last executing test programs:

22.671773137s ago: executing program 1 (id=1476):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
syz_emit_ethernet(0x86, &(0x7f0000000000)=ANY=[], 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

22.417270777s ago: executing program 1 (id=1479):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x2c0710})
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 4)

21.479548428s ago: executing program 1 (id=1481):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
syz_emit_ethernet(0xfc0, &(0x7f00000001c0)={@local, @dev, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0xfb2, 0x0, 0x0, 0x0, 0x84, 0x0, @empty, @broadcast}, "dd9dec79219eb549dbd024c796335bc5ff0e043319357749084ca9d0ae1378f4e88112a2f7c10fd1523b9007773fd2b2bd0ebabccd2e5c35fb3baff587585840f2530c6f4d025f118440ac22a8b34da7b5e1e873bd429686be3ef84439e05fc0fefedb8b897b09445a9e10cf24aec2ff3ca6a86d94df0c4a928ed904dcfb02e6c6c5918a839d33cb9b55dfb3cd89d80eb18dc06415d313b4ea240a65eff4b941ac018e8f81de044239960271333255291b5fbfdcf8db25e175640f36986b859aeb3370ca17e6a20aeeb5c5d27eb097fc1fab796a7ff8fcbe119bbe4be2c8a5c58890191c59bea20bfe4edf9c5453e59f610d3bd1d6eb49b02e464aee0480187c5717936add1347b08cdf5b056adb941708e8a0498900419e98b75658c6dd00f88eebf8c9aaee2e38c80eafcf6ca08ea305da9c7050948ef78a1457a2e933287fe8d2e100cb00078ed829985f8812d543cc5cdb71521f4113829551efe915e4d6773f2d285cc1e8813919356ca5ef202b0d2b8a3d7de51e4635e761ffd7efe5d51dd1325596f0e4e1c0b1ce73240cb931227892d66f3629c9d152372d5790c1c25e2f6f850a4eb83654f423b84adbbf4169d472b2cddaa7137ff14c2944ade3a57613806810707a2e6c078beb4b87cf8cf39c9950bcb3f9bb42308bd5e68d81f7f4d9e528541703059787f5e342be8ebb9841d587f7455b409115d511c130d9641fc74391228bda52d2fa58e2ca74b26583e73e2cfb881945d8ecbc77eb35e783057f6c35ba06b7f639ec516ee54bf3645f6ec436ba859e22ed480a862285aa21f3d5cd3734dde388a7f8920c4a6b4a952f830e0d2811f2f2714e660e961de0b3e0b8d5fd1007690a61e414e82245dbe4e47c73465ed40af1cee2eae4801ee408ad1fce81ff8db77082c5efd93fa9a1a3e3d78eff84f326df1c6fa656cc7d4dab842f47ad0a7e74dfe1a53776a346a22dc7a0e476754d385d99aa9cbd3f445ffb2ed61e01b28fc071d706ad204b1e8014481dba0cbc460b67e64d6e955184271cedef7f951021e3595ebe9c3384b53efafb67cbed2aa1ede5d7fcff3abd27d05766fb8894d7948609441759f4c4dfa33b6d486d4fb7e231f04d4f0f9e98f4b156129d9307fb9ebf3b278232062e7fe9ec2db7c4c991f83733368a107bf5798a1df45c919d71cce45ed907240c2f2fa6a4227e8e11cef2e7968c63e7a1adc3edec2170c17ed2cc54d0ea2b34e99b81015ffe51a501c2b73ddac5223e69d0dd451d358c0cd2ff7db256850ec1e9e349901f168d854284da68d80c68298a75c5d859008c82fe08b4cf2e68a2c0190760a03aff1be2c9425b6d5ef5c67bafb6d16fffeeb0211d90abbade4db9d6a9e9c981dde14c1d54e9138f9760bcdccbf17e7416042cfe7bbd8bba2f739f7f900ee45b965316b950e8474f3be92081fb63f43a4858b39e20e14d5a38c0973d680f2fda9e310d0e088523bdcbb728bcd0074447b4ace876da5642cd7d781cdb023a31446e0a0c59d5388674a5c8a97927e014a73d0330bd5c5187db79f1c546a8bcca008263509c23b246dea58fb36c44d373c1c92ffdd1600c27d4b10b3fc86b88ecefe8743bb59a6b8e443f06d2ae3a6908b6bc65b647deee13262225b8879dd79413ffa3d4aef91a0a04d4dc3030b5beb081c5fdf9152c3a17e6b24457fd580d84d3006af27ff44d6ec3664c4955a1d1dc5eb041682644ae5643901f00aa602b2a18cdd3f8a1efff7b8f3afc31c283c9b74b806a98bd9f1ad8ecce410160c0a27f7ef90a2b0c1bea64e187adc04a04bff7c435659bc4c3ce5c2730e121972541062102e93d2a136e1aaaf3e25d547cad6e2b0874500fc098469494d2654808ee88588fd167f4332061a9b4cae6b22d87624e325e89a269f61ce0d26465ddfedc1f0fa2a5cf1ee7fe3e6cb375f1ff04cf8d22667debe574b8395023bde9a8302376af2e119c4c88433d1722011ade605f3a4201860742b0392ac96cc138d9ddb952f4e4742a7fd9d625465dac35347c1662b2085c357120c6ff69dedc013c5fe46555a4448b0be41e21ad73162bf9aa1cfb70f4702c7051c0a13fae918133f123d33c5c02e66ae8fceb3109b2e13a7a3e71484d59dfcba16db2d21549be1ba6cd5ad7610eefda427982384961f18bd6857ad97e868c2914d0ba934a296eda52646031c4504864061f3cba1df65cd04ef6b1050fb30b5abbbe28f8f7adb8073e452f4c0c5492a5f8d427ddf451ae303a86639e5dbccfe2b2bedb911d534a77c012e2f8a24917d98ab14557caf3e66040f21767685644f0003459762d4ab25a0e33a92b54748cf46a977505074b79b9b0746b2b5b168876a2ca10bb903edc1d1992a4a94c0ee0dd7b37add092163b5fbaf16090f8143187d060b19e3822f3def14717e41558f9582467a5a5f89148450fde235e7a5bb900e4e9d14e2147bfd2a52f84a115eb170bf3d3b9b3de9781960be4e53025c7dce005e1458140bb9cf9da8fa1124ac558fb220d57c23a7f120f5171eb2208d9e6ab7186ae457973da564f1fd45b241c15596035f55034c3995a587b4471068076839420df947f10ab2fc211732d768c135d63cc5eeda1bdfc780e7ed90855fa5a364e63f529703cd0f691b0b6a41232bfd1c1f61ef6b16ed3b9055ca888c8ebcd16a0623ede9e4e37b7d6175e3d0ddba8e7d87639eb8b0ba246131951a581575f1adf4c598a9f2f087d5eb2a0a5834d8cb12b0ad76d9381a838ccfbfcc20bbb970474c48677f10aa57be1d607d5b049d397178035f7f3393cd9000336c83218850ecd64142a22f7ae7e6a7e62013d6d105eb7c862e13979698681d44121ee9e2e552315d4d3913ff7bcd90d6bed72d50107a971a37d5a1d75efeebf03cc91239b7e427fba8df6b79674c15acd2093289fe6155063af81d85840abf4635f66083b3707d34b2149dfdf95cb4deb71e1574118c242b160c770347e6b1f135a985e89fe8e6d7f40281cfb6dc05cd8b9d4f6680c0863acb34516092acdf2bea67f54ab4282ba2d898287f34d9384e335b2ddbb87aaea8cadb8f0b397e99a68a7a214fae5a1f56c95bcd901534c23cd5cff3c168813d7fa1191dd7437c96b07324a7b21b48e205b859dcd080bd62ab7cca4bd7a73959218d0eeb21c887483201eaf3afb19efe1741b57332c5441685a7bb8324dde85faafc785312b58aabef2eef6a8048663bf13db9ae9edd4b1dcebc99890693f11b354b1f1aad19b66251b4bcaed0daed73b87dedd140fd680e7d3355362844d1d7ba2ae6be7ffae59d7b3c679b890448b0de1acf591abfe6f3096794b7e142e0ac0862ab8cb76eb79b17d1138be3747f907c3f11c636a0f0e0d315d1ff05aab0ce62fbac03a2b4ddeac7ee192bba2da93b7a926271f6d594aa14de2c294ad0c77770a624d1ce24cc8d8f5e9b629604fa7897f0cbd641f76a85dc8df33b5715eb100e30e53b85110d2252c22575a7365eb08006b4d62d305e780101965094ce2aaad170df470870e687fb280b772d41ad5d470b71e256af3a0d2c02df95821d38f28cdff26fa7a3f6e920edbd3174d2d2bde854ef68dae8a0a4a63753c825930903a2ca75d4321bad0ad9ff6852f94dd04972a45bb9625b3726dfbcc959e85242f0d327b181aee0fdab7af064dd97151b131a5c4a51a66692cbbd9f1348a16470cedef1b255e172cd2b15184177ad43744de941869af884ff8e59ef0e63ac5e1b99c851e0f915359ce12d9c380bb6f9c2bc773267157afeda7abcc120a31a1b72af6662bff7f5f194dad00b4ebfdcbb4dfc39854412db1ae99b449d741f841239159ea467cf1e38b95bcb7603ebcb400cb31410b2a4e25126caade0019bf667cc998bc4582578da0f8a6268f6d114ccf9dd8379995e8be1b934bb5645d72f97e05628129a7d2bc548e08796341f43dc3c9fcbe89d8284dc6633bee0d17e99f600425f0172b6bc478f5117dadf15e36e850ecc0ca75664ef8e4877a44b4ffa22a6f1d6719f8d81f9937928caa0690b77406a3298aaf446e2f78343267399bb7f64c60f82bf5d07210281eaad09a3810790720c98a041332c809be7aea1480b9e5eb989085c23b4aee75143068def3e89d1c417b63321e68d340a1472d2504088c17cd75de0e700508c55a7246ca9a762cc50ca35cbcaa7dcf4ae3264c32ff2cd67566ed501fb8182b5f16c58295783f3b2b554b06aae700f198c71ad7519868c1e6fbeb0246569b04beeb8b71bcbb9af93372bee365efb1d7424689e8241b1dc346a73a84b5773487f388356b8dbec1a108846e3f8dc74865b156e8ad18b353efc4ad0b11412a381fec8f5d45678b4f8b6805913e7aff71acf9052ae3b73e41e19668f9b53bfd75b778970831b6891a78ffe0d4863e62cbbf6cf8c085032864479cd3a250842984dcc2860f057f86c8e2d4d2afefb8a45b7d5b8c94e752f369a1b434c827cd26cd0276a8b40019a95ebe7c16de4c1ce8efbd5c70e0c507631818aa4fbc937d212e428aefa895069656babdbd921af974da32c49f4ca6d1e1e28319b427c8bad4d650809c673ec6073770b4097e5700a8071110fd07acbc5a59f8d7b0735a98fd40ce03718a9a93c035948859215c59f54343b08bfd95a35d73c5f09a9ebe63c509fe8443fa74e6efd0fd87defc7cb16725ce3c3d5f7664cfe253faf2cbeb307052dd2269b6266acdb31e2006b9355f673ca5c9cb907605ce071824254b139607a069531f9598f4040ddeb9cd018e9dfa1808032dfb65a4af0820da810a7b58fbb65ac8e65b017a40ec2d445a5c7b78d1f0e717b19427ef1fe6cc08c5e9da5a7d1d508fd939854589dcba8d75ff3d8d1c1fb28af1ed6900bcd4cedbe42fd6243c81264fe81be756bfd71ebcd4d96bd7ec50a676bc57e130bd8da21bb6e888eb6c8402516f6fe6dfe25be9a3e33f2cdbed9de00efb867cbe80ec2309458f41924b967d254166e5a0a5f776395214a67900d180704b9fb09f9c4c4c62fd382fcd5efe099e22d2c82f198a39d193f65b68e09454e2ab8f2d7413c64563742f1c34ca9285e501bff5efa30a0da946f875d23162eaa53c4008bed38e9a190b08ff8bfb6bfb91553c4c329fc73b8be308b00347dee2afdc08bab311c75386f452b706d1820c9038998924665010a548c09743a16167b0b09373b5cd2fb1da4f6c9ea5b1f1dd7775f6fcb23eab4fd1990364dacb2a1656b9bcf1c4866b7222872a3a3a03d397499222a3f31a35d3aeaf6a6d39f0fbee1e0f6e1e10ba0774f15f245d955cc8132d86c2d768f8a06274caa5a12c46e9e08ee556c1da49830f1e6c0a0c53a9ef1489c3fba0251c3e6839e891ac298108f3ed05066e48b8bda2c5f6e691c7a7425b7019e0a547f6560a0af41831a4a790c3a8eac9a3a9119da3eef85cb12f3f3115f04ae95534ac847b4ee2cc2fc43cdba382ecae7c4f499ce1be1ca1907313ff665c2fd7d4c8f36716f33b6861f5cf3f1c878feadfa9a664b8d629a16c750c466326a951efaa830e4f328270041f2ca0be49f0affe5806b94b027033f008957e83d167d6fe4168ec4fb79385cc06e257bba807ecfccaba56cf751dac996b7a347d36ec52b0f5d16425402416c735530bd7c545f8c753fb3b1054b82bc368ef4ac3000000"}}}}, 0x0)
syz_emit_ethernet(0x56, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb88a800008100000086dd600000000018000000000000000000000000000000000000fc0000000000000100000000000005020000c204"], 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r1, 0x0, 0x83, &(0x7f0000000080)={'filter\x00', 0x0, 0x0, 0x90, [], 0x0, 0x0, 0x20001100}, &(0x7f0000000100)=0x108)
syz_usb_connect(0x6, 0xb9b, &(0x7f0000001180)={{0x12, 0x1, 0x0, 0x5d, 0xda, 0xf, 0xff, 0x15c2, 0x45, 0x1188, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xb89, 0x3, 0x3, 0x3, 0x10, 0x8, [{{0x9, 0x4, 0xb4, 0x80, 0x4, 0xb7, 0x7f, 0x8e, 0x5, [@uac_as, @generic={0xff, 0x31, "53d7ad2365be49036f50f18933606fe9e1b8a563e70499462e49bf10250385a08ec36485fe29aed11599ae2c08627502baef4bc2138c112dbe21ef4323dc121b8252f330d3e4e69d828e6cfa02d46f43facd6fe7277484f741d058b208d366ec12e0f91af7a0ac3d9647c6433eb8edb64daa2223d24acd7362ceae72fa02db593d0deff251da46a71d1d113fed5402a8016a59f45b33fad6e6322dd7f7fd96a56eddb09d8d5f1e66e34fb3b140829a09064da0c0ec7632e8b14dfbc39dc9ee1f4816b6e170137236227f87f5920beda4b667aba0c4fb43a59ca0ee6a1bf92d05a5c996fe1596ddb6fe75c33eab49110238fc92e800e58b31e81ea2ffaf"}], [{{0x9, 0x5, 0x80, 0x0, 0x8, 0x8, 0x0, 0xdc}}, {{0x9, 0x5, 0x0, 0x10, 0x40, 0xba, 0x6, 0x2, [@generic={0x6f, 0x23, "c9e7056e9f622a8ace4aedf0dde290594d15d39cff119ec46638b6dc31d16c74e8b6220517e069e00f277395c6901ec15625838479e2bcf47117164f992808b8f1319c238d048cc6d8b3164f579bd9e532fd28a6574568491b47f6fe047bb7bbfbe47db03485ec5e4604ca2177"}, @generic={0xb5, 0xf, "bcd0a17b0c515e32ac3ab4b66a7d1c5d7dee289c0024cdd65536daf8f85ed6edca9696d7c2341b92b4ac2e77bf68be4ec578bae281170aa9ea3d4b33f123af957d17e0e612836451ca11cf4b32d9ebbc286780505d5f6ed45fcf262221174ca34bf121975d3b748b1c5c679e584336f9e0465cbb5692da3b8e61e3d43e19f76a6f1534269519bd9c1f5889e859e23d842172201b249267eee07b5b0e9d48d77c65bae64af8319467479e5cc5a0ed80c064cfe8"}]}}, {{0x9, 0x5, 0x4, 0x10, 0x40, 0x0, 0x6d, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x0, 0x2}]}}, {{0x9, 0x5, 0x2, 0x2, 0x200, 0x7, 0x1, 0x5a, [@generic={0xb, 0x3, "a34459366f2d3fef5c"}]}}]}}, {{0x9, 0x4, 0x5, 0x9, 0x6, 0x63, 0xba, 0x11, 0x6, [@hid_hid={0x9, 0x21, 0x3, 0xa, 0x1, {0x22, 0xa45}}, @cdc_ecm={{0x7, 0x24, 0x6, 0x0, 0x0, "f5df"}, {0x5, 0x24, 0x0, 0x7103}, {0xd, 0x24, 0xf, 0x1, 0x78c, 0x8, 0x4}, [@obex={0x5, 0x24, 0x15, 0xa1f}, @acm={0x4, 0x24, 0x2, 0xa}, @country_functional={0x12, 0x24, 0x7, 0xb, 0x8cb, [0x7, 0x5618, 0x7, 0x7, 0x8, 0xd05]}, @mdlm={0x15, 0x24, 0x12, 0xa2c2}]}], [{{0x9, 0x5, 0x5, 0x10, 0x10, 0x0, 0x4, 0x2b, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x7f, 0x6}]}}, {{0x9, 0x5, 0x1, 0xc, 0x40, 0xc1, 0x80, 0xe1, [@generic={0xab, 0x22, "75f090879e790734657c38dc22fbc9cc013c0998c91d9bb3f341fa69dcbae910fbe4cd94f561ee40aa2a56590728a2a3ccf5a06fb14f266e19b68b0f5cdc5e933188c02434f3e4c0123c049454295e469f073f765beb2a14be0e0b6324c7c68f1ec45842972893e351460316566eddf79ad03b9a8dcf80b1684c21b6a4412598c3aa36258cd66e77164ba00874120eb44f79be0b1861a16b82a2bb7f0c299c2d0d5feb056e895ca70d"}]}}, {{0x9, 0x5, 0x8, 0x1, 0x10, 0x7, 0x5, 0x6, [@generic={0xd7, 0x6, "026db6ccfdf9d8cc839dffa549d1da7081c1e9455af81c5f3f658ae0f0f2ae98962606f775571a76effa86809965ef5411b3fc5db8660f46df6c6640da024bea65c8b105634808fcc2884897a4df53c4c5611c66aa5446b9dd8fcb29e5027af00e42346bea3844b6e2a1e505b7405f78b38abd7f6f5dfa97eceb10393cfa4541c1ba40105dc74b7ebfaab8036841d35206b5eb9aa36b97afcb044979b1082bf5ae0cbe566b3b69600f51097b8057bdf20a643ca0e82b05d231ee80c623193235c5b7aec10a87be5d43425257925e4ee076bf0a42a6"}]}}, {{0x9, 0x5, 0x2, 0x0, 0x1ff, 0xb, 0x1, 0x0, [@generic={0xfc, 0x3, "fd1eb78038c28173a9b72205b5c9cb0569326b27509706c8e7985e3b51c6de55ce92a9d31b05d8dd6600f1c27c2c15dd8df232c0528485534ef0254deb5431d6a0aeaf9a4a8bfda015c4732e86a3dee9c08fd7dbf33be9a1f1efa2a5cac96271218fa61c3a3b1f6d9353ccc0f79f0775aa078b91aea5287a4e060ed702cb516849165ef60f0ec3f74aa827e4e732b3ecb26c44fbbc620199b92f98cd85ef762f9fd2b930cd997b025fc51d8a90ce2808948adc331b853becfdc41c1fe993442b855a7743917c64beee386672e97101505dbbb725146f948363853edefa89f134f8ce4775f9d7548b79c2fd2886be0dd4deaaafbec22ff7424ee7"}]}}, {{0x9, 0x5, 0x5, 0xe6e75f5fef1fa876, 0x0, 0x6, 0x40, 0xe}}, {{0x9, 0x5, 0x1, 0x2, 0x400, 0xfa, 0x3, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x80, 0x3}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x97, 0x3}]}}]}}, {{0x9, 0x4, 0x90, 0x80, 0x10, 0x13, 0x3e, 0x74, 0xc, [@hid_hid={0x9, 0x21, 0x80, 0x2, 0x1, {0x22, 0xa31}}, @cdc_ncm={{0x6, 0x24, 0x6, 0x0, 0x1, 'n'}, {0x5, 0x24, 0x0, 0xff}, {0xd, 0x24, 0xf, 0x1, 0x7, 0x7fff, 0x6, 0x4}, {0x6, 0x24, 0x1a, 0xf, 0x9}, [@country_functional={0xe, 0x24, 0x7, 0x4, 0x6, [0x3, 0x1, 0x9, 0x3fe3]}]}], [{{0x9, 0x5, 0x8, 0x1, 0x400, 0x1, 0x6, 0xc, [@generic={0x38, 0x2, "edaaffd26ae500fa3d240696abf7b42c5d37d8c888553568a1c9276c972a7aec1b10f6fe3782609741aee507b79666ca4956826465ae"}]}}, {{0x9, 0x5, 0x8, 0xc, 0x10, 0x6f, 0x0, 0x5, [@generic={0x2a, 0x5, "bc4c3bcda19a39350b4ca728b7fc295e95bdf7e948c185cb996e3f1e2aea80c01452097d290cb69e"}]}}, {{0x9, 0x5, 0x9, 0x3, 0x400, 0x8, 0xc8, 0x83}}, {{0x9, 0x5, 0x80, 0x1, 0x10, 0x9, 0x70, 0x80, [@generic={0x94, 0x4, "bf7057e6b4401a0d86dc2ebabe87e45f7e613ab858007374a75f354b6697fa0f2092c16a32c27f5d3dec94c576afc7c843071d43996c16e580dc71fd9a4a6d2d63155fbe9ca1dd202e723d9e31c7d69f08f570143ebd2c5fe15d13326884270513695c4799d5ae54218391faa328bd13a4f5f0fcd9b3ba58d3c2206632df7aeb5fd598c6f410543e84495d1b361b508781a4"}]}}, {{0x9, 0x5, 0xd, 0x4, 0x20, 0x2, 0xb, 0x2c, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x0, 0x6}, @generic={0xec, 0x5, "c567ec5430ba3e2ea8c669cb5db567e6ae672e9f2242e6e1617f62e68dc571586d4f59eb776e8264152215e4290e725b690a8bcb43afc96968dabb5a63e79a706e4fe7ef6cf971e82676614ca8fb09f299fcb66f2d2c08f99c955446d8bfe931b0f07f38f60ed28786919e99ce6640db912f116d31065c69ec94a723d50f47b798bf43148a4770d7a586f58d7ae9abefe08da032fd874f2a6ac070c41cfba5aa52d2890432b3a9747a87c1aa74e10c47e45c8c61ae705daad61a85a4b4b49e0f27a96a4958585b22e63378593cd7d7a7df0a05b504fe6cb98e725cb5f85b25bac8e3b0489687cd1fac53"}]}}, {{0x9, 0x5, 0x8, 0xf, 0x200, 0x8, 0x4, 0x0, [@generic={0xa, 0x21, "5da9c07b4abc5ba1"}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x69, 0x5}]}}, {{0x9, 0x5, 0x5, 0x3, 0x8, 0xe2, 0x5, 0xbc, [@generic={0x72, 0xc, "5b1e6d5a062dc634cb0979dbe54b07285dec8dd8152a543d74edfdd3112ccf5506c0aee67b5c1f973fc3ec9894815e4bfc82dbf6de7a03e73e674e7ae17a72b881a50444e1f8f2c7c1ce8afcf9dd8a0deb7a44405691be3e99e7087a1f2ffa2adca38d98fa0336883d1d371e882571cd"}]}}, {{0x9, 0x5, 0xe, 0x4, 0x20, 0xc5, 0x1, 0x9}}, {{0x9, 0x5, 0xb, 0x2, 0x40, 0x7, 0x0, 0x80, [@generic={0x29, 0x9, "795f56d9fdb34b739c617047e783e51486c42d65bf32511ac160986e85cf3cbbbca11898494470"}]}}, {{0x9, 0x5, 0x2, 0x3, 0x478, 0x15, 0xb, 0xd6, [@generic={0x88, 0x7, "e4b74f75738698a424645af745f95346b75369a9f06ef51b4eaff019a08e1ef49f435a9be0102bf467775d5c4c680103571b746b85bd8922d82f00915862ca1fb50f4f53880d297e81ae7150ebf7d480206a1e7743eae4c4296f1abe6eb390313ebbeb9ff4785b4c6550a65e9633c068854cb92ae2cdfe7cb8583a8b93940d0878bf6e0331cf"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x2, 0x7}]}}, {{0x9, 0x5, 0x8b, 0xc, 0x20, 0x80, 0x5, 0x4, [@generic={0x7e, 0x22, "49e72bdbb20a774a430fb3812e2097dd950162d95596082334f05158d1efe42e14d407f6f4f48e8d4296f6f1eb3ac392bde60d92ea1c4ab6d1352784fb371025d27b28c8163b2035421f22d5ed4efd15c030429246ee67abd13dab004d8b3504b387ae25d995013e78685d22c4757a994cf1552b510ae6dc608b270b"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x3, 0x2}]}}, {{0x9, 0x5, 0x4, 0xd, 0x200, 0x4, 0x1, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x6, 0x1}, @generic={0x60, 0xc, "6a9940c3959e493e39df96513ecabb5f5aa06252e288f4bba69cb532ca621e5900be381ad646b730d16279bfc21d96794b0681f8847430d5e80df461c7f446ee4dbc9f044b4c7e4e26c1bcc3a3668d7fe26b0b7af772aac0d97c1ca9f81e"}]}}, {{0x9, 0x5, 0x0, 0x8, 0x40, 0x2a, 0x8, 0x8}}, {{0x9, 0x5, 0x5, 0x10, 0x200, 0xaf, 0x8d, 0x58}}, {{0x9, 0x5, 0x80, 0x1, 0x20, 0x76, 0xf4, 0x10, [@generic={0x62, 0x21, "02c676c77dd100042eaa784108c97fd0d37830a83e5fc19ed00eb493da45ecc811111017f1d90b425d82f51557adf66def4cd3ae96333d5708d21088d2bf6e8f35fb10f93bacb2bd47c8e6ae832588bf0d64fda79226827c86a6fe4f19bd9e47"}, @generic={0xb3, 0x22, "aed784e28c37978f9ff1bb64f686c73adc057d7cd56e9c3b07557d1f80f467a9c7e52cdac900305267d4bf06338faf5f715fd7ba7147fa082b88302a81dc830948ef36ffeb4e1d8b08eebe96004b270e66d7f52ee319ed925c537dbbf26c2cf75140562077fbc7741018940d9424cf88dddc5ab7457991d076c433a549b0f0da200e7dee5a3ce3cc4d115d46799f2db767d72ed200c23daf9c0ac230806bb7c56b156bde2d673f49853de6ab0a9cf3d6f2"}]}}, {{0x9, 0x5, 0x8, 0x0, 0x3ff, 0x5, 0x0, 0x61, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x6, 0x8}]}}]}}]}}]}}, &(0x7f00000020c0)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x201, 0x4, 0xe, 0xf, 0xff, 0x58}, 0x5, &(0x7f0000000140)={0x5, 0xf, 0x5}, 0x9, [{0xc3, &(0x7f0000001d40)=@string={0xc3, 0x3, "f626fa159955511ed11219317e6d9e5e9f7a90a0b4555771596abfccff390c53d0efc4d125e55d4b3fa16248ae6e1ac294d5bbd9513755c268be87b1dd7726678d1e674561711cba6173e69ffdf625c24745c236d950d1388a5c07c04865323ceb3b914f404f4e42cea7f2254f7cdfcfa959481142a7905d4dbcf297821d5b0d11d452c99db379ef23a1fea9447e79c5c54d66488efac7104cae99cd2d1ebcf959383d98d6a07bfbca295aaba2ab951cbb12e05ade1b8556d6d4994616d9bf7ffb"}}, {0x2a, &(0x7f0000000180)=@string={0x2a, 0x3, "40509238a4534b23a5e68c5fa0867efc5fb48db69d05da6c8390d51d8906be519d362f84444bcd4c"}}, {0xb9, &(0x7f0000001e40)=@string={0xb9, 0x3, "0bba15cc50ff152bd055c954ad8fe630a5a3bb58c0f0881c06669cd1db732b220b0fd40103db19db00df0292261dacde8e48467bd9eee011bd1b18f7ab9aa88ade0df55bf89bed79e62b3ba5b25134c7773d47be1dfc45c3042eb3e6c2a29573e465e166846428581279c6f75514af19813c0ce08198fbbcdf7ab9ad2d4517c3c17ac22cd24b179728243acafc5bb14706a842f2b86cb493e8c5653649a06e27d0848f20a6e675e154cabb79403ad666fb56231f96982a"}}, {0x30, &(0x7f0000001f00)=@string={0x30, 0x3, "4dc9cffd703d20516cd6ea38d899fce879e808233da158bab20e3eacc819169bfd2e97fa5c6b29d3f816fe4e1031"}}, {0x4, &(0x7f0000001f40)=@lang_id={0x4, 0x3, 0x44b}}, {0x48, &(0x7f0000001f80)=@string={0x48, 0x3, "8b80334592dba48ea2eddf6ae239cca8f71ae1870414af5246e311765b4a6f037e06e8285fb61257cf4fe06355b1ddb20a8a785495cbba2eb682e3a199c35d88f668b23ebbf1"}}, {0x4, &(0x7f0000002000)=@lang_id={0x4, 0x3, 0x402}}, {0x22, &(0x7f0000002040)=@string={0x22, 0x3, "841982d662924ffe964cafd052b113a1762deb8de25c9d952229ec9cc0e03e68"}}, {0x4, &(0x7f0000002080)=@lang_id={0x4, 0x3, 0x414}}]})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x30, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000440)=ANY=[], 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000bcc000/0x4000)=nil, 0x4000}})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
sendmsg$inet(r4, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)
sendto$inet(r4, &(0x7f00000000c0)="ff", 0x1, 0xc880, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xffffff34}], 0x1}, 0x700)
ppoll(&(0x7f0000000000)=[{r3, 0x4047}], 0x1, 0x0, 0x0, 0x0)
sendmsg$key(r0, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002280)={&(0x7f0000002180)={0x2, 0x1, 0x40, 0x9, 0x19, 0x0, 0x70bd2c, 0x25dfdbfc, [@sadb_x_filter={0x5, 0x1a, @in=@multicast1, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x1a, 0x10, 0x14}, @sadb_key={0x12, 0x8, 0x440, 0x0, "5b1f3ec08c622014c810875579cc91d2301a66e432b6086f01d52fe57424add18160980fe418f79914a7928eab3f5033965b2a81f999e501244d60634fd5fec7df86b60b5d3496d252c583339a306a65263df092e1a145d8184dfe011e360d48688988cb950270ebafddc4773ab1478d5608619df878ea3f946d8caa3e82ddf9c1f9804369f306b3"}]}, 0xc8}}, 0x10)
syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100), &(0x7f0000000280))
syz_emit_ethernet(0x42, &(0x7f00000002c0)={@local, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "e90e5b", 0xc, 0x11, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @remote, {[], {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}}, 0x0)

18.344824734s ago: executing program 1 (id=1508):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @loopback}, 0xc)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000040)={'lo\x00'})
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
clock_adjtime(0x0, 0x0)
bpf$BPF_PROG_QUERY(0x9, 0x0, 0x0)
capset(0x0, &(0x7f0000000080))
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000080)=ANY=[@ANYBLOB="e00000027f0007000000000002"], 0x18)
sendto$inet6(0xffffffffffffffff, &(0x7f00000001c0)="b598e0841188bcc22b5c9bd69505e6346a0b742c9dc891ca89f4cd6c4d7da44ee6ae74ae2df8125f7f87f7b0c4bd70d264b5f357e6346aaa2c1f6bb3340c6cc723f81bf231cd53eb68a16eea1b824b1251b59f8eacf1f02d5ebbe2d44cb6b22975130c0a1aa4e8d2885f0bb04169f488fc5a758c478da9572de7ec70c4b1dae0bd4689d3a08071fe647b277f9844f651cd381eb53ce387575328024dcd98ef0ddb2df55fa4374e97901beb60129f5cef0417b52e76175b64002d577272e0cededabe452844b7ad123d4b3d8f4dc4ef643eef72d07b3f94dbad75", 0xda, 0x40014, &(0x7f0000000000)={0xa, 0x4e23, 0x6, @empty, 0xfffffff7}, 0x1c)
r3 = socket(0x0, 0x4, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r5=>0x0})
sendto$packet(r3, &(0x7f0000000100)="4dcdc7d96a760000002c00050000000000060000", 0x34, 0x0, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @link_local}, 0x14)
close(r0)

17.82029509s ago: executing program 1 (id=1509):
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00')
r1 = open_tree(r0, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount_setattr(0xffffffffffffff9c, &(0x7f00000017c0)='./file0\x00', 0x70000000, &(0x7f0000000280)={0x80}, 0x20)

17.612042996s ago: executing program 1 (id=1512):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, &(0x7f00000008c0)=""/164, 0xa4}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac14140000000000ac1e000100000000830b0000000000e000000200000000001c00000000000000000000000800"/424, @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000000000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="e00000017f000001000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f000001ac141400000000001c000900000000000000000007010000440c0001022101"], 0x230}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803001d000b0ad25a80648c2594f90124fc60100c0a4001000009053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1, 0x0, 0x0, 0x4000}, 0x3500000000000000)
r2 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000003c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x10000, {{0x33, 0x4, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x402, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@local, 0x5}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty, 0x4}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote, 0x4}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @lsrr={0x83, 0xb, 0x7, [@multicast1, @broadcast]}, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @end]}}}}})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000001, 0x28011, r5, 0x0)
dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x2, 0x330, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000580], 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000002000000000000feffffff0100000019000000000000000000726f7365300000000000000000000000726f736530000000cc002000000000007465616d5f736c6176655f310000000064756d6d7930000000000000000000000180c2000000000000000000ffffffffffff0000000000000000d00000000801000038010000706b74747970650000000000000000000000000000000000000000000000000008000000000000000000000000000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000006d61726b0000000000000000000000000000000000000000000000000000000010000000000000000000000000000000ddffffff00000000726564697265637400000000396c27db39b2eedb0000000000000000000000000800000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0100000003000000000000008b357665746831000000000000000000000074756e6c30000000000000000000000074756e6c300000000005000000000000006c616e300000000000000000000000aaaaaaaaaabb000000000000aaaaaaaaaa0000000000000000000001000000010000380100006367726f75700000000000000000000000000000000000000000000000000000080000000000000000000000000000006172700000000000000000000000000000000000000000000000000000000000380000000000000000000000000000000000000000000b00007f0000010000000072ce35f34121000000000000000000000000000000000000eaffffff00000000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaabb0000fdffffff000000"]}, 0x3a8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r6=>0x0})
r7 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r7, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
sendmsg$can_raw(r7, &(0x7f00000004c0)={&(0x7f00000005c0)={0x1d, r6}, 0x10, &(0x7f0000000500)={&(0x7f00000000c0)=@can={{}, 0xff, 0x0, 0x4, 0x0, '\b-\x00'}, 0x10}}, 0x0)

7.956970026s ago: executing program 3 (id=1562):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000060000,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0])
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002880)='.\x00', &(0x7f00000028c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000120000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mount$fuse(0x0, &(0x7f0000002880)='.\x00', &(0x7f00000028c0), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x1000}})
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000280)=ANY=[@ANYBLOB="75722629832bf6042ad514e956a1000000004c900200000000002300e1583afceb7a4d65f34269c5dc343054f84d3b01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000273a07bc1ab0b40b66"])
r2 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r2, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(r3, &(0x7f0000000040)=[{&(0x7f0000000200)="d243a1a4ca56", 0x6}], 0x1)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x23, &(0x7f0000000080)=0x6, 0x26)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f00000000c0)=0x41d9, 0x4)
recvmmsg(r2, &(0x7f0000005d00)=[{{&(0x7f0000000380)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000400)=""/196, 0xc4}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x2, &(0x7f0000000240)=""/64, 0x40}, 0x93}, {{&(0x7f0000001500)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f0000001640)=[{&(0x7f0000001580)=""/145, 0x91}], 0x1}, 0xffffff80}, {{&(0x7f0000001680)=@rc, 0x80, &(0x7f0000003b40)=[{&(0x7f0000001700)=""/44, 0x2c}, {&(0x7f0000001740)=""/198, 0xc6}, {&(0x7f0000001840)=""/240, 0xf0}, {0x0}, {&(0x7f0000001940)=""/162, 0xa2}, {&(0x7f0000001a00)=""/4096, 0x1000}, {&(0x7f0000002a00)=""/156, 0x9c}, {&(0x7f0000002ac0)=""/4096, 0x1000}, {&(0x7f0000003ac0)=""/92, 0x5c}], 0x9}, 0x1}, {{0x0, 0x0, &(0x7f0000005c80)=[{&(0x7f0000003c00)=""/4096, 0x1000}, {&(0x7f0000004c00)=""/24, 0x18}, {&(0x7f0000004c40)=""/4096, 0x1000}, {&(0x7f0000005c40)=""/30, 0x1e}], 0x4, &(0x7f0000005cc0)=""/16, 0x10}, 0x2}], 0x4, 0x10000000009c, 0x0)

6.977139423s ago: executing program 3 (id=1568):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000340), 0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$inet_sctp(0x2, 0x0, 0x84)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000b80)={0x0, @in6={{0xa, 0x4e21, 0x1, @rand_addr=' \x01\x00', 0x53}}}, 0x90)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
socket(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
fsetxattr(r2, &(0x7f0000000280)=ANY=[@ANYBLOB='os2.com.apurity\x00'], &(0x7f0000000500)='\'\x7f\x84r6\xbf\xdd\'\xc3\x00\x00\x00\xc9\xc8hIB\x14\x1fo\'8Ci\xceZ\xc3+Ae!\xdc\r\xa9\xc74c\xfb5\x7f\x91T\r\xcb\xb9\xb2\xb5e\x1aS\"\xb40M\xd6\xaa\xad\xa5\xf1\x9b\x1a\a\x90\'\xe5\xc0\xc9OK\x95\x15\x14\x06\x9a\xa1\xce\x8c$\xc2\xbf\xe0\xcdp', 0x53, 0x2)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1})
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
ioctl$TUNSETLINK(r7, 0x400454cd, 0x30a)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @link_local})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r0, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f00000004c0)=ANY=[@ANYBLOB="01ec000000010000"])
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETLINK(r9, 0x400454cd, 0x324)

5.758306655s ago: executing program 2 (id=1570):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$l2tp6(0xa, 0x2, 0x73)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@ipv4_newrule={0x1c, 0x20, 0x1}, 0x1c}}, 0x0)
r2 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001500)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)
socket(0x10, 0x3, 0x0)
geteuid()
r3 = socket$inet(0x2, 0xa, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)={0x1dc, 0x10, 0x701, 0x0, 0x0, {0xb}, [@nested={0x1be, 0x4a, 0x0, 0x1, [@typed={0x8f, 0x12d, 0x0, 0x0, @binary="70c9b9fd1dda2dbf4aa73731a82b75decbf264399754fff38b1c688615d971f85999c092199d933c88960f9e5ff69fc17eefe136a23ee36a52c73d96807de3254310f04605d3308364805b3506b6f6c0371ba811de31a070c27f0393a7924da3c9b33a62abb2513d978df03e7d1e0aa26c3ec05d80ce6363fb5aade00f4a6cbbb2058c8864e31b5ca84291"}, @typed={0x4, 0xb8}, @generic="3559298e203d44ab08028f705fe8cab7459817559116bbe135c60612ecb234fb183ff8715d6feb7ec5acee4fd09e8baf2920ae62dc8ab85e79c5c49f397135a5451c8bcf16a07ab2f76f63cde1f1826a6bea3834936815f872a5d781939170011e34c65f02ef2014bbcecefe7e5a54f97fec179f56276792e2563d02f5ec07c370ad81e74acc0ffec4becba777983e7ec6587200868ea1", @typed={0x8, 0x19, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0xd, 0x56, 0x0, 0x0, @str='subj_type'}, @generic="3f718d2fabb94504fee06032255c2465489d83254bd130692b01442231099d36d4d1b9cacf73f2cd4f880a4d5a7bb82f109b01d966cc943a9c9b86aad3d2167a3c97163bd801a892798a4d32d3888595120232b2414efca73aba04775e1d3240baf86d278190128580c708eafc8778e6f9f48b8c232e0c"]}, @typed={0x8, 0xa, 0x0, 0x0, @fd=r3}]}, 0x1dc}}, 0x0)

5.408186204s ago: executing program 2 (id=1573):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r0, 0x84, 0x20, &(0x7f0000000000)=""/4087, &(0x7f0000001080)=0xff7)

5.24041043s ago: executing program 2 (id=1574):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
syz_emit_ethernet(0x56, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb88a800008100000086dd600000000018000000000000000000000000000000000000fc0000000000000100000000000005020000c204"], 0x0)

4.737655447s ago: executing program 3 (id=1577):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, &(0x7f0000000100)=0x6, 0x4)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mmap(&(0x7f00002a3000/0x3000)=nil, 0x3000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_procfs$pagemap(0x0, &(0x7f0000000040))
ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000080)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10})
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r1 = io_uring_setup(0x65b, &(0x7f0000000080)={0x0, 0xfffffffe, 0x0, 0x800, 0x80})
io_uring_register$IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f00000019c0)={0x1, 0x0, 0x0, &(0x7f0000001940)=[{0x0}], 0x0}, 0x20)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f00000013c0)={0x0, 0x0, 0x0, {0x0, @win={{0xffffffff, 0x4, 0x7}, 0x1, 0x6, 0x0, 0x0, &(0x7f0000000340)="e5816da28f6783b88c4b28b90d3c4a2de8766a1d0ddc3164494e3be232b25b49de053ea0145155eb995cd8f693abaacba569166e9e045c759a4dc04669784d4ea8d2300151c18300332e"}}})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0xac, 0x1)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sync()
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340)={<r4=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f00000000c0)=0x1, r4, 0x0, 0x1, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f0000002380)={0x7, 0x8, 0xfa00, {r4}}, 0x10)
r5 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_inet6_SIOCADDRT(r5, 0x4020940d, &(0x7f0000000280)={@ipv4={'\x00', '\xff\xff', @private}, @mcast1, @ipv4={'\x00', '\xff\xff', @multicast1}})
pipe2(&(0x7f0000000200), 0x0)

4.324636482s ago: executing program 2 (id=1578):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000a80)={0x4c, 0xfc, &(0x7f0000000940)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x1, 0x600, &(0x7f0000000a00)="05"})

4.208249568s ago: executing program 2 (id=1579):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = io_uring_setup(0x1698, &(0x7f0000000140)={0x0, 0x3, 0x0, 0xfffffffc, 0x4})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003c6000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f00000f4000/0x4000)=nil)
r2 = syz_open_procfs(0x0, 0x0)
writev(r2, &(0x7f0000000100)=[{0x0}], 0x1)
munmap(&(0x7f00001a2000/0x1000)=nil, 0x1000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000200), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)=ANY=[@ANYBLOB="0100"])
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_GET_NESTED_STATE(r6, 0xc048aeca, &(0x7f0000005580)={{0x0, 0x0, 0x80}})
migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa)
r7 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f0000994000/0x2000)=nil, 0x0, 0x0})
r8 = syz_open_dev$evdev(&(0x7f0000000000), 0xffffffffffffffff, 0x1)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x30, 0x0, 0x20, 0x70bd2b, 0x25dfdbff, {{}, {}, {0x14, 0x19, {0xfffffef9, 0x0, 0x2, 0xc}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x20000004}, 0x20000044)
ioctl$EVIOCSMASK(r8, 0x40104593, 0x0)
r9 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r9, 0x89f0, &(0x7f0000000080)={'tunl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @loopback}}}})

3.97697933s ago: executing program 4 (id=1580):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r2, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0xc4382, 0x0)
r5 = dup(r4)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx2\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
ioctl$SNDCTL_SEQ_PANIC(r3, 0x5111)
sendfile(r7, r5, 0x0, 0x8a000)
sendmsg$BATADV_CMD_TP_METER(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c00a50020", @ANYRES16=0x0, @ANYBLOB="000200000000fbdbdf2502000000050037000000000008000600", @ANYRES32=0x0, @ANYBLOB="05002e000100000008002c00000000000500330000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x20008050}, 0x40000040)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000200)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000140)={0x48, 0x1, r8, 0x0, 0x8})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f00000006c0)={0x48, 0x1, r8, 0x0, 0x155})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f0000000240)={0xc, r8})
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r0, 0x3b70, &(0x7f0000000100)={0x40, 0x0, 0x0, 0x0, {}, {{}, 0x0, 0x0, [{}]}})
ioctl$IOMMU_TEST_OP_SET_TEMP_MEMORY_LIMIT(r0, 0x3ba0, &(0x7f0000000300)={0x48, 0x9, 0x0, 0x0, 0x3f})
r9 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYRES8=r9, @ANYRES8=0x0, @ANYBLOB="fec8"], 0x48}}, 0x0)
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r10, &(0x7f00000002c0)={0xa, 0x4e24, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x2000000}, 0x1c)
listen(r10, 0x4)
accept(r10, &(0x7f0000000000)=@can, 0x0)
r11 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r11, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e24, 0x0, @mcast1, 0x3}, 0x1c)
sendmmsg$alg(r9, &(0x7f00000000c0), 0x492492492492627, 0x0)

3.704227664s ago: executing program 3 (id=1582):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$l2tp6(0xa, 0x2, 0x73)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@ipv4_newrule={0x1c, 0x20, 0x1}, 0x1c}}, 0x0)
r2 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001500)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)
socket(0x10, 0x3, 0x0)
geteuid()
r3 = socket$inet(0x2, 0xa, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)={0x1f0, 0x10, 0x701, 0x0, 0x0, {0xb}, [@nested={0x1d2, 0x4a, 0x0, 0x1, [@typed={0x8f, 0x12d, 0x0, 0x0, @binary="70c9b9fd1dda2dbf4aa73731a82b75decbf264399754fff38b1c688615d971f85999c092199d933c88960f9e5ff69fc17eefe136a23ee36a52c73d96807de3254310f04605d3308364805b3506b6f6c0371ba811de31a070c27f0393a7924da3c9b33a62abb2513d978df03e7d1e0aa26c3ec05d80ce6363fb5aade00f4a6cbbb2058c8864e31b5ca84291"}, @typed={0x4, 0xb8}, @generic="3559298e203d44ab08028f705fe8cab7459817559116bbe135c60612ecb234fb183ff8715d6feb7ec5acee4fd09e8baf2920ae62dc8ab85e79c5c49f397135a5451c8bcf16a07ab2f76f63cde1f1826a6bea3834936815f872a5d781939170011e34c65f02ef2014bbcecefe7e5a54f97fec179f56276792e2563d02f5ec07c370ad81e74acc0ffec4becba777983e7ec6587200868ea1", @typed={0x8, 0x19, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0xd, 0x56, 0x0, 0x0, @str='subj_type'}, @generic="3f718d2fabb94504fee06032255c2465489d83254bd130692b01442231099d36d4d1b9cacf73f2cd4f880a4d5a7bb82f109b01d966cc943a9c9b86aad3d2167a3c97163bd801a892798a4d32d3888595120232b2414efca73aba04775e1d3240baf86d278190128580c708eafc8778e6f9f48b8c232e0c8d207b40083efff5e361db247c7aaed3107adb13"]}, @typed={0x8, 0xa, 0x0, 0x0, @fd=r3}]}, 0x1f0}}, 0x0)

3.137500956s ago: executing program 3 (id=1585):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'macvtap0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x34, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xd, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4, 0x8002}}]}, 0x34}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001000370400000000020000000000000074a2a2a0b8e89066fb27c701acfb5a0ecbd59bc0964a4d84df630ad2c2602080f945ef0fb6b9b86bb4b94e6261ff492d85b1de91a63dc92fc7a59da02a6b3a4f3ebe9af1bb532bf6708a022827a58798300ffb181c97f3c13b448ccda0ed3d18414825cecea01f8a9df9a0", @ANYRES32=r1, @ANYBLOB="90"], 0x44}}, 0x0)
r4 = syz_open_dev$video4linux(&(0x7f00000002c0), 0x0, 0x0)
ioctl$VIDIOC_QUERY_EXT_CTRL(r4, 0xc0445624, &(0x7f0000000140)={0x980001, 0x0, "9a555c147ce09ac66ffdb507549f0000000000000000000000000100"})

3.134181256s ago: executing program 2 (id=1586):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000340), 0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$inet_sctp(0x2, 0x0, 0x84)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000b80)={0x0, @in6={{0xa, 0x4e21, 0x1, @rand_addr=' \x01\x00', 0x53}}}, 0x90)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
socket(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
fsetxattr(r2, &(0x7f0000000280)=ANY=[@ANYBLOB='os2.com.apurity\x00'], &(0x7f0000000500)='\'\x7f\x84r6\xbf\xdd\'\xc3\x00\x00\x00\xc9\xc8hIB\x14\x1fo\'8Ci\xceZ\xc3+Ae!\xdc\r\xa9\xc74c\xfb5\x7f\x91T\r\xcb\xb9\xb2\xb5e\x1aS\"\xb40M\xd6\xaa\xad\xa5\xf1\x9b\x1a\a\x90\'\xe5\xc0\xc9OK\x95\x15\x14\x06\x9a\xa1\xce\x8c$\xc2\xbf\xe0\xcdp', 0x53, 0x2)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x1})
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000002c0)={'wlan1\x00'})
ioctl$TUNSETLINK(r7, 0x400454cd, 0x30a)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @link_local})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r0, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f00000004c0)=ANY=[@ANYBLOB="01ec000000010000"])
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETLINK(r9, 0x400454cd, 0x324)

2.562143101s ago: executing program 4 (id=1587):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0xfc0, &(0x7f00000001c0)={@local, @dev, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0xfb2, 0x0, 0x0, 0x0, 0x84, 0x0, @empty, @broadcast}, "dd9dec79219eb549dbd024c796335bc5ff0e043319357749084ca9d0ae1378f4e88112a2f7c10fd1523b9007773fd2b2bd0ebabccd2e5c35fb3baff587585840f2530c6f4d025f118440ac22a8b34da7b5e1e873bd429686be3ef84439e05fc0fefedb8b897b09445a9e10cf24aec2ff3ca6a86d94df0c4a928ed904dcfb02e6c6c5918a839d33cb9b55dfb3cd89d80eb18dc06415d313b4ea240a65eff4b941ac018e8f81de044239960271333255291b5fbfdcf8db25e175640f36986b859aeb3370ca17e6a20aeeb5c5d27eb097fc1fab796a7ff8fcbe119bbe4be2c8a5c58890191c59bea20bfe4edf9c5453e59f610d3bd1d6eb49b02e464aee0480187c5717936add1347b08cdf5b056adb941708e8a0498900419e98b75658c6dd00f88eebf8c9aaee2e38c80eafcf6ca08ea305da9c7050948ef78a1457a2e933287fe8d2e100cb00078ed829985f8812d543cc5cdb71521f4113829551efe915e4d6773f2d285cc1e8813919356ca5ef202b0d2b8a3d7de51e4635e761ffd7efe5d51dd1325596f0e4e1c0b1ce73240cb931227892d66f3629c9d152372d5790c1c25e2f6f850a4eb83654f423b84adbbf4169d472b2cddaa7137ff14c2944ade3a57613806810707a2e6c078beb4b87cf8cf39c9950bcb3f9bb42308bd5e68d81f7f4d9e528541703059787f5e342be8ebb9841d587f7455b409115d511c130d9641fc74391228bda52d2fa58e2ca74b26583e73e2cfb881945d8ecbc77eb35e783057f6c35ba06b7f639ec516ee54bf3645f6ec436ba859e22ed480a862285aa21f3d5cd3734dde388a7f8920c4a6b4a952f830e0d2811f2f2714e660e961de0b3e0b8d5fd1007690a61e414e82245dbe4e47c73465ed40af1cee2eae4801ee408ad1fce81ff8db77082c5efd93fa9a1a3e3d78eff84f326df1c6fa656cc7d4dab842f47ad0a7e74dfe1a53776a346a22dc7a0e476754d385d99aa9cbd3f445ffb2ed61e01b28fc071d706ad204b1e8014481dba0cbc460b67e64d6e955184271cedef7f951021e3595ebe9c3384b53efafb67cbed2aa1ede5d7fcff3abd27d05766fb8894d7948609441759f4c4dfa33b6d486d4fb7e231f04d4f0f9e98f4b156129d9307fb9ebf3b278232062e7fe9ec2db7c4c991f83733368a107bf5798a1df45c919d71cce45ed907240c2f2fa6a4227e8e11cef2e7968c63e7a1adc3edec2170c17ed2cc54d0ea2b34e99b81015ffe51a501c2b73ddac5223e69d0dd451d358c0cd2ff7db256850ec1e9e349901f168d854284da68d80c68298a75c5d859008c82fe08b4cf2e68a2c0190760a03aff1be2c9425b6d5ef5c67bafb6d16fffeeb0211d90abbade4db9d6a9e9c981dde14c1d54e9138f9760bcdccbf17e7416042cfe7bbd8bba2f739f7f900ee45b965316b950e8474f3be92081fb63f43a4858b39e20e14d5a38c0973d680f2fda9e310d0e088523bdcbb728bcd0074447b4ace876da5642cd7d781cdb023a31446e0a0c59d5388674a5c8a97927e014a73d0330bd5c5187db79f1c546a8bcca008263509c23b246dea58fb36c44d373c1c92ffdd1600c27d4b10b3fc86b88ecefe8743bb59a6b8e443f06d2ae3a6908b6bc65b647deee13262225b8879dd79413ffa3d4aef91a0a04d4dc3030b5beb081c5fdf9152c3a17e6b24457fd580d84d3006af27ff44d6ec3664c4955a1d1dc5eb041682644ae5643901f00aa602b2a18cdd3f8a1efff7b8f3afc31c283c9b74b806a98bd9f1ad8ecce410160c0a27f7ef90a2b0c1bea64e187adc04a04bff7c435659bc4c3ce5c2730e121972541062102e93d2a136e1aaaf3e25d547cad6e2b0874500fc098469494d2654808ee88588fd167f4332061a9b4cae6b22d87624e325e89a269f61ce0d26465ddfedc1f0fa2a5cf1ee7fe3e6cb375f1ff04cf8d22667debe574b8395023bde9a8302376af2e119c4c88433d1722011ade605f3a4201860742b0392ac96cc138d9ddb952f4e4742a7fd9d625465dac35347c1662b2085c357120c6ff69dedc013c5fe46555a4448b0be41e21ad73162bf9aa1cfb70f4702c7051c0a13fae918133f123d33c5c02e66ae8fceb3109b2e13a7a3e71484d59dfcba16db2d21549be1ba6cd5ad7610eefda427982384961f18bd6857ad97e868c2914d0ba934a296eda52646031c4504864061f3cba1df65cd04ef6b1050fb30b5abbbe28f8f7adb8073e452f4c0c5492a5f8d427ddf451ae303a86639e5dbccfe2b2bedb911d534a77c012e2f8a24917d98ab14557caf3e66040f21767685644f0003459762d4ab25a0e33a92b54748cf46a977505074b79b9b0746b2b5b168876a2ca10bb903edc1d1992a4a94c0ee0dd7b37add092163b5fbaf16090f8143187d060b19e3822f3def14717e41558f9582467a5a5f89148450fde235e7a5bb900e4e9d14e2147bfd2a52f84a115eb170bf3d3b9b3de9781960be4e53025c7dce005e1458140bb9cf9da8fa1124ac558fb220d57c23a7f120f5171eb2208d9e6ab7186ae457973da564f1fd45b241c15596035f55034c3995a587b4471068076839420df947f10ab2fc211732d768c135d63cc5eeda1bdfc780e7ed90855fa5a364e63f529703cd0f691b0b6a41232bfd1c1f61ef6b16ed3b9055ca888c8ebcd16a0623ede9e4e37b7d6175e3d0ddba8e7d87639eb8b0ba246131951a581575f1adf4c598a9f2f087d5eb2a0a5834d8cb12b0ad76d9381a838ccfbfcc20bbb970474c48677f10aa57be1d607d5b049d397178035f7f3393cd9000336c83218850ecd64142a22f7ae7e6a7e62013d6d105eb7c862e13979698681d44121ee9e2e552315d4d3913ff7bcd90d6bed72d50107a971a37d5a1d75efeebf03cc91239b7e427fba8df6b79674c15acd2093289fe6155063af81d85840abf4635f66083b3707d34b2149dfdf95cb4deb71e1574118c242b160c770347e6b1f135a985e89fe8e6d7f40281cfb6dc05cd8b9d4f6680c0863acb34516092acdf2bea67f54ab4282ba2d898287f34d9384e335b2ddbb87aaea8cadb8f0b397e99a68a7a214fae5a1f56c95bcd901534c23cd5cff3c168813d7fa1191dd7437c96b07324a7b21b48e205b859dcd080bd62ab7cca4bd7a73959218d0eeb21c887483201eaf3afb19efe1741b57332c5441685a7bb8324dde85faafc785312b58aabef2eef6a8048663bf13db9ae9edd4b1dcebc99890693f11b354b1f1aad19b66251b4bcaed0daed73b87dedd140fd680e7d3355362844d1d7ba2ae6be7ffae59d7b3c679b890448b0de1acf591abfe6f3096794b7e142e0ac0862ab8cb76eb79b17d1138be3747f907c3f11c636a0f0e0d315d1ff05aab0ce62fbac03a2b4ddeac7ee192bba2da93b7a926271f6d594aa14de2c294ad0c77770a624d1ce24cc8d8f5e9b629604fa7897f0cbd641f76a85dc8df33b5715eb100e30e53b85110d2252c22575a7365eb08006b4d62d305e780101965094ce2aaad170df470870e687fb280b772d41ad5d470b71e256af3a0d2c02df95821d38f28cdff26fa7a3f6e920edbd3174d2d2bde854ef68dae8a0a4a63753c825930903a2ca75d4321bad0ad9ff6852f94dd04972a45bb9625b3726dfbcc959e85242f0d327b181aee0fdab7af064dd97151b131a5c4a51a66692cbbd9f1348a16470cedef1b255e172cd2b15184177ad43744de941869af884ff8e59ef0e63ac5e1b99c851e0f915359ce12d9c380bb6f9c2bc773267157afeda7abcc120a31a1b72af6662bff7f5f194dad00b4ebfdcbb4dfc39854412db1ae99b449d741f841239159ea467cf1e38b95bcb7603ebcb400cb31410b2a4e25126caade0019bf667cc998bc4582578da0f8a6268f6d114ccf9dd8379995e8be1b934bb5645d72f97e05628129a7d2bc548e08796341f43dc3c9fcbe89d8284dc6633bee0d17e99f600425f0172b6bc478f5117dadf15e36e850ecc0ca75664ef8e4877a44b4ffa22a6f1d6719f8d81f9937928caa0690b77406a3298aaf446e2f78343267399bb7f64c60f82bf5d07210281eaad09a3810790720c98a041332c809be7aea1480b9e5eb989085c23b4aee75143068def3e89d1c417b63321e68d340a1472d2504088c17cd75de0e700508c55a7246ca9a762cc50ca35cbcaa7dcf4ae3264c32ff2cd67566ed501fb8182b5f16c58295783f3b2b554b06aae700f198c71ad7519868c1e6fbeb0246569b04beeb8b71bcbb9af93372bee365efb1d7424689e8241b1dc346a73a84b5773487f388356b8dbec1a108846e3f8dc74865b156e8ad18b353efc4ad0b11412a381fec8f5d45678b4f8b6805913e7aff71acf9052ae3b73e41e19668f9b53bfd75b778970831b6891a78ffe0d4863e62cbbf6cf8c085032864479cd3a250842984dcc2860f057f86c8e2d4d2afefb8a45b7d5b8c94e752f369a1b434c827cd26cd0276a8b40019a95ebe7c16de4c1ce8efbd5c70e0c507631818aa4fbc937d212e428aefa895069656babdbd921af974da32c49f4ca6d1e1e28319b427c8bad4d650809c673ec6073770b4097e5700a8071110fd07acbc5a59f8d7b0735a98fd40ce03718a9a93c035948859215c59f54343b08bfd95a35d73c5f09a9ebe63c509fe8443fa74e6efd0fd87defc7cb16725ce3c3d5f7664cfe253faf2cbeb307052dd2269b6266acdb31e2006b9355f673ca5c9cb907605ce071824254b139607a069531f9598f4040ddeb9cd018e9dfa1808032dfb65a4af0820da810a7b58fbb65ac8e65b017a40ec2d445a5c7b78d1f0e717b19427ef1fe6cc08c5e9da5a7d1d508fd939854589dcba8d75ff3d8d1c1fb28af1ed6900bcd4cedbe42fd6243c81264fe81be756bfd71ebcd4d96bd7ec50a676bc57e130bd8da21bb6e888eb6c8402516f6fe6dfe25be9a3e33f2cdbed9de00efb867cbe80ec2309458f41924b967d254166e5a0a5f776395214a67900d180704b9fb09f9c4c4c62fd382fcd5efe099e22d2c82f198a39d193f65b68e09454e2ab8f2d7413c64563742f1c34ca9285e501bff5efa30a0da946f875d23162eaa53c4008bed38e9a190b08ff8bfb6bfb91553c4c329fc73b8be308b00347dee2afdc08bab311c75386f452b706d1820c9038998924665010a548c09743a16167b0b09373b5cd2fb1da4f6c9ea5b1f1dd7775f6fcb23eab4fd1990364dacb2a1656b9bcf1c4866b7222872a3a3a03d397499222a3f31a35d3aeaf6a6d39f0fbee1e0f6e1e10ba0774f15f245d955cc8132d86c2d768f8a06274caa5a12c46e9e08ee556c1da49830f1e6c0a0c53a9ef1489c3fba0251c3e6839e891ac298108f3ed05066e48b8bda2c5f6e691c7a7425b7019e0a547f6560a0af41831a4a790c3a8eac9a3a9119da3eef85cb12f3f3115f04ae95534ac847b4ee2cc2fc43cdba382ecae7c4f499ce1be1ca1907313ff665c2fd7d4c8f36716f33b6861f5cf3f1c878feadfa9a664b8d629a16c750c466326a951efaa830e4f328270041f2ca0be49f0affe5806b94b027033f008957e83d167d6fe4168ec4fb79385cc06e257bba807ecfccaba56cf751dac996b7a347d36ec52b0f5d16425402416c735530bd7c545f8c753fb3b1054b82bc368ef4ac3000000"}}}}, 0x0)
syz_emit_ethernet(0x56, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb88a800008100000086dd600000000018000000000000000000000000000000000000fc0000000000000100000000000005020000c204"], 0x0)

2.406065661s ago: executing program 4 (id=1589):
r0 = memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x0)
r1 = dup(r0)
write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB='sy'], 0x4)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$setregs(0xd, r2, 0x0, &(0x7f00000000c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
read$FUSE(0xffffffffffffffff, &(0x7f0000000500)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000280)={{0x5, 0x4, 0x1, 0x8001, '\x00', 0x1}, 0x5, 0x131, 0xba, r3, 0x1, 0xc, 'syz1\x00', &(0x7f0000000040)=['&](\x00'], 0x4})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000200)={0x54, 0x2, 0x6, 0x0, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private}}]}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x54}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
ptrace$getregset(0x4205, r2, 0x200, &(0x7f0000000080)={0x0})

2.138276979s ago: executing program 4 (id=1590):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f00000003c0)={0x1, 0x0, @pic={0x0, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[], 0x0, 0x2c0710})
ioctl$KVM_RUN(r2, 0x5421, 0x0)

1.756218786s ago: executing program 4 (id=1591):
listen(0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000009c0)=ANY=[@ANYBLOB="28010000170001003a7dc09c007aab5097000000000000000000000000000000000000ffffac1414000000000000000000ac141400000000000000000000000000ffffffff0000000000000000000000007f000001000000000000f20000d76f61f6381d2fb0cf0f94b300"/116, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="e0000002000000000000000000000000ff01000000000000000000000000000100"/48, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0x128}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
r3 = socket(0x10, 0x80803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005e00010200"/20, @ANYRES32=0x0, @ANYBLOB="bf"], 0x1c}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001bc0), 0x0, 0x0, 0x0)
futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000040), 0x2}], 0x1, 0x0, 0x0, 0x0)
futex(&(0x7f0000000040), 0x1, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x3, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xc, 0x4, 0x4, 0x10000, 0x0, r4}, 0x48)
bind$inet(r1, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x17, 0x0, 0x0, 0x0}, 0x90)
set_mempolicy(0x3, &(0x7f0000000140)=0x3, 0x8)
ppoll(&(0x7f0000000300)=[{}], 0x20000000000000d0, 0x0, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r5 = syz_open_procfs(0x0, &(0x7f0000000140)='net/stat\x00')
fchdir(r5)
r6 = inotify_init()
inotify_add_watch(r6, &(0x7f0000000000)='.\x00', 0x400017e)
r7 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r7, 0x0, 0x0)

1.426057739s ago: executing program 0 (id=1592):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x1400, &(0x7f0000000b00)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8}, @NFTA_PAYLOAD_SREG={0x8}, @NFTA_PAYLOAD_OFFSET={0x8}, @NFTA_PAYLOAD_BASE={0x8}, @NFTA_PAYLOAD_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)

1.29390364s ago: executing program 0 (id=1593):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x0, 0x3, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001400)={'team_slave_0\x00'})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000200)={@loopback={0xff00000000000000}}, 0x20)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x0)
unshare(0x0)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000200)={0x0, 0x4000, &(0x7f00000001c0)={&(0x7f0000000100)={0x2c, 0xb, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x2c}}, 0x0)
syz_emit_ethernet(0x3b6, 0x0, 0x0)

1.115359248s ago: executing program 0 (id=1594):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$l2tp6(0xa, 0x2, 0x73)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@ipv4_newrule={0x1c, 0x20, 0x1}, 0x1c}}, 0x0)
r2 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001500)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)
socket(0x10, 0x3, 0x0)
geteuid()
r3 = socket$inet(0x2, 0xa, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)={0x1f0, 0x10, 0x701, 0x0, 0x0, {0xb}, [@nested={0x1d2, 0x4a, 0x0, 0x1, [@typed={0x8f, 0x12d, 0x0, 0x0, @binary="70c9b9fd1dda2dbf4aa73731a82b75decbf264399754fff38b1c688615d971f85999c092199d933c88960f9e5ff69fc17eefe136a23ee36a52c73d96807de3254310f04605d3308364805b3506b6f6c0371ba811de31a070c27f0393a7924da3c9b33a62abb2513d978df03e7d1e0aa26c3ec05d80ce6363fb5aade00f4a6cbbb2058c8864e31b5ca84291"}, @typed={0x4, 0xb8}, @generic="3559298e203d44ab08028f705fe8cab7459817559116bbe135c60612ecb234fb183ff8715d6feb7ec5acee4fd09e8baf2920ae62dc8ab85e79c5c49f397135a5451c8bcf16a07ab2f76f63cde1f1826a6bea3834936815f872a5d781939170011e34c65f02ef2014bbcecefe7e5a54f97fec179f56276792e2563d02f5ec07c370ad81e74acc0ffec4becba777983e7ec6587200868ea1", @typed={0x8, 0x19, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0xd, 0x56, 0x0, 0x0, @str='subj_type'}, @generic="3f718d2fabb94504fee06032255c2465489d83254bd130692b01442231099d36d4d1b9cacf73f2cd4f880a4d5a7bb82f109b01d966cc943a9c9b86aad3d2167a3c97163bd801a892798a4d32d3888595120232b2414efca73aba04775e1d3240baf86d278190128580c708eafc8778e6f9f48b8c232e0c8d207b40083efff5e361db247c7aaed3107adb13"]}, @typed={0x8, 0xa, 0x0, 0x0, @fd=r3}]}, 0x1f0}}, 0x0)

628.255823ms ago: executing program 3 (id=1595):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = io_uring_setup(0x1698, &(0x7f0000000140)={0x0, 0x3, 0x0, 0xfffffffc, 0x4})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003c6000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f00000f4000/0x4000)=nil)
r2 = syz_open_procfs(0x0, 0x0)
writev(r2, &(0x7f0000000100)=[{0x0}], 0x1)
munmap(&(0x7f00001a2000/0x1000)=nil, 0x1000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000200), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)=ANY=[@ANYBLOB="0100"])
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_GET_NESTED_STATE(r6, 0xc048aeca, &(0x7f0000005580)={{0x0, 0x0, 0x80}})
migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa)
r7 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f0000994000/0x2000)=nil, 0x0, 0x0})
r8 = syz_open_dev$evdev(&(0x7f0000000000), 0xffffffffffffffff, 0x1)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r2, 0x0, 0x20000044)
ioctl$EVIOCSMASK(r8, 0x40104593, 0x0)
r9 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r9, 0x89f0, &(0x7f0000000080)={'tunl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @loopback}}}})

591.768937ms ago: executing program 4 (id=1596):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = io_uring_setup(0x1698, &(0x7f0000000140)={0x0, 0x3, 0x0, 0xfffffffc, 0x4})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003c6000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f00000f4000/0x4000)=nil)
r2 = syz_open_procfs(0x0, 0x0)
writev(r2, &(0x7f0000000100)=[{0x0}], 0x1)
munmap(&(0x7f00001a2000/0x1000)=nil, 0x1000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000200), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)=ANY=[@ANYBLOB="0100"])
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_GET_NESTED_STATE(r6, 0xc048aeca, &(0x7f0000005580)={{0x0, 0x0, 0x80}})
migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa)
r7 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f0000994000/0x2000)=nil, 0x0, 0x0})
r8 = syz_open_dev$evdev(&(0x7f0000000000), 0xffffffffffffffff, 0x1)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x30, 0x0, 0x20, 0x70bd2b, 0x25dfdbff, {{}, {}, {0x14, 0x19, {0xfffffef9, 0x0, 0x2, 0xc}}}, [""]}, 0x30}, 0x1, 0x0, 0x0, 0x20000004}, 0x20000044)
ioctl$EVIOCSMASK(r8, 0x40104593, 0x0)
r9 = socket(0x11, 0x800000003, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r9, 0x89f0, &(0x7f0000000080)={'tunl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @loopback}}}})

471.76499ms ago: executing program 0 (id=1597):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)
r1 = syz_io_uring_setup(0x24fb, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
r4 = socket$inet6_dccp(0xa, 0x6, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x1}, 0x1c)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000200)=@in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}})
io_uring_enter(r1, 0x5b43, 0x0, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x6)
r6 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x175400, 0xa4)
ioctl$PTP_PEROUT_REQUEST2(r6, 0x40383d0c, &(0x7f0000000080)={{0x7, 0x400}, {0x4, 0x4}, 0x6, 0x1})
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000180)={{{@in=@local, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x6c}, 0x0, @in6=@loopback}}, 0xe8)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

180.092333ms ago: executing program 0 (id=1598):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0xfc0, &(0x7f00000001c0)={@local, @dev, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0xfb2, 0x0, 0x0, 0x0, 0x84, 0x0, @empty, @broadcast}, "dd9dec79219eb549dbd024c796335bc5ff0e043319357749084ca9d0ae1378f4e88112a2f7c10fd1523b9007773fd2b2bd0ebabccd2e5c35fb3baff587585840f2530c6f4d025f118440ac22a8b34da7b5e1e873bd429686be3ef84439e05fc0fefedb8b897b09445a9e10cf24aec2ff3ca6a86d94df0c4a928ed904dcfb02e6c6c5918a839d33cb9b55dfb3cd89d80eb18dc06415d313b4ea240a65eff4b941ac018e8f81de044239960271333255291b5fbfdcf8db25e175640f36986b859aeb3370ca17e6a20aeeb5c5d27eb097fc1fab796a7ff8fcbe119bbe4be2c8a5c58890191c59bea20bfe4edf9c5453e59f610d3bd1d6eb49b02e464aee0480187c5717936add1347b08cdf5b056adb941708e8a0498900419e98b75658c6dd00f88eebf8c9aaee2e38c80eafcf6ca08ea305da9c7050948ef78a1457a2e933287fe8d2e100cb00078ed829985f8812d543cc5cdb71521f4113829551efe915e4d6773f2d285cc1e8813919356ca5ef202b0d2b8a3d7de51e4635e761ffd7efe5d51dd1325596f0e4e1c0b1ce73240cb931227892d66f3629c9d152372d5790c1c25e2f6f850a4eb83654f423b84adbbf4169d472b2cddaa7137ff14c2944ade3a57613806810707a2e6c078beb4b87cf8cf39c9950bcb3f9bb42308bd5e68d81f7f4d9e528541703059787f5e342be8ebb9841d587f7455b409115d511c130d9641fc74391228bda52d2fa58e2ca74b26583e73e2cfb881945d8ecbc77eb35e783057f6c35ba06b7f639ec516ee54bf3645f6ec436ba859e22ed480a862285aa21f3d5cd3734dde388a7f8920c4a6b4a952f830e0d2811f2f2714e660e961de0b3e0b8d5fd1007690a61e414e82245dbe4e47c73465ed40af1cee2eae4801ee408ad1fce81ff8db77082c5efd93fa9a1a3e3d78eff84f326df1c6fa656cc7d4dab842f47ad0a7e74dfe1a53776a346a22dc7a0e476754d385d99aa9cbd3f445ffb2ed61e01b28fc071d706ad204b1e8014481dba0cbc460b67e64d6e955184271cedef7f951021e3595ebe9c3384b53efafb67cbed2aa1ede5d7fcff3abd27d05766fb8894d7948609441759f4c4dfa33b6d486d4fb7e231f04d4f0f9e98f4b156129d9307fb9ebf3b278232062e7fe9ec2db7c4c991f83733368a107bf5798a1df45c919d71cce45ed907240c2f2fa6a4227e8e11cef2e7968c63e7a1adc3edec2170c17ed2cc54d0ea2b34e99b81015ffe51a501c2b73ddac5223e69d0dd451d358c0cd2ff7db256850ec1e9e349901f168d854284da68d80c68298a75c5d859008c82fe08b4cf2e68a2c0190760a03aff1be2c9425b6d5ef5c67bafb6d16fffeeb0211d90abbade4db9d6a9e9c981dde14c1d54e9138f9760bcdccbf17e7416042cfe7bbd8bba2f739f7f900ee45b965316b950e8474f3be92081fb63f43a4858b39e20e14d5a38c0973d680f2fda9e310d0e088523bdcbb728bcd0074447b4ace876da5642cd7d781cdb023a31446e0a0c59d5388674a5c8a97927e014a73d0330bd5c5187db79f1c546a8bcca008263509c23b246dea58fb36c44d373c1c92ffdd1600c27d4b10b3fc86b88ecefe8743bb59a6b8e443f06d2ae3a6908b6bc65b647deee13262225b8879dd79413ffa3d4aef91a0a04d4dc3030b5beb081c5fdf9152c3a17e6b24457fd580d84d3006af27ff44d6ec3664c4955a1d1dc5eb041682644ae5643901f00aa602b2a18cdd3f8a1efff7b8f3afc31c283c9b74b806a98bd9f1ad8ecce410160c0a27f7ef90a2b0c1bea64e187adc04a04bff7c435659bc4c3ce5c2730e121972541062102e93d2a136e1aaaf3e25d547cad6e2b0874500fc098469494d2654808ee88588fd167f4332061a9b4cae6b22d87624e325e89a269f61ce0d26465ddfedc1f0fa2a5cf1ee7fe3e6cb375f1ff04cf8d22667debe574b8395023bde9a8302376af2e119c4c88433d1722011ade605f3a4201860742b0392ac96cc138d9ddb952f4e4742a7fd9d625465dac35347c1662b2085c357120c6ff69dedc013c5fe46555a4448b0be41e21ad73162bf9aa1cfb70f4702c7051c0a13fae918133f123d33c5c02e66ae8fceb3109b2e13a7a3e71484d59dfcba16db2d21549be1ba6cd5ad7610eefda427982384961f18bd6857ad97e868c2914d0ba934a296eda52646031c4504864061f3cba1df65cd04ef6b1050fb30b5abbbe28f8f7adb8073e452f4c0c5492a5f8d427ddf451ae303a86639e5dbccfe2b2bedb911d534a77c012e2f8a24917d98ab14557caf3e66040f21767685644f0003459762d4ab25a0e33a92b54748cf46a977505074b79b9b0746b2b5b168876a2ca10bb903edc1d1992a4a94c0ee0dd7b37add092163b5fbaf16090f8143187d060b19e3822f3def14717e41558f9582467a5a5f89148450fde235e7a5bb900e4e9d14e2147bfd2a52f84a115eb170bf3d3b9b3de9781960be4e53025c7dce005e1458140bb9cf9da8fa1124ac558fb220d57c23a7f120f5171eb2208d9e6ab7186ae457973da564f1fd45b241c15596035f55034c3995a587b4471068076839420df947f10ab2fc211732d768c135d63cc5eeda1bdfc780e7ed90855fa5a364e63f529703cd0f691b0b6a41232bfd1c1f61ef6b16ed3b9055ca888c8ebcd16a0623ede9e4e37b7d6175e3d0ddba8e7d87639eb8b0ba246131951a581575f1adf4c598a9f2f087d5eb2a0a5834d8cb12b0ad76d9381a838ccfbfcc20bbb970474c48677f10aa57be1d607d5b049d397178035f7f3393cd9000336c83218850ecd64142a22f7ae7e6a7e62013d6d105eb7c862e13979698681d44121ee9e2e552315d4d3913ff7bcd90d6bed72d50107a971a37d5a1d75efeebf03cc91239b7e427fba8df6b79674c15acd2093289fe6155063af81d85840abf4635f66083b3707d34b2149dfdf95cb4deb71e1574118c242b160c770347e6b1f135a985e89fe8e6d7f40281cfb6dc05cd8b9d4f6680c0863acb34516092acdf2bea67f54ab4282ba2d898287f34d9384e335b2ddbb87aaea8cadb8f0b397e99a68a7a214fae5a1f56c95bcd901534c23cd5cff3c168813d7fa1191dd7437c96b07324a7b21b48e205b859dcd080bd62ab7cca4bd7a73959218d0eeb21c887483201eaf3afb19efe1741b57332c5441685a7bb8324dde85faafc785312b58aabef2eef6a8048663bf13db9ae9edd4b1dcebc99890693f11b354b1f1aad19b66251b4bcaed0daed73b87dedd140fd680e7d3355362844d1d7ba2ae6be7ffae59d7b3c679b890448b0de1acf591abfe6f3096794b7e142e0ac0862ab8cb76eb79b17d1138be3747f907c3f11c636a0f0e0d315d1ff05aab0ce62fbac03a2b4ddeac7ee192bba2da93b7a926271f6d594aa14de2c294ad0c77770a624d1ce24cc8d8f5e9b629604fa7897f0cbd641f76a85dc8df33b5715eb100e30e53b85110d2252c22575a7365eb08006b4d62d305e780101965094ce2aaad170df470870e687fb280b772d41ad5d470b71e256af3a0d2c02df95821d38f28cdff26fa7a3f6e920edbd3174d2d2bde854ef68dae8a0a4a63753c825930903a2ca75d4321bad0ad9ff6852f94dd04972a45bb9625b3726dfbcc959e85242f0d327b181aee0fdab7af064dd97151b131a5c4a51a66692cbbd9f1348a16470cedef1b255e172cd2b15184177ad43744de941869af884ff8e59ef0e63ac5e1b99c851e0f915359ce12d9c380bb6f9c2bc773267157afeda7abcc120a31a1b72af6662bff7f5f194dad00b4ebfdcbb4dfc39854412db1ae99b449d741f841239159ea467cf1e38b95bcb7603ebcb400cb31410b2a4e25126caade0019bf667cc998bc4582578da0f8a6268f6d114ccf9dd8379995e8be1b934bb5645d72f97e05628129a7d2bc548e08796341f43dc3c9fcbe89d8284dc6633bee0d17e99f600425f0172b6bc478f5117dadf15e36e850ecc0ca75664ef8e4877a44b4ffa22a6f1d6719f8d81f9937928caa0690b77406a3298aaf446e2f78343267399bb7f64c60f82bf5d07210281eaad09a3810790720c98a041332c809be7aea1480b9e5eb989085c23b4aee75143068def3e89d1c417b63321e68d340a1472d2504088c17cd75de0e700508c55a7246ca9a762cc50ca35cbcaa7dcf4ae3264c32ff2cd67566ed501fb8182b5f16c58295783f3b2b554b06aae700f198c71ad7519868c1e6fbeb0246569b04beeb8b71bcbb9af93372bee365efb1d7424689e8241b1dc346a73a84b5773487f388356b8dbec1a108846e3f8dc74865b156e8ad18b353efc4ad0b11412a381fec8f5d45678b4f8b6805913e7aff71acf9052ae3b73e41e19668f9b53bfd75b778970831b6891a78ffe0d4863e62cbbf6cf8c085032864479cd3a250842984dcc2860f057f86c8e2d4d2afefb8a45b7d5b8c94e752f369a1b434c827cd26cd0276a8b40019a95ebe7c16de4c1ce8efbd5c70e0c507631818aa4fbc937d212e428aefa895069656babdbd921af974da32c49f4ca6d1e1e28319b427c8bad4d650809c673ec6073770b4097e5700a8071110fd07acbc5a59f8d7b0735a98fd40ce03718a9a93c035948859215c59f54343b08bfd95a35d73c5f09a9ebe63c509fe8443fa74e6efd0fd87defc7cb16725ce3c3d5f7664cfe253faf2cbeb307052dd2269b6266acdb31e2006b9355f673ca5c9cb907605ce071824254b139607a069531f9598f4040ddeb9cd018e9dfa1808032dfb65a4af0820da810a7b58fbb65ac8e65b017a40ec2d445a5c7b78d1f0e717b19427ef1fe6cc08c5e9da5a7d1d508fd939854589dcba8d75ff3d8d1c1fb28af1ed6900bcd4cedbe42fd6243c81264fe81be756bfd71ebcd4d96bd7ec50a676bc57e130bd8da21bb6e888eb6c8402516f6fe6dfe25be9a3e33f2cdbed9de00efb867cbe80ec2309458f41924b967d254166e5a0a5f776395214a67900d180704b9fb09f9c4c4c62fd382fcd5efe099e22d2c82f198a39d193f65b68e09454e2ab8f2d7413c64563742f1c34ca9285e501bff5efa30a0da946f875d23162eaa53c4008bed38e9a190b08ff8bfb6bfb91553c4c329fc73b8be308b00347dee2afdc08bab311c75386f452b706d1820c9038998924665010a548c09743a16167b0b09373b5cd2fb1da4f6c9ea5b1f1dd7775f6fcb23eab4fd1990364dacb2a1656b9bcf1c4866b7222872a3a3a03d397499222a3f31a35d3aeaf6a6d39f0fbee1e0f6e1e10ba0774f15f245d955cc8132d86c2d768f8a06274caa5a12c46e9e08ee556c1da49830f1e6c0a0c53a9ef1489c3fba0251c3e6839e891ac298108f3ed05066e48b8bda2c5f6e691c7a7425b7019e0a547f6560a0af41831a4a790c3a8eac9a3a9119da3eef85cb12f3f3115f04ae95534ac847b4ee2cc2fc43cdba382ecae7c4f499ce1be1ca1907313ff665c2fd7d4c8f36716f33b6861f5cf3f1c878feadfa9a664b8d629a16c750c466326a951efaa830e4f328270041f2ca0be49f0affe5806b94b027033f008957e83d167d6fe4168ec4fb79385cc06e257bba807ecfccaba56cf751dac996b7a347d36ec52b0f5d16425402416c735530bd7c545f8c753fb3b1054b82bc368ef4ac3000000"}}}}, 0x0)
syz_emit_ethernet(0x56, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb88a800008100000086dd600000000018000000000000000000000000000000000000fc0000000000000100000000000005020000c204"], 0x0)

0s ago: executing program 0 (id=1599):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x10, 0xa702)
mmap(&(0x7f0000527000/0x1000)=nil, 0x1000, 0x1000006, 0x11, r0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002340)=@delchain={0x244, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_u32={{0x8}, {0x40, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth0_to_team\x00'}, @TCA_U32_CLASSID={0x8}, @TCA_U32_HASH={0x8}, @TCA_U32_MARK={0x10}, @TCA_U32_FLAGS={0x8}]}}, @TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0x1b4, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_POLICE={0x4}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_ACT={0x19c, 0x6, [@m_ife={0x150, 0x0, 0x0, 0x0, {{0x8}, {0x34, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @dev}, @TCA_IFE_TYPE={0x6}, @TCA_IFE_PARMS={0x1c}]}, {0xf5, 0x6, "21b2caeba32a6f7c5900697624a17b85a9db3a31b129a4976a84cfb4f5d651fd8aa24a645c8f63c025fcca463a6b79a3d7e6c9a8b89a140805ef63939ac2e37b49004b0dc3b8446aa7038eceef52fe7bdca153fe865c65015a3b208b282c16472e451aa10a8631235c49cae271f5fc8ce5e34d9938e3d5f43ac7a0e31b0acfc73199ca90e81246819f4c740a4fa3247a2af88d6569da09be7179b89f9f024c9f465098a5a52058a431206bee68089bddc13ffe76ff0f000053fa1517700a54d423c13fb6732a5d39c87101b0882ccd8e86eb437849e249675c60d8a9cf9430b6aa206e8116810b35151fce1e1bf48c2b9c"}, {0xc}, {0xc}}}, @m_nat={0x48, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x1d, 0x6, "ef93daeef78df7f9a037a0d7a2f92a1cc341deabba437fc636"}, {0xc}, {0xc}}}]}]}}]}, 0x244}}, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000080), 0x2, 0x2)
ioctl$VIDIOC_S_FMT(r2, 0xc0d05640, &(0x7f0000000340)={0x1, @pix={0x20000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0xfeedcafe, 0x0, 0x0, 0x0, 0x7}})
prctl$PR_SET_IO_FLUSHER(0x41, 0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee8, 0x10, 0xffffffffffffffff, 0x0)
r3 = socket(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x59)
getsockname$packet(r3, 0x0, &(0x7f00000002c0))
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
getdents64(r4, 0x0, 0x500)
ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002de000/0x1000)=nil, &(0x7f00004ed000/0x4000)=nil, 0x1000})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x10, 0xa702) (async)
mmap(&(0x7f0000527000/0x1000)=nil, 0x1000, 0x1000006, 0x11, r0, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000002340)=@delchain={0x244, 0x65, 0x0, 0x0, 0x0, {}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_u32={{0x8}, {0x40, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth0_to_team\x00'}, @TCA_U32_CLASSID={0x8}, @TCA_U32_HASH={0x8}, @TCA_U32_MARK={0x10}, @TCA_U32_FLAGS={0x8}]}}, @TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0x1b4, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_POLICE={0x4}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_ACT={0x19c, 0x6, [@m_ife={0x150, 0x0, 0x0, 0x0, {{0x8}, {0x34, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @dev}, @TCA_IFE_TYPE={0x6}, @TCA_IFE_PARMS={0x1c}]}, {0xf5, 0x6, "21b2caeba32a6f7c5900697624a17b85a9db3a31b129a4976a84cfb4f5d651fd8aa24a645c8f63c025fcca463a6b79a3d7e6c9a8b89a140805ef63939ac2e37b49004b0dc3b8446aa7038eceef52fe7bdca153fe865c65015a3b208b282c16472e451aa10a8631235c49cae271f5fc8ce5e34d9938e3d5f43ac7a0e31b0acfc73199ca90e81246819f4c740a4fa3247a2af88d6569da09be7179b89f9f024c9f465098a5a52058a431206bee68089bddc13ffe76ff0f000053fa1517700a54d423c13fb6732a5d39c87101b0882ccd8e86eb437849e249675c60d8a9cf9430b6aa206e8116810b35151fce1e1bf48c2b9c"}, {0xc}, {0xc}}}, @m_nat={0x48, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x1d, 0x6, "ef93daeef78df7f9a037a0d7a2f92a1cc341deabba437fc636"}, {0xc}, {0xc}}}]}]}}]}, 0x244}}, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) (async)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x8}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) (async)
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0) (async)
syz_open_dev$vbi(&(0x7f0000000080), 0x2, 0x2) (async)
ioctl$VIDIOC_S_FMT(r2, 0xc0d05640, &(0x7f0000000340)={0x1, @pix={0x20000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0xfeedcafe, 0x0, 0x0, 0x0, 0x7}}) (async)
prctl$PR_SET_IO_FLUSHER(0x41, 0x3) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee8, 0x10, 0xffffffffffffffff, 0x0) (async)
socket(0xa, 0x2, 0x0) (async)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x59) (async)
getsockname$packet(r3, 0x0, &(0x7f00000002c0)) (async)
syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') (async)
getdents64(r4, 0x0, 0x500) (async)
ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002de000/0x1000)=nil, &(0x7f00004ed000/0x4000)=nil, 0x1000}) (async)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) (async)

kernel console output (not intermixed with test programs):

hci0: unexpected cc 0x0c38 length: 249 > 2
[  430.377220][ T2515] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  430.642165][ T5107] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  430.651817][ T5107] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  430.659830][ T5107] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  430.668465][ T5107] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  430.685978][ T5107] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  430.695023][ T5107] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  430.903730][ T2515] bridge_slave_1: left allmulticast mode
[  430.909408][ T2515] bridge_slave_1: left promiscuous mode
[  430.931346][ T2515] bridge0: port 2(bridge_slave_1) entered disabled state
[  430.971231][ T2515] bridge_slave_0: left allmulticast mode
[  430.989264][ T2515] bridge_slave_0: left promiscuous mode
[  430.999931][ T2515] bridge0: port 1(bridge_slave_0) entered disabled state
[  431.846321][ T2515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  431.874539][ T2515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  431.895971][ T2515] bond0 (unregistering): Released all slaves
[  432.082328][T11635] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  432.293077][ T5107] Bluetooth: hci0: command tx timeout
[  432.677323][ T2515] hsr_slave_0: left promiscuous mode
[  432.703094][ T2515] hsr_slave_1: left promiscuous mode
[  432.709574][ T2515] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  432.733331][ T2515] batman_adv: batadv0: Removing interface: batadv_slave_0
[  432.754239][ T2515] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  432.764569][ T2515] batman_adv: batadv0: Removing interface: batadv_slave_1
[  432.776398][ T5107] Bluetooth: hci1: command tx timeout
[  432.822613][ T8223] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  432.836114][ T2515] veth1_macvtap: left promiscuous mode
[  432.881144][ T2515] veth0_macvtap: left promiscuous mode
[  432.901515][ T2515] veth1_vlan: left promiscuous mode
[  432.921977][ T2515] veth0_vlan: left promiscuous mode
[  433.028754][ T8223] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  433.067724][ T8223] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  433.109807][ T8223] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  433.129393][ T8223] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.161860][T11646] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  433.756420][T11275] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  433.768201][T11275] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  433.780991][T11275] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  433.808189][T11275] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  433.821324][T11275] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  433.829102][T11275] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  434.220836][ T2515] team0 (unregistering): Port device team_slave_1 removed
[  434.262607][ T2515] team0 (unregistering): Port device team_slave_0 removed
[  434.372916][ T5107] Bluetooth: hci0: command tx timeout
[  434.854282][ T5107] Bluetooth: hci1: command tx timeout
[  434.912169][T11625] chnl_net:caif_netlink_parms(): no params data found
[  435.280569][ T7881] usb 3-1: USB disconnect, device number 24
[  435.411077][T11625] bridge0: port 1(bridge_slave_0) entered blocking state
[  435.419756][T11625] bridge0: port 1(bridge_slave_0) entered disabled state
[  435.437296][T11625] bridge_slave_0: entered allmulticast mode
[  435.445362][T11625] bridge_slave_0: entered promiscuous mode
[  435.470196][T11625] bridge0: port 2(bridge_slave_1) entered blocking state
[  435.477533][T11625] bridge0: port 2(bridge_slave_1) entered disabled state
[  435.504789][T11625] bridge_slave_1: entered allmulticast mode
[  435.512169][T11625] bridge_slave_1: entered promiscuous mode
[  435.622593][T11628] chnl_net:caif_netlink_parms(): no params data found
[  435.685424][T11625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  435.750841][T11625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  435.892839][ T5107] Bluetooth: hci2: command tx timeout
[  435.983740][T11275] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  435.994024][T11275] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  436.007974][T11275] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  436.017261][T11275] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  436.025769][T11275] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  436.039150][T11275] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  436.127393][T11625] team0: Port device team_slave_0 added
[  436.219768][T11625] team0: Port device team_slave_1 added
[  436.338216][T11696] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1266'.
[  436.393161][T11628] bridge0: port 1(bridge_slave_0) entered blocking state
[  436.400366][T11628] bridge0: port 1(bridge_slave_0) entered disabled state
[  436.407772][T11628] bridge_slave_0: entered allmulticast mode
[  436.417335][T11628] bridge_slave_0: entered promiscuous mode
[  436.430287][T11628] bridge0: port 2(bridge_slave_1) entered blocking state
[  436.438220][T11628] bridge0: port 2(bridge_slave_1) entered disabled state
[  436.446955][T11628] bridge_slave_1: entered allmulticast mode
[  436.457501][T11628] bridge_slave_1: entered promiscuous mode
[  436.468940][T11625] batman_adv: batadv0: Adding interface: batadv_slave_0
[  436.479304][ T5107] Bluetooth: hci0: command tx timeout
[  436.492829][T11625] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  436.520428][T11625] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  436.624616][T11625] batman_adv: batadv0: Adding interface: batadv_slave_1
[  436.639727][T11625] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  436.678024][T11625] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  436.743755][T11628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  436.823784][ T2515] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  436.845841][T11628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  436.893707][T11625] hsr_slave_0: entered promiscuous mode
[  436.900910][T11625] hsr_slave_1: entered promiscuous mode
[  436.931198][T11663] chnl_net:caif_netlink_parms(): no params data found
[  436.943352][ T5107] Bluetooth: hci1: command tx timeout
[  436.959249][ T2515] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.012015][T11628] team0: Port device team_slave_0 added
[  437.038140][T11628] team0: Port device team_slave_1 added
[  437.087946][ T2515] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.216033][T11628] batman_adv: batadv0: Adding interface: batadv_slave_0
[  437.227586][T11628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  437.256064][T11628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  437.303175][ T2515] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.405076][T11628] batman_adv: batadv0: Adding interface: batadv_slave_1
[  437.421699][T11628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  437.448797][T11628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  437.698612][T11628] hsr_slave_0: entered promiscuous mode
[  437.707121][T11628] hsr_slave_1: entered promiscuous mode
[  437.714053][T11628] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  437.721730][T11628] Cannot create hsr debugfs directory
[  437.756450][T11663] bridge0: port 1(bridge_slave_0) entered blocking state
[  437.769377][ T5153] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  437.786342][T11663] bridge0: port 1(bridge_slave_0) entered disabled state
[  437.795548][T11663] bridge_slave_0: entered allmulticast mode
[  437.805661][T11663] bridge_slave_0: entered promiscuous mode
[  437.859926][T11663] bridge0: port 2(bridge_slave_1) entered blocking state
[  437.867707][T11663] bridge0: port 2(bridge_slave_1) entered disabled state
[  437.876459][T11663] bridge_slave_1: entered allmulticast mode
[  437.884441][T11663] bridge_slave_1: entered promiscuous mode
[  437.935189][T11688] chnl_net:caif_netlink_parms(): no params data found
[  437.972656][ T5107] Bluetooth: hci2: command tx timeout
[  437.979931][ T5153] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  437.991085][ T5153] usb 3-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  437.999642][T11663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  438.000610][ T5153] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.021306][ T5153] usb 3-1: config 0 descriptor??
[  438.052862][ T5107] Bluetooth: hci3: command tx timeout
[  438.090335][T11663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  438.151034][T11625] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.238189][ T7881] usb 3-1: USB disconnect, device number 25
[  438.264988][ T2515] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.312006][T11625] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.331856][T11663] team0: Port device team_slave_0 added
[  438.341560][T11663] team0: Port device team_slave_1 added
[  438.400801][ T2515] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.487039][T11625] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.542017][ T2515] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.552528][ T5107] Bluetooth: hci0: command tx timeout
[  438.559656][T11688] bridge0: port 1(bridge_slave_0) entered blocking state
[  438.568160][T11688] bridge0: port 1(bridge_slave_0) entered disabled state
[  438.576566][T11688] bridge_slave_0: entered allmulticast mode
[  438.584735][T11688] bridge_slave_0: entered promiscuous mode
[  438.592221][T11663] batman_adv: batadv0: Adding interface: batadv_slave_0
[  438.599799][T11663] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.626992][T11663] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  438.640460][T11663] batman_adv: batadv0: Adding interface: batadv_slave_1
[  438.647480][T11663] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  438.675049][T11663] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  438.713855][T11625] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.728262][T11688] bridge0: port 2(bridge_slave_1) entered blocking state
[  438.735553][T11688] bridge0: port 2(bridge_slave_1) entered disabled state
[  438.743193][T11688] bridge_slave_1: entered allmulticast mode
[  438.750039][T11688] bridge_slave_1: entered promiscuous mode
[  438.834520][ T2515] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.918011][T11688] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  438.936054][T11745] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1273'.
[  438.966493][T11663] hsr_slave_0: entered promiscuous mode
[  438.984408][T11663] hsr_slave_1: entered promiscuous mode
[  438.995817][T11663] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  439.006702][T11663] Cannot create hsr debugfs directory
[  439.021351][ T5107] Bluetooth: hci1: command tx timeout
[  439.096625][T11688] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  439.188700][T11688] team0: Port device team_slave_0 added
[  439.329729][T11688] team0: Port device team_slave_1 added
[  439.774070][T11688] batman_adv: batadv0: Adding interface: batadv_slave_0
[  439.785085][T11688] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  439.816921][T11688] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  439.830037][T11688] batman_adv: batadv0: Adding interface: batadv_slave_1
[  439.837318][T11688] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  439.863566][T11688] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  439.991684][ T2515] bridge_slave_1: left allmulticast mode
[  439.997747][ T2515] bridge_slave_1: left promiscuous mode
[  440.006148][ T2515] bridge0: port 2(bridge_slave_1) entered disabled state
[  440.015141][ T2515] bridge_slave_0: left allmulticast mode
[  440.020828][ T2515] bridge_slave_0: left promiscuous mode
[  440.026942][ T2515] bridge0: port 1(bridge_slave_0) entered disabled state
[  440.037352][ T2515] bridge_slave_1: left allmulticast mode
[  440.043253][ T2515] bridge_slave_1: left promiscuous mode
[  440.048971][ T2515] bridge0: port 2(bridge_slave_1) entered disabled state
[  440.052582][ T5107] Bluetooth: hci2: command tx timeout
[  440.062960][ T5153] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  440.063517][ T2515] bridge_slave_0: left allmulticast mode
[  440.078113][ T2515] bridge_slave_0: left promiscuous mode
[  440.084217][ T2515] bridge0: port 1(bridge_slave_0) entered disabled state
[  440.095321][ T2515] bridge_slave_1: left allmulticast mode
[  440.100977][ T2515] bridge_slave_1: left promiscuous mode
[  440.107683][ T2515] bridge0: port 2(bridge_slave_1) entered disabled state
[  440.116734][ T2515] bridge_slave_0: left allmulticast mode
[  440.123279][ T2515] bridge_slave_0: left promiscuous mode
[  440.129039][ T2515] bridge0: port 1(bridge_slave_0) entered disabled state
[  440.133944][ T5107] Bluetooth: hci3: command tx timeout
[  440.276885][ T5153] usb 3-1: New USB device found, idVendor=05ac, idProduct=0253, bcdDevice=65.5a
[  440.288327][ T5153] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  440.299387][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  440.299441][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  440.317280][ T5153] usb 3-1: config 0 descriptor??
[  440.328842][ T5153] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input15
[  440.836675][ T7882] usb 3-1: USB disconnect, device number 26
[  440.844035][ T4532] bcm5974 3-1:0.0: could not read from device
[  441.171462][ T2515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  441.187323][ T2515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  441.198843][ T2515] bond0 (unregistering): Released all slaves
[  441.299066][ T2515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  441.309950][ T2515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  441.320558][ T2515] bond0 (unregistering): Released all slaves
[  441.471766][ T2515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  441.495531][ T2515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  441.516894][ T2515] bond0 (unregistering): Released all slaves
[  441.542376][T11688] hsr_slave_0: entered promiscuous mode
[  441.548841][T11688] hsr_slave_1: entered promiscuous mode
[  441.558401][T11688] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  441.567038][T11688] Cannot create hsr debugfs directory
[  441.922318][T11625] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  441.961426][T11625] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  442.011781][T11625] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  442.033802][T11625] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  442.140728][ T5107] Bluetooth: hci2: command tx timeout
[  442.214436][ T5107] Bluetooth: hci3: command tx timeout
[  442.312857][ T7882] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  442.345841][T11628] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  442.358315][T11628] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  442.369340][T11628] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  442.400170][T11628] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  442.472850][ T7882] usb 3-1: device descriptor read/64, error -71
[  442.671043][ T2515] hsr_slave_0: left promiscuous mode
[  442.686875][ T2515] hsr_slave_1: left promiscuous mode
[  442.702245][ T2515] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  442.720699][ T2515] batman_adv: batadv0: Removing interface: batadv_slave_0
[  442.729836][ T2515] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  442.737678][ T2515] batman_adv: batadv0: Removing interface: batadv_slave_1
[  442.752920][ T7882] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  442.761310][ T2515] hsr_slave_0: left promiscuous mode
[  442.783454][ T2515] hsr_slave_1: left promiscuous mode
[  442.790347][ T2515] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  442.798007][ T2515] batman_adv: batadv0: Removing interface: batadv_slave_0
[  442.806490][ T2515] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  442.815174][ T2515] batman_adv: batadv0: Removing interface: batadv_slave_1
[  442.832284][ T2515] hsr_slave_0: left promiscuous mode
[  442.839729][ T2515] hsr_slave_1: left promiscuous mode
[  442.847494][ T2515] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  442.856728][ T2515] batman_adv: batadv0: Removing interface: batadv_slave_0
[  442.874094][ T2515] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  442.881620][ T2515] batman_adv: batadv0: Removing interface: batadv_slave_1
[  442.912894][ T7882] usb 3-1: device descriptor read/64, error -71
[  442.991449][ T2515] veth1_macvtap: left promiscuous mode
[  442.997836][ T2515] veth0_macvtap: left promiscuous mode
[  443.003605][ T2515] veth1_vlan: left promiscuous mode
[  443.009155][ T2515] veth0_vlan: left promiscuous mode
[  443.016088][ T2515] veth1_macvtap: left promiscuous mode
[  443.021639][ T2515] veth0_macvtap: left promiscuous mode
[  443.028521][ T2515] veth1_vlan: left promiscuous mode
[  443.034301][ T7882] usb usb3-port1: attempt power cycle
[  443.040812][ T2515] veth0_vlan: left promiscuous mode
[  443.047952][ T2515] veth1_macvtap: left promiscuous mode
[  443.055264][ T2515] veth0_macvtap: left promiscuous mode
[  443.060934][ T2515] veth1_vlan: left promiscuous mode
[  443.076767][ T2515] veth0_vlan: left promiscuous mode
[  443.485904][ T7882] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  443.526958][ T7882] usb 3-1: device descriptor read/8, error -71
[  443.736325][ T2515] team0 (unregistering): Port device team_slave_1 removed
[  443.778659][ T2515] team0 (unregistering): Port device team_slave_0 removed
[  443.837859][ T7882] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  443.874229][ T7882] usb 3-1: device descriptor read/8, error -71
[  443.998285][ T7882] usb usb3-port1: unable to enumerate USB device
[  444.292836][ T5107] Bluetooth: hci3: command tx timeout
[  444.493183][ T2515] team0 (unregistering): Port device team_slave_1 removed
[  444.533705][ T2515] team0 (unregistering): Port device team_slave_0 removed
[  445.248991][ T2515] team0 (unregistering): Port device team_slave_1 removed
[  445.288162][ T2515] team0 (unregistering): Port device team_slave_0 removed
[  446.039471][T11628] 8021q: adding VLAN 0 to HW filter on device bond0
[  446.073214][ T7564] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  446.094862][T11628] 8021q: adding VLAN 0 to HW filter on device team0
[  446.119131][T11625] 8021q: adding VLAN 0 to HW filter on device bond0
[  446.178632][ T5149] bridge0: port 1(bridge_slave_0) entered blocking state
[  446.185814][ T5149] bridge0: port 1(bridge_slave_0) entered forwarding state
[  446.237357][ T7564] usb 3-1: device descriptor read/64, error -71
[  446.266393][ T7881] bridge0: port 2(bridge_slave_1) entered blocking state
[  446.273601][ T7881] bridge0: port 2(bridge_slave_1) entered forwarding state
[  446.357698][T11625] 8021q: adding VLAN 0 to HW filter on device team0
[  446.379105][T11663] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  446.474390][T11663] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  446.494741][ T7881] bridge0: port 1(bridge_slave_0) entered blocking state
[  446.501870][ T7881] bridge0: port 1(bridge_slave_0) entered forwarding state
[  446.512536][ T7564] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  446.596564][T11663] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  446.614262][T11663] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  446.640761][ T7881] bridge0: port 2(bridge_slave_1) entered blocking state
[  446.647971][ T7881] bridge0: port 2(bridge_slave_1) entered forwarding state
[  446.682764][ T7564] usb 3-1: device descriptor read/64, error -71
[  446.818949][ T7564] usb usb3-port1: attempt power cycle
[  446.948593][T11628] 8021q: adding VLAN 0 to HW filter on device batadv0
[  447.107514][T11625] 8021q: adding VLAN 0 to HW filter on device batadv0
[  447.181329][T11688] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  447.253638][ T7564] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  447.275109][T11688] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  447.301526][T11628] veth0_vlan: entered promiscuous mode
[  447.313681][ T7564] usb 3-1: device descriptor read/8, error -71
[  447.338014][T11688] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  447.360929][T11663] 8021q: adding VLAN 0 to HW filter on device bond0
[  447.390262][T11625] veth0_vlan: entered promiscuous mode
[  447.399187][T11688] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  447.418787][T11628] veth1_vlan: entered promiscuous mode
[  447.491363][T11625] veth1_vlan: entered promiscuous mode
[  447.529826][T11663] 8021q: adding VLAN 0 to HW filter on device team0
[  447.593053][ T7564] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  447.619152][ T7883] bridge0: port 1(bridge_slave_0) entered blocking state
[  447.626367][ T7883] bridge0: port 1(bridge_slave_0) entered forwarding state
[  447.643142][ T7883] bridge0: port 2(bridge_slave_1) entered blocking state
[  447.650326][ T7883] bridge0: port 2(bridge_slave_1) entered forwarding state
[  447.674130][ T7564] usb 3-1: device descriptor read/8, error -71
[  447.705519][T11625] veth0_macvtap: entered promiscuous mode
[  447.768337][T11625] veth1_macvtap: entered promiscuous mode
[  447.793352][ T7564] usb usb3-port1: unable to enumerate USB device
[  447.802377][T11628] veth0_macvtap: entered promiscuous mode
[  447.845565][T11628] veth1_macvtap: entered promiscuous mode
[  447.939237][T11628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  447.951165][T11628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  447.965963][T11628] batman_adv: batadv0: Interface activated: batadv_slave_0
[  447.975383][T11625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  447.986308][T11625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  447.997514][T11625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  448.009325][T11625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  448.020937][T11625] batman_adv: batadv0: Interface activated: batadv_slave_0
[  448.044158][T11628] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  448.056138][T11628] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  448.068017][T11628] batman_adv: batadv0: Interface activated: batadv_slave_1
[  448.079056][T11625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  448.090975][T11625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  448.100941][T11625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  448.118335][T11625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  448.129911][T11625] batman_adv: batadv0: Interface activated: batadv_slave_1
[  448.160613][T11688] 8021q: adding VLAN 0 to HW filter on device bond0
[  448.175476][T11628] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  448.185713][T11628] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  448.195440][T11628] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  448.204220][T11628] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  448.220905][T11663] 8021q: adding VLAN 0 to HW filter on device batadv0
[  448.234146][T11625] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  448.244892][T11625] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  448.254271][T11625] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  448.263034][T11625] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  448.375992][T11688] 8021q: adding VLAN 0 to HW filter on device team0
[  448.414237][ T7564] bridge0: port 1(bridge_slave_0) entered blocking state
[  448.421398][ T7564] bridge0: port 1(bridge_slave_0) entered forwarding state
[  448.474678][ T7564] bridge0: port 2(bridge_slave_1) entered blocking state
[  448.481830][ T7564] bridge0: port 2(bridge_slave_1) entered forwarding state
[  448.556053][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.589490][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.607274][T11663] veth0_vlan: entered promiscuous mode
[  448.658824][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.678789][T11663] veth1_vlan: entered promiscuous mode
[  448.685448][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.787014][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.807363][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.842991][T11688] 8021q: adding VLAN 0 to HW filter on device batadv0
[  448.855380][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.861813][T11663] veth0_macvtap: entered promiscuous mode
[  448.895106][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.896986][T11663] veth1_macvtap: entered promiscuous mode
[  448.922212][T11857] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  448.988617][T11663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  449.022953][T11663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  449.038987][T11663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  449.057929][T11663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  449.067947][T11663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  449.079104][T11663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  449.098634][T11663] batman_adv: batadv0: Interface activated: batadv_slave_0
[  449.120982][T11663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  449.131859][T11663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  449.183919][T11663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  449.223101][T11663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  449.246128][T11663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  449.285436][T11663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  449.338683][T11663] batman_adv: batadv0: Interface activated: batadv_slave_1
[  449.366355][T11663] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  449.424394][T11663] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  449.448031][T11663] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  449.475240][T11663] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  449.722692][ T7882] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  449.740872][T11891] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1289'.
[  449.767931][T11688] veth0_vlan: entered promiscuous mode
[  449.806462][ T2915] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  449.815042][T11688] veth1_vlan: entered promiscuous mode
[  449.842476][ T2915] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  449.936834][ T7882] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  449.949344][   T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  449.966642][ T7882] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  449.973600][   T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.009414][T11688] veth0_macvtap: entered promiscuous mode
[  450.012895][ T7882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  450.068185][ T7882] usb 4-1: config 0 descriptor??
[  450.094532][T11688] veth1_macvtap: entered promiscuous mode
[  450.200398][T11688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.254576][T11688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.287963][T11688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.300939][T11688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.316515][T11688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.334362][ T7882] usb 4-1: USB disconnect, device number 31
[  450.353399][T11688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.398552][T11688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  450.450373][T11688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.479467][T11688] batman_adv: batadv0: Interface activated: batadv_slave_0
[  450.609551][T11688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.669912][T11688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.684051][T11688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.706859][T11688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.722491][T11688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.735186][T11688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.750679][T11688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  450.765812][T11688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  450.801493][T11688] batman_adv: batadv0: Interface activated: batadv_slave_1
[  450.812910][ T5149] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  450.886377][T11688] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  450.919949][T11688] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  450.959784][T11688] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  450.988771][T11688] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  451.032970][ T5149] usb 1-1: Using ep0 maxpacket: 16
[  451.057980][ T5149] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 64
[  451.103743][ T5149] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  451.143893][ T2515] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.154628][ T5149] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  451.168395][ T5149] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  451.193337][ T5149] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  451.240153][ T5149] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  451.293145][ T5149] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  451.311137][ T5149] usb 1-1: SerialNumber: syz
[  451.354596][T11914] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  451.371327][ T5149] cdc_acm 1-1:1.0: Control and data interfaces are not separated!
[  451.411414][ T2515] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.500973][T11935] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1300'.
[  451.633562][ T8223] usb 1-1: USB disconnect, device number 20
[  451.658916][ T2515] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.935183][T11275] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  451.951653][T11275] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  451.961903][T11275] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  451.970520][T11275] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  451.989621][T11275] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  452.002118][T11275] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  452.018877][T11962] usb usb8: usbfs: process 11962 (syz.4.1305) did not claim interface 0 before use
[  452.046145][ T2515] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.151751][  T995] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  452.179345][  T995] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  452.277037][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  452.297292][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  452.612123][ T2515] bridge_slave_1: left allmulticast mode
[  452.626371][ T2515] bridge_slave_1: left promiscuous mode
[  452.632156][ T2515] bridge0: port 2(bridge_slave_1) entered disabled state
[  452.717994][ T2515] bridge_slave_0: left allmulticast mode
[  452.756302][ T2515] bridge_slave_0: left promiscuous mode
[  452.791959][ T2515] bridge0: port 1(bridge_slave_0) entered disabled state
[  452.827589][T11982] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1309'.
[  453.119622][T11988] loop0: detected capacity change from 0 to 128
[  453.742894][ T2515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  453.804402][ T2515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  453.841904][ T2515] bond0 (unregistering): Released all slaves
[  453.888979][T11976] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1307'.
[  454.053248][T11275] Bluetooth: hci4: command tx timeout
[  454.313766][   T45] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  454.385866][T12016] FAULT_INJECTION: forcing a failure.
[  454.385866][T12016] name failslab, interval 1, probability 0, space 0, times 0
[  454.426878][T12016] CPU: 1 PID: 12016 Comm: syz.3.1317 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  454.437060][T12016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  454.447129][T12016] Call Trace:
[  454.450395][T12016]  <TASK>
[  454.453316][T12016]  dump_stack_lvl+0x241/0x360
[  454.457987][T12016]  ? __pfx_dump_stack_lvl+0x10/0x10
[  454.463171][T12016]  ? __pfx__printk+0x10/0x10
[  454.467749][T12016]  ? ref_tracker_alloc+0x332/0x490
[  454.472849][T12016]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  454.478292][T12016]  should_fail_ex+0x3b0/0x4e0
[  454.482959][T12016]  ? skb_clone+0x20c/0x390
[  454.487358][T12016]  should_failslab+0x9/0x20
[  454.491843][T12016]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  454.497204][T12016]  skb_clone+0x20c/0x390
[  454.501433][T12016]  __netlink_deliver_tap+0x3cc/0x7c0
[  454.506716][T12016]  ? netlink_deliver_tap+0x2e/0x1b0
[  454.511900][T12016]  netlink_deliver_tap+0x19d/0x1b0
[  454.517003][T12016]  netlink_sendskb+0x68/0x140
[  454.521664][T12016]  netlink_unicast+0x39d/0x980
[  454.526411][T12016]  ? __asan_memcpy+0x40/0x70
[  454.530986][T12016]  ? __pfx_netlink_unicast+0x10/0x10
[  454.536264][T12016]  netlink_rcv_skb+0x262/0x430
[  454.541027][T12016]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  454.546492][T12016]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  454.551768][T12016]  ? apparmor_capable+0x138/0x1b0
[  454.556776][T12016]  ? bpf_lsm_capable+0x9/0x10
[  454.561434][T12016]  ? security_capable+0x90/0xb0
[  454.566277][T12016]  nfnetlink_rcv+0x297/0x2a80
[  454.570943][T12016]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  454.577254][T12016]  ? __local_bh_enable_ip+0x168/0x200
[  454.582612][T12016]  ? lockdep_hardirqs_on+0x99/0x150
[  454.587796][T12016]  ? __local_bh_enable_ip+0x168/0x200
[  454.593148][T12016]  ? dev_hard_start_xmit+0x773/0x7e0
[  454.598418][T12016]  ? __dev_queue_xmit+0x2d2/0x3d30
[  454.603527][T12016]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  454.609244][T12016]  ? __dev_queue_xmit+0x2d2/0x3d30
[  454.614352][T12016]  ? __dev_queue_xmit+0x16c9/0x3d30
[  454.619554][T12016]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  454.624669][T12016]  ? __dev_queue_xmit+0x2d2/0x3d30
[  454.629775][T12016]  ? ref_tracker_free+0x643/0x7e0
[  454.634796][T12016]  ? __asan_memcpy+0x40/0x70
[  454.639374][T12016]  ? __pfx_ref_tracker_free+0x10/0x10
[  454.644750][T12016]  ? netlink_deliver_tap+0x2e/0x1b0
[  454.649939][T12016]  ? skb_clone+0x240/0x390
[  454.654344][T12016]  ? __pfx_lock_release+0x10/0x10
[  454.659358][T12016]  ? __netlink_deliver_tap+0x77e/0x7c0
[  454.664809][T12016]  ? netlink_deliver_tap+0x2e/0x1b0
[  454.669998][T12016]  netlink_unicast+0x7ea/0x980
[  454.674766][T12016]  ? __pfx_netlink_unicast+0x10/0x10
[  454.680052][T12016]  ? __virt_addr_valid+0x183/0x520
[  454.685162][T12016]  ? __check_object_size+0x49c/0x900
[  454.690432][T12016]  ? bpf_lsm_netlink_send+0x9/0x10
[  454.695534][T12016]  netlink_sendmsg+0x8db/0xcb0
[  454.700292][T12016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  454.705568][T12016]  ? __import_iovec+0x536/0x820
[  454.710398][T12016]  ? aa_sock_msg_perm+0x91/0x160
[  454.715324][T12016]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  454.720588][T12016]  ? security_socket_sendmsg+0x87/0xb0
[  454.726050][T12016]  ? __pfx_netlink_sendmsg+0x10/0x10
[  454.731317][T12016]  __sock_sendmsg+0x221/0x270
[  454.735985][T12016]  ____sys_sendmsg+0x525/0x7d0
[  454.740737][T12016]  ? __pfx_____sys_sendmsg+0x10/0x10
[  454.746028][T12016]  __sys_sendmsg+0x2b0/0x3a0
[  454.750624][T12016]  ? __pfx___sys_sendmsg+0x10/0x10
[  454.755720][T12016]  ? vfs_write+0x7c4/0xc90
[  454.760140][T12016]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  454.766467][T12016]  ? do_syscall_64+0x100/0x230
[  454.771220][T12016]  ? do_syscall_64+0xb6/0x230
[  454.775887][T12016]  do_syscall_64+0xf3/0x230
[  454.780380][T12016]  ? clear_bhb_loop+0x35/0x90
[  454.785040][T12016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.790917][T12016] RIP: 0033:0x7fce5e775bd9
[  454.795351][T12016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  454.814948][T12016] RSP: 002b:00007fce5f581048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  454.823352][T12016] RAX: ffffffffffffffda RBX: 00007fce5e903f60 RCX: 00007fce5e775bd9
[  454.831308][T12016] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  454.839262][T12016] RBP: 00007fce5f5810a0 R08: 0000000000000000 R09: 0000000000000000
[  454.847234][T12016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  454.855226][T12016] R13: 000000000000000b R14: 00007fce5e903f60 R15: 00007fce5ea2fa68
[  454.863196][T12016]  </TASK>
[  454.928088][   T45] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  454.939749][   T45] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  454.968317][   T45] usb 1-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  455.002867][   T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.096522][   T45] usb 1-1: config 0 descriptor??
[  455.365657][T11965] chnl_net:caif_netlink_parms(): no params data found
[  455.475008][T12032] loop0: detected capacity change from 0 to 128
[  455.581147][ T2515] hsr_slave_0: left promiscuous mode
[  455.646485][ T2515] hsr_slave_1: left promiscuous mode
[  455.680973][ T2515] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  455.715034][ T2515] batman_adv: batadv0: Removing interface: batadv_slave_0
[  455.806592][ T2515] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  455.829109][ T2515] batman_adv: batadv0: Removing interface: batadv_slave_1
[  455.841601][T12039] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1322'.
[  455.905417][ T2515] veth1_macvtap: left promiscuous mode
[  455.931708][ T2515] veth0_macvtap: left promiscuous mode
[  455.963013][ T2515] veth1_vlan: left promiscuous mode
[  455.991639][ T2515] veth0_vlan: left promiscuous mode
[  456.132635][T11275] Bluetooth: hci4: command tx timeout
[  456.142002][T12050] sctp: [Deprecated]: syz.1.1325 (pid 12050) Use of struct sctp_assoc_value in delayed_ack socket option.
[  456.142002][T12050] Use struct sctp_sack_info instead
[  456.199143][T12054] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1326'.
[  456.230112][T11275] Bluetooth: hci1: SCO packet for unknown connection handle 0
[  456.815832][   T45] usbhid 1-1:0.0: can't add hid device: -71
[  456.864490][   T45] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  456.906003][   T45] usb 1-1: USB disconnect, device number 21
[  457.208779][ T2515] team0 (unregistering): Port device team_slave_1 removed
[  457.270937][ T2515] team0 (unregistering): Port device team_slave_0 removed
[  457.859184][T12049] netlink: 'syz.1.1325': attribute type 10 has an invalid length.
[  457.887464][T12049] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  457.936713][T12049] batman_adv: batadv0: Removing interface: batadv_slave_0
[  457.976278][T12049] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  458.222611][T11275] Bluetooth: hci4: command tx timeout
[  458.296133][T11965] bridge0: port 1(bridge_slave_0) entered blocking state
[  458.352574][T11965] bridge0: port 1(bridge_slave_0) entered disabled state
[  458.360057][T11965] bridge_slave_0: entered allmulticast mode
[  458.388754][T11965] bridge_slave_0: entered promiscuous mode
[  458.415769][T12084] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1336'.
[  458.447840][T11965] bridge0: port 2(bridge_slave_1) entered blocking state
[  458.482263][T11965] bridge0: port 2(bridge_slave_1) entered disabled state
[  458.533526][T11965] bridge_slave_1: entered allmulticast mode
[  458.583101][T11965] bridge_slave_1: entered promiscuous mode
[  458.609824][T12091] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1334'.
[  458.814315][T11965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  459.020666][T11965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  459.264518][T11965] team0: Port device team_slave_0 added
[  459.301469][T11965] team0: Port device team_slave_1 added
[  459.437071][T11965] batman_adv: batadv0: Adding interface: batadv_slave_0
[  459.454877][T11965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  459.558139][T11965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  459.719557][ T2515] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  459.815534][T11965] batman_adv: batadv0: Adding interface: batadv_slave_1
[  459.832162][T11965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  459.927021][T11965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  460.090845][ T2515] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.292615][ T5107] Bluetooth: hci4: command tx timeout
[  460.306206][ T5107] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  460.318027][ T5107] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  460.352785][ T5107] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  460.380142][ T5107] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  460.391402][ T5107] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  460.401094][ T5107] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  460.413339][ T2515] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.712720][T11965] hsr_slave_0: entered promiscuous mode
[  460.739832][T11965] hsr_slave_1: entered promiscuous mode
[  460.759979][T11965] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  460.781596][T11965] Cannot create hsr debugfs directory
[  460.928058][ T2515] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  461.617769][T12146] kvm: emulating exchange as write
[  461.713926][T12146] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1347'.
[  461.933257][T12160] FAULT_INJECTION: forcing a failure.
[  461.933257][T12160] name failslab, interval 1, probability 0, space 0, times 0
[  461.980468][T12160] CPU: 0 PID: 12160 Comm: syz.0.1350 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  461.990678][T12160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  462.000751][T12160] Call Trace:
[  462.004044][T12160]  <TASK>
[  462.006983][T12160]  dump_stack_lvl+0x241/0x360
[  462.011682][T12160]  ? __pfx_dump_stack_lvl+0x10/0x10
[  462.016898][T12160]  ? __pfx__printk+0x10/0x10
[  462.021509][T12160]  ? __pfx___might_resched+0x10/0x10
[  462.026815][T12160]  ? __memcg_slab_post_alloc_hook+0x20f/0x7e0
[  462.032910][T12160]  should_fail_ex+0x3b0/0x4e0
[  462.037617][T12160]  ? vm_area_dup+0x61/0x290
[  462.042143][T12160]  should_failslab+0x9/0x20
[  462.046667][T12160]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  462.052067][T12160]  vm_area_dup+0x61/0x290
[  462.056420][T12160]  __split_vma+0x1a9/0xc30
[  462.060865][T12160]  ? __pfx___split_vma+0x10/0x10
[  462.065829][T12160]  ? mas_find+0x950/0xbb0
[  462.070182][T12160]  do_vmi_align_munmap+0x433/0x18c0
[  462.075415][T12160]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  462.081065][T12160]  ? mtree_range_walk+0x6fd/0x8e0
[  462.086125][T12160]  ? mas_find+0x8c0/0xbb0
[  462.090476][T12160]  do_vmi_munmap+0x261/0x2f0
[  462.095091][T12160]  mmap_region+0x72f/0x2090
[  462.099629][T12160]  ? __lock_acquire+0x1346/0x1fd0
[  462.104672][T12160]  ? __pfx_mmap_region+0x10/0x10
[  462.109631][T12160]  ? mm_get_unmapped_area+0xa5/0xd0
[  462.114856][T12160]  ? cap_mmap_addr+0x163/0x2c0
[  462.119652][T12160]  ? __get_unmapped_area+0x2f0/0x360
[  462.124964][T12160]  do_mmap+0x8ad/0xfa0
[  462.129066][T12160]  ? __pfx_do_mmap+0x10/0x10
[  462.133674][T12160]  ? __pfx_ima_file_mmap+0x10/0x10
[  462.138825][T12160]  vm_mmap_pgoff+0x1dd/0x3d0
[  462.143439][T12160]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  462.148570][T12160]  ? __fget_files+0x29/0x470
[  462.153181][T12160]  ? __fget_files+0x3f6/0x470
[  462.157885][T12160]  ksys_mmap_pgoff+0x4f1/0x720
[  462.162672][T12160]  ? __x64_sys_mmap+0x7f/0x140
[  462.167462][T12160]  do_syscall_64+0xf3/0x230
[  462.171985][T12160]  ? clear_bhb_loop+0x35/0x90
[  462.176684][T12160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  462.182596][T12160] RIP: 0033:0x7fc591975bd9
[  462.187024][T12160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  462.206647][T12160] RSP: 002b:00007fc5927a6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  462.215172][T12160] RAX: ffffffffffffffda RBX: 00007fc591b03f60 RCX: 00007fc591975bd9
[  462.223162][T12160] RDX: 0000000000000000 RSI: 0000000000b36000 RDI: 0000000020000000
[  462.231150][T12160] RBP: 00007fc5927a60a0 R08: 0000000000000004 R09: 0000000000000000
[  462.239140][T12160] R10: 0000000000028011 R11: 0000000000000246 R12: 0000000000000001
[  462.247128][T12160] R13: 000000000000000b R14: 00007fc591b03f60 R15: 00007fc591c2fa68
[  462.255136][T12160]  </TASK>
[  462.452620][ T5107] Bluetooth: hci1: command tx timeout
[  462.493198][ T2515] bridge_slave_1: left allmulticast mode
[  462.498889][ T2515] bridge_slave_1: left promiscuous mode
[  462.515318][ T2515] bridge0: port 2(bridge_slave_1) entered disabled state
[  462.532227][ T2515] bridge_slave_0: left allmulticast mode
[  462.540249][ T2515] bridge_slave_0: left promiscuous mode
[  462.546182][ T2515] bridge0: port 1(bridge_slave_0) entered disabled state
[  462.865576][ T2515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  462.876797][ T2515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  462.887806][ T2515] bond0 (unregistering): Released all slaves
[  462.902032][T12176] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1351'.
[  462.918126][T12179] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1351'.
[  462.933274][T12178] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1352'.
[  463.007344][T12182] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1352'.
[  463.228511][T12183] team0: Port device team_slave_0 removed
[  463.242156][T12126] chnl_net:caif_netlink_parms(): no params data found
[  463.635391][T12198] netlink: 'syz.1.1357': attribute type 4 has an invalid length.
[  463.643541][T12198] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1357'.
[  463.870257][T12126] bridge0: port 1(bridge_slave_0) entered blocking state
[  463.870452][T12126] bridge0: port 1(bridge_slave_0) entered disabled state
[  463.870608][T12126] bridge_slave_0: entered allmulticast mode
[  463.882301][T12126] bridge_slave_0: entered promiscuous mode
[  463.882748][ T7570] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  463.971695][ T2515] hsr_slave_0: left promiscuous mode
[  463.978876][ T2515] hsr_slave_1: left promiscuous mode
[  463.989930][ T2515] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  463.989968][ T2515] batman_adv: batadv0: Removing interface: batadv_slave_0
[  463.990663][ T2515] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  463.990688][ T2515] batman_adv: batadv0: Removing interface: batadv_slave_1
[  464.014524][ T2515] veth1_macvtap: left promiscuous mode
[  464.014578][ T2515] veth0_macvtap: left promiscuous mode
[  464.014681][ T2515] veth1_vlan: left promiscuous mode
[  464.014749][ T2515] veth0_vlan: left promiscuous mode
[  464.067258][ T7570] usb 4-1: Using ep0 maxpacket: 8
[  464.184027][ T7570] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  464.184058][ T7570] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  464.186463][ T7570] usb 4-1: config 0 descriptor??
[  464.499327][T12206] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  464.531463][T12206] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  464.532603][ T5107] Bluetooth: hci1: command tx timeout
[  464.682332][ T7570] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  464.692887][ T7570] asix 4-1:0.0: probe with driver asix failed with error -71
[  464.713509][ T7570] usb 4-1: USB disconnect, device number 32
[  465.351762][ T2515] team0 (unregistering): Port device team_slave_1 removed
[  465.423359][T12230] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  465.435712][ T2515] team0 (unregistering): Port device team_slave_0 removed
[  465.439605][T12230] random: crng reseeded on system resumption
[  465.496198][T12231] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  465.868258][T12235] FAULT_INJECTION: forcing a failure.
[  465.868258][T12235] name failslab, interval 1, probability 0, space 0, times 0
[  465.884017][T12235] CPU: 1 PID: 12235 Comm: syz.0.1366 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  465.894189][T12235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  465.904270][T12235] Call Trace:
[  465.907564][T12235]  <TASK>
[  465.910499][T12235]  dump_stack_lvl+0x241/0x360
[  465.915175][T12235]  ? __pfx_dump_stack_lvl+0x10/0x10
[  465.920367][T12235]  ? __pfx__printk+0x10/0x10
[  465.924968][T12235]  ? do_raw_spin_lock+0x14f/0x370
[  465.930005][T12235]  should_fail_ex+0x3b0/0x4e0
[  465.934673][T12235]  ? sctp_get_port_local+0x78e/0x1740
[  465.940034][T12235]  should_failslab+0x9/0x20
[  465.944536][T12235]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  465.949918][T12235]  sctp_get_port_local+0x78e/0x1740
[  465.955106][T12235]  ? __pfx_lock_release+0x10/0x10
[  465.960125][T12235]  ? __pfx_sctp_get_port_local+0x10/0x10
[  465.965757][T12235]  ? sctp_bind_addr_match+0x295/0x2b0
[  465.971136][T12235]  ? sctp_v6_available+0x76/0x3e0
[  465.976156][T12235]  sctp_do_bind+0x513/0x950
[  465.980651][T12235]  sctp_connect_new_asoc+0x277/0x6c0
[  465.985935][T12235]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  465.991742][T12235]  ? sctp_sendmsg+0xbb9/0x3520
[  465.996493][T12235]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  466.002023][T12235]  ? security_sctp_bind_connect+0x90/0xb0
[  466.007733][T12235]  sctp_sendmsg+0x219a/0x3520
[  466.012433][T12235]  ? __pfx_sctp_sendmsg+0x10/0x10
[  466.017465][T12235]  ? __pfx_aa_sk_perm+0x10/0x10
[  466.022313][T12235]  ? inet_sendmsg+0x330/0x390
[  466.026984][T12235]  __sock_sendmsg+0x1a6/0x270
[  466.031654][T12235]  __sys_sendto+0x3a4/0x4f0
[  466.036151][T12235]  ? __pfx___sys_sendto+0x10/0x10
[  466.041174][T12235]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  466.047157][T12235]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  466.053491][T12235]  __x64_sys_sendto+0xde/0x100
[  466.058261][T12235]  do_syscall_64+0xf3/0x230
[  466.062766][T12235]  ? clear_bhb_loop+0x35/0x90
[  466.067467][T12235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.073357][T12235] RIP: 0033:0x7fc591975bd9
[  466.077785][T12235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  466.097396][T12235] RSP: 002b:00007fc5927a6048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  466.105810][T12235] RAX: ffffffffffffffda RBX: 00007fc591b03f60 RCX: 00007fc591975bd9
[  466.113804][T12235] RDX: 0000000000034000 RSI: 0000000020847fff RDI: 0000000000000003
[  466.121801][T12235] RBP: 00007fc5927a60a0 R08: 000000002005ffe4 R09: 000000000000001c
[  466.129785][T12235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  466.137843][T12235] R13: 000000000000000b R14: 00007fc591b03f60 R15: 00007fc591c2fa68
[  466.145838][T12235]  </TASK>
[  466.148869][    C1] vkms_vblank_simulate: vblank timer overrun
[  466.255238][T12126] bridge0: port 2(bridge_slave_1) entered blocking state
[  466.265272][T12126] bridge0: port 2(bridge_slave_1) entered disabled state
[  466.272673][T12126] bridge_slave_1: entered allmulticast mode
[  466.280722][T12126] bridge_slave_1: entered promiscuous mode
[  466.359235][T12217] macvlan2: entered allmulticast mode
[  466.380927][T12217] mac80211_hwsim hwsim102 wlan0: entered promiscuous mode
[  466.405793][T12217] mac80211_hwsim hwsim102 wlan0: entered allmulticast mode
[  466.428973][T12217] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  466.499342][T12126] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  466.545242][T12126] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  466.612562][ T5107] Bluetooth: hci1: command tx timeout
[  466.828268][T12249] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1369'.
[  466.836551][T12126] team0: Port device team_slave_0 added
[  466.843181][   T29] kauditd_printk_skb: 24 callbacks suppressed
[  466.843192][   T29] audit: type=1326 audit(1720142305.168:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12254 comm="syz.1.1370" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9687d75bd9 code=0x0
[  466.881548][T12126] team0: Port device team_slave_1 added
[  466.991035][T12126] batman_adv: batadv0: Adding interface: batadv_slave_0
[  467.019448][T12126] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  467.053829][T12126] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  467.081511][T12126] batman_adv: batadv0: Adding interface: batadv_slave_1
[  467.101722][T12126] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  467.159838][T12126] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  467.246231][T11965] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  467.315886][T11965] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  467.354280][T11965] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  467.453426][T12126] hsr_slave_0: entered promiscuous mode
[  467.478866][T12126] hsr_slave_1: entered promiscuous mode
[  467.492026][T12126] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  467.518620][T12126] Cannot create hsr debugfs directory
[  467.527409][T11965] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  467.862982][ T5149] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  468.073319][ T5149] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  468.096382][ T5149] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.119268][ T5149] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.145787][ T5149] usb 4-1: config 0 interface 0 has no altsetting 0
[  468.166405][ T5149] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.184280][ T5149] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.200202][ T5149] usb 4-1: config 0 interface 0 has no altsetting 0
[  468.210716][ T5149] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.231088][ T5149] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.278643][ T5149] usb 4-1: config 0 interface 0 has no altsetting 0
[  468.289069][ T5149] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.290422][T11965] 8021q: adding VLAN 0 to HW filter on device bond0
[  468.303448][ T5149] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.342655][ T5149] usb 4-1: config 0 interface 0 has no altsetting 0
[  468.362534][ T5149] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.382643][ T5149] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.417365][T11965] 8021q: adding VLAN 0 to HW filter on device team0
[  468.424596][ T5149] usb 4-1: config 0 interface 0 has no altsetting 0
[  468.446915][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  468.454140][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  468.463466][ T5149] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.483724][ T5149] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.496801][ T5149] usb 4-1: config 0 interface 0 has no altsetting 0
[  468.506195][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  468.510057][ T5149] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.513346][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  468.546958][ T5149] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.595925][ T5149] usb 4-1: config 0 interface 0 has no altsetting 0
[  468.613429][ T5149] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  468.629654][ T5149] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  468.670223][T11965] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  468.674363][ T5149] usb 4-1: config 0 interface 0 has no altsetting 0
[  468.687957][T12305] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1381'.
[  468.702576][ T5107] Bluetooth: hci1: command tx timeout
[  468.716849][ T5149] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  468.730800][ T5149] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  468.749372][ T5149] usb 4-1: Product: syz
[  468.754095][ T5149] usb 4-1: Manufacturer: syz
[  468.758781][ T5149] usb 4-1: SerialNumber: syz
[  468.779932][ T5149] usb 4-1: config 0 descriptor??
[  468.789473][ T5149] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  468.870980][T11965] 8021q: adding VLAN 0 to HW filter on device batadv0
[  468.975467][T12126] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  469.006888][T12126] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  469.042993][ T5149] usb 4-1: USB disconnect, device number 33
[  469.063891][T12126] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  469.079610][ T5149] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  469.149021][T12126] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  469.194479][T11965] veth0_vlan: entered promiscuous mode
[  469.241128][T11965] veth1_vlan: entered promiscuous mode
[  469.406429][T11965] veth0_macvtap: entered promiscuous mode
[  469.432191][T11965] veth1_macvtap: entered promiscuous mode
[  469.468386][T12126] 8021q: adding VLAN 0 to HW filter on device bond0
[  469.512138][T11965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  469.534404][T11965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  469.547349][T11965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  469.558142][T11965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  469.571201][T11965] batman_adv: batadv0: Interface activated: batadv_slave_0
[  469.589204][T11965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  469.621695][T11965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  469.651478][T11965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  469.673024][T11965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  469.702231][T11965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  469.732022][T11965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  469.754526][T11965] batman_adv: batadv0: Interface activated: batadv_slave_1
[  469.817362][T12126] 8021q: adding VLAN 0 to HW filter on device team0
[  470.008133][T11965] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  470.038305][T11965] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  470.052438][T11965] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  470.061235][T11965] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  470.232159][ T7567] bridge0: port 1(bridge_slave_0) entered blocking state
[  470.239409][ T7567] bridge0: port 1(bridge_slave_0) entered forwarding state
[  470.362410][ T7567] bridge0: port 2(bridge_slave_1) entered blocking state
[  470.369693][ T7567] bridge0: port 2(bridge_slave_1) entered forwarding state
[  470.620884][T12126] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  470.642178][T12126] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  470.707017][T12350] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1391'.
[  470.725751][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  470.743255][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  470.804321][T12126] 8021q: adding VLAN 0 to HW filter on device batadv0
[  470.821335][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  470.838209][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  470.910193][T12126] veth0_vlan: entered promiscuous mode
[  470.950064][T12126] veth1_vlan: entered promiscuous mode
[  471.001506][T12126] veth0_macvtap: entered promiscuous mode
[  471.025513][T12126] veth1_macvtap: entered promiscuous mode
[  471.170728][T12126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  471.231413][T12126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  471.279299][T12126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  471.306695][T12126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  471.325689][T12126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  471.339502][T12126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  471.361476][T12126] batman_adv: batadv0: Interface activated: batadv_slave_0
[  471.435495][T12126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  471.485964][T12126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  471.506193][T12126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  471.517120][T12126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  471.527803][T12126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  471.542617][T12126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  471.553758][T12126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  471.568864][T12126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  471.588498][T12126] batman_adv: batadv0: Interface activated: batadv_slave_1
[  471.699485][T12126] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  471.724773][T12126] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  471.748009][T12126] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  471.767409][T12126] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  471.873047][ T7567] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  472.015286][ T2915] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  472.037666][ T2915] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  472.082519][ T7567] usb 1-1: Using ep0 maxpacket: 32
[  472.100467][ T7567] usb 1-1: too many configurations: 246, using maximum allowed: 8
[  472.116080][   T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  472.123789][ T7567] usb 1-1: unable to read config index 0 descriptor/start: -61
[  472.132190][   T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  472.140355][ T7567] usb 1-1: can't read configurations, error -61
[  472.165090][T12374] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1398'.
[  472.322692][ T7567] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  472.522979][ T7567] usb 1-1: Using ep0 maxpacket: 32
[  472.533693][ T7567] usb 1-1: too many configurations: 246, using maximum allowed: 8
[  472.546256][ T7567] usb 1-1: unable to read config index 0 descriptor/start: -61
[  472.560856][ T7567] usb 1-1: can't read configurations, error -61
[  472.575651][ T7567] usb usb1-port1: attempt power cycle
[  472.631763][T12393] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1402'.
[  473.004746][ T7567] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  473.064514][ T7567] usb 1-1: Using ep0 maxpacket: 32
[  473.071655][ T7567] usb 1-1: too many configurations: 246, using maximum allowed: 8
[  473.085615][ T7567] usb 1-1: unable to read config index 0 descriptor/start: -61
[  473.096429][ T7567] usb 1-1: can't read configurations, error -61
[  473.282560][ T7567] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  473.323891][ T7567] usb 1-1: Using ep0 maxpacket: 32
[  473.336798][ T7567] usb 1-1: too many configurations: 246, using maximum allowed: 8
[  473.350198][ T7567] usb 1-1: unable to read config index 0 descriptor/start: -61
[  473.362544][ T7567] usb 1-1: can't read configurations, error -61
[  473.375134][ T7567] usb usb1-port1: unable to enumerate USB device
[  473.470851][T12407] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  473.495927][T12407] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  474.697611][T12420] netlink: 'syz.0.1410': attribute type 4 has an invalid length.
[  474.705892][T12420] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1410'.
[  474.917845][   T66] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.033978][   T66] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.120734][   T66] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.219154][   T66] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.399298][T11275] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  475.410455][T11275] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  475.419415][T11275] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  475.428104][T11275] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  475.438080][T11275] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  475.445695][T11275] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  475.618940][   T66] bridge_slave_1: left allmulticast mode
[  475.635167][   T66] bridge_slave_1: left promiscuous mode
[  475.642588][   T66] bridge0: port 2(bridge_slave_1) entered disabled state
[  475.661537][   T66] bridge_slave_0: left allmulticast mode
[  475.667377][   T66] bridge_slave_0: left promiscuous mode
[  475.678618][   T66] bridge0: port 1(bridge_slave_0) entered disabled state
[  475.843883][T12438] netlink: 'syz.0.1417': attribute type 3 has an invalid length.
[  475.860194][T12438] netlink: 127604 bytes leftover after parsing attributes in process `syz.0.1417'.
[  476.295183][   T66] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  476.315259][   T66] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  476.327447][   T66] bond0 (unregistering): Released all slaves
[  476.352514][ T5148] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  476.579424][ T5148] usb 2-1: New USB device found, idVendor=0c45, idProduct=6025, bcdDevice=41.12
[  476.604435][ T5148] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  476.634177][ T5148] usb 2-1: config 0 descriptor??
[  476.641748][ T5148] hub 2-1:0.0: bad descriptor, ignoring hub
[  476.648362][ T5148] hub 2-1:0.0: probe with driver hub failed with error -5
[  476.658528][ T5148] gspca_main: sonixb-2.14.0 probing 0c45:6025
[  477.005961][ T5148] sonixb 2-1:0.0: Error reading register 00: -71
[  477.083773][ T5148] usb 2-1: USB disconnect, device number 23
[  477.112506][   T45] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  477.173395][T11275] Bluetooth: hci3: command tx timeout
[  477.245775][   T66] hsr_slave_0: left promiscuous mode
[  477.265187][   T66] hsr_slave_1: left promiscuous mode
[  477.279152][   T66] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  477.296700][   T66] batman_adv: batadv0: Removing interface: batadv_slave_0
[  477.298008][   T45] usb 1-1: Using ep0 maxpacket: 32
[  477.310902][   T66] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  477.328130][   T66] batman_adv: batadv0: Removing interface: batadv_slave_1
[  477.335173][   T45] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  477.352519][   T45] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  477.375248][   T45] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  477.390065][   T45] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.393628][   T66] veth1_macvtap: left promiscuous mode
[  477.404802][   T45] usb 1-1: Product: syz
[  477.410193][   T45] usb 1-1: Manufacturer: syz
[  477.424115][ T5107] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  477.436142][ T5107] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  477.437332][   T66] veth0_macvtap: left promiscuous mode
[  477.451080][ T5107] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  477.460371][   T45] usb 1-1: SerialNumber: syz
[  477.471259][ T5107] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  477.481472][ T5107] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  477.481704][   T66] veth1_vlan: left promiscuous mode
[  477.493075][ T5107] Bluetooth: hci4: command tx timeout
[  477.500151][   T66] veth0_vlan: left promiscuous mode
[  477.505802][ T5107] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  478.379646][   T45] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 26 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  478.568312][   T66] team0 (unregistering): Port device team_slave_1 removed
[  478.621326][   T66] team0 (unregistering): Port device team_slave_0 removed
[  479.031235][T12468] netlink: 'syz.4.1424': attribute type 4 has an invalid length.
[  479.052279][T12468] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1424'.
[  479.137653][T12436] chnl_net:caif_netlink_parms(): no params data found
[  479.167930][   T45] usb 1-1: USB disconnect, device number 26
[  479.215486][   T45] usblp0: removed
[  479.423042][T12486] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1427'.
[  479.449945][T12486] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1427'.
[  479.572901][ T5107] Bluetooth: hci0: command tx timeout
[  479.574221][T12436] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.579708][T11275] Bluetooth: hci4: command tx timeout
[  479.657709][T12436] bridge0: port 1(bridge_slave_0) entered disabled state
[  479.673297][T12436] bridge_slave_0: entered allmulticast mode
[  479.703447][T12436] bridge_slave_0: entered promiscuous mode
[  479.735819][T12436] bridge0: port 2(bridge_slave_1) entered blocking state
[  479.763592][T12436] bridge0: port 2(bridge_slave_1) entered disabled state
[  479.780028][T12436] bridge_slave_1: entered allmulticast mode
[  479.797090][T12436] bridge_slave_1: entered promiscuous mode
[  480.117605][T12436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  480.212655][T12436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  480.446987][   T66] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  480.527255][T12436] team0: Port device team_slave_0 added
[  480.559449][T12475] chnl_net:caif_netlink_parms(): no params data found
[  480.603653][   T66] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  480.632651][ T7570] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  480.647530][T12436] team0: Port device team_slave_1 added
[  480.708314][T12528] netlink: 'syz.0.1434': attribute type 4 has an invalid length.
[  480.716619][T12528] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1434'.
[  480.753867][   T66] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  480.839200][ T7570] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11
[  480.866247][ T7570] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024
[  480.874127][T12534] FAULT_INJECTION: forcing a failure.
[  480.874127][T12534] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  480.890740][ T7570] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  480.919152][ T7570] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  480.922324][T12534] CPU: 1 PID: 12534 Comm: syz.1.1436 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  480.930186][ T7570] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.938333][T12534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  480.938352][T12534] Call Trace:
[  480.938362][T12534]  <TASK>
[  480.938370][T12534]  dump_stack_lvl+0x241/0x360
[  480.938402][T12534]  ? __pfx_dump_stack_lvl+0x10/0x10
[  480.938424][T12534]  ? __pfx__printk+0x10/0x10
[  480.938447][T12534]  ? __pfx_lock_release+0x10/0x10
[  480.938473][T12534]  should_fail_ex+0x3b0/0x4e0
[  480.938501][T12534]  _copy_from_user+0x2f/0xe0
[  480.964735][ T7570] usb 5-1: config 0 descriptor??
[  480.967353][T12534]  core_sys_select+0x639/0x910
[  480.973502][T12520] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  480.977104][T12534]  ? __pfx_core_sys_select+0x10/0x10
[  481.013466][T12534]  ? ksys_write+0x23e/0x2c0
[  481.018017][T12534]  ? __pfx_set_user_sigmask+0x10/0x10
[  481.023399][T12534]  ? __fget_files+0x3f6/0x470
[  481.028953][T12534]  __se_sys_pselect6+0x319/0x3f0
[  481.033903][T12534]  ? __pfx___se_sys_pselect6+0x10/0x10
[  481.039356][T12534]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  481.045674][T12534]  ? do_syscall_64+0x100/0x230
[  481.050434][T12534]  ? __x64_sys_pselect6+0x21/0xf0
[  481.055449][T12534]  do_syscall_64+0xf3/0x230
[  481.059947][T12534]  ? clear_bhb_loop+0x35/0x90
[  481.064636][T12534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.070531][T12534] RIP: 0033:0x7f9687d75bd9
[  481.074951][T12534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.094651][T12534] RSP: 002b:00007f9688c06048 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  481.103085][T12534] RAX: ffffffffffffffda RBX: 00007f9687f03f60 RCX: 00007f9687d75bd9
[  481.111049][T12534] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000040
[  481.119010][T12534] RBP: 00007f9688c060a0 R08: 0000000000000000 R09: 0000000000000000
[  481.126970][T12534] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  481.134935][T12534] R13: 000000000000000b R14: 00007f9687f03f60 R15: 00007f968802fa68
[  481.142912][T12534]  </TASK>
[  481.185586][   T66] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  481.220359][T12436] batman_adv: batadv0: Adding interface: batadv_slave_0
[  481.241589][T12436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  481.271988][T12436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  481.308501][T12436] batman_adv: batadv0: Adding interface: batadv_slave_1
[  481.322666][T12436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  481.356601][T12436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  481.416795][ T7570] plantronics 0003:047F:FFFF.000D: unknown main item tag 0xd
[  481.427756][T12475] bridge0: port 1(bridge_slave_0) entered blocking state
[  481.430675][ T7570] plantronics 0003:047F:FFFF.000D: No inputs registered, leaving
[  481.447746][ T7570] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  481.451106][T12475] bridge0: port 1(bridge_slave_0) entered disabled state
[  481.483237][T12475] bridge_slave_0: entered allmulticast mode
[  481.518280][T12475] bridge_slave_0: entered promiscuous mode
[  481.533836][T12475] bridge0: port 2(bridge_slave_1) entered blocking state
[  481.541190][T12475] bridge0: port 2(bridge_slave_1) entered disabled state
[  481.554956][T12475] bridge_slave_1: entered allmulticast mode
[  481.562590][T12475] bridge_slave_1: entered promiscuous mode
[  481.652689][T11275] Bluetooth: hci4: command tx timeout
[  481.658141][T11275] Bluetooth: hci0: command tx timeout
[  481.660955][T12475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  481.703099][T12436] hsr_slave_0: entered promiscuous mode
[  481.712206][T12436] hsr_slave_1: entered promiscuous mode
[  481.723115][T12436] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  481.730698][T12436] Cannot create hsr debugfs directory
[  481.785169][T12475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  481.982129][T12475] team0: Port device team_slave_0 added
[  481.994907][T12475] team0: Port device team_slave_1 added
[  482.040489][   T66] bridge_slave_1: left allmulticast mode
[  482.051637][   T66] bridge_slave_1: left promiscuous mode
[  482.058002][   T66] bridge0: port 2(bridge_slave_1) entered disabled state
[  482.076001][   T66] bridge_slave_0: left allmulticast mode
[  482.081696][   T66] bridge_slave_0: left promiscuous mode
[  482.099226][   T66] bridge0: port 1(bridge_slave_0) entered disabled state
[  482.522360][T12570] xt_connbytes: Forcing CT accounting to be enabled
[  482.536705][T12570] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  482.576629][T12570] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  482.666849][   T66] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  482.684075][   T66] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  482.697446][   T66] bond0 (unregistering): Released all slaves
[  482.769651][T12475] batman_adv: batadv0: Adding interface: batadv_slave_0
[  482.777143][T12475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  482.805217][T12475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  482.822658][T12475] batman_adv: batadv0: Adding interface: batadv_slave_1
[  482.829823][T12475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  482.858307][T12475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  482.876839][T10186] usb 5-1: reset high-speed USB device number 22 using dummy_hcd
[  482.892355][T12573] netlink: 'syz.1.1443': attribute type 4 has an invalid length.
[  482.900843][T12573] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1443'.
[  483.034543][T10186] usb 5-1: device descriptor read/64, error -32
[  483.086877][T12475] hsr_slave_0: entered promiscuous mode
[  483.116454][T12475] hsr_slave_1: entered promiscuous mode
[  483.131636][T12475] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  483.141804][T12475] Cannot create hsr debugfs directory
[  483.410857][   T66] hsr_slave_0: left promiscuous mode
[  483.433462][   T66] hsr_slave_1: left promiscuous mode
[  483.447679][   T66] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  483.471275][   T66] batman_adv: batadv0: Removing interface: batadv_slave_0
[  483.501252][   T66] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  483.538380][   T66] batman_adv: batadv0: Removing interface: batadv_slave_1
[  483.630090][   T66] veth1_macvtap: left promiscuous mode
[  483.656312][   T66] veth0_macvtap: left promiscuous mode
[  483.673192][T12594] netlink: 'syz.1.1447': attribute type 29 has an invalid length.
[  483.687284][   T66] veth1_vlan: left promiscuous mode
[  483.714759][   T66] veth0_vlan: left promiscuous mode
[  483.732586][T11275] Bluetooth: hci0: command tx timeout
[  483.738095][ T5107] Bluetooth: hci4: command tx timeout
[  483.832493][T10186] usb 5-1: reset high-speed USB device number 22 using dummy_hcd
[  483.848779][T10186] usb 5-1: device reset changed ep0 maxpacket size!
[  483.867512][ T8220] usb 5-1: USB disconnect, device number 22
[  484.073785][ T8220] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  484.283005][ T8220] usb 5-1: Using ep0 maxpacket: 32
[  484.315279][ T8220] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  484.358448][ T8220] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.399031][ T8220] usb 5-1: config 0 descriptor??
[  484.431054][ T8220] gspca_main: sunplus-2.14.0 probing 041e:400b
[  484.956804][ T8220] gspca_sunplus: reg_w_riv err -110
[  484.967980][ T8220] sunplus 5-1:0.0: probe with driver sunplus failed with error -110
[  485.110065][   T66] team0 (unregistering): Port device team_slave_1 removed
[  485.167408][   T66] team0 (unregistering): Port device team_slave_0 removed
[  485.652767][T12594] netlink: 'syz.1.1447': attribute type 29 has an invalid length.
[  485.672744][T12613] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1449'.
[  485.707886][T12616] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1446'.
[  485.812789][T11275] Bluetooth: hci0: command tx timeout
[  486.147200][T12627] netlink: 'syz.0.1452': attribute type 4 has an invalid length.
[  486.168983][T12627] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1452'.
[  486.989061][T12436] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  487.108048][T12436] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  487.153298][   T45] usb 5-1: USB disconnect, device number 23
[  487.161401][T12436] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  487.188246][T12436] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  487.390872][T12658] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1459'.
[  487.660562][T12672] netlink: 'syz.1.1461': attribute type 4 has an invalid length.
[  487.671619][T12672] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1461'.
[  487.711933][T12436] 8021q: adding VLAN 0 to HW filter on device bond0
[  487.768734][T12475] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  487.794549][T12436] 8021q: adding VLAN 0 to HW filter on device team0
[  487.819399][T12475] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  487.856200][T12679] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  487.856606][T12475] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  487.910182][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[  487.917425][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[  487.929950][T12475] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  487.966485][ T8220] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  487.973454][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[  487.981304][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[  488.194507][ T8220] usb 5-1: Using ep0 maxpacket: 16
[  488.219712][T12436] 8021q: adding VLAN 0 to HW filter on device batadv0
[  488.231729][ T8220] usb 5-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=45.98
[  488.261124][ T8220] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  488.271177][ T8220] usb 5-1: Product: syz
[  488.281440][ T8220] usb 5-1: Manufacturer: syz
[  488.291842][ T8220] usb 5-1: SerialNumber: syz
[  488.304539][T12475] 8021q: adding VLAN 0 to HW filter on device bond0
[  488.320763][ T8220] usb 5-1: config 0 descriptor??
[  488.378632][T12475] 8021q: adding VLAN 0 to HW filter on device team0
[  488.391069][T11275] Bluetooth: hci3: Malformed HCI Event: 0x22
[  488.451725][ T7567] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.458936][ T7567] bridge0: port 1(bridge_slave_0) entered forwarding state
[  488.500758][ T7570] bridge0: port 2(bridge_slave_1) entered blocking state
[  488.507929][ T7570] bridge0: port 2(bridge_slave_1) entered forwarding state
[  488.512135][T12690] Cannot find add_set index 0 as target
[  488.561834][T12436] veth0_vlan: entered promiscuous mode
[  488.598117][T12687] netdevsim netdevsim1: Direct firmware load for ng failed with error -2
[  488.598212][T12687] netdevsim netdevsim1: Falling back to sysfs fallback for: ng
[  488.622347][T12436] veth1_vlan: entered promiscuous mode
[  488.819613][T12436] veth0_macvtap: entered promiscuous mode
[  488.844935][T12436] veth1_macvtap: entered promiscuous mode
[  488.872270][T12475] 8021q: adding VLAN 0 to HW filter on device batadv0
[  488.910582][T12436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  488.927752][T12436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  488.939586][T12436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  488.951585][T12436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  488.966086][T12436] batman_adv: batadv0: Interface activated: batadv_slave_0
[  489.010411][T12436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.028685][T12436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.039156][T12436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.050258][T12436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.064258][T12436] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.079550][T12436] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.101792][T12436] batman_adv: batadv0: Interface activated: batadv_slave_1
[  489.139520][T12436] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  489.148894][T12436] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  489.159370][T12436] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  489.169865][T12436] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  489.203545][T12475] veth0_vlan: entered promiscuous mode
[  489.266751][T12475] veth1_vlan: entered promiscuous mode
[  489.312943][ T8220] mos7840 5-1:0.0: required endpoints missing
[  489.333950][ T8220] usb 5-1: USB disconnect, device number 24
[  489.441629][ T2515] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  489.469892][ T2515] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  489.528115][T12475] veth0_macvtap: entered promiscuous mode
[  489.559086][ T2864] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  489.580776][T12475] veth1_macvtap: entered promiscuous mode
[  489.592603][ T2864] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  489.649456][T12475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  489.670972][T12475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.702594][T12475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  489.718819][T12475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.746359][T12475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  489.769091][T12475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.796005][T12475] batman_adv: batadv0: Interface activated: batadv_slave_0
[  489.847885][T12475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.890666][T12726] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1415'.
[  489.904524][T12475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.923946][T12475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.952061][T12475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  489.980529][T12475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  489.996629][T12475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.026014][T12475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  490.056515][T12475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  490.071485][T12475] batman_adv: batadv0: Interface activated: batadv_slave_1
[  490.097501][T12475] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  490.114596][T12475] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  490.127696][T12475] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  490.140661][T12475] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  490.353860][T12737] FAULT_INJECTION: forcing a failure.
[  490.353860][T12737] name failslab, interval 1, probability 0, space 0, times 0
[  490.371485][T12737] CPU: 0 PID: 12737 Comm: syz.4.1469 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  490.381651][T12737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  490.391697][T12737] Call Trace:
[  490.394988][T12737]  <TASK>
[  490.397927][T12737]  dump_stack_lvl+0x241/0x360
[  490.402614][T12737]  ? __pfx_dump_stack_lvl+0x10/0x10
[  490.407837][T12737]  ? __pfx__printk+0x10/0x10
[  490.412434][T12737]  ? __pfx___might_resched+0x10/0x10
[  490.417712][T12737]  should_fail_ex+0x3b0/0x4e0
[  490.422389][T12737]  ? rt_acct_proc_show+0x57/0x3d0
[  490.427419][T12737]  should_failslab+0x9/0x20
[  490.431917][T12737]  kmalloc_trace_noprof+0x6c/0x2c0
[  490.437025][T12737]  rt_acct_proc_show+0x57/0x3d0
[  490.441871][T12737]  traverse+0x1df/0x550
[  490.446028][T12737]  seq_read_iter+0xc5e/0xd60
[  490.450612][T12737]  ? end_current_label_crit_section+0x14e/0x180
[  490.456853][T12737]  proc_reg_read_iter+0x1c3/0x290
[  490.461866][T12737]  vfs_read+0x9bd/0xbc0
[  490.466011][T12737]  ? __pfx_lock_release+0x10/0x10
[  490.471026][T12737]  ? __pfx_vfs_read+0x10/0x10
[  490.475708][T12737]  __x64_sys_pread64+0x1aa/0x230
[  490.480639][T12737]  ? __pfx___x64_sys_pread64+0x10/0x10
[  490.486088][T12737]  ? do_syscall_64+0x100/0x230
[  490.490846][T12737]  ? do_syscall_64+0xb6/0x230
[  490.495520][T12737]  do_syscall_64+0xf3/0x230
[  490.500016][T12737]  ? clear_bhb_loop+0x35/0x90
[  490.504680][T12737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.510564][T12737] RIP: 0033:0x7f025c975bd9
[  490.514967][T12737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.534563][T12737] RSP: 002b:00007f025d6b7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  490.542981][T12737] RAX: ffffffffffffffda RBX: 00007f025cb04038 RCX: 00007f025c975bd9
[  490.550942][T12737] RDX: 0000000000000137 RSI: 0000000020002180 RDI: 0000000000000005
[  490.558900][T12737] RBP: 00007f025d6b70a0 R08: 0000000000000000 R09: 0000000000000000
[  490.566875][T12737] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001
[  490.574855][T12737] R13: 000000000000006e R14: 00007f025cb04038 R15: 00007f025cc2fa68
[  490.582836][T12737]  </TASK>
[  490.614058][T11275] Bluetooth: hci3: command tx timeout
[  490.636895][T12741] netlink: 'syz.1.1471': attribute type 4 has an invalid length.
[  490.656323][T12741] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1471'.
[  490.770973][ T2864] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  490.793118][ T2864] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  490.893349][ T7567] usb 1-1: new full-speed USB device number 27 using dummy_hcd
[  490.917436][ T2915] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  490.948126][ T2915] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  491.085099][ T7567] usb 1-1: New USB device found, idVendor=9022, idProduct=d484, bcdDevice=cd.35
[  491.105800][ T7567] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  491.160280][ T7567] usb 1-1: config 0 descriptor??
[  491.179044][ T7567] dvb-usb: found a 'TeVii S482 (tuner 2)' in warm state.
[  491.221025][ T7567] dw2102: su3000_power_ctrl: 1, initialized 0
[  491.249657][ T7567] dvb-usb: bulk message failed: -22 (2/0)
[  491.303879][ T7567] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  491.371538][T12771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1477'.
[  491.381744][T12740] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1470'.
[  491.448037][ T7567] dvb-usb: TeVii S482 (tuner 2) error while loading driver (-19)
[  491.508733][T12774] FAULT_INJECTION: forcing a failure.
[  491.508733][T12774] name failslab, interval 1, probability 0, space 0, times 0
[  491.558843][T12740] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  491.588726][T12774] CPU: 0 PID: 12774 Comm: syz.1.1479 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  491.598915][T12774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  491.608991][T12774] Call Trace:
[  491.612284][T12774]  <TASK>
[  491.615230][T12774]  dump_stack_lvl+0x241/0x360
[  491.619936][T12774]  ? __pfx_dump_stack_lvl+0x10/0x10
[  491.625160][T12774]  ? __pfx__printk+0x10/0x10
[  491.629773][T12774]  ? __pfx___might_resched+0x10/0x10
[  491.635089][T12774]  should_fail_ex+0x3b0/0x4e0
[  491.639791][T12774]  ? __kvm_mmu_topup_memory_cache+0x1e3/0x6b0
[  491.645891][T12774]  should_failslab+0x9/0x20
[  491.650415][T12774]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  491.655815][T12774]  __kvm_mmu_topup_memory_cache+0x1e3/0x6b0
[  491.661751][T12774]  kvm_mmu_load+0x115/0x26e0
[  491.666389][T12774]  ? rcuwait_wake_up+0x1c/0x230
[  491.671268][T12774]  ? __pfx_kvm_mmu_load+0x10/0x10
[  491.676325][T12774]  ? pic_unlock+0x216/0x2b0
[  491.680855][T12774]  ? __pfx_pic_unlock+0x10/0x10
[  491.685741][T12774]  ? pic_update_irq+0x509/0x7b0
[  491.690618][T12774]  ? kvm_pic_read_irq+0x2e9/0xc50
[  491.695666][T12774]  ? kvm_apic_has_interrupt+0x4bc/0xa70
[  491.701225][T12774]  vcpu_run+0x6b72/0x87f0
[  491.705608][T12774]  ? __pfx_vcpu_run+0x10/0x10
[  491.710279][T12774]  ? __local_bh_enable_ip+0x168/0x200
[  491.715659][T12774]  ? lockdep_hardirqs_on+0x99/0x150
[  491.720869][T12774]  ? __pfx_lock_acquire+0x10/0x10
[  491.725894][T12774]  ? fpu_swap_kvm_fpstate+0x82/0x460
[  491.731176][T12774]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  491.736891][T12774]  ? xfd_validate_state+0x6e/0x150
[  491.741997][T12774]  ? rcu_is_watching+0x15/0xb0
[  491.746765][T12774]  ? rcu_is_watching+0x15/0xb0
[  491.751528][T12774]  kvm_arch_vcpu_ioctl_run+0xa7e/0x1920
[  491.757069][T12774]  ? mark_lock+0x9a/0x350
[  491.761391][T12774]  ? kvm_arch_vcpu_ioctl_run+0x1c9/0x1920
[  491.767101][T12774]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  491.773084][T12774]  ? __pfx_lock_acquire+0x10/0x10
[  491.778097][T12774]  ? get_task_pid+0x23/0x310
[  491.782698][T12774]  ? __pfx_lock_release+0x10/0x10
[  491.787723][T12774]  ? kvm_vcpu_ioctl+0x1d9/0xd00
[  491.792596][T12774]  ? get_task_pid+0x23/0x310
[  491.797197][T12774]  kvm_vcpu_ioctl+0x7f5/0xd00
[  491.801892][T12774]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  491.807101][T12774]  ? __fget_files+0x29/0x470
[  491.811697][T12774]  ? __fget_files+0x3f6/0x470
[  491.816372][T12774]  ? __fget_files+0x29/0x470
[  491.820959][T12774]  ? bpf_lsm_file_ioctl+0x9/0x10
[  491.825888][T12774]  ? security_file_ioctl+0x87/0xb0
[  491.830993][T12774]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  491.836182][T12774]  __se_sys_ioctl+0xfc/0x170
[  491.840766][T12774]  do_syscall_64+0xf3/0x230
[  491.845271][T12774]  ? clear_bhb_loop+0x35/0x90
[  491.849939][T12774]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.855843][T12774] RIP: 0033:0x7f9687d75bd9
[  491.860276][T12774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.879891][T12774] RSP: 002b:00007f9688c06048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  491.888303][T12774] RAX: ffffffffffffffda RBX: 00007f9687f03f60 RCX: 00007f9687d75bd9
[  491.896267][T12774] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  491.904239][T12774] RBP: 00007f9688c060a0 R08: 0000000000000000 R09: 0000000000000000
[  491.912200][T12774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  491.920161][T12774] R13: 000000000000000b R14: 00007f9687f03f60 R15: 00007f968802fa68
[  491.928140][T12774]  </TASK>
[  491.959130][T12740] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  492.724573][T12797] netlink: 'syz.4.1482': attribute type 4 has an invalid length.
[  492.748323][T12797] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1482'.
[  492.841784][ T7567] usb 1-1: USB disconnect, device number 27
[  492.979750][T12805] loop0: detected capacity change from 0 to 7
[  492.995980][T12805] Dev loop0: unable to read RDB block 7
[  493.009021][T12807] input input17: cannot allocate more than FF_MAX_EFFECTS effects
[  493.014808][T12805]  loop0: AHDI p2
[  493.021091][T12805] loop0: partition table partially beyond EOD, truncated
[  493.757954][T12841] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1490'.
[  494.030831][T12853] netlink: 'syz.2.1493': attribute type 4 has an invalid length.
[  494.041354][T12853] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1493'.
[  494.147137][T12857] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1494'.
[  495.242733][ T5150] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  495.448903][ T5150] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  495.495788][ T5150] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0
[  495.562911][ T5150] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  495.626562][ T5150] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  495.658798][ T5150] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.723980][ T5150] usb 1-1: config 0 descriptor??
[  495.959117][ T5150] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  496.002807][ T5150] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  496.053909][ T5150] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  496.153032][   T45] usb 1-1: USB disconnect, device number 28
[  496.366593][  T784] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  496.502848][ T7882] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  496.594112][  T784] usb 5-1: Using ep0 maxpacket: 8
[  496.605170][  T784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  496.617263][  T784] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  496.631592][  T784] usb 5-1: New USB device found, idVendor=17ef, idProduct=60ee, bcdDevice= 0.91
[  496.647499][  T784] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.688834][  T784] usb 5-1: config 0 descriptor??
[  496.709653][ T7882] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  496.742577][ T7882] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  496.763871][ T7882] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  496.787231][ T7882] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  496.806444][ T7882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.821443][ T7882] usb 4-1: config 0 descriptor??
[  497.059202][T12959] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1516'.
[  497.150289][  T784] lenovo 0003:17EF:60EE.000F: hidraw0: USB HID v0.00 Device [HID 17ef:60ee] on usb-dummy_hcd.4-1/input0
[  497.250866][ T7882] plantronics 0003:047F:FFFF.0010: unknown main item tag 0x0
[  497.290460][ T7882] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving
[  497.331631][ T7882] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  497.515445][T12966] netlink: 'syz.4.1510': attribute type 10 has an invalid length.
[  497.558050][ T5150] usb 4-1: USB disconnect, device number 34
[  497.746512][T12933] syz_tun: entered promiscuous mode
[  497.789675][T12933] syz_tun: left promiscuous mode
[  497.906838][ T7567] usb 5-1: USB disconnect, device number 25
[  500.215577][ T7567] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  500.426777][ T7567] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  500.445000][ T7567] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.482128][ T7567] usb 5-1: config 0 descriptor??
[  500.501586][ T7567] cp210x 5-1:0.0: cp210x converter detected
[  500.901966][ T7567] cp210x 5-1:0.0: failed to get vendor val 0x0010 size 3: -71
[  500.923131][ T7567] cp210x 5-1:0.0: failed to get vendor val 0x000e size 678: -71
[  500.947139][ T7567] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  500.970316][ T7567] usb 5-1: cp210x converter now attached to ttyUSB0
[  501.028227][ T7567] usb 5-1: USB disconnect, device number 26
[  501.066234][ T7567] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  501.110153][ T7567] cp210x 5-1:0.0: device disconnected
[  501.272739][ T7882] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  501.493245][ T7882] usb 4-1: Using ep0 maxpacket: 32
[  501.524906][ T7882] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  501.549182][ T7882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.604522][ T7882] usb 4-1: config 0 descriptor??
[  501.622134][ T7882] gspca_main: sunplus-2.14.0 probing 041e:400b
[  501.679403][   T29] audit: type=1326 audit(1720142340.018:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13025 comm="syz.2.1535" exe="/root/syz-executor" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7f0188b75bd9 code=0x0
[  501.679667][T13026] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1535'.
[  501.744430][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  501.756922][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  501.771547][T13031] vivid-007: disconnect
[  501.780807][T13026] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1535'.
[  501.837109][T13031] sctp: [Deprecated]: syz.4.1536 (pid 13031) Use of struct sctp_assoc_value in delayed_ack socket option.
[  501.837109][T13031] Use struct sctp_sack_info instead
[  501.909021][T13012] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1529'.
[  502.147043][ T7882] gspca_sunplus: reg_w_riv err -110
[  502.163963][ T7882] sunplus 4-1:0.0: probe with driver sunplus failed with error -110
[  502.561139][T13030] vivid-007: reconnect
[  502.622504][ T5151] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  502.803188][ T5151] usb 1-1: Using ep0 maxpacket: 8
[  502.821493][ T5151] usb 1-1: config 0 has an invalid interface number: 6 but max is 2
[  502.859496][ T5151] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  502.919955][ T5151] usb 1-1: config 0 has 2 interfaces, different from the descriptor's value: 3
[  502.959245][ T5151] usb 1-1: config 0 has no interface number 1
[  502.982041][ T5151] usb 1-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac
[  503.014679][ T5151] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.061724][ T5151] usb 1-1: config 0 descriptor??
[  503.110048][ T5151] usb 1-1: unknown number of interfaces: 2
[  503.358079][T13041] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  503.390624][T13041] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  503.454221][T12347] usb 1-1: USB disconnect, device number 29
[  503.730543][ T7881] usb 4-1: USB disconnect, device number 35
[  503.942085][T13071] netlink: 'syz.3.1546': attribute type 4 has an invalid length.
[  503.957590][T13071] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1546'.
[  504.352683][T13082] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1551'.
[  505.388718][T13102] netlink: 'syz.3.1558': attribute type 4 has an invalid length.
[  505.407953][T13102] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1558'.
[  505.471986][T11275] Bluetooth: hci2: Unknown advertising packet type: 0x70
[  505.472060][T11275] Bluetooth: hci2: adv larger than maximum supported
[  505.480513][T11275] Bluetooth: hci2: Malformed LE Event: 0x0d
[  505.654274][ T5148] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  505.884072][ T5148] usb 5-1: Using ep0 maxpacket: 32
[  505.941527][ T5148] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  505.965509][T13109] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1561'.
[  505.990000][ T5148] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.008843][T13109] openvswitch: netlink: Tunnel attr 0 has unexpected len 2 expected 8
[  506.023603][ T5148] usb 5-1: config 0 descriptor??
[  506.057542][ T5148] gspca_main: sunplus-2.14.0 probing 041e:400b
[  506.122086][T13115] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744073709551612)
[  506.132980][T13115] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[  506.352841][T13099] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1557'.
[  506.377879][ T7882] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  506.419844][T13121] batman_adv: batadv1: Adding interface: netdevsim0
[  506.426717][T13121] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  506.452622][T13121] batman_adv: batadv1: Interface activated: netdevsim0
[  506.582918][ T5148] gspca_sunplus: reg_w_riv err -110
[  506.590281][ T5148] sunplus 5-1:0.0: probe with driver sunplus failed with error -110
[  506.612572][ T7882] usb 3-1: Using ep0 maxpacket: 32
[  506.623105][ T7882] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=99.d3
[  506.651955][ T7882] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  506.711348][ T7882] usb 3-1: Product: syz
[  506.721891][ T7882] usb 3-1: Manufacturer: syz
[  506.742429][ T7882] usb 3-1: SerialNumber: syz
[  506.766023][ T7882] usb 3-1: config 0 descriptor??
[  506.806667][ T7882] radio-si470x 3-1:0.0: could not find interrupt in endpoint
[  506.824453][   T45] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  506.840188][ T7882] radio-si470x 3-1:0.0: probe with driver radio-si470x failed with error -5
[  506.872321][ T5107] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  506.882298][ T5107] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  506.890958][ T5107] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  506.901341][ T5107] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  506.909856][ T5107] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  506.917466][ T5107] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  507.001407][ T7882] radio-raremono 3-1:0.0: Thanko's Raremono connected: (10C4:818A)
[  507.041368][   T45] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  507.097500][   T45] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  507.154191][   T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.179391][   T51] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.191244][   T45] usb 1-1: config 0 descriptor??
[  507.201722][   T45] pwc: Askey VC010 type 2 USB webcam detected.
[  507.230088][ T7882] radio-raremono 3-1:0.0: raremono_cmd_main failed (-71)
[  507.256580][ T7882] radio-raremono 3-1:0.0: V4L2 device registered as radio32
[  507.275525][ T7882] usb 3-1: USB disconnect, device number 36
[  507.291881][ T7882] radio-raremono 3-1:0.0: Thanko's Raremono disconnected
[  507.478901][   T51] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.614730][   T45] pwc: recv_control_msg error -71 req 02 val 2b00
[  507.637200][   T45] pwc: recv_control_msg error -71 req 02 val 2700
[  507.647620][   T45] pwc: recv_control_msg error -71 req 02 val 2c00
[  507.658308][   T45] pwc: recv_control_msg error -71 req 04 val 1000
[  507.682350][   T45] pwc: recv_control_msg error -71 req 04 val 1300
[  507.700077][   T45] pwc: recv_control_msg error -71 req 04 val 1400
[  507.720650][   T45] pwc: recv_control_msg error -71 req 02 val 2000
[  507.735113][   T51] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.747277][   T45] pwc: recv_control_msg error -71 req 02 val 2100
[  507.763042][   T45] pwc: recv_control_msg error -71 req 04 val 1500
[  507.785404][   T45] pwc: recv_control_msg error -71 req 02 val 2500
[  507.809640][   T45] pwc: recv_control_msg error -71 req 02 val 2400
[  507.823779][   T45] pwc: recv_control_msg error -71 req 02 val 2600
[  507.869914][   T45] pwc: recv_control_msg error -71 req 02 val 2900
[  507.879309][   T45] pwc: recv_control_msg error -71 req 02 val 2800
[  507.894230][   T45] pwc: recv_control_msg error -71 req 04 val 1100
[  507.907669][   T45] pwc: recv_control_msg error -71 req 04 val 1200
[  507.927332][   T45] pwc: Registered as video71.
[  507.934270][   T45] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input18
[  507.963656][   T45] usb 1-1: USB disconnect, device number 30
[  507.990500][   T51] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  508.177525][T13142] netlink: 'syz.2.1570': attribute type 4 has an invalid length.
[  508.194990][T13142] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1570'.
[  508.352990][ T7570] usb 5-1: USB disconnect, device number 27
[  508.533697][T13128] chnl_net:caif_netlink_parms(): no params data found
[  508.535168][   T45] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  508.568776][   T51] bridge_slave_1: left allmulticast mode
[  508.581270][   T51] bridge_slave_1: left promiscuous mode
[  508.590694][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  508.600705][   T51] bridge_slave_0: left allmulticast mode
[  508.608186][   T51] bridge_slave_0: left promiscuous mode
[  508.616180][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  508.742677][   T45] usb 1-1: Using ep0 maxpacket: 32
[  508.782406][   T45] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11
[  508.821877][   T45] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  508.842326][   T45] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  508.867243][   T45] usb 1-1: string descriptor 0 read error: -22
[  508.885077][   T45] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  508.906700][   T45] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  509.016032][ T5107] Bluetooth: hci3: command tx timeout
[  509.220022][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  509.247433][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  509.266588][   T51] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[  509.290891][   T51] bond0 (unregistering): (slave macvlan2): Releasing backup interface
[  509.312867][   T51] mac80211_hwsim hwsim102 wlan0: left allmulticast mode
[  509.320981][   T51] mac80211_hwsim hwsim102 wlan0: left promiscuous mode
[  509.353016][   T51] bond0 (unregistering): Released all slaves
[  509.370222][   T45] cdc_ncm 1-1:1.0: bind() failure
[  509.395627][   T45] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71
[  509.405813][   T45] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71
[  509.431176][   T45] usbtest 1-1:1.1: probe with driver usbtest failed with error -71
[  509.491449][   T45] usb 1-1: USB disconnect, device number 31
[  510.507457][T13194] netlink: 'syz.3.1582': attribute type 4 has an invalid length.
[  510.533202][T13194] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1582'.
[  510.569356][T13182] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1580'.
[  510.641639][T13128] bridge0: port 1(bridge_slave_0) entered blocking state
[  510.677629][T13128] bridge0: port 1(bridge_slave_0) entered disabled state
[  510.697469][T13128] bridge_slave_0: entered allmulticast mode
[  510.717200][T13205] FAULT_INJECTION: forcing a failure.
[  510.717200][T13205] name failslab, interval 1, probability 0, space 0, times 0
[  510.734272][T13128] bridge_slave_0: entered promiscuous mode
[  510.759092][T13128] bridge0: port 2(bridge_slave_1) entered blocking state
[  510.768227][T13205] CPU: 0 PID: 13205 Comm: syz.0.1584 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  510.778404][T13205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  510.788455][T13205] Call Trace:
[  510.791724][T13205]  <TASK>
[  510.794645][T13205]  dump_stack_lvl+0x241/0x360
[  510.799329][T13205]  ? __pfx_dump_stack_lvl+0x10/0x10
[  510.804523][T13205]  ? __pfx__printk+0x10/0x10
[  510.809115][T13205]  ? __pfx___might_resched+0x10/0x10
[  510.814410][T13205]  should_fail_ex+0x3b0/0x4e0
[  510.819085][T13205]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  510.825318][T13205]  should_failslab+0x9/0x20
[  510.829812][T13205]  __kmalloc_noprof+0xd8/0x400
[  510.834575][T13205]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  510.840632][T13205]  genl_rcv_msg+0x802/0xec0
[  510.845124][T13205]  ? mark_lock+0x9a/0x350
[  510.849450][T13205]  ? __pfx_genl_rcv_msg+0x10/0x10
[  510.854481][T13205]  ? __pfx_lock_acquire+0x10/0x10
[  510.859496][T13205]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  510.864872][T13205]  ? __pfx_nl80211_set_key+0x10/0x10
[  510.870323][T13205]  ? __pfx_nl80211_post_doit+0x10/0x10
[  510.875776][T13205]  ? __pfx___might_resched+0x10/0x10
[  510.881075][T13205]  netlink_rcv_skb+0x1e3/0x430
[  510.885839][T13205]  ? __pfx_genl_rcv_msg+0x10/0x10
[  510.890853][T13205]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  510.896137][T13205]  ? __netlink_deliver_tap+0x77e/0x7c0
[  510.901593][T13205]  genl_rcv+0x28/0x40
[  510.905573][T13205]  netlink_unicast+0x7ea/0x980
[  510.910333][T13205]  ? __pfx_netlink_unicast+0x10/0x10
[  510.915606][T13205]  ? __virt_addr_valid+0x183/0x520
[  510.920714][T13205]  ? __check_object_size+0x49c/0x900
[  510.925990][T13205]  ? bpf_lsm_netlink_send+0x9/0x10
[  510.931096][T13205]  netlink_sendmsg+0x8db/0xcb0
[  510.935866][T13205]  ? __pfx_netlink_sendmsg+0x10/0x10
[  510.941143][T13205]  ? __import_iovec+0x536/0x820
[  510.945982][T13205]  ? aa_sock_msg_perm+0x91/0x160
[  510.950913][T13205]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  510.956183][T13205]  ? security_socket_sendmsg+0x87/0xb0
[  510.961642][T13205]  ? __pfx_netlink_sendmsg+0x10/0x10
[  510.966918][T13205]  __sock_sendmsg+0x221/0x270
[  510.971596][T13205]  ____sys_sendmsg+0x525/0x7d0
[  510.976364][T13205]  ? __pfx_____sys_sendmsg+0x10/0x10
[  510.981660][T13205]  __sys_sendmsg+0x2b0/0x3a0
[  510.986243][T13205]  ? __pfx___sys_sendmsg+0x10/0x10
[  510.991340][T13205]  ? vfs_write+0x7c4/0xc90
[  510.995776][T13205]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  511.002091][T13205]  ? do_syscall_64+0x100/0x230
[  511.006850][T13205]  ? do_syscall_64+0xb6/0x230
[  511.011519][T13205]  do_syscall_64+0xf3/0x230
[  511.016019][T13205]  ? clear_bhb_loop+0x35/0x90
[  511.020719][T13205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.026608][T13205] RIP: 0033:0x7fc591975bd9
[  511.031018][T13205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.050610][T13205] RSP: 002b:00007fc5927a6048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  511.059024][T13205] RAX: ffffffffffffffda RBX: 00007fc591b03f60 RCX: 00007fc591975bd9
[  511.066983][T13205] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  511.074944][T13205] RBP: 00007fc5927a60a0 R08: 0000000000000000 R09: 0000000000000000
[  511.082903][T13205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  511.090945][T13205] R13: 000000000000000b R14: 00007fc591b03f60 R15: 00007fc591c2fa68
[  511.098912][T13205]  </TASK>
[  511.108516][T13128] bridge0: port 2(bridge_slave_1) entered disabled state
[  511.123034][T13128] bridge_slave_1: entered allmulticast mode
[  511.139287][ T5107] Bluetooth: hci3: command tx timeout
[  511.150825][T13128] bridge_slave_1: entered promiscuous mode
[  511.192716][   T51] hsr_slave_0: left promiscuous mode
[  511.267407][   T51] hsr_slave_1: left promiscuous mode
[  511.337370][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  511.353510][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  511.411054][   T51] veth1_macvtap: left promiscuous mode
[  511.426515][   T51] veth0_macvtap: left promiscuous mode
[  511.436895][   T51] veth1_vlan: left promiscuous mode
[  511.442277][   T51] veth0_vlan: left promiscuous mode
[  512.368925][   T51] team0 (unregistering): Port device team_slave_1 removed
[  513.053783][T13215] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1585'.
[  513.152759][T13247] netlink: 'syz.0.1594': attribute type 4 has an invalid length.
[  513.172740][ T5107] Bluetooth: hci3: command tx timeout
[  513.184592][T13247] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1594'.
[  513.437663][T13128] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  513.481531][T13128] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  513.669313][T13128] team0: Port device team_slave_0 added
[  513.708166][T13128] team0: Port device team_slave_1 added
[  513.887182][T13128] batman_adv: batadv0: Adding interface: batadv_slave_0
[  513.919470][T13268] ------------[ cut here ]------------
[  513.925681][T13268] kernel BUG at mm/page_table_check.c:157!
SYZFAIL: failed to recv rpc
fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor)
[  513.940663][T13128] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  514.002478][T13268] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[  514.009452][T13268] CPU: 1 PID: 13268 Comm: syz.0.1599 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[  514.019607][T13268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  514.029671][T13268] RIP: 0010:__page_table_check_zero+0x274/0x350
[  514.035934][T13268] Code: c1 0f 8c 39 fe ff ff 48 89 df e8 97 41 f4 ff e9 2c fe ff ff e8 5d 8c 8e ff 90 0f 0b e8 55 8c 8e ff 90 0f 0b e8 4d 8c 8e ff 90 <0f> 0b f3 0f 1e fa 4c 89 f6 48 81 e6 ff 0f 00 00 31 ff e8 15 91 8e
[  514.055551][T13268] RSP: 0018:ffffc90002e57938 EFLAGS: 00010293
[  514.061630][T13268] RAX: ffffffff82079b03 RBX: dffffc0000000000 RCX: ffff8880286dda00
[  514.069611][T13268] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880189a07bc
[  514.077590][T13268] RBP: ffff8880189a07bc R08: ffff8880189a07bf R09: 1ffff110031340f7
[  514.085572][T13268] R10: dffffc0000000000 R11: ffffed10031340f8 R12: ffff8880189a0770
[  514.093551][T13268] R13: 1ffffffff2901988 R14: 0000000000000000 R15: 0000000000000000
[  514.101533][T13268] FS:  00007fc5927a66c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  514.110471][T13268] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  514.117058][T13268] CR2: 00000000201a2000 CR3: 000000007a64c000 CR4: 00000000003526f0
[  514.125037][T13268] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  514.133014][T13268] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  514.140991][T13268] Call Trace:
[  514.144273][T13268]  <TASK>
[  514.147206][T13268]  ? __die_body+0x88/0xe0
[  514.151561][T13268]  ? die+0xcf/0x110
[  514.155381][T13268]  ? do_trap+0x15a/0x3a0
[  514.159633][T13268]  ? __page_table_check_zero+0x274/0x350
[  514.165273][T13268]  ? do_error_trap+0x1dc/0x2c0
[  514.170025][T13268]  ? __page_table_check_zero+0x274/0x350
[  514.175646][T13268]  ? __pfx_do_error_trap+0x10/0x10
[  514.180745][T13268]  ? handle_invalid_op+0x34/0x40
[  514.185671][T13268]  ? __page_table_check_zero+0x274/0x350
[  514.191291][T13268]  ? exc_invalid_op+0x38/0x50
[  514.195957][T13268]  ? asm_exc_invalid_op+0x1a/0x20
[  514.200970][T13268]  ? __page_table_check_zero+0x273/0x350
[  514.206591][T13268]  ? __page_table_check_zero+0x274/0x350
[  514.212231][T13268]  ? __page_table_check_zero+0x273/0x350
[  514.217849][T13268]  free_unref_page+0xd36/0xea0
[  514.222687][T13268]  ? __virt_addr_valid+0x183/0x520
[  514.227787][T13268]  dec_usb_memory_use_count+0x259/0x350
[  514.233317][T13268]  ? __pfx_usbdev_vm_close+0x10/0x10
[  514.238594][T13268]  mmap_region+0x13b4/0x2090
[  514.243178][T13268]  ? __pfx_mmap_region+0x10/0x10
[  514.248105][T13268]  ? thp_get_unmapped_area_vmflags+0x269/0x380
[  514.254243][T13268]  ? cap_mmap_addr+0x163/0x2c0
[  514.258995][T13268]  ? __get_unmapped_area+0x2f0/0x360
[  514.264269][T13268]  do_mmap+0x8ad/0xfa0
[  514.268334][T13268]  ? __pfx_do_mmap+0x10/0x10
[  514.272913][T13268]  ? __pfx_ima_file_mmap+0x10/0x10
[  514.278013][T13268]  vm_mmap_pgoff+0x1dd/0x3d0
[  514.282589][T13268]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  514.287686][T13268]  ? __fget_files+0x29/0x470
[  514.292261][T13268]  ? __fget_files+0x3f6/0x470
[  514.296926][T13268]  ksys_mmap_pgoff+0x4f1/0x720
[  514.301679][T13268]  ? __x64_sys_mmap+0x7f/0x140
[  514.306432][T13268]  do_syscall_64+0xf3/0x230
[  514.310925][T13268]  ? clear_bhb_loop+0x35/0x90
[  514.315584][T13268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.321465][T13268] RIP: 0033:0x7fc591975bd9
[  514.325870][T13268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  514.345561][T13268] RSP: 002b:00007fc5927a6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  514.353961][T13268] RAX: ffffffffffffffda RBX: 00007fc591b03f60 RCX: 00007fc591975bd9
[  514.361916][T13268] RDX: 0000000001000006 RSI: 0000000000001000 RDI: 0000000020527000
[  514.369868][T13268] RBP: 00007fc5919e4aa1 R08: 0000000000000003 R09: 0000000000000000
[  514.377821][T13268] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[  514.385776][T13268] R13: 000000000000000b R14: 00007fc591b03f60 R15: 00007fc591c2fa68
[  514.393744][T13268]  </TASK>
[  514.396753][T13268] Modules linked in:
[  514.405584][T13128] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  514.472452][T13268] ---[ end trace 0000000000000000 ]---
[  514.477934][T13268] RIP: 0010:__page_table_check_zero+0x274/0x350
[  514.489065][T13268] Code: c1 0f 8c 39 fe ff ff 48 89 df e8 97 41 f4 ff e9 2c fe ff ff e8 5d 8c 8e ff 90 0f 0b e8 55 8c 8e ff 90 0f 0b e8 4d 8c 8e ff 90 <0f> 0b f3 0f 1e fa 4c 89 f6 48 81 e6 ff 0f 00 00 31 ff e8 15 91 8e
[  514.510736][T13268] RSP: 0018:ffffc90002e57938 EFLAGS: 00010293
[  514.517288][T13268] RAX: ffffffff82079b03 RBX: dffffc0000000000 RCX: ffff8880286dda00
[  514.527529][T13268] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880189a07bc
[  514.537425][T13268] RBP: ffff8880189a07bc R08: ffff8880189a07bf R09: 1ffff110031340f7
[  514.549992][T13268] R10: dffffc0000000000 R11: ffffed10031340f8 R12: ffff8880189a0770
[  514.558227][T13268] R13: 1ffffffff2901988 R14: 0000000000000000 R15: 0000000000000000
[  514.568279][T13268] FS:  00007fc5927a66c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  514.577554][T13268] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  514.586451][T13268] CR2: 00007fccf61525e8 CR3: 000000007a64c000 CR4: 00000000003526f0
[  514.594469][T13268] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  514.602708][T13268] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  514.610681][T13268] Kernel panic - not syncing: Fatal exception
[  514.616938][T13268] Kernel Offset: disabled
[  514.621260][T13268] Rebooting in 86400 seconds..