmmsg+0x10/0x10
[  230.162175][ T9286]  ? __pfx_lock_release+0x10/0x10
[  230.167195][ T9286]  ? kstrtouint_from_user+0x128/0x190
[  230.172574][ T9286]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  230.178462][ T9286]  ? ksys_write+0x229/0x2b0
[  230.182957][ T9286]  ? __pfx_lock_release+0x10/0x10
[  230.187983][ T9286]  ? vfs_write+0x7bf/0xc90
[  230.192390][ T9286]  ? kmem_cache_free+0x1a2/0x420
[  230.197326][ T9286]  ? __mutex_unlock_slowpath+0x21d/0x750
[  230.202954][ T9286]  ? __fget_files+0x3f3/0x470
[  230.207633][ T9286]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  230.213613][ T9286]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  230.219940][ T9286]  ? do_syscall_64+0x100/0x230
[  230.224699][ T9286]  __x64_sys_sendmmsg+0xa0/0xb0
[  230.229547][ T9286]  do_syscall_64+0xf3/0x230
[  230.234066][ T9286]  ? clear_bhb_loop+0x35/0x90
[  230.238738][ T9286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.244628][ T9286] RIP: 0033:0x7f7fa197dff9
[  230.249041][ T9286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.268649][ T9286] RSP: 002b:00007f7fa273f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  230.277063][ T9286] RAX: ffffffffffffffda RBX: 00007f7fa1b35f80 RCX: 00007f7fa197dff9
[  230.285026][ T9286] RDX: 000000000000003f RSI: 00000000200000c0 RDI: 0000000000000003
[  230.292988][ T9286] RBP: 00007f7fa273f090 R08: 0000000000000000 R09: 0000000000000000
[  230.300948][ T9286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  230.308909][ T9286] R13: 0000000000000000 R14: 00007f7fa1b35f80 R15: 00007f7fa1c5fa28
[  230.316894][ T9286]  </TASK>
[  230.346517][ T5233] Bluetooth: hci3: command tx timeout
[  230.568851][ T9221] chnl_net:caif_netlink_parms(): no params data found
[  230.704752][   T11] hsr_slave_0: left promiscuous mode
[  230.725545][   T11] hsr_slave_1: left promiscuous mode
[  230.749256][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  230.769028][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  230.787667][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  230.800954][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  230.867511][   T11] veth1_macvtap: left promiscuous mode
[  230.876933][   T11] veth0_macvtap: left promiscuous mode
[  230.882547][   T11] veth1_vlan: left promiscuous mode
[  230.910806][   T11] veth0_vlan: left promiscuous mode
[  231.779764][   T11] team0 (unregistering): Port device team_slave_1 removed
[  231.787399][ T5277] usb 4-1: USB disconnect, device number 26
[  231.852329][   T11] team0 (unregistering): Port device team_slave_0 removed
[  231.936638][ T5316] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  232.096644][ T5316] usb 5-1: Using ep0 maxpacket: 16
[  232.105343][ T5316] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  232.124332][ T5316] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  232.135038][ T5316] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  232.150919][ T5316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  232.161383][ T5316] usb 5-1: SerialNumber: syz
[  232.204309][ T5316] usb 5-1: 0:2 : does not exist
[  232.342131][ T9324] netlink: 'syz.3.939': attribute type 4 has an invalid length.
[  232.407609][ T5233] Bluetooth: hci3: command tx timeout
[  232.625889][ T9334] sctp: [Deprecated]: syz.3.940 (pid 9334) Use of struct sctp_assoc_value in delayed_ack socket option.
[  232.625889][ T9334] Use struct sctp_sack_info instead
[  232.667043][ T9221] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.674173][ T9221] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.735226][ T9221] bridge_slave_0: entered allmulticast mode
[  232.767349][ T9221] bridge_slave_0: entered promiscuous mode
[  232.775813][ T9342] loop4: detected capacity change from 0 to 2
[  232.792415][ T9221] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.814055][ T9221] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.827304][ T9221] bridge_slave_1: entered allmulticast mode
[  232.834458][ T9221] bridge_slave_1: entered promiscuous mode
[  232.913624][ T9221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.953387][ T9221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  233.080650][ T9221] team0: Port device team_slave_0 added
[  233.095992][ T9221] team0: Port device team_slave_1 added
[  233.187012][ T9221] batman_adv: batadv0: Adding interface: batadv_slave_0
[  233.226462][ T9221] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.253432][ T9221] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  233.267486][ T9221] batman_adv: batadv0: Adding interface: batadv_slave_1
[  233.274481][ T9221] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.301140][ T9221] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.442779][ T5316] usb 5-1: USB disconnect, device number 28
[  233.479311][ T9221] hsr_slave_0: entered promiscuous mode
[  233.489910][ T9221] hsr_slave_1: entered promiscuous mode
[  233.515024][ T9221] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  233.524320][ T5278] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  233.549792][ T9221] Cannot create hsr debugfs directory
[  233.550223][ T7700] udevd[7700]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  233.581496][ T9361] vhci_hcd: invalid port number 255
[  233.593007][ T9361] vhci_hcd: invalid port number 255
[  233.612693][ T9361] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.945'.
[  233.624607][ T9361] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  233.647920][ T9361] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  233.698018][ T5278] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  233.716993][ T5278] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  233.743084][ T5278] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  233.753144][ T5278] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  233.780201][ T5278] usb 4-1: SerialNumber: syz
[  233.896656][ T5316] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  234.117935][ T5316] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  234.131669][ T5316] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  234.142265][ T5316] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  234.161786][ T5316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  234.259685][ T5316] usb 5-1: SerialNumber: syz
[  234.407233][ T9389] netlink: 20 bytes leftover after parsing attributes in process `syz.1.950'.
[  234.488138][ T5233] Bluetooth: hci3: command tx timeout
[  234.630806][ T5316] usb 5-1: 0:2 : does not exist
[  234.636999][ T5316] usb 5-1: unit 5 not found!
[  234.697551][ T9399] sctp: [Deprecated]: syz.0.954 (pid 9399) Use of struct sctp_assoc_value in delayed_ack socket option.
[  234.697551][ T9399] Use struct sctp_sack_info instead
[  234.708500][ T5316] usb 5-1: USB disconnect, device number 29
[  234.738902][ T9221] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  234.771359][ T9221] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  234.793854][ T9221] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  234.802561][ T7698] udevd[7698]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  234.831337][ T9399] loop4: detected capacity change from 0 to 2
[  234.837678][ T9401] netlink: 4 bytes leftover after parsing attributes in process `syz.4.955'.
[  234.882492][ T9401] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.962191][ T9407] netlink: 20 bytes leftover after parsing attributes in process `syz.1.956'.
[  234.998704][ T9401] bridge_slave_0 (unregistering): left allmulticast mode
[  235.020284][ T9401] bridge_slave_0 (unregistering): left promiscuous mode
[  235.041183][ T9401] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.071472][ T9409] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  235.106531][ T9409] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  235.125368][ T9221] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  235.254592][ T9413] netlink: 36 bytes leftover after parsing attributes in process `syz.1.958'.
[  235.292010][ T9413] netlink: 16 bytes leftover after parsing attributes in process `syz.1.958'.
[  235.324944][ T9413] netlink: 36 bytes leftover after parsing attributes in process `syz.1.958'.
[  235.363157][ T9221] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.382622][ T9413] netlink: 36 bytes leftover after parsing attributes in process `syz.1.958'.
[  235.444220][ T9221] 8021q: adding VLAN 0 to HW filter on device team0
[  235.475411][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.482538][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.555248][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.562366][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[  235.633247][ T9416] netlink: 'syz.4.959': attribute type 29 has an invalid length.
[  235.779802][ T9221] 8021q: adding VLAN 0 to HW filter on device batadv0
[  235.948703][ T9221] veth0_vlan: entered promiscuous mode
[  235.970032][ T9221] veth1_vlan: entered promiscuous mode
[  236.100887][ T9221] veth0_macvtap: entered promiscuous mode
[  236.140015][ T9221] veth1_macvtap: entered promiscuous mode
[  236.222067][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.282946][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.310524][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.324404][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.359212][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.364335][ T5278] usb 4-1: 0:2 : does not exist
[  236.378421][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.394498][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.411992][ T5278] usb 4-1: unit 5 not found!
[  236.449719][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.482177][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.544701][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.567902][ T5233] Bluetooth: hci3: command tx timeout
[  236.608865][ T9221] batman_adv: batadv0: Interface activated: batadv_slave_0
[  236.632417][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.651214][ T9445] sctp: [Deprecated]: syz.4.966 (pid 9445) Use of struct sctp_assoc_value in delayed_ack socket option.
[  236.651214][ T9445] Use struct sctp_sack_info instead
[  236.683193][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.708348][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.725054][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.735062][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.745928][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.755914][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.766493][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.777044][ T9221] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  236.788631][ T9221] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.799884][ T9221] batman_adv: batadv0: Interface activated: batadv_slave_1
[  236.805014][ T9447] loop4: detected capacity change from 0 to 2
[  236.822114][ T5278] usb 4-1: USB disconnect, device number 27
[  236.886362][ T9453] netlink: 4 bytes leftover after parsing attributes in process `syz.3.967'.
[  236.923610][ T9440] could not allocate digest TFM handle sha256-arm64-neon
[  236.933207][ T9221] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  236.943562][ T9221] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  236.957840][ T9221] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  237.027845][ T9221] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  237.241913][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  237.293296][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.383501][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  237.419260][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.475199][ T9478] netlink: 16 bytes leftover after parsing attributes in process `syz.4.971'.
[  237.877569][ T4646] usb 2-1: new full-speed USB device number 30 using dummy_hcd
[  237.938922][ T9498] netlink: 312 bytes leftover after parsing attributes in process `syz.3.976'.
[  238.086631][ T4646] usb 2-1: not running at top speed; connect to a high speed hub
[  238.099621][ T4646] usb 2-1: config 1 interface 0 altsetting 5 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  238.142597][ T4646] usb 2-1: config 1 interface 0 has no altsetting 0
[  238.171672][ T4646] usb 2-1: New USB device found, idVendor=17ef, idProduct=60a3, bcdDevice= 0.40
[  238.197015][ T4646] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.233597][ T4646] usb 2-1: Product: syz
[  238.266022][ T4646] usb 2-1: Manufacturer: syz
[  238.290306][ T4646] usb 2-1: SerialNumber: syz
[  238.310348][ T9484] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  238.357005][ T9512] netlink: 'syz.3.979': attribute type 16 has an invalid length.
[  238.360805][ T5278] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  238.620893][ T5278] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  238.632655][ T5278] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  238.641942][ T5278] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  238.658397][ T5278] usb 3-1: config 0 descriptor??
[  238.752207][ T4646] usbhid 2-1:1.0: can't add hid device: -71
[  238.765219][ T4646] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  238.787414][ T4646] usb 2-1: USB disconnect, device number 30
[  238.911979][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.967922][ T9539] netlink: 'syz.0.987': attribute type 9 has an invalid length.
[  238.978032][ T9539] netlink: 209836 bytes leftover after parsing attributes in process `syz.0.987'.
[  239.179305][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.249869][ T5231] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  239.261463][ T5231] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  239.269479][ T5231] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  239.284604][ T5231] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  239.303508][ T5231] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  239.306143][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.322223][ T5231] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  239.438583][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.497467][   T29] kauditd_printk_skb: 19 callbacks suppressed
[  239.497484][   T29] audit: type=1326 audit(1728012828.729:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9553 comm="syz.1.990" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fee2d97dff9 code=0x0
[  239.691409][   T35] bridge_slave_1: left allmulticast mode
[  239.700374][   T35] bridge_slave_1: left promiscuous mode
[  239.715107][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  239.739306][   T35] bridge_slave_0: left allmulticast mode
[  239.745775][   T35] bridge_slave_0: left promiscuous mode
[  239.752487][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.372429][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  240.384935][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  240.402396][   T35] bond0 (unregistering): Released all slaves
[  240.418356][ T9566] __nla_validate_parse: 1 callbacks suppressed
[  240.418374][ T9566] netlink: 16 bytes leftover after parsing attributes in process `syz.4.991'.
[  240.611480][ T9551] chnl_net:caif_netlink_parms(): no params data found
[  240.811336][    T9] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  240.924394][   T35] hsr_slave_0: left promiscuous mode
[  240.939172][   T35] hsr_slave_1: left promiscuous mode
[  240.949085][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  240.964226][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  240.984226][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  240.996695][    T9] usb 5-1: Using ep0 maxpacket: 16
[  241.008222][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  241.024524][    T9] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  241.059016][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  241.071308][   T35] veth1_macvtap: left promiscuous mode
[  241.085408][   T35] veth0_macvtap: left promiscuous mode
[  241.095324][    T9] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  241.102162][   T35] veth1_vlan: left promiscuous mode
[  241.110995][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.119631][   T35] veth0_vlan: left promiscuous mode
[  241.136282][    T9] usb 5-1: Product: syz
[  241.151752][    T9] usb 5-1: Manufacturer: syz
[  241.169209][    T9] usb 5-1: SerialNumber: syz
[  241.189227][    T9] usb 5-1: config 0 descriptor??
[  241.217172][    T9] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  241.242534][    T9] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  241.367941][ T5231] Bluetooth: hci1: command tx timeout
[  241.486140][ T5283] usb 3-1: USB disconnect, device number 45
[  241.814115][    T9] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  241.846765][    T9] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  242.065961][   T35] team0 (unregistering): Port device team_slave_1 removed
[  242.165124][   T35] team0 (unregistering): Port device team_slave_0 removed
[  243.151884][ T9551] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.166061][ T9551] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.177927][ T9551] bridge_slave_0: entered allmulticast mode
[  243.185158][ T9551] bridge_slave_0: entered promiscuous mode
[  243.247762][ T9551] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.255346][ T9551] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.262787][ T5277] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  243.281355][ T9551] bridge_slave_1: entered allmulticast mode
[  243.295996][ T9551] bridge_slave_1: entered promiscuous mode
[  243.380859][ T9551] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  243.433211][ T5277] usb 2-1: Using ep0 maxpacket: 16
[  243.473858][ T5277] usb 2-1: unable to read config index 0 descriptor/start: -61
[  243.482312][ T5231] Bluetooth: hci1: command tx timeout
[  243.496190][ T9551] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.525862][ T5277] usb 2-1: can't read configurations, error -61
[  243.640685][ T9551] team0: Port device team_slave_0 added
[  243.660717][ T9551] team0: Port device team_slave_1 added
[  243.666988][ T5277] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  243.798504][ T9551] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.857401][ T9551] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.883325][    C1] vkms_vblank_simulate: vblank timer overrun
[  243.890079][ T5277] usb 2-1: Using ep0 maxpacket: 16
[  243.958419][ T5277] usb 2-1: unable to read config index 0 descriptor/start: -61
[  243.967578][ T5277] usb 2-1: can't read configurations, error -61
[  243.982346][ T5277] usb usb2-port1: attempt power cycle
[  243.990928][ T9551] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  244.153860][    T9] em28xx 5-1:0.0: Unknown AC97 audio processor detected!
[  244.161372][    T9] em28xx 5-1:0.0: couldn't setup AC97 register 2
[  244.168157][    T9] em28xx 5-1:0.0: couldn't setup AC97 register 4
[  244.173236][ T9551] batman_adv: batadv0: Adding interface: batadv_slave_1
[  244.176109][    T9] em28xx 5-1:0.0: couldn't setup AC97 register 6
[  244.195850][    T9] em28xx 5-1:0.0: couldn't setup AC97 register 54
[  244.206891][    T9] em28xx 5-1:0.0: couldn't setup AC97 register 56
[  244.231731][    T9] usb 5-1: USB disconnect, device number 30
[  244.249398][ T9551] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.336542][ T5277] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  244.341738][ T9551] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.344488][ T9636] netlink: 20 bytes leftover after parsing attributes in process `syz.4.998'.
[  244.411632][ T5277] usb 2-1: Using ep0 maxpacket: 16
[  244.432861][ T5277] usb 2-1: unable to read config index 0 descriptor/start: -61
[  244.458486][ T5277] usb 2-1: can't read configurations, error -61
[  244.523347][ T9644] loop4: detected capacity change from 0 to 2
[  244.588392][ T9551] hsr_slave_0: entered promiscuous mode
[  244.617638][ T9551] hsr_slave_1: entered promiscuous mode
[  244.629461][ T9551] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  244.637182][ T9551] Cannot create hsr debugfs directory
[  244.646697][ T5277] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  244.696039][ T5277] usb 2-1: Using ep0 maxpacket: 16
[  244.722408][ T5277] usb 2-1: unable to read config index 0 descriptor/start: -61
[  244.746559][ T5277] usb 2-1: can't read configurations, error -61
[  244.762077][ T5277] usb usb2-port1: unable to enumerate USB device
[  244.817259][ T9652] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1004'.
[  244.837881][ T9652] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1004'.
[  245.023557][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  245.193919][ T9670] FAULT_INJECTION: forcing a failure.
[  245.193919][ T9670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  245.224327][ T9670] CPU: 1 UID: 0 PID: 9670 Comm: syz.0.1007 Not tainted 6.12.0-rc1-syzkaller-00113-g8c245fe7dde3 #0
[  245.235067][ T9670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  245.245162][ T9670] Call Trace:
[  245.248449][ T9670]  <TASK>
[  245.251376][ T9670]  dump_stack_lvl+0x241/0x360
[  245.256053][ T9670]  ? __pfx_dump_stack_lvl+0x10/0x10
[  245.261245][ T9670]  ? __pfx__printk+0x10/0x10
[  245.265841][ T9670]  ? __pfx_lock_release+0x10/0x10
[  245.270876][ T9670]  should_fail_ex+0x3b0/0x4e0
[  245.275568][ T9670]  _copy_from_user+0x2f/0xe0
[  245.280161][ T9670]  ucma_write+0x17d/0x420
[  245.284490][ T9670]  ? end_current_label_crit_section+0x151/0x180
[  245.290735][ T9670]  ? __pfx_ucma_write+0x10/0x10
[  245.295581][ T9670]  ? iov_iter_iovec_advance+0x1fc/0x2c0
[  245.301129][ T9670]  vfs_writev+0x5a9/0xba0
[  245.305465][ T9670]  ? __pfx_ucma_write+0x10/0x10
[  245.310312][ T9670]  ? __pfx_vfs_writev+0x10/0x10
[  245.315177][ T9670]  ? fdget_pos+0x19a/0x320
[  245.319589][ T9670]  do_writev+0x1b1/0x350
[  245.323831][ T9670]  ? __pfx_do_writev+0x10/0x10
[  245.328595][ T9670]  ? do_syscall_64+0x100/0x230
[  245.333354][ T9670]  ? do_syscall_64+0xb6/0x230
[  245.338025][ T9670]  do_syscall_64+0xf3/0x230
[  245.342522][ T9670]  ? clear_bhb_loop+0x35/0x90
[  245.347197][ T9670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.353096][ T9670] RIP: 0033:0x7f7fa197dff9
[  245.357508][ T9670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.377123][ T9670] RSP: 002b:00007f7fa273f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  245.385537][ T9670] RAX: ffffffffffffffda RBX: 00007f7fa1b35f80 RCX: 00007f7fa197dff9
[  245.393504][ T9670] RDX: 0000000000000003 RSI: 0000000020000000 RDI: 0000000000000005
[  245.401472][ T9670] RBP: 00007f7fa273f090 R08: 0000000000000000 R09: 0000000000000000
[  245.409437][ T9670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  245.417401][ T9670] R13: 0000000000000000 R14: 00007f7fa1b35f80 R15: 00007f7fa1c5fa28
[  245.425379][ T9670]  </TASK>
[  245.428479][    C1] vkms_vblank_simulate: vblank timer overrun
[  245.448028][ T9673] netlink: 'syz.4.1008': attribute type 9 has an invalid length.
[  245.455913][ T9673] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.1008'.
[  245.527910][ T5231] Bluetooth: hci1: command tx timeout
[  245.683570][ T9681] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.700903][ T9684] FAULT_INJECTION: forcing a failure.
[  245.700903][ T9684] name failslab, interval 1, probability 0, space 0, times 0
[  245.713780][ T5278] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  245.723618][ T9681] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.736727][ T9684] CPU: 0 UID: 0 PID: 9684 Comm: syz.4.1011 Not tainted 6.12.0-rc1-syzkaller-00113-g8c245fe7dde3 #0
[  245.747433][ T9684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  245.758768][ T9684] Call Trace:
[  245.758780][ T9684]  <TASK>
[  245.758788][ T9684]  dump_stack_lvl+0x241/0x360
[  245.758810][ T9684]  ? __pfx_dump_stack_lvl+0x10/0x10
[  245.758825][ T9684]  ? __pfx__printk+0x10/0x10
[  245.758848][ T9684]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  245.758868][ T9684]  ? __pfx___might_resched+0x10/0x10
[  245.758887][ T9684]  ? unwind_get_return_address+0x4d/0x90
[  245.758905][ T9684]  should_fail_ex+0x3b0/0x4e0
[  245.758929][ T9684]  should_failslab+0xac/0x100
[  245.758946][ T9684]  ? __alloc_skb+0x1c3/0x440
[  245.758961][ T9684]  kmem_cache_alloc_node_noprof+0x71/0x320
[  245.758979][ T9684]  ? validate_chain+0x11e/0x5920
[  245.758998][ T9684]  __alloc_skb+0x1c3/0x440
[  245.759016][ T9684]  ? __pfx___alloc_skb+0x10/0x10
[  245.759032][ T9684]  ? __kasan_slab_free+0x59/0x70
[  245.759052][ T9684]  alloc_skb_with_frags+0xc3/0x820
[  245.759077][ T9684]  sock_alloc_send_pskb+0x91a/0xa60
[  245.759105][ T9684]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  245.759126][ T9684]  ? do_raw_spin_unlock+0x13c/0x8b0
[  245.759150][ T9684]  unix_dgram_sendmsg+0x6d3/0x1f80
[  245.759181][ T9684]  ? aa_sk_perm+0x96d/0xab0
[  245.759198][ T9684]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  245.759224][ T9684]  ? aa_sock_msg_perm+0x91/0x160
[  245.759240][ T9684]  ? unix_seqpacket_sendmsg+0x110/0x1e0
[  245.759257][ T9684]  ? __pfx_unix_seqpacket_sendmsg+0x10/0x10
[  245.759271][ T9684]  __sock_sendmsg+0x221/0x270
[  245.759292][ T9684]  ____sys_sendmsg+0x52a/0x7e0
[  245.759314][ T9684]  ? __pfx_____sys_sendmsg+0x10/0x10
[  245.759339][ T9684]  ? rcu_is_watching+0x15/0xb0
[  245.759357][ T9684]  ? __might_fault+0xaa/0x120
[  245.759374][ T9684]  __sys_sendmmsg+0x3ab/0x730
[  245.759396][ T9684]  ? __pfx___sys_sendmmsg+0x10/0x10
[  245.759419][ T9684]  ? __pfx_lock_release+0x10/0x10
[  245.759438][ T9684]  ? kstrtouint_from_user+0x128/0x190
[  245.759469][ T9684]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  245.759487][ T9684]  ? ksys_write+0x229/0x2b0
[  245.759501][ T9684]  ? __pfx_lock_release+0x10/0x10
[  245.759526][ T9684]  ? vfs_write+0x7bf/0xc90
[  245.759540][ T9684]  ? kmem_cache_free+0x1a2/0x420
[  245.759561][ T9684]  ? __mutex_unlock_slowpath+0x21d/0x750
[  245.759582][ T9684]  ? __fget_files+0x3f3/0x470
[  245.759607][ T9684]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  245.759630][ T9684]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  245.759651][ T9684]  ? do_syscall_64+0x100/0x230
[  245.759668][ T9684]  __x64_sys_sendmmsg+0xa0/0xb0
[  245.759685][ T9684]  do_syscall_64+0xf3/0x230
[  245.759699][ T9684]  ? clear_bhb_loop+0x35/0x90
[  245.759716][ T9684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.759736][ T9684] RIP: 0033:0x7fd26137dff9
[  245.759751][ T9684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.759765][ T9684] RSP: 002b:00007fd262174038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  245.759784][ T9684] RAX: ffffffffffffffda RBX: 00007fd261535f80 RCX: 00007fd26137dff9
[  245.759795][ T9684] RDX: 000000000000003f RSI: 00000000200000c0 RDI: 0000000000000003
[  245.759806][ T9684] RBP: 00007fd262174090 R08: 0000000000000000 R09: 0000000000000000
[  245.759816][ T9684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  245.759826][ T9684] R13: 0000000000000000 R14: 00007fd261535f80 R15: 00007fd26165fa28
[  245.759846][ T9684]  </TASK>
[  245.894654][ T5278] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  245.894685][ T5278] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  245.894706][ T5278] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  245.894727][ T5278] usb 3-1: config 1 has no interface number 0
[  245.894751][ T5278] usb 3-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30
[  245.894784][ T5278] usb 3-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32
[  245.897236][ T5278] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  245.897273][ T5278] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.897293][ T5278] usb 3-1: Product: syz
[  245.897308][ T5278] usb 3-1: Manufacturer: syz
[  245.897323][ T5278] usb 3-1: SerialNumber: syz
[  245.922150][ T5278] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  245.922173][ T5278] cdc_ncm 3-1:1.1: bind() failure
[  245.974528][ T9551] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  245.977689][ T9551] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  246.340630][ T9551] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  246.383549][ T9551] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  246.465494][ T9703] fuse: Unknown parameter '0x00000000000000000x000000000000000b'
[  246.512067][ T9703] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  246.552641][ T9703] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  246.569410][ T9551] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.615640][ T9551] 8021q: adding VLAN 0 to HW filter on device team0
[  246.627913][ T9710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  246.655710][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.662910][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.671824][ T9710] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  246.680516][ T4646] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  246.702394][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.709586][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.854479][ T4646] usb 2-1: Using ep0 maxpacket: 32
[  246.854885][ T9551] 8021q: adding VLAN 0 to HW filter on device batadv0
[  246.878594][ T4646] usb 2-1: New USB device found, idVendor=0d49, idProduct=7000, bcdDevice=26.2f
[  246.903554][ T4646] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.935382][ T4646] usb 2-1: Product: syz
[  246.946122][ T4646] usb 2-1: Manufacturer: syz
[  246.959875][ T4646] usb 2-1: SerialNumber: syz
[  246.962912][ T9551] veth0_vlan: entered promiscuous mode
[  246.982604][ T4646] usb 2-1: config 0 descriptor??
[  247.002343][ T4646] ums-onetouch 2-1:0.0: USB Mass Storage device detected
[  247.024708][ T9551] veth1_vlan: entered promiscuous mode
[  247.121587][ T4646] usb 2-1: Found UVC 0.00 device syz (0d49:7000)
[  247.150769][ T9551] veth0_macvtap: entered promiscuous mode
[  247.156831][ T4646] usb 2-1: No valid video chain found.
[  247.204607][ T4646] usb 2-1: USB disconnect, device number 35
[  247.217765][ T9551] veth1_macvtap: entered promiscuous mode
[  247.323996][ T9725] xt_CT: You must specify a L4 protocol and not use inversions on it
[  247.365970][ T9551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.392710][ T9551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.416022][ T9551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.436237][ T9551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.446213][ T9551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.493979][ T9551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.507214][ T9551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.552658][ T9551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.562703][ T9551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  247.589967][ T9551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.602032][ T9551] batman_adv: batadv0: Interface activated: batadv_slave_0
[  247.616786][ T5231] Bluetooth: hci1: command tx timeout
[  247.653690][ T9551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.682733][ T9551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.694177][ T9551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.739794][ T9551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.753375][ T9551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.786220][ T9551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.828125][ T9551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.897205][ T9551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.954402][ T9551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.994653][ T9551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.018411][ T9551] batman_adv: batadv0: Interface activated: batadv_slave_1
[  248.029120][ T9551] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.038030][ T9551] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.047123][ T9551] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.055826][ T9551] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.455072][ T2558] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  248.482381][ T2558] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  248.513785][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  248.540923][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  248.546664][    T9] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  248.642000][ T9767] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1022'.
[  248.718242][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  248.729978][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  248.748643][    T9] usb 5-1: New USB device found, idVendor=056a, idProduct=00bc, bcdDevice= 0.00
[  248.764856][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.782886][    T9] usb 5-1: config 0 descriptor??
[  248.818485][ T5279] usb 3-1: USB disconnect, device number 46
[  248.826733][ T5278] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  248.995464][ T5278] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  249.004894][ T5278] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.034022][ T5278] usb 2-1: Product: syz
[  249.064741][ T5278] usb 2-1: Manufacturer: syz
[  249.085492][ T5278] usb 2-1: SerialNumber: syz
[  249.141366][ T5278] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  249.194875][ T9752] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.213782][ T5283] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  249.259690][ T9752] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.268276][ T5279] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  249.297390][ T9752] netlink: 3756 bytes leftover after parsing attributes in process `syz.4.1019'.
[  249.314129][ T9752] netlink: 'syz.4.1019': attribute type 2 has an invalid length.
[  249.340714][ T9752] netlink: 113 bytes leftover after parsing attributes in process `syz.4.1019'.
[  249.381334][    T9] wacom 0003:056A:00BC.000A: unbalanced collection at end of report description
[  249.425643][ T9763] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.438861][ T5279] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 243
[  249.455464][    T9] wacom 0003:056A:00BC.000A: parse failed
[  249.456865][ T9765] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.475999][    T9] wacom 0003:056A:00BC.000A: probe with driver wacom failed with error -22
[  249.497083][ T5279] usb 3-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  249.519693][ T9763] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.524134][ T5279] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.546179][ T5279] usb 3-1: config 0 descriptor??
[  249.575051][ T9765] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.585018][ T9775] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  249.611168][ T5279] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  249.635783][ T5279] usb 5-1: USB disconnect, device number 31
[  249.820321][ T9788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.837032][ T9788] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.852882][ T9788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.867090][ T9788] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.882750][ T9788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.903344][ T9788] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.919742][ T9788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.941568][ T9788] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.953489][ T9788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  249.966001][ T9788] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  249.978030][ T9788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  250.000134][ T9788] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  250.134202][ T4646] usb 2-1: USB disconnect, device number 36
[  250.327081][ T5283] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  250.346931][ T5283] ath9k_htc: Failed to initialize the device
[  250.379917][ T4646] usb 2-1: ath9k_htc: USB layer deinitialized
[  250.555727][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.707557][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.788976][ T9815] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1038'.
[  250.811214][ T4646] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  250.938341][ T5233] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  250.950629][ T5233] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  250.961502][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.972268][ T5233] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  250.981749][ T5233] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  250.992622][ T5233] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  251.002758][ T4646] usb 2-1: Using ep0 maxpacket: 16
[  251.003939][ T5233] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  251.046251][ T4646] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  251.088790][ T4646] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  251.148282][ T4646] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.188861][ T4646] usb 2-1: config 0 descriptor??
[  251.218856][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.404721][ T9832] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1044'.
[  251.435877][ T9832] vlan2: entered promiscuous mode
[  251.441088][ T9832] syz_tun: entered promiscuous mode
[  251.449780][ T9832] syz_tun: left promiscuous mode
[  251.563711][ T9824] chnl_net:caif_netlink_parms(): no params data found
[  251.592905][   T11] bridge_slave_1: left allmulticast mode
[  251.603153][   T11] bridge_slave_1: left promiscuous mode
[  251.617610][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.640551][   T11] bridge_slave_0: left allmulticast mode
[  251.646327][   T11] bridge_slave_0: left promiscuous mode
[  251.656722][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.723069][ T9841] FAULT_INJECTION: forcing a failure.
[  251.723069][ T9841] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.738416][ T9841] CPU: 0 UID: 0 PID: 9841 Comm: syz.4.1047 Not tainted 6.12.0-rc1-syzkaller-00113-g8c245fe7dde3 #0
[  251.749129][ T9841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  251.759202][ T9841] Call Trace:
[  251.762496][ T9841]  <TASK>
[  251.765434][ T9841]  dump_stack_lvl+0x241/0x360
[  251.770127][ T9841]  ? __pfx_dump_stack_lvl+0x10/0x10
[  251.775324][ T9841]  ? __pfx__printk+0x10/0x10
[  251.779941][ T9841]  ? __pfx_lock_release+0x10/0x10
[  251.784994][ T9841]  should_fail_ex+0x3b0/0x4e0
[  251.789697][ T9841]  _copy_from_user+0x2f/0xe0
[  251.794308][ T9841]  copy_msghdr_from_user+0xae/0x680
[  251.799529][ T9841]  ? __pfx___might_resched+0x10/0x10
[  251.804835][ T9841]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  251.810672][ T9841]  ? rcu_is_watching+0x15/0xb0
[  251.815448][ T9841]  ? __might_fault+0xaa/0x120
[  251.820128][ T9841]  __sys_sendmmsg+0x36d/0x730
[  251.824832][ T9841]  ? __pfx___sys_sendmmsg+0x10/0x10
[  251.830050][ T9841]  ? __pfx_lock_release+0x10/0x10
[  251.835098][ T9841]  ? kstrtouint_from_user+0x128/0x190
[  251.840498][ T9841]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  251.846411][ T9841]  ? ksys_write+0x229/0x2b0
[  251.850922][ T9841]  ? __pfx_lock_release+0x10/0x10
[  251.855974][ T9841]  ? vfs_write+0x7bf/0xc90
[  251.860397][ T9841]  ? kmem_cache_free+0x1a2/0x420
[  251.865355][ T9841]  ? __mutex_unlock_slowpath+0x21d/0x750
[  251.871007][ T9841]  ? __fget_files+0x3f3/0x470
[  251.875702][ T9841]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  251.881708][ T9841]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  251.888060][ T9841]  ? do_syscall_64+0x100/0x230
[  251.892837][ T9841]  __x64_sys_sendmmsg+0xa0/0xb0
[  251.897705][ T9841]  do_syscall_64+0xf3/0x230
[  251.902217][ T9841]  ? clear_bhb_loop+0x35/0x90
[  251.906911][ T9841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.912824][ T9841] RIP: 0033:0x7fd26137dff9
[  251.917251][ T9841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.936872][ T9841] RSP: 002b:00007fd262174038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  251.945308][ T9841] RAX: ffffffffffffffda RBX: 00007fd261535f80 RCX: 00007fd26137dff9
[  251.953283][ T9841] RDX: 000000000000003f RSI: 00000000200000c0 RDI: 0000000000000003
[  251.961261][ T9841] RBP: 00007fd262174090 R08: 0000000000000000 R09: 0000000000000000
[  251.969238][ T9841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  251.977216][ T9841] R13: 0000000000000000 R14: 00007fd261535f80 R15: 00007fd26165fa28
[  251.985210][ T9841]  </TASK>
[  251.992434][ T9835] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  252.010562][ T9835] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  252.020285][ T4646] hid (null): invalid report_count -1744830464
[  252.026996][ T4646] hid (null): bogus close delimiter
[  252.033786][ T4646] hid (null): bogus close delimiter
[  252.049578][ T4646] hid (null): unknown global tag 0xd
[  252.054993][ T4646] hid (null): unknown global tag 0xd
[  252.065878][ T4646] hid (null): unknown global tag 0xd
[  252.074264][ T4646] hid (null): unknown global tag 0xe
[  252.089284][ T4646] hid (null): unknown global tag 0xe
[  252.094713][ T4646] hid (null): unknown global tag 0xe
[  252.113221][ T4646] hid-generic 0003:0158:0100.000B: unknown main item tag 0x0
[  252.134409][ T4646] hid-generic 0003:0158:0100.000B: unknown main item tag 0x0
[  252.144463][ T4646] hid-generic 0003:0158:0100.000B: unknown main item tag 0x0
[  252.160037][ T4646] hid-generic 0003:0158:0100.000B: unknown main item tag 0x0
[  252.171692][ T4646] hid-generic 0003:0158:0100.000B: unknown main item tag 0x0
[  252.174053][ T9843] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1048'.
[  252.183328][ T4646] hid-generic 0003:0158:0100.000B: unknown main item tag 0x0
[  252.195908][ T4646] hid-generic 0003:0158:0100.000B: unknown main item tag 0x0
[  252.207982][ T4646] hid-generic 0003:0158:0100.000B: invalid report_count -1744830464
[  252.223148][ T4646] hid-generic 0003:0158:0100.000B: item 0 4 1 9 parsing failed
[  252.231746][ T4646] hid-generic 0003:0158:0100.000B: probe with driver hid-generic failed with error -22
[  252.258465][ T9802] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1033'.
[  252.445327][ T5316] usb 3-1: USB disconnect, device number 47
[  252.606687][ T5283] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  252.617880][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  252.629051][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  252.641075][   T11] bond0 (unregistering): Released all slaves
[  252.678915][    T9] usb 2-1: USB disconnect, device number 37
[  252.777566][ T5283] usb 5-1: Using ep0 maxpacket: 32
[  252.784319][ T5283] usb 5-1: config 0 has an invalid interface number: 19 but max is 0
[  252.794294][ T5283] usb 5-1: config 0 has no interface number 0
[  252.800697][ T5283] usb 5-1: config 0 interface 19 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  252.812154][ T5283] usb 5-1: config 0 interface 19 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 16
[  252.822456][ T5283] usb 5-1: config 0 interface 19 altsetting 0 has an endpoint descriptor with address 0x91, changing to 0x81
[  252.842276][ T9824] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.846472][ T5283] usb 5-1: config 0 interface 19 altsetting 0 endpoint 0x81 has invalid maxpacket 34106, setting to 1024
[  252.858529][ T9824] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.868852][ T5316] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  252.877692][ T5283] usb 5-1: config 0 interface 19 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[  252.888816][ T9824] bridge_slave_0: entered allmulticast mode
[  252.906485][ T5283] usb 5-1: config 0 interface 19 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  252.916262][ T9824] bridge_slave_0: entered promiscuous mode
[  252.936723][ T5283] usb 5-1: New USB device found, idVendor=04a4, idProduct=0014, bcdDevice=c9.57
[  252.953167][ T5283] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.967995][ T5283] usb 5-1: Product: syz
[  252.972192][ T5283] usb 5-1: Manufacturer: syz
[  252.990623][ T5283] usb 5-1: SerialNumber: syz
[  253.008002][ T5283] usb 5-1: config 0 descriptor??
[  253.013779][ T9847] raw-gadget.4 gadget.4: fail, usb_ep_enable returned -22
[  253.026636][ T5316] usb 3-1: device descriptor read/64, error -71
[  253.033226][ T9847] raw-gadget.4 gadget.4: fail, usb_ep_enable returned -22
[  253.044037][ T5283] ipaq 5-1:0.19: PocketPC PDA converter detected
[  253.052215][ T5283] usb 5-1: active config #0 != 1 ??
[  253.056823][ T5231] Bluetooth: hci1: command tx timeout
[  253.097592][ T9824] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.122549][ T9824] bridge0: port 2(bridge_slave_1) entered disabled state
[  253.151746][ T9824] bridge_slave_1: entered allmulticast mode
[  253.164262][ T9824] bridge_slave_1: entered promiscuous mode
[  253.199868][ T9870] vlan2: entered promiscuous mode
[  253.276696][ T5316] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  253.288825][   T30] INFO: task syz.0.162:6130 blocked for more than 143 seconds.
[  253.316308][   T30]       Not tainted 6.12.0-rc1-syzkaller-00113-g8c245fe7dde3 #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  253.337317][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  253.366466][   T30] task:syz.0.162       state:D stack:23832 pid:6130  tgid:6127  ppid:5718   flags:0x00004004
[  253.390198][   T30] Call Trace:
[  253.393519][   T30]  <TASK>
[  253.401391][   T30]  __schedule+0x1895/0x4b30
[  253.405964][   T30]  ? __pfx___schedule+0x10/0x10
[  253.422280][   T30]  ? __pfx_lock_release+0x10/0x10
[  253.436486][ T5316] usb 3-1: device descriptor read/64, error -71
[  253.451589][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  253.478151][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  253.519154][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  253.525168][   T30]  ? schedule+0x90/0x320
[  253.545836][   T30]  schedule+0x14b/0x320
[  253.550334][   T30]  rpm_resume+0x504/0x1670
[  253.554781][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  253.561872][   T30]  ? __pfx_rpm_resume+0x10/0x10
[  253.567272][   T30]  ? __pfx_autoremove_wake_function+0x10/0x10
[  253.573360][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  253.579592][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  253.584793][   T30]  rpm_resume+0x8fe/0x1670
[  253.589518][ T5316] usb usb3-port1: attempt power cycle
[  253.594991][   T30]  ? __pfx_rpm_resume+0x10/0x10
[  253.600457][   T30]  ? _raw_spin_lock_irqsave+0xe1/0x120
[  253.605938][   T30]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  253.612339][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  253.617450][   T30]  __pm_runtime_resume+0x120/0x180
[  253.622577][   T30]  usb_autopm_get_interface+0x22/0xf0
[  253.628033][   T30]  wdm_write+0x25b/0xd60
[  253.632292][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  253.637554][   T30]  ? __pfx_wdm_write+0x10/0x10
[  253.642332][   T30]  ? __pfx_wdm_write+0x10/0x10
[  253.649126][   T30]  ? __pfx_wdm_write+0x10/0x10
[  253.653912][   T30]  ? vfs_write+0x1f0/0xc90
[  253.658409][   T30]  ? vfs_write+0x282/0xc90
[  253.662838][   T30]  ? __pfx_wdm_write+0x10/0x10
[  253.668565][   T30]  vfs_write+0x29c/0xc90
[  253.672831][   T30]  ? __pfx_vfs_write+0x10/0x10
[  253.677645][   T30]  ? __fget_files+0x29/0x470
[  253.682244][   T30]  ? __fget_files+0x3f3/0x470
[  253.687113][   T30]  ? __fget_files+0x29/0x470
[  253.691732][   T30]  ? fdget_pos+0x19a/0x320
[  253.696155][   T30]  ksys_write+0x183/0x2b0
[  253.700563][   T30]  ? __pfx_ksys_write+0x10/0x10
[  253.705434][   T30]  ? do_syscall_64+0x100/0x230
[  253.710318][   T30]  ? do_syscall_64+0xb6/0x230
[  253.715017][   T30]  do_syscall_64+0xf3/0x230
[  253.719610][   T30]  ? clear_bhb_loop+0x35/0x90
[  253.724295][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.730241][   T30] RIP: 0033:0x7fe00117dff9
[  253.734659][   T30] RSP: 002b:00007fe001f33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  253.743110][   T30] RAX: ffffffffffffffda RBX: 00007fe001335f80 RCX: 00007fe00117dff9
[  253.751124][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000b
[  253.760767][   T30] RBP: 00007fe0011f0296 R08: 0000000000000000 R09: 0000000000000000
[  253.769992][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  253.778557][   T30] R13: 0000000000000000 R14: 00007fe001335f80 R15: 00007fe00145fa28
[  253.786916][   T30]  </TASK>
[  253.797235][   T30] 
[  253.797235][   T30] Showing all locks held in the system:
[  253.804973][   T30] 3 locks held by kworker/0:0/8:
[  253.835218][   T30]  #0: ffff88801e2ef948 ((wq_completion)pm){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  253.856482][   T30]  #1: ffffc900000d7d00 ((work_completion)(&dev->power.work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  253.886886][   T30]  #2: ffff888144b95510 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_port_suspend+0x1c6/0x14d0
[  253.906672][   T30] 6 locks held by kworker/u8:0/11:
[  253.911811][   T30]  #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  253.946547][ T5316] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  253.954266][   T30]  #1: ffffc90000107d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  253.980858][   T30]  #2: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  253.996586][   T30]  #3: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2c0
[  254.006790][   T30]  #4: ffff888069860768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: cfg80211_netdev_notifier_call+0x1a8/0x14b0
[  254.018024][   T30]  #5: ffffffff8e93d378 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  254.029072][   T30] 1 lock held by khungtaskd/30:
[  254.033964][   T30]  #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  254.043916][   T30] 3 locks held by kworker/u8:6/2558:
[  254.049259][   T30]  #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  254.061042][   T30]  #1: ffffc90009747d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  254.072172][   T30]  #2: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  254.082076][   T30] 1 lock held by dhcpcd/4899:
[  254.087457][   T30]  #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1aa0
[  254.097395][   T30] 2 locks held by getty/4985:
[  254.102093][   T30]  #0: ffff88802ec190a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  254.112037][   T30]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  254.122414][   T30] 3 locks held by kworker/1:5/5279:
[  254.127796][   T30]  #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  254.138935][   T30]  #1: ffffc90003fcfd00 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  254.149404][   T30]  #2: ffffffff8e93d378 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  254.160460][   T30] 5 locks held by kworker/0:7/5316:
[  254.165679][   T30]  #0: ffff8881412f3548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  254.177242][   T30]  #1: ffffc9000358fd00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  254.189520][   T30]  #2: ffff888144bc8190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[  254.199126][   T30]  #3: ffff888144bcb510 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b9/0x5150
[  254.209496][   T30]  #4: ffff8881447d7368 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f7/0x5150
[  254.219383][   T30] 1 lock held by syz.0.162/6130:
[  254.224343][   T30]  #0: ffff88807a884128 (&desc->wlock){+.+.}-{3:3}, at: wdm_write+0x1bb/0xd60
[  254.233279][   T30] 3 locks held by syz-executor/8210:
[  254.238653][   T30]  #0: ffff88806b9fcd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510
[  254.248829][   T30]  #1: ffff88806b9fc078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0
[  254.258822][   T30]  #2: ffffffff8fe3dfe8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240
[  254.268961][   T30] 1 lock held by syz.4.1049/9847:
[  254.274008][   T30]  #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  254.283782][   T30] 1 lock held by syz.4.1049/9877:
[  254.288872][   T30]  #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  254.298447][   T30] 3 locks held by syz.2.1050/9850:
[  254.303574][   T30]  #0: ffff88807ea90d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510
[  254.313884][   T30]  #1: ffff88807ea90078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0
[  254.324513][   T30]  #2: ffffffff8fe3dfe8 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240
[  254.334683][   T30] 
[  254.338944][   T30] =============================================
[  254.338944][   T30] 
[  254.358607][   T30] NMI backtrace for cpu 0
[  254.362968][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc1-syzkaller-00113-g8c245fe7dde3 #0
[  254.373478][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  254.383544][   T30] Call Trace:
[  254.386832][   T30]  <TASK>
[  254.389771][   T30]  dump_stack_lvl+0x241/0x360
[  254.394466][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.399676][   T30]  ? __pfx__printk+0x10/0x10
[  254.404298][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  254.409257][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  254.414726][   T30]  ? _printk+0xd5/0x120
[  254.418902][   T30]  ? __pfx__printk+0x10/0x10
[  254.423510][   T30]  ? __wake_up_klogd+0xcc/0x110
[  254.428379][   T30]  ? __pfx__printk+0x10/0x10
[  254.432989][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  254.438036][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  254.444030][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  254.450027][   T30]  watchdog+0xff4/0x1040
[  254.454282][   T30]  ? watchdog+0x1ea/0x1040
[  254.458722][   T30]  ? __pfx_watchdog+0x10/0x10
[  254.463413][   T30]  kthread+0x2f0/0x390
[  254.467494][   T30]  ? __pfx_watchdog+0x10/0x10
[  254.472187][   T30]  ? __pfx_kthread+0x10/0x10
[  254.476783][   T30]  ret_from_fork+0x4b/0x80
[  254.481197][   T30]  ? __pfx_kthread+0x10/0x10
[  254.485778][   T30]  ret_from_fork_asm+0x1a/0x30
[  254.490549][   T30]  </TASK>
[  254.494396][   T30] Sending NMI from CPU 0 to CPUs 1:
[  254.500090][    C1] NMI backtrace for cpu 1
[  254.500103][    C1] CPU: 1 UID: 0 PID: 64 Comm: kworker/u8:4 Not tainted 6.12.0-rc1-syzkaller-00113-g8c245fe7dde3 #0
[  254.500122][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  254.500132][    C1] Workqueue: bat_events batadv_nc_worker
[  254.500155][    C1] RIP: 0010:kasan_check_range+0x7f/0x290
[  254.500176][    C1] Code: 03 49 be 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd 48 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 <48> 01 dd 41 80 3b 00 0f 85 c9 01 00 00 49 ff c3 48 ff c5 75 ee e9
[  254.500189][    C1] RSP: 0018:ffffc900015d78c0 EFLAGS: 00000002
[  254.500203][    C1] RAX: 0000000000000001 RBX: 1ffffffff2858b1b RCX: ffffffff817059ec
[  254.500215][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff942c58d8
[  254.500225][    C1] RBP: e00000000d7a74e4 R08: ffffffff942c58df R09: 1ffffffff2858b1b
[  254.500237][    C1] R10: dffffc0000000000 R11: fffffbfff2858b1b R12: 0000000000000000
[  254.500249][    C1] R13: ffff88801bf18ad8 R14: dffffc0000000001 R15: fffffbfff2858b1c
[  254.500262][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  254.500275][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  254.500288][    C1] CR2: 0000001b2d10aff8 CR3: 000000000e734000 CR4: 00000000003526f0
[  254.500302][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  254.500312][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  254.500323][    C1] Call Trace:
[  254.500329][    C1]  <NMI>
[  254.500335][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  254.500353][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  254.500375][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  254.500399][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  254.500419][    C1]  ? nmi_handle+0x14f/0x5a0
[  254.500440][    C1]  ? nmi_handle+0x2a/0x5a0
[  254.500456][    C1]  ? kasan_check_range+0x7f/0x290
[  254.500474][    C1]  ? default_do_nmi+0x63/0x160
[  254.500492][    C1]  ? exc_nmi+0x123/0x1f0
[  254.500508][    C1]  ? end_repeat_nmi+0xf/0x53
[  254.500526][    C1]  ? __lock_acquire+0xf3c/0x2050
[  254.500548][    C1]  ? kasan_check_range+0x7f/0x290
[  254.500565][    C1]  ? kasan_check_range+0x7f/0x290
[  254.500583][    C1]  ? kasan_check_range+0x7f/0x290
[  254.500601][    C1]  </NMI>
[  254.500606][    C1]  <TASK>
[  254.500613][    C1]  __lock_acquire+0xf3c/0x2050
[  254.500639][    C1]  lock_acquire+0x1ed/0x550
[  254.500659][    C1]  ? batadv_nc_worker+0xcb/0x610
[  254.500680][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  254.500702][    C1]  ? batadv_nc_worker+0xcb/0x610
[  254.500720][    C1]  ? __pfx_lock_release+0x10/0x10
[  254.500741][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  254.500764][    C1]  batadv_nc_worker+0xec/0x610
[  254.500782][    C1]  ? batadv_nc_worker+0xcb/0x610
[  254.500799][    C1]  ? batadv_nc_worker+0xcb/0x610
[  254.500818][    C1]  ? process_scheduled_works+0x976/0x1850
[  254.500838][    C1]  process_scheduled_works+0xa63/0x1850
[  254.500866][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  254.500889][    C1]  ? assign_work+0x364/0x3d0
[  254.500909][    C1]  worker_thread+0x870/0xd30
[  254.500934][    C1]  ? __kthread_parkme+0x169/0x1d0
[  254.500955][    C1]  ? __pfx_worker_thread+0x10/0x10
[  254.500975][    C1]  kthread+0x2f0/0x390
[  254.500990][    C1]  ? __pfx_worker_thread+0x10/0x10
[  254.501008][    C1]  ? __pfx_kthread+0x10/0x10
[  254.501024][    C1]  ret_from_fork+0x4b/0x80
[  254.501044][    C1]  ? __pfx_kthread+0x10/0x10
[  254.501058][    C1]  ret_from_fork_asm+0x1a/0x30
[  254.501083][    C1]  </TASK>
[  254.504919][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  254.848907][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc1-syzkaller-00113-g8c245fe7dde3 #0
[  254.859395][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  254.869441][   T30] Call Trace:
[  254.872709][   T30]  <TASK>
[  254.875627][   T30]  dump_stack_lvl+0x241/0x360
[  254.880306][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.885491][   T30]  ? __pfx__printk+0x10/0x10
[  254.890074][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  254.896058][   T30]  ? vscnprintf+0x5d/0x90
[  254.900391][   T30]  panic+0x349/0x880
[  254.904284][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  254.910435][   T30]  ? __pfx_panic+0x10/0x10
[  254.914845][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  254.920210][   T30]  ? __irq_work_queue_local+0x137/0x410
[  254.925769][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  254.931152][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  254.937310][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  254.943482][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  254.949647][   T30]  watchdog+0x1033/0x1040
[  254.953981][   T30]  ? watchdog+0x1ea/0x1040
[  254.958401][   T30]  ? __pfx_watchdog+0x10/0x10
[  254.963079][   T30]  kthread+0x2f0/0x390
[  254.967143][   T30]  ? __pfx_watchdog+0x10/0x10
[  254.971817][   T30]  ? __pfx_kthread+0x10/0x10
[  254.976401][   T30]  ret_from_fork+0x4b/0x80
[  254.980817][   T30]  ? __pfx_kthread+0x10/0x10
[  254.985398][   T30]  ret_from_fork_asm+0x1a/0x30
[  254.990256][   T30]  </TASK>
[  254.993513][   T30] Kernel Offset: disabled
[  254.997826][   T30] Rebooting in 86400 seconds..