last executing test programs:

33.572582942s ago: executing program 4 (id=7871):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x1b00, &(0x7f0000000080)={&(0x7f00000002c0)={0x14, 0x4e, 0x1}, 0x14}}, 0x0)

33.435525903s ago: executing program 4 (id=7874):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000700)=@req={0x10000, 0x5, 0x80, 0xa00}, 0x10)
setsockopt$packet_add_memb(r1, 0x107, 0x18, &(0x7f0000000800)={0x0, 0x1, 0x6}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f0000000500)=""/4086, 0xff6}], 0x1}, 0x0)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90324fc601006034002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="b80000001900674c0000000000000000ff010000000000000000000000000001e000000100000008000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/108], 0xb8}}, 0x0)

33.211581604s ago: executing program 4 (id=7878):
socket$kcm(0x2, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x35}}, 0x10, 0x0}, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f00000001c0)=[@in={0x2, 0x0, @multicast2}], 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x41}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000000f40)=[{{0x0, 0xcb000004, 0x0}}], 0x28000, 0x0)
pipe(&(0x7f0000000080))
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c000000180077cd00000000000000060a00000000000000000a00001800010000000200fc02000000000000000000000000000008001e"], 0x3c}}, 0x0)
syz_emit_ethernet(0x17b, 0x0, 0x0)
sched_setscheduler(0xffffffffffffffff, 0x3, &(0x7f00000002c0)=0x500000)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x20)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x8}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0x9, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0x6, @mcast1, 0x40}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x9c)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x1, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x1e6)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
socket$xdp(0x2c, 0x3, 0x0)

32.184949554s ago: executing program 4 (id=7883):
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0xa}, "022ecaa5336609de6f71"}}, 0xd)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="03c900bc8cf09997952b33b44d82050679f29370fe725a1cbdd5afa5da85ab1ae3dc08d083ab8b9e28607112ed43d4141c36898acf4ee05ba713c60a326fe35bbb3c34445fc7cd1b31790c679147dbe1583a41a56f1a0755910f8367934b759512f192de5784d64ef372f7b15302c641f648552d4d7f2737665f3b1e4695bfc954d384782c7fea6f44d323679a1a7c1c173f262cf8d619624956a77fc18828f893ce0900000000000000da167c6c6a1f088c72e723db59a92a8a6151494f24c7"], 0xc0)
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB], 0xf)
r0 = socket$alg(0x26, 0x5, 0x0)
sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="43707511a0ccac586e704a8f22a41d46f166", 0x12}, {&(0x7f0000000180)="1bdfb42a7490c4b1cff6c4b96b7cd03c0300fbc7111fb483f60000efd12fce12fa3199355b2e204b2d9a909329cdde97dcf4563e398e601cccbae1d92fd91385f1ecd9dc746e482d2f1decd7cd216c519af9a0cbb022fb400c3725e2dff1336a3a0c1b3f90e644acd913853a2b23c599a9bbfdb5f9cf081d194a9c6132d31f3856ddaa4d2672778d4350f23a043f7795e1f618ecc61accac3f725dbcb1b3833b1db86ca2eb12ea7569bf29e6bcf886d8860c8e88fd630dea9fc693431807acd98ccb4cc84b6e4982", 0xc8}, {&(0x7f0000000080)="919e4819964e98a1e651d3167d444745c7524283ee4ad51008b30b0ab039d1f5583201f481b45ae7c431ed4c1f", 0x2d}], 0x3}, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f0000000140), 0x1b, 0x40000)
close_range(r1, r1, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000180), 0x0, 0x2)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$packet(0x11, 0x2, 0x300)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000000)={0x28, 0x0, 0x0, @my=0x0}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x3c, &(0x7f0000000100), 0x4)
pselect6(0x40, &(0x7f0000000040), 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x2, 0x0, 0x0, 0x10000, 0x2}, 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
fcntl$setstatus(r2, 0x4, 0xb970acdd662fb944)
r5 = getpid()
syz_pidfd_open(r5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="54000000190001"], 0x54}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_vhci(&(0x7f0000005200)=ANY=[@ANYBLOB="040000472300000000"], 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)

31.255994346s ago: executing program 4 (id=7891):
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xfa, 0xcf, 0x1, 0x40, 0x56e, 0x4010, 0x201c, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x91, 0x55, 0xe7}}]}}]}}, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, 0x0, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)

29.661345328s ago: executing program 4 (id=7897):
write$tun(0xffffffffffffffff, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500280008005400000060ec970001983a00fc000018c6ba35000000000000000700ff0200"], 0xfdef)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f0000000040)={0x0, 0x20000006})
ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f0000000440)={0x0, 0x20000006})
ioctl$SNDRV_TIMER_IOCTL_START(r2, 0x54a0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2)
syz_usb_connect$cdc_ecm(0x0, 0x71, &(0x7f0000000440)=ANY=[@ANYBLOB], &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x5b, &(0x7f0000000280)=ANY=[@ANYBLOB="5b03cb2b653d1ea1"]}]})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r3, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)

25.271290085s ago: executing program 3 (id=7919):
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0xa}, "022ecaa5336609de6f71"}}, 0xd)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="03c900bc8cf09997952b33b44d82050679f29370fe725a1cbdd5afa5da85ab1ae3dc08d083ab8b9e28607112ed43d4141c36898acf4ee05ba713c60a326fe35bbb3c34445fc7cd1b31790c679147dbe1583a41a56f1a0755910f8367934b759512f192de5784d64ef372f7b15302c641f648552d4d7f2737665f3b1e4695bfc954d384782c7fea6f44d323679a1a7c1c173f262cf8d619624956a77fc18828f893ce0900000000000000da167c6c6a1f088c72e723db59a92a8a6151494f24c7"], 0xc0)
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB], 0xf)
r0 = socket$alg(0x26, 0x5, 0x0)
sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="43707511a0ccac586e704a8f22a41d46f166", 0x12}, {&(0x7f0000000180)="1bdfb42a7490c4b1cff6c4b96b7cd03c0300fbc7111fb483f60000efd12fce12fa3199355b2e204b2d9a909329cdde97dcf4563e398e601cccbae1d92fd91385f1ecd9dc746e482d2f1decd7cd216c519af9a0cbb022fb400c3725e2dff1336a3a0c1b3f90e644acd913853a2b23c599a9bbfdb5f9cf081d194a9c6132d31f3856ddaa4d2672778d4350f23a043f7795e1f618ecc61accac3f725dbcb1b3833b1db86ca2eb12ea7569bf29e6bcf886d8860c8e88fd630dea9fc693431807acd98ccb4cc84b6e4982", 0xc8}, {&(0x7f0000000080)="919e4819964e98a1e651d3167d444745c7524283ee4ad51008b30b0ab039d1f5583201f481b45ae7c431ed4c1f8d470bcdb272", 0x33}], 0x3}, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f0000000140), 0x1b, 0x40000)
close_range(r1, r1, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000180), 0x0, 0x2)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$packet(0x11, 0x2, 0x300)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000000)={0x28, 0x0, 0x0, @my=0x0}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x3c, &(0x7f0000000100), 0x4)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x2, 0x0, 0x0, 0x10000, 0x2}, 0x0, 0x0)

24.335080254s ago: executing program 3 (id=7923):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000180))
ioctl$PPPIOCSACTIVE(r1, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
r2 = syz_io_uring_setup(0x239, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x2def, 0x0, 0x0, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0xb)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000001c0)=[@in={0x2, 0x0, @broadcast}], 0x10)
r5 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FILTER(r5, 0x65, 0x7, 0x0, &(0x7f0000002380))

23.426874626s ago: executing program 3 (id=7925):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)={0x28, r1, 0x1, 0x0, 0x0, {{0x38}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_COOKIE={0xc}]}, 0x28}}, 0x0) (fail_nth: 5)

22.860031108s ago: executing program 3 (id=7927):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmsg$kcm(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000780)=""/226, 0xe2}, {&(0x7f0000000300)=""/153, 0x99}, {&(0x7f00000003c0)=""/219, 0xdb}, {&(0x7f00000004c0)=""/113, 0x71}], 0x4}, 0x0)
sendmsg$TEAM_CMD_NOOP(r1, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="9a6739095293ce45c8f40e2c91be3d2133df02cbd6b16578b45c83ebc757fc5bcc6959ff7e58976d3089df70fcb63d60b099d3dbad1ee69f75e0480e537903aee2d9b66e8584b6a8b3168b7c0fa7285e9bfb76d31b59bbcf4c68c7d0702ae5a0ddf37a376df34c6934a05994e1ddf3dcb634d7cb762d827e7c009f6adaac650583a91f75be37ef878c8359317fc3b8dc4befed62a8e8ff93752f38e1040bc9b7a7e5a52042951d23a5d294cb73"], 0x6a4}, 0x1, 0x0, 0x0, 0x20040004}, 0x0)

22.844258028s ago: executing program 3 (id=7929):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x24, 0x0, 0x0, 0x0, 0x0, {{0x2}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1685}]]}, 0x24}}, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0xfdff, {}, {}, @raw32}], 0xffc8)

22.679980434s ago: executing program 3 (id=7931):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x40241, 0x0)
ioctl$SNAPSHOT_FREE(0xffffffffffffffff, 0x3305)
fsopen(&(0x7f00000002c0)='rpc_pipefs\x00', 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x2c, &(0x7f0000000900)=[@in6={0xa, 0x0, 0x0, @loopback}, @in={0x2, 0x0, @loopback}]}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500280008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001"], 0xfdef)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000340)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x12, 0x4, 0x0, 0x0, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}, @cipso={0x86, 0x1a, 0x0, [{0x0, 0xa, "34a6caf58db76931"}, {0x0, 0xa, "4f1347dfaaca82c2"}]}, @noop, @timestamp={0x44, 0x4}]}}}}})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r3, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000540)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0], 0x9, 0x6, 0x7, 0x4})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r3, 0xc02064a4, &(0x7f0000000640)={r4, 0x6, &(0x7f0000000580)=[0xe, 0x1, 0xe, 0x1d98, 0x8001, 0xff], &(0x7f00000005c0)=[0x6, 0x200, 0x2bb8, 0x8000, 0x2, 0x2, 0xb530], &(0x7f0000000600)=[0x8, 0x401, 0x8, 0xc, 0x100, 0xfff, 0x6, 0xd1, 0x40]})
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120110030000"], 0x0)
syz_usb_control_io(r2, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)

21.531762238s ago: executing program 0 (id=7935):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x7ff, <r0=>0x0}, 0x8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000004080)=@base={0x2, 0x4, 0x4, 0xbf22}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000500)={0x0, &(0x7f0000000040)=""/12, &(0x7f00000003c0), &(0x7f0000000440), 0x801, r1}, 0x38)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000004080)=@base={0x2, 0x4, 0x4, 0xbf22}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7}, [@call={0x85, 0x0, 0x0, 0x16}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @map_val={0x18, 0x8, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffc00}]}, &(0x7f0000000040)='syzkaller\x00', 0x2016, 0x0, 0x0, 0x41100, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000080)={0x3, 0x1}, 0x8, 0x10, &(0x7f00000000c0)={0x2, 0xb, 0x1, 0x1}, 0x10, r0, 0xffffffffffffffff, 0x0, &(0x7f0000000100)=[r1, r2]}, 0x80)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0xe, &(0x7f0000000680)=ANY=[@ANYRES8=r3], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x5}, 0x8, 0x10, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x3ff}, 0x10, r0}, 0x90)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/ip6_flowlabel\x00')
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, &(0x7f0000000140))
socket$nl_route(0x10, 0x3, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r6, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004cb], 0x0, 0x200})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r7, 0xc01064bd, &(0x7f0000000280)={&(0x7f0000000040)="c76e1a94fc67ed069d9a1e", 0xb, <r9=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r4, 0xc01064ac, &(0x7f00000004c0)={r9, 0xca, &(0x7f00000003c0)=""/202})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x68}, [@ldst={0x6}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r8, 0x4068aea3, &(0x7f0000000200)={0xbe, 0x0, 0x1})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c1000003800090000000000000000f602"], 0x101c}}, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r8, 0xae80, 0x0)

21.095195291s ago: executing program 0 (id=7936):
syz_open_dev$vcsn(&(0x7f0000000180), 0x0, 0x0)
r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r0, r0}, &(0x7f0000000240)=""/40, 0x28, &(0x7f0000000300)={&(0x7f0000000280)={'xxhash64\x00'}, &(0x7f00000002c0)="e7", 0x1})
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
io_setup(0x6, &(0x7f0000000300)=<r1=>0x0)
io_getevents(r1, 0x2, 0x2, &(0x7f0000000040)=[{}, {}], 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x44}}, 0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0}])
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r7, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r7, 0x29, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1000008219906d84"], 0x8)
sendmsg$inet6(r7, &(0x7f0000000000)={&(0x7f0000000080)={0xa, 0x4e22, 0x1000000080000, @mcast2}, 0x1c, 0x0}, 0x0)
io_submit(r1, 0x1, &(0x7f00000005c0)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0}])
socket$key(0xf, 0x3, 0x2)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r8, 0x8946, &(0x7f0000000300)={'wlan1\x00', &(0x7f0000000000)=@ethtool_per_queue_op={0xa, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}})
r9 = syz_open_dev$vim2m(&(0x7f0000000040), 0x96ad, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r9, 0xc008561c, &(0x7f0000000100)={0x8000001, 0x800})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x5, 0x5, 0x9fd, 0x84, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffc, 0x4}, 0x48)

19.651309483s ago: executing program 2 (id=7937):
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000014"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
syz_emit_ethernet(0x3e, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0}, 0x90)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
write$binfmt_aout(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="c02101"], 0x20) (fail_nth: 1)

19.192024995s ago: executing program 1 (id=7938):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmsg$kcm(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000780)=""/226, 0xe2}, {&(0x7f0000000300)=""/153, 0x99}, {&(0x7f00000003c0)=""/219, 0xdb}, {&(0x7f00000004c0)=""/113, 0x71}], 0x4}, 0x0)
sendmsg$TEAM_CMD_NOOP(r1, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="9a6739095293ce45c8f40e2c91be3d2133df02cbd6b16578b45c83ebc757fc5bcc6959ff7e58976d3089df70fcb63d60b099d3dbad1ee69f75e0480e537903aee2d9b66e8584b6a8b3168b7c0fa7285e9bfb76d31b59bbcf4c68c7d0702ae5a0ddf37a376df34c6934a05994e1ddf3dcb634d7cb762d827e7c009f6adaac650583a91f75be37ef878c8359317fc3b8dc4befed62a8e8ff93752f38e1040bc9b7a7e5a52042951d23a5d294cb73"], 0x6a4}, 0x1, 0x0, 0x0, 0x20040004}, 0x0)

19.191106008s ago: executing program 0 (id=7939):
r0 = socket$inet6(0xa, 0x80000, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x65, 0x2)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000080)={0x8, {"53ca27621f09cc44648dd41331064c876bfe50e6f095c66de853c77be469f35a92d2ae50bdd8fd8446e2633d95f80113805b6a98f251e68bf30cd8d1eb08978a69f96f370e9dc7034b40d7d7ea256d9de727be23ec843e68018cd42a8a8ba25a5cab83f5e06e5e1dc2a944e2919a4c867d23893846f3db32bddc72900be136385d669b72dad347f8318fe65dd75f9e003bfaf0d7126740caab708d9fda87e8c72733509f656dd35ac10aaf3c7b29460c55ae9d419c4a8967984d299a5d0a10e3fef4775ac5039530b4d00c95ce01cd7f67506ea4c19a56445720732c318a5da3152f888a04ddef15000546d08366daad10dbac0b724fab93484c04e58127489c0ad406633d0a01773610f886861e209aa9af32cf28b170df3a816ae0c7adc9d72602e1b674732133b9b77cc26d8610a50c3b4fa69fdfb82966cd75f3291734c991abfb02f89da525c41f1750979fcec6d05fd875f4a08fa8bf8b3fbcb84851b05dcbdc46881a6054d441d907ad4f1f3ea0715392286a1d05f252da9fdd329c4430b77d1d031235f68fd751cd75554979c090dd6711f50e3317e5abe65b2d01779479b5260db383ff6570c0bf647c09a5ea9b0588677b572ae3171214aab681297bd0e213fa25d64fbfc1fcbb6454f02adf6d723b2b30f8ebb292a27f546b3c6ec4257292581d0642154b1b9e146d283747b543292e12beb7354e4e306898357b76009cf0a9b1bebf5831b0c427e670e4fba12e9654baa0248d879bc73a449791a4955802359b587e4b9be1caec7c4b7226c4920fd213dcf20800633d036652d5b85b29ccc3ca44458bd48387569b36bae4e925305d1e52efa6e550fffd93172190f7c1f87ec0e4f336949e71c304cfbcaeaeb1ccdc4e8749a79bbcbd70a0aab1104fc2116a26ee64e8568f7098df451ca09b4f706eea9e290367a93dd50ce0b27330c8ec05d9f85a74eebd960bc9cbe89e529ca2aa4c1b858c399a4a4b06d766506e90e5f6c5981ad427f9a3aef63cfe4c05082806d658932b3151089d9a8c4d917bdf4d0f7328297b98f079dff36b7769b4fc84f999e7b1b2a3eaf525fc344f6b9754a897026c7fc1e48bca5aafa58a291341393b3218570c81cb0dcf38ca6ed872fbf399eaea55f59a1d6ac807c4fee113391a9d8be0af9fbec712544a2061a2af4f96edc228dcf74fd1e6a3de1462b164669c1c6e5d8d9190b905ae9f38408eea4d633b5e9589009e6bd71d1e2dc0d1c3c6eaaaeea01f75a075651e8cdbf6bf8f642640fd814100245e2a448146b6ec60f561f0234f55315d4ab987cca8d7c79c9d480d130f62481ab840dca3d2b0114ca5bd8c9482b8e5b4ab75df5d7929b37a9925bc0ba0efc66541489a6a4478d8a300b95014cb8b6caec7d7d54a3b6cb5ca220c3b3ccce76b7dfec65de6144cde6ee2f1421da73f0f277f4ba7e06afff11fdb09387d984c2273624f722fa11feb701fbc23ee2d5097d4f83680dbd8205b0b263b5f1182d718093d2f62c063aadc4aad272491d59de8981971d50576882354a59137a3cef6faba5cdb7f7d816716e6d97ea8ab7a5d2b46803a7fd85a8a624d550f4dda2eb6be4255e1ec1f8333e1bc81a11ddc8222109c66a61bb4afd25629c5fc85026debba566a62e26aff02bb519f37391def8a41636162919657fe11162cb92c3568da29b5e5a055be878cc0edccfa666003b5489919b5d4f4c563a7d244237d7188b84d84256f7aaf1a28d7654776734454478b8323b1e9441c54c79bb46adf3f79b3e1fc1f60b61b67dc08053b91f6d966cf4f14bad4d33e98877ca75be8ca3b781b2eccbe8a1472c908528ec1855553032485bcbeae554996f18d7b561682bc0901789178a72dbdd9252664342d11b7a4ad096a12dbc9ee0ef425bb98bc9b4cbb5136d811f964407ce03d20d99f2b1e558199e5b082d8b4ccedff6b8f7081152b3c42b610dae92463849da487904165323b38894f241ab68d5ca6ddb01a8b083278bc2d062faddfb390e58f44628866b10caa8268bfac02cca2b10be78cfa61f9e7da13490540a5f9086378b2482789c2fa6ae3ba94408dfe16770e500758fbe90454b37036d302b596266ebdee121d90fd59c2ea44fc56a5d9b73c8b8874f585546beaae68332ffb09b5bdfca58d2e94aa112bb5a62d5ef22e78a54d49a5063caee907549778a6eea9d42264e87c4df45ecfda429de78e9c7c83ecb37e90f543c98ac70458189ac16e958d35a62b4d4776b03f684ef168298fef49706f6ade9f102b08316fc1dd3bec6308addada428cca78b524b9dacf3f6dff1829111dc36b77f5fc3422b27ad3b75d1f27b25fae66c2103bec90b5c145be90c4dfe6a1c33d4a4576b9b2e57e6069a75305d4ac61a51a10d69fdb342468d6e58b217b06565cacc7075de83d2e6ae2888a89903774bf242d5a4ec9de9a2f5c56b88800235640803cbfc5a6b3c3c1e0d2f8af6ee3db1dfaa1ba5a8ceb83d40bc0ec6a43f07f094b53c324ccaffb58612a5674c5a5647fc7b8cd4c3ffe8a2d0d1fe17628daf609be5ff7cc0b64b4ebb31c44a0b3a9a9bc844803bd288b3d09957c1845e259040541e2f549bc4c02b673e2ca6226c2e53dcf4cae79ed9d34ef88094af814e6a4012972cfa01f69584432942bda6749d0adee24e5dc04ae5a65b894bff07815525ebb973640392ca3d892fcc09d7f6520e8f134b3aa8a6b486c6133b436aa6f68afde5488e2194e8fe66b22c4f2f19e467146b5575183a1f37386253f10a12167b2dcf322d0041cb104a5f6be2b4c9a5cd8f5927789369d091b694e17fa0ba562b002db3e3437ed411ecd00dd49c9665591790a8ce4df5d411f68be83123b761554da28a8e9086c9e13ba9b044ef2a9a28cb3cdbc83d0cf7b9e096c12e36f279e4b59db02d28de5f8939185d2299eb29cf174a2198b0c9963ca62c16d4cf9af93ae1038b93a912a40d330043a075700ea015e03cc3a4512f2db6eb06d52d71c4839a8bafb17ac1d993ea44606ef86437a4f12542875cd7e5b87bdd7e2747f6d857f97f6797c55ab9c043adaf8a86dc50ab02e96d9d328c7c8205b7eaf3f2e75a9ea73b8390cc3252db701ef685b61f7b6de601ebdd6d382771fd6b493345ccf3d569c4fe6c71360dce0d78ed219eae4ae322a9217dbaad35b1f04bd20d0481005d3cdf2c79a3cb070c1798976ca5ab90c25c13dc7cfeaf93300ae91dfc4eb8da3a0d6efc33eca5dbdabc7bbc458bf9d1c3065b0c8841e2cd575f945bc805449054f53ba2ba4c0fe395d2794f5a21ae3e7c379b429cbb0281554e9490dd24df4f31d2d3467c03ed05a449d5b71db30d5cd8e4fcb92452514ff4c941c6e7df7d7093655222899e9416a5306c52533f73b9b0ff275063a15374ba65d86bc2fc97d4c39ae092133da81690ea30178961e292909c79bb3a20892b431805220db0172ca4b9323df96202a7e3c0225e1d60113b37836223127aaf814b6c14be87d4106f8e0512fbedc402cc7aab4028ffa7d2d7d2b7b822ceb756dc69574967f4b2f3d426ac961d250074dabed1bc55ba03569f9f608809d5205851cd2f52dbf203ac269ea794a20e11d7ae09e237384d16231ffea552d4146dfbdd144d006cc657a274ff9238781cca0cf317a6cb770091ab021fbe1cb446141ca1aa3ac3f8e00487d94e99eb7e960b9f247e254c693d738a2866c27ba18471d7ff0c303206eac524529a7b6f7b59ab2c428b9e7986b61269a63bc0411a6f96864df74bf18a8945a9686f5ebf448941f0dcadc2c30af5be2666ec0dbc8952dcc3e4bccd0104e7145b1d73a4180d545cd4866e536bb5a77dbec73294f5f5e25a91305edec7078b8f2494d5b323139de444336b8fcc73b6fc0bc550b347aa58b5b9bb3848196760f6802ac1521f4fe81961171006f6d3eec1039ee7100a335fa18d06e076cca048916de536daf428d6077333c1dc25e882017f0a1c9083621f4649599b753b7a7e0a19f889c393cf554a7bc9da8d2a31fb64a29597a8b3b632ba0fbee36388c88b9191f84efeda9658011b28c932c220ae9ba54a256276587d35aecf3f574348a7e65dc425d5cebf9e2a5db2ab77fc7792d496f768e587e7cd3c7873921ffa318c0aa2ce9b7762fb666f8a1c20708b5bbc377415900aa14bff8bc3461b3263a03fd50d5839cf44389d3fe2782e82741ec7e46133f2606d4c6fb5acc95fa02a438514fe423c94c77f8476614670cb311a370f38e593fd1396c4f158fea943eb9f705ec0cf5041555ad800dc4aa5786f92c9538920b74b0d59607134b43f2538f48405edb858195e0395624970c712d4da0059dc9578a8fe06937598be9fd69aadbc92710d0f3f9c71361202b3f4db9e2b1240d1eca031e66276ac26e51123f52ee4ff38c9323db5d8c6b794ce90afb932dbd2313168d6f8bfb6b062d8581c0ec4244ac233f1ca14747a44d3a8b1669f805ecaf65c6988b9e31d8a0761ffbbd4b2df35499689916d94b1ca3f802a5d970ad3370cc28ca82ba90f83112456e4697b604400c2af7b8937578eb0317b67ab9113b9fd642ab560d8ba653eeea860995ee3ec470baf61ebb6e79bf82867c936d055fecb3a027dbf27061ab468827255ca6fe067a83443319ce8c5de06c16c5ee14d96b5bcdd1cdaa837abe58917a67d46b72460fcc4df4851b634f7a3079adad07232dd204d4e1f305e2692a85f8e1a505924feb258abcc9beae7a8f44e5c5a4199c867c1c056d9f526efdd4afc1e430f21a26ba33ecf81de7be7b336fc1807e3eff89e1fe94c61058a53be75355d4ff1d439c7680c5cffdeb729e424b47e0490c5a354ded4853c33bab3ae7f1dece10d9a68b380100d480f3d9953e1ff29fdd01771cad13f4d57a05ec18922e3a326129c653f5bb1674e83ba2abbea5729050807159e363515d3f66cf64def98cea04377718e1339f964ff030817ea5694d82c337ae3aff13759a8f3500f9a4851fac2db08bd56a1756915968026d4d90dde01f1e3f5f7a2e59f3128ac1bf949250c8eb65aeeef7c115567e81a24141b9bc5352b1858636d321bb807530e575321ee6ff5607509b504bda3a6bf6d137380a8515f921a92af6c42918d43e6524839ebcaa06a87b80325b1b205f33a82b36ba11c52aac322ee3c28f24fb09bf25c251c8be9cda0e639374ff677d3d475881a37505ba0df3000fa6393445fd8740b5f2bb13346b0641e70f67255bd67935aac17f34e6c4563c2066fceab547e6505e448d2cf504b0d0ef5261e57e38019c2acd601f4cda6a832ba16f5341d03040655ed2942c9498000498a4e4b40af0f56384eff1e7dcdf79bf3dc82890a7a17962b47b7617d116d416edc1b6322e029f7ef5cde09e7cb3a0edd2e78a8a7a48db932893e4602a6a5632c1ce6cfe8ed8750e4b62048b3bf1994ecea0fcd2708cc74b4faa921622407c548e903440f8b661089f2445eb09a8777643bc3be6b17ff85c94b0831b73a5ee5e1092b575b4aa7be971b3951561754d4edddf95deb8c523930a26840c39787f2269ddf274753a38d27058ecec6fdfe2448679e2d0a8c2403a27a80854a5327ebdd864e8afd4426d05590b5899b0870baf8762d52230863a19dbb39a5ba0f843343e4dba66e8b7a8d1dc828cb6d702459700aa0721668c577029eaa4bcc35a2f53288de1f1841b7820ae6b2dca7a82e054c7d44f1e9cfbcec3735d967d20dedf4e3f30a1becfc6931840b6f393c5e50ba990f2adcec55d3cd2e01f93339437c914d50d8a35491fba6ce4a8043d448dbcb372289dd1dd88645f13", 0x1000}}, 0x1006)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000001240)={0x1, &(0x7f0000001200)=[{0x5, 0x9, 0x7, 0x6}]}, 0x8)
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000af802c082505a4a47e9e01020301090224000100000000090400000259a288000905021e00000000000905"], 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000011c0))
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000000000)={&(0x7f0000779000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x2000})
sendto$inet6(r3, &(0x7f0000000100)="a4", 0x1, 0xc810, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040))
r5 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x101001)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000300)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000140)="bbef12c9e843", 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05604, &(0x7f0000000cc0)={0x6, @pix={0xf, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000380)={@cgroup, 0xffffffffffffffff, 0x1a}, 0x20)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/24, 0x18, 0x0, &(0x7f00000010c0)=""/179, 0xb3}, &(0x7f0000001180)=0x40)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000180)={0x16, 0x1, 0x0, "476fc3a1071bf153d31c86841542399c0ecf379fdffeb5da8013b298b1248535"})
sendmmsg$inet6(r0, &(0x7f0000000040), 0x0, 0x4000000)
r6 = openat$sequencer2(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SNDCTL_SEQ_GETTIME(r6, 0x80045113, &(0x7f00000005c0))
syz_open_dev$vim2m(0x0, 0x8, 0x2)
read$sequencer(0xffffffffffffffff, &(0x7f0000000340)=""/78, 0x4e)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r7, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)

18.071569507s ago: executing program 2 (id=7940):
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x0) (fail_nth: 5)

18.061048916s ago: executing program 1 (id=7941):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x20000001)
socket$nl_xfrm(0x10, 0x3, 0x6)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000080)}, {&(0x7f0000000480)="06010000246837f73199aee6fdb9291b3091ec1a2d41d227975ad8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272587afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da1b6932aecb2ff03dccc547e7650771961f3720db2676dddd7d8f1d677be97bd4a334d0c272ac38426a5a8339dff994652ee5ffa669ceb2988bc4756bef80ff6b5e1481aac701ef17e005fc1d3648660cdaf7d5d13ffaa55e116cd1467213f0d10a374771c36ba8b19f31528b82ba2c8b18c66bd4e159be058c647e4d1463f0aa6f8b6a998b0978f87ff67f09b43f59ea37d0c039ce0f018e344f569a8052002fcd38c783b3c0764209851f59", 0x1ab}, {&(0x7f0000001480)="d1", 0x1}], 0x3)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
getsockopt$SO_J1939_PROMISC(r0, 0x6b, 0x4, &(0x7f0000000540), &(0x7f0000000580)=0x4)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$sock_int(r2, 0x1, 0x28, &(0x7f0000000000), &(0x7f00000018c0)=0x1c)
r3 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_IO(r3, 0x2285, 0x0)
writev(r3, &(0x7f0000000400)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484e240003000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9d85e447511703d", 0x31}], 0x2)
ioctl$int_in(r1, 0x40000000af01, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000240))
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x1, 0x0, 0x0, &(0x7f0000000700)=""/4096, &(0x7f0000001700)=""/256})
r5 = dup(r4)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r6, 0x40405514, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, 'syz0\x00'})
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ab9fd540501d6f60d4140000000109021200"], 0x0)
syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x109, 0x46d, 0x57, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x2, 0x0, 0xf9, [{{0x9, 0x4, 0x0, 0x9, 0x1, 0x3, 0x1, 0x1, 0x0, {0x9, 0x21, 0xe000, 0xa7, 0x1, {0x22, 0x193}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x66, 0x5, 0x1}}, [{{0x9, 0x5, 0x2, 0x3, 0x10, 0x8, 0x9, 0x1d}}]}}}]}}]}}, &(0x7f0000000640)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x0, 0x7, 0x80, 0x0, 0x0, 0x6}, 0x43, &(0x7f00000000c0)={0x5, 0xf, 0x43, 0x6, [@ptm_cap={0x3}, @ssp_cap={0xc, 0x10, 0xa, 0x0, 0x0, 0x81, 0xf0f, 0x4}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0xb, 0x5, 0x3, 0x7}, @ss_container_id={0x14, 0x10, 0x4, 0x8, "6ecc9b1307cf6b67df2b80e8f2b1a489"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x0, 0x0, 0xff, 0x170}, @ext_cap={0x7, 0x10, 0x2, 0x1e, 0x0, 0x7, 0xfff9}]}, 0x9, [{0x0, 0x0}, {0x40, &(0x7f0000000180)=@string={0x40, 0x3, "3b78f97553044b0a56d03737175a38a111e87f0930642f630553108b01a2af8fe921ea4a598820984c51bdada0e5fdd5920a0e37a6b7af64c3b9d577596e"}}, {0x63, &(0x7f0000001800)=@string={0x63, 0x3, "92940000000000800000000000cd5051f8e00bdcb55d167ed00f9a6db4e8e003c31b709b5024348a54155c92f42f6ebb39481de825ff48299e4190fd2390cbad78dc98836309068cac29044f7301363f860cc8871f0d4d70b6b3e219e013a2f443"}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x402}}, {0xb1, &(0x7f0000001900)=@string={0xb1, 0x3, "b45ff3158a9496842098721fcabb352e3b4cfd988246c699ed505f6fb5611b4b242e20c41a12944216d95748833625b23003f38a2656e42616fe0169da98fce0687f5167b4da43d36f095fc9f4bc51a1a54394f90689f62988b5d00d10c00bbe3e50994896568bf214727ed3be3e395ab3c63179f701fde7ce5229a49acb4176a2a42d5d5070a3bd4fc124969b02646413809ab98e8c44257500ad201fe6219b34c95200"/175}}, {0x68, &(0x7f0000000300)=@string={0x68, 0x3, "0ed9ed3e8b07f4502f5481f0403c3c6743c8602f3d6625941dbd7b572e258ed1788a72c4afa21240beb66d41e89070d2967cd3d2810ff4587b7ceaee625e898d7f23397ff1382f820d26900a8aa1055749a1bea6fdde666db4734535cb5735570e0890e6a8c8"}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x1c0a}}, {0x0, 0x0}, {0x0, 0x0}]})
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r5, 0x84, 0x1e, &(0x7f0000000380), &(0x7f00000003c0)=0x4)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000000)={0x1, r5})
syz_emit_vhci(&(0x7f0000000600)=ANY=[@ANYBLOB="02c83031002d0001000b0204004c0000000503150004000300020001020a0409040106090000009c07030308"], 0x36)

17.45575779s ago: executing program 2 (id=7942):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0cc5605, &(0x7f0000000180)={0x1, @pix={0x0, 0x3, 0xa0363159, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="680000000206010100000000000000000000000005000100070000000900020073797a30000000001c00078005001500100000000800124000000000080008400000202113000300686173683a6e65742c696661636500000500050002000000050004"], 0x68}}, 0x0)
r2 = openat$ocfs2_control(0xffffff9c, &(0x7f0000000000), 0x22000, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x20, &(0x7f0000000040)={@multicast2, @remote}, 0xc)

17.382921857s ago: executing program 2 (id=7943):
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0xa}, "022ecaa5336609de6f71"}}, 0xd)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="03c900bc8cf09997952b33b44d82050679f29370fe725a1cbdd5afa5da85ab1ae3dc08d083ab8b9e28607112ed43d4141c36898acf4ee05ba713c60a326fe35bbb3c34445fc7cd1b31790c679147dbe1583a41a56f1a0755910f8367934b759512f192de5784d64ef372f7b15302c641f648552d4d7f2737665f3b1e4695bfc954d384782c7fea6f44d323679a1a7c1c173f262cf8d619624956a77fc18828f893ce0900000000000000da167c6c6a1f088c72e723db59a92a8a6151494f24c7"], 0xc0)
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB], 0xf)
r0 = socket$alg(0x26, 0x5, 0x0)
sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="43707511a0ccac586e704a8f22a41d46f166", 0x12}, {&(0x7f0000000180)="1bdfb42a7490c4b1cff6c4b96b7cd03c0300fbc7111fb483f60000efd12fce12fa3199355b2e204b2d9a909329cdde97dcf4563e398e601cccbae1d92fd91385f1ecd9dc746e482d2f1decd7cd216c519af9a0cbb022fb400c3725e2dff1336a3a0c1b3f90e644acd913853a2b23c599a9bbfdb5f9cf081d194a9c6132d31f3856ddaa4d2672778d4350f23a043f7795e1f618ecc61accac3f725dbcb1b3833b1db86ca2eb12ea7569bf29e6bcf886d8860c8e88fd630dea9fc693431807acd98ccb4cc84b6e4982", 0xc8}, {&(0x7f0000000080)="919e4819964e98a1e651d3167d444745c7524283ee4ad51008b30b0ab039d1f5583201f481b45ae7c431ed4c1f8d470bcdb272", 0x33}], 0x3}, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f0000000140), 0x1b, 0x40000)
close_range(r1, r1, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000180), 0x0, 0x2)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$packet(0x11, 0x2, 0x300)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000000)={0x28, 0x0, 0x0, @my=0x0}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x3c, &(0x7f0000000100), 0x4)
pselect6(0x40, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x0)

15.787460297s ago: executing program 2 (id=7944):
r0 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
ioctl$CEC_RECEIVE(r0, 0xc0386106, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '&\x00'})
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{}]})
socket$nl_route(0x10, 0x3, 0x0)
syz_clone3(&(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

13.07207499s ago: executing program 0 (id=7945):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x200000000000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0xc, &(0x7f0000000000)={&(0x7f0000000880)=@newlink={0x3c, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_STATS_PER_PORT={0x5}]}}}]}, 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@mpls_newroute={0x28, 0x18, 0xb20, 0x70bd28, 0x25dfdbfc, {0x1c, 0x10, 0x10, 0xcc, 0xff, 0x0, 0xfe, 0xa, 0x2000}, [@RTA_MULTIPATH={0xc, 0x9, {0x4, 0x7, 0x5, r3}}]}, 0x28}}, 0x0)

12.978866767s ago: executing program 1 (id=7946):
openat$cgroup_root(0xffffff9c, &(0x7f0000000100)='./cgroup/syz0\x00', 0x200002, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000800)={0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000490000009a4a921cb310c51dca7d9916c89b1781f8a58d83f66f769c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

11.951084218s ago: executing program 2 (id=7948):
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
pwritev(r1, &(0x7f0000000380), 0x0, 0x800000, 0x1)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000540)={0x0, {}, 0x0, {}, 0x8001, 0x1, 0x3, 0x18, "5361b2a8ea45c7b73e237cb291f2f74a5f64db69cff4c756339051e17e6421ae3d10a8df55356863ecbb732d9491331068d0b38d4aed4876e63e6c8d2c90d43b", "1c93171ad47fae62c5f0d7b52aa168e7153826f9b5b81608c3f8e8d11ff5013f", [0x0, 0xde95]})
setsockopt$inet_buf(r3, 0x0, 0x29, &(0x7f0000000040)="7adca1d6867929ed6ec132df4f7bb848", 0xfebb)
connect$inet(r3, &(0x7f0000000200)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000340)={'vcan0\x00', <r4=>0x0})
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000740)={r0, 0x1275, {0x0, 0x0, 0x0, 0x1000, 0x8, 0x0, 0x6, 0x1b, 0x4, "e57b1a9edff60f0a961a1d5f33079eb98000c1378f4832ac567602f7abe07131f47c6fe1c3aa31aaa97985a5a70ea788ebcd9809139c1da9e7b2cb79ac7c2dc9", "8085d0df4f7469a6f5822f0a9f8c3a7bbde6aa0aa4f18c8070568bda6b392ff4ad96169d39485545b41e4cb871267dc8e94fafca2c808b09fa71143b589ac9dd", "c8366410c80ad1bbbf9fd978d55fa79ce0707d9ec20a1464dcb3a5554d49a3cf", [0x9, 0x4]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000700)={'tunl0\x00', &(0x7f0000000680)={'sit0\x00', r4, 0x8000, 0x1, 0x7ff, 0x6, {{0x6, 0x4, 0x2, 0x1, 0x18, 0x66, 0x0, 0x10, 0x2f, 0x0, @rand_addr=0x64010100, @rand_addr=0x64010102, {[@timestamp_addr={0x44, 0x4, 0x68}]}}}}})
r5 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(r5, 0x0, 0x24000890)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x0)
socket$inet6(0xa, 0x1, 0x39)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
open_by_handle_at(r5, &(0x7f0000000380)=ANY=[@ANYBLOB="0000000000000000a8b3ba26b4c00e5c3283decf20e299e20bc86e7ad91a56d58bf24c514c713dde860e484e6e3766e02bf57b104c1689d5aa01a2c77724e4e71d34001c0fbce21fb13b1d89edde896b388930cbef7a57d7a4c985"], 0x8201)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
bind$inet(r2, &(0x7f00000000c0)={0x2, 0x4e22, @multicast1}, 0x10)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000100)='syz_tun\x00', 0x10)
getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x35)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='veth0_to_batadv\x00', 0x10)
syz_emit_ethernet(0x5a, &(0x7f0000000280)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x4c, 0x47f, 0x0, 0x0, 0x6, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x35}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xe, 0x2, 0x200, 0x0, 0x0, {[@exp_fastopen={0xfe, 0x7, 0xf989, "3043d2"}, @exp_fastopen={0xfe, 0x12, 0xf989, "79e9220ecd74bb21afb203197ccc"}, @exp_fastopen={0xfe, 0x9, 0xf989, "8d9490480d"}]}}}}}}}, 0x0)

9.090211225s ago: executing program 1 (id=7949):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000280)={0x0, 0x1400, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r1, 0x701, 0x0, 0x0, {0x26}, [@handle=@nsim={{0x20}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)

9.089792957s ago: executing program 0 (id=7950):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmsg$kcm(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000780)=""/226, 0xe2}, {&(0x7f0000000300)=""/153, 0x99}, {&(0x7f00000003c0)=""/219, 0xdb}, {&(0x7f00000004c0)=""/113, 0x71}], 0x4}, 0x0)
sendmsg$TEAM_CMD_NOOP(r1, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="9a6739095293ce45c8f40e2c91be3d2133df02cbd6b16578b45c83ebc757fc5bcc6959ff7e58976d3089df70fcb63d60b099d3dbad1ee69f75e0480e537903aee2d9b66e8584b6a8b3168b7c0fa7285e9bfb76d31b59bbcf4c68c7d0702ae5a0ddf37a376df34c6934a05994e1ddf3dcb634d7cb762d827e7c009f6adaac650583a91f75be37ef878c8359317fc3b8dc4befed62a8e8ff93752f38e1040bc9b7a7e5a52042951d23a5d294cb73"], 0x6a4}, 0x1, 0x0, 0x0, 0x20040004}, 0x0)

9.062961862s ago: executing program 1 (id=7951):
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x4c37e, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
io_uring_setup(0x560, &(0x7f0000000000)={0x0, 0xfbb0, 0x0, 0x1, 0x0, 0x0, r0})
syz_io_uring_setup(0x94c, &(0x7f0000000240)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0))
r1 = msgget$private(0x0, 0x0)
msgrcv(r1, 0x0, 0x0, 0x0, 0x0)
msgrcv(r1, &(0x7f0000000040)={0x0, ""/25}, 0x21, 0x2, 0x3000)
msgctl$IPC_RMID(r1, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0)
r2 = open(&(0x7f00000000c0)='./file1\x00', 0x14d140, 0x60)
r3 = socket(0xa, 0x0, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r3, 0x5450, 0x0)
mlockall(0x1)
ioctl$TUNGETDEVNETNS(r2, 0x54e3, 0x0)
shmget$private(0x0, 0x1000, 0x0, &(0x7f0000fff000/0x1000)=nil)
timer_create(0x0, &(0x7f0000533fa0), &(0x7f0000bbdffc))
rt_sigreturn()
gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x800000000004}, &(0x7f0000000040))
r4 = eventfd(0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
write$FUSE_ATTR(r5, &(0x7f0000000240)={0x78}, 0x78)
write$cgroup_devices(r5, &(0x7f0000000380)=ANY=[], 0x8)
close(r5)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)

4.910463044s ago: executing program 0 (id=7952):
socket$kcm(0x2, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x35}}, 0x10, 0x0}, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f00000001c0)=[@in={0x2, 0x0, @multicast2}], 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x41}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000000f40)=[{{0x0, 0xcb000004, 0x0}}], 0x28000, 0x0)
pipe(&(0x7f0000000080))
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c000000180077cd00000000000000060a00000000000000000a00001800010000000200fc02000000000000000000000000000008001e"], 0x3c}}, 0x0)
syz_emit_ethernet(0x17b, 0x0, 0x0)
sched_setscheduler(0xffffffffffffffff, 0x3, &(0x7f00000002c0)=0x500000)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x20)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x8}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0x9, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0x6, @mcast1, 0x40}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x9c)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x1, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x1e6)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
socket$xdp(0x2c, 0x3, 0x0)

0s ago: executing program 1 (id=7953):
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0xa}, "022ecaa5336609de6f71"}}, 0xd)
syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="03c900bc8cf09997952b33b44d82050679f29370fe725a1cbdd5afa5da85ab1ae3dc08d083ab8b9e28607112ed43d4141c36898acf4ee05ba713c60a326fe35bbb3c34445fc7cd1b31790c679147dbe1583a41a56f1a0755910f8367934b759512f192de5784d64ef372f7b15302c641f648552d4d7f2737665f3b1e4695bfc954d384782c7fea6f44d323679a1a7c1c173f262cf8d619624956a77fc18828f893ce0900000000000000da167c6c6a1f088c72e723db59a92a8a6151494f24c7"], 0xc0)
syz_emit_vhci(&(0x7f00000004c0)=ANY=[@ANYBLOB], 0xf)
r0 = socket$alg(0x26, 0x5, 0x0)
sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="43707511a0ccac586e704a8f22a41d46f166", 0x12}, {&(0x7f0000000180)="1bdfb42a7490c4b1cff6c4b96b7cd03c0300fbc7111fb483f60000efd12fce12fa3199355b2e204b2d9a909329cdde97dcf4563e398e601cccbae1d92fd91385f1ecd9dc746e482d2f1decd7cd216c519af9a0cbb022fb400c3725e2dff1336a3a0c1b3f90e644acd913853a2b23c599a9bbfdb5f9cf081d194a9c6132d31f3856ddaa4d2672778d4350f23a043f7795e1f618ecc61accac3f725dbcb1b3833b1db86ca2eb12ea7569bf29e6bcf886d8860c8e88fd630dea9fc693431807acd98ccb4cc84b6e4982", 0xc8}, {&(0x7f0000000080)="919e4819964e98a1e651d3167d444745c7524283ee4ad51008b30b0ab039d1f5583201f481b45ae7c431ed4c1f8d470bcdb272", 0x33}], 0x3}, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f0000000140), 0x1b, 0x40000)
close_range(r1, r1, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000180), 0x0, 0x2)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$packet(0x11, 0x2, 0x300)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000000)={0x28, 0x0, 0x0, @my=0x0}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x3c, &(0x7f0000000100), 0x4)
pselect6(0x40, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

activated: batadv_slave_1
[ 2256.698010][   T63] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2256.748799][   T63] veth1_macvtap: left promiscuous mode
[ 2256.759611][   T63] veth0_macvtap: left promiscuous mode
[ 2256.765387][   T63] veth1_vlan: left promiscuous mode
[ 2256.771345][   T63] veth0_vlan: left promiscuous mode
[ 2256.789716][T12620] r8152-cfgselector 3-1: USB disconnect, device number 33
[ 2257.637429][ T1446] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[ 2257.841302][ T1446] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2257.852802][   T63] team0 (unregistering): Port device team_slave_1 removed
[ 2257.859239][ T1446] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 2257.882545][ T1446] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2257.902001][ T1446] usb 2-1: config 0 descriptor??
[ 2257.948251][   T63] team0 (unregistering): Port device team_slave_0 removed
[ 2258.101012][ T4873] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 2258.309228][ T4873] usb 3-1: Using ep0 maxpacket: 16
[ 2258.316675][ T4873] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2258.338310][ T4873] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2258.362255][ T4873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2258.389950][ T4873] usb 3-1: config 0 descriptor??
[ 2258.589269][ T6404] Bluetooth: hci4: command tx timeout
[ 2258.984536][T11638] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2258.998895][T11638] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2259.010055][ T4873] hid (null): invalid report_count 983040256
[ 2259.042480][ T4873] hid (null): unknown global tag 0xc
[ 2259.066816][ T4873] hid-generic 0003:0158:0100.007B: unknown main item tag 0x0
[ 2259.076641][ T4873] hid-generic 0003:0158:0100.007B: invalid report_count 983040256
[ 2259.084915][ T4873] hid-generic 0003:0158:0100.007B: item 0 4 1 9 parsing failed
[ 2259.094016][ T4873] hid-generic 0003:0158:0100.007B: probe with driver hid-generic failed with error -22
[ 2259.108742][T11563] hsr_slave_0: entered promiscuous mode
[ 2259.120525][T11563] hsr_slave_1: entered promiscuous mode
[ 2259.139278][T11563] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2259.146869][T11563] Cannot create hsr debugfs directory
[ 2259.239021][ T1446] usb 3-1: USB disconnect, device number 34
[ 2259.346482][T11497] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2259.382792][T11644] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 2259.528742][T11497] 8021q: adding VLAN 0 to HW filter on device team0
[ 2259.607858][ T5146] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2259.615083][ T5146] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2259.686714][T11648] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7783'.
[ 2259.693534][ T5146] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2259.702963][ T5146] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2259.713196][T11648] random: crng reseeded on system resumption
[ 2260.158657][T11497] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2260.304947][T11497] veth0_vlan: entered promiscuous mode
[ 2260.358404][T11497] veth1_vlan: entered promiscuous mode
[ 2260.442359][ T4873] usb 2-1: USB disconnect, device number 9
[ 2260.562892][T11563] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 2260.620769][T11563] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 2260.659493][ T6404] Bluetooth: hci4: command tx timeout
[ 2260.666766][T11563] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 2260.707101][T11563] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 2260.719455][T11497] veth0_macvtap: entered promiscuous mode
[ 2260.824195][T11497] veth1_macvtap: entered promiscuous mode
[ 2260.913493][T11497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2260.949714][T11497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2260.975433][T11497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2260.989231][T11497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2261.007425][T11497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2261.025941][T11497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2261.048775][T11497] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2261.070849][T11497] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2261.093018][T11497] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2261.101971][T11497] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2261.113220][T11497] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2261.122246][T11497] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2261.244328][T11678] sctp: [Deprecated]: syz.1.7787 (pid 11678) Use of int in maxseg socket option.
[ 2261.244328][T11678] Use struct sctp_assoc_value instead
[ 2261.290001][ T4873] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 2261.337425][ T2485] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2261.357886][T11563] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2261.372313][ T2485] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2261.437009][T11563] 8021q: adding VLAN 0 to HW filter on device team0
[ 2261.480545][ T2447] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2261.484105][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2261.495621][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2261.498591][ T2447] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2261.520855][ T4873] usb 3-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 2261.526492][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2261.538196][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2261.544599][ T4873] usb 3-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 2261.577613][ T4873] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2261.619494][ T4873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2261.775783][T11563] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2261.911168][T11676] openvswitch: : Dropping previously announced user features
[ 2261.926196][T11563] veth0_vlan: entered promiscuous mode
[ 2262.068320][T11563] veth1_vlan: entered promiscuous mode
[ 2262.163221][T11563] veth0_macvtap: entered promiscuous mode
[ 2262.184042][ T4873] usb 3-1: string descriptor 0 read error: -71
[ 2262.201566][ T4873] usb 3-1: USB disconnect, device number 35
[ 2262.384500][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2262.503912][T11563] veth1_macvtap: entered promiscuous mode
[ 2262.594541][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2262.669935][T11563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2262.699574][T11563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2262.725469][T11563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2262.759210][T11563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2262.779207][T11563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2262.809260][T11563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2262.823252][T11563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2262.861165][T11563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2262.901969][T11563] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2262.932147][T11563] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2262.993450][T11563] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2263.030938][T11563] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2263.082945][ T6404] Bluetooth: hci2: SCO packet for unknown connection handle 201
[ 2263.133838][   T53] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2263.146062][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2263.162844][   T53] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2263.179946][   T53] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2263.199597][   T53] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2263.220379][   T53] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 2263.221895][T11563] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2263.237061][   T53] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2263.296120][T11563] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2263.315075][T11563] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2263.324325][T11563] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2263.452078][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2263.496561][T11740] netlink: 92 bytes leftover after parsing attributes in process `syz.3.7799'.
[ 2263.832238][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2263.840595][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2264.164787][   T12] bridge_slave_1: left allmulticast mode
[ 2264.181696][   T12] bridge_slave_1: left promiscuous mode
[ 2264.187552][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2264.235559][   T12] bridge_slave_0: left allmulticast mode
[ 2264.249560][   T12] bridge_slave_0: left promiscuous mode
[ 2264.255347][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2264.274858][T11755] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7801'.
[ 2264.284710][   T53] Bluetooth: hci3: command tx timeout
[ 2264.965398][T11776] sg_write: data in/out 196608/1 bytes for SCSI command 0xf2-- guessing data in;
[ 2264.965398][T11776]    program syz.3.7804 not setting count and/or reply_len properly
[ 2265.289392][ T5146] usb 4-1: new high-speed USB device number 117 using dummy_hcd
[ 2265.309364][   T53] Bluetooth: hci1: command tx timeout
[ 2265.463028][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2265.477197][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2265.491634][ T5146] usb 4-1: config 44 has too many interfaces: 150, using maximum allowed: 32
[ 2265.510318][   T12] bond0 (unregistering): Released all slaves
[ 2265.517243][ T5146] usb 4-1: config 44 has an invalid descriptor of length 17, skipping remainder of the config
[ 2265.548293][ T5146] usb 4-1: config 44 has 0 interfaces, different from the descriptor's value: 150
[ 2265.560593][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2265.568492][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2265.588182][ T5146] usb 4-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[ 2265.637951][ T5146] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2265.681063][T11731] chnl_net:caif_netlink_parms(): no params data found
[ 2265.883263][T11776] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2265.903547][T11776] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2265.917238][ T5146] usb 4-1: string descriptor 0 read error: -71
[ 2265.930416][ T5146] usb 4-1: USB disconnect, device number 117
[ 2266.435984][T11731] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2266.449564][T11731] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2266.456907][T11731] bridge_slave_0: entered allmulticast mode
[ 2266.499431][T11731] bridge_slave_0: entered promiscuous mode
[ 2266.586542][T11731] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2266.635300][T11731] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2266.689066][T11731] bridge_slave_1: entered allmulticast mode
[ 2266.704233][T11731] bridge_slave_1: entered promiscuous mode
[ 2266.728085][T11805] xt_nat: multiple ranges no longer supported
[ 2266.863224][T11731] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2266.924614][   T12] hsr_slave_0: left promiscuous mode
[ 2266.968614][   T12] hsr_slave_1: left promiscuous mode
[ 2267.003162][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2267.025177][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2267.063356][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2267.093613][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2267.166611][T32261] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2267.190454][T32261] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2267.200805][T32261] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2267.228646][   T12] veth1_macvtap: left promiscuous mode
[ 2267.234425][T32261] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2267.245598][T32261] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 2267.249332][   T12] veth0_macvtap: left promiscuous mode
[ 2267.258736][T32261] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2267.299895][   T12] veth1_vlan: left promiscuous mode
[ 2267.305232][   T12] veth0_vlan: left promiscuous mode
[ 2267.379262][ T6404] Bluetooth: hci1: command tx timeout
[ 2268.056445][ T5148] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 2268.119388][ T6404] Bluetooth: hci3: command 0x0406 tx timeout
[ 2268.239314][ T5148] usb 1-1: Using ep0 maxpacket: 16
[ 2268.246723][ T5148] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2268.276509][ T5148] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2268.298384][ T5148] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2268.324263][ T5148] usb 1-1: config 0 descriptor??
[ 2268.505317][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 2268.634033][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 2268.878706][T11829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2268.892442][T11829] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2268.914004][ T5148] hid (null): invalid report_count 983040256
[ 2268.934606][ T5148] hid (null): unknown global tag 0xc
[ 2268.956657][ T5148] hid-generic 0003:0158:0100.007C: unknown main item tag 0x0
[ 2268.976646][ T5148] hid-generic 0003:0158:0100.007C: invalid report_count 983040256
[ 2269.001871][ T5148] hid-generic 0003:0158:0100.007C: item 0 4 1 9 parsing failed
[ 2269.010648][ T5148] hid-generic 0003:0158:0100.007C: probe with driver hid-generic failed with error -22
[ 2269.389438][ T6404] Bluetooth: hci2: command tx timeout
[ 2269.470646][ T6404] Bluetooth: hci1: command tx timeout
[ 2269.608222][T11731] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2269.728912][ T5146] usb 1-1: USB disconnect, device number 36
[ 2269.846405][T11833] FAULT_INJECTION: forcing a failure.
[ 2269.846405][T11833] name failslab, interval 1, probability 0, space 0, times 0
[ 2269.873029][T11833] CPU: 0 PID: 11833 Comm: syz.3.7811 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[ 2269.883257][T11833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2269.893422][T11833] Call Trace:
[ 2269.896736][T11833]  <TASK>
[ 2269.899683][T11833]  dump_stack_lvl+0x241/0x360
[ 2269.904396][T11833]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2269.909623][T11833]  ? __pfx__printk+0x10/0x10
[ 2269.914238][T11833]  ? __pfx___might_resched+0x10/0x10
[ 2269.919562][T11833]  should_fail_ex+0x3b0/0x4e0
[ 2269.924445][T11833]  ? tomoyo_encode+0x26f/0x540
[ 2269.929227][T11833]  should_failslab+0x9/0x20
[ 2269.933765][T11833]  __kmalloc_noprof+0xd8/0x400
[ 2269.938566][T11833]  tomoyo_encode+0x26f/0x540
[ 2269.943196][T11833]  tomoyo_mount_permission+0x356/0xb80
[ 2269.948691][T11833]  ? tomoyo_mount_permission+0x295/0xb80
[ 2269.954353][T11833]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2269.960358][T11833]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[ 2269.966932][T11833]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2269.973287][T11833]  ? hook_sb_mount+0x122/0x390
[ 2269.978077][T11833]  security_sb_mount+0x8f/0xd0
[ 2269.982871][T11833]  path_mount+0xb9/0xfa0
[ 2269.987151][T11833]  ? user_path_at_empty+0x4c/0x60
[ 2269.992208][T11833]  __se_sys_mount+0x2d9/0x3c0
[ 2269.996919][T11833]  ? __pfx___se_sys_mount+0x10/0x10
[ 2270.002142][T11833]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2270.008756][T11833]  ? __ia32_sys_mount+0x20/0xc0
[ 2270.013901][T11833]  __do_fast_syscall_32+0xb4/0x120
[ 2270.019042][T11833]  ? exc_page_fault+0x590/0x8c0
[ 2270.023924][T11833]  do_fast_syscall_32+0x34/0x80
[ 2270.028804][T11833]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2270.035154][T11833] RIP: 0023:0xf73e0579
[ 2270.039242][T11833] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2270.058873][T11833] RSP: 002b:00000000f5cd857c EFLAGS: 00000206 ORIG_RAX: 0000000000000015
[ 2270.067313][T11833] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000020000580
[ 2270.075305][T11833] RDX: 0000000000000000 RSI: 0000000000223216 RDI: 0000000000000000
[ 2270.083299][T11833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2270.091293][T11833] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2270.099298][T11833] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2270.107316][T11833]  </TASK>
[ 2270.147716][T11731] team0: Port device team_slave_0 added
[ 2270.161558][T11731] team0: Port device team_slave_1 added
[ 2270.269773][T11731] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2270.277194][T11731] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2270.304346][T11731] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2270.358197][T11731] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2270.365884][T11731] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2270.397532][T11731] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2270.493178][T11731] hsr_slave_0: entered promiscuous mode
[ 2270.517629][T11731] hsr_slave_1: entered promiscuous mode
[ 2270.551461][T11731] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2270.559058][T11731] Cannot create hsr debugfs directory
[ 2271.117326][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2271.129406][ T4873] usb 4-1: new high-speed USB device number 118 using dummy_hcd
[ 2271.304598][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2271.320270][ T4873] usb 4-1: Using ep0 maxpacket: 8
[ 2271.327669][ T4873] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2271.343808][T11817] chnl_net:caif_netlink_parms(): no params data found
[ 2271.359256][ T4873] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 2271.369402][T20784] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 2271.380627][ T4873] usb 4-1: config 1 has no interface number 1
[ 2271.398796][ T4873] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 2271.413021][ T4873] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2271.422383][ T4873] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2271.433327][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2271.443873][ T4873] usb 4-1: Product: syz
[ 2271.448065][ T4873] usb 4-1: Manufacturer: syz
[ 2271.457568][ T4873] usb 4-1: SerialNumber: syz
[ 2271.463090][ T6404] Bluetooth: hci2: command tx timeout
[ 2271.540882][ T6404] Bluetooth: hci1: command tx timeout
[ 2271.581509][T20784] usb 1-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[ 2271.599077][T20784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2271.602001][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2271.628478][T20784] usb 1-1: config 0 descriptor??
[ 2271.826522][ T4873] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor
[ 2271.848643][ T4873] usb 4-1: 2:1 : format type 0 is detected, processed as PCM
[ 2271.866151][T11817] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2271.889668][T11817] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2271.897601][T11817] bridge_slave_0: entered allmulticast mode
[ 2271.913073][ T4873] usb 4-1: USB disconnect, device number 118
[ 2271.935840][T11817] bridge_slave_0: entered promiscuous mode
[ 2272.136341][T11817] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2272.149698][T20784] pegasus 1-1:0.0: probe with driver pegasus failed with error -71
[ 2272.168068][ T5589] udevd[5589]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2272.184504][T11817] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2272.208668][T20784] usb 1-1: USB disconnect, device number 37
[ 2272.215030][T11817] bridge_slave_1: entered allmulticast mode
[ 2272.226620][T11817] bridge_slave_1: entered promiscuous mode
[ 2272.575910][T11817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2272.623302][T11817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2272.707141][   T12] bridge_slave_1: left allmulticast mode
[ 2272.735659][   T12] bridge_slave_1: left promiscuous mode
[ 2272.761653][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2272.810315][   T12] bridge_slave_0: left allmulticast mode
[ 2272.816031][   T12] bridge_slave_0: left promiscuous mode
[ 2272.823849][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2273.100238][ T5146] usb 4-1: new high-speed USB device number 119 using dummy_hcd
[ 2273.350032][ T5146] usb 4-1: Using ep0 maxpacket: 32
[ 2273.357329][ T5146] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2273.374330][   T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2273.391766][ T5146] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2273.395098][   T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2273.402604][ T5146] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2273.402638][ T5146] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2273.436342][   T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2273.440105][ T5146] usb 4-1: config 0 descriptor??
[ 2273.444513][   T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2273.461905][   T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 2273.469430][   T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2273.472061][ T5146] hub 4-1:0.0: USB hub found
[ 2273.550688][ T6404] Bluetooth: hci2: command tx timeout
[ 2273.727184][ T5146] hub 4-1:0.0: config failed, can't read hub descriptor (err -22)
[ 2273.759709][ T5146] usbhid 4-1:0.0: can't add hid device: -71
[ 2273.760001][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2273.780666][ T5146] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 2273.802262][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2273.818582][   T12] bond0 (unregistering): Released all slaves
[ 2273.820301][ T5146] usb 4-1: USB disconnect, device number 119
[ 2273.941748][T11817] team0: Port device team_slave_0 added
[ 2273.964357][T11817] team0: Port device team_slave_1 added
[ 2273.986059][T11894] xt_nat: multiple ranges no longer supported
[ 2273.997764][   T12] : left promiscuous mode
[ 2274.052347][   T12] ��: left promiscuous mode
[ 2274.078120][T11817] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2274.093301][T11817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2274.158747][T11817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2274.185192][T11817] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2274.192411][T11817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2274.222704][T11817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2274.260797][T11731] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 2274.309246][T11731] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 2274.328015][T11731] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 2274.388414][T11731] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 2274.437032][T11817] hsr_slave_0: entered promiscuous mode
[ 2274.450244][T11817] hsr_slave_1: entered promiscuous mode
[ 2274.458354][T11817] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2274.468946][T11817] Cannot create hsr debugfs directory
[ 2274.659008][   T12] hsr_slave_0: left promiscuous mode
[ 2274.683466][   T12] hsr_slave_1: left promiscuous mode
[ 2274.696116][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2274.704024][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2274.712862][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2274.721763][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2274.746303][   T12] veth1_macvtap: left promiscuous mode
[ 2274.752218][   T12] veth0_macvtap: left promiscuous mode
[ 2274.757856][   T12] veth1_vlan: left promiscuous mode
[ 2274.763403][   T12] veth0_vlan: left promiscuous mode
[ 2274.886347][T11905] FAULT_INJECTION: forcing a failure.
[ 2274.886347][T11905] name failslab, interval 1, probability 0, space 0, times 0
[ 2274.908744][T11905] CPU: 0 PID: 11905 Comm: syz.0.7824 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[ 2274.918960][T11905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2274.929051][T11905] Call Trace:
[ 2274.932367][T11905]  <TASK>
[ 2274.935351][T11905]  dump_stack_lvl+0x241/0x360
[ 2274.940100][T11905]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2274.945499][T11905]  ? __pfx__printk+0x10/0x10
[ 2274.950274][T11905]  ? netlink_insert+0x10b7/0x14b0
[ 2274.955360][T11905]  should_fail_ex+0x3b0/0x4e0
[ 2274.960062][T11905]  ? __alloc_skb+0x1c3/0x440
[ 2274.964765][T11905]  should_failslab+0x9/0x20
[ 2274.969289][T11905]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 2274.975113][T11905]  __alloc_skb+0x1c3/0x440
[ 2274.979550][T11905]  ? __pfx___alloc_skb+0x10/0x10
[ 2274.984494][T11905]  ? netlink_autobind+0xd6/0x2f0
[ 2274.989441][T11905]  ? netlink_autobind+0x2b0/0x2f0
[ 2274.994472][T11905]  netlink_sendmsg+0x631/0xcb0
[ 2274.999246][T11905]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2275.004549][T11905]  ? aa_sock_msg_perm+0x91/0x160
[ 2275.009489][T11905]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 2275.014767][T11905]  ? security_socket_sendmsg+0x87/0xb0
[ 2275.020241][T11905]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2275.025630][T11905]  __sock_sendmsg+0x221/0x270
[ 2275.030319][T11905]  sock_write_iter+0x2dd/0x400
[ 2275.035121][T11905]  ? __pfx_sock_write_iter+0x10/0x10
[ 2275.040804][T11905]  ? bpf_lsm_file_permission+0x9/0x10
[ 2275.046270][T11905]  ? security_file_permission+0x7f/0xa0
[ 2275.051928][T11905]  vfs_write+0xa72/0xc90
[ 2275.056178][T11905]  ? __pfx_sock_write_iter+0x10/0x10
[ 2275.061468][T11905]  ? __pfx_vfs_write+0x10/0x10
[ 2275.066248][T11905]  ksys_write+0x1a0/0x2c0
[ 2275.070601][T11905]  ? __pfx_ksys_write+0x10/0x10
[ 2275.075450][T11905]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2275.082049][T11905]  ? lockdep_hardirqs_on+0x99/0x150
[ 2275.087269][T11905]  __do_fast_syscall_32+0xb4/0x120
[ 2275.092390][T11905]  ? exc_page_fault+0x590/0x8c0
[ 2275.097240][T11905]  do_fast_syscall_32+0x34/0x80
[ 2275.102109][T11905]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2275.108457][T11905] RIP: 0023:0xf7467579
[ 2275.112537][T11905] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2275.132139][T11905] RSP: 002b:00000000f5d8057c EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[ 2275.140553][T11905] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000280
[ 2275.148651][T11905] RDX: 000000000000002c RSI: 0000000000000000 RDI: 0000000000000000
[ 2275.156614][T11905] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2275.164668][T11905] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2275.172639][T11905] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2275.180613][T11905]  </TASK>
[ 2275.183706][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2275.195112][ T5146] usb 4-1: new high-speed USB device number 120 using dummy_hcd
[ 2275.382461][ T5146] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 2275.400953][ T5146] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2275.418661][ T5146] usb 4-1: config 0 descriptor??
[ 2275.548895][ T6404] Bluetooth: hci0: command tx timeout
[ 2275.619387][ T6404] Bluetooth: hci2: command tx timeout
[ 2275.651174][T11903] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2275.660811][T11903] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2275.872002][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 2275.944116][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 2277.057860][T11889] chnl_net:caif_netlink_parms(): no params data found
[ 2277.573703][T11731] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2277.623963][ T6404] Bluetooth: hci0: command tx timeout
[ 2277.687795][ T5146] usb 4-1: Cannot set autoneg
[ 2277.702964][ T5146] MOSCHIP usb-ethernet driver 4-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[ 2277.737284][ T5146] usb 4-1: USB disconnect, device number 120
[ 2277.812946][   T53] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2277.825540][   T53] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2277.836442][   T53] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2277.851507][   T53] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2277.863239][   T53] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 2277.876936][   T53] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2277.892429][T11731] 8021q: adding VLAN 0 to HW filter on device team0
[ 2277.917070][T11889] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2277.929590][T11889] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2277.937560][T11889] bridge_slave_0: entered allmulticast mode
[ 2277.951758][T11889] bridge_slave_0: entered promiscuous mode
[ 2277.962918][T11889] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2277.970497][T11889] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2277.977822][T11889] bridge_slave_1: entered allmulticast mode
[ 2278.000241][T11889] bridge_slave_1: entered promiscuous mode
[ 2278.177447][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2278.232561][T11889] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2278.248357][T11889] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2278.279384][T14051] usb 4-1: new high-speed USB device number 121 using dummy_hcd
[ 2278.283559][ T5148] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2278.294840][ T5148] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2278.380218][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2278.474006][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2278.484705][T14051] usb 4-1: Using ep0 maxpacket: 32
[ 2278.498650][T14051] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2278.513435][T14051] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2278.525716][T14051] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2278.527236][ T5148] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2278.536218][T14051] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2278.541994][ T5148] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2278.599514][T14051] usb 4-1: config 0 descriptor??
[ 2278.621351][T14051] hub 4-1:0.0: USB hub found
[ 2278.638525][T11889] team0: Port device team_slave_0 added
[ 2278.686664][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2278.737796][T11889] team0: Port device team_slave_1 added
[ 2278.861218][T14051] hub 4-1:0.0: config failed, can't read hub descriptor (err -22)
[ 2278.885883][T14051] usbhid 4-1:0.0: can't add hid device: -71
[ 2278.899426][T14051] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 2278.949622][T14051] usb 4-1: USB disconnect, device number 121
[ 2279.016441][T11889] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2279.027354][T11889] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2279.064249][T11889] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2279.129260][T11889] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2279.136973][T11889] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2279.170772][T11889] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2279.288326][T11817] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2279.379091][T11817] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2279.436913][T11889] hsr_slave_0: entered promiscuous mode
[ 2279.452433][T11889] hsr_slave_1: entered promiscuous mode
[ 2279.466185][T11889] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2279.476535][T11889] Cannot create hsr debugfs directory
[ 2279.645052][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2279.676976][T11817] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2279.696573][T11817] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2279.699456][ T6404] Bluetooth: hci0: command tx timeout
[ 2279.727820][T11985] netlink: 36 bytes leftover after parsing attributes in process `syz.3.7830'.
[ 2279.793787][T11981] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7830'.
[ 2279.810841][T11989] fuse: Unknown parameter 'rmotmode'
[ 2279.875484][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2279.941054][ T6404] Bluetooth: hci4: command tx timeout
[ 2280.091462][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2280.178409][T11935] chnl_net:caif_netlink_parms(): no params data found
[ 2280.274549][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2280.376013][T11731] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2280.602866][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x0e
[ 2280.609855][ T6404] Bluetooth: Wrong link type (-22)
[ 2280.615049][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x0f
[ 2280.623231][ T6404] Bluetooth: Wrong link type (-22)
[ 2280.628421][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x10
[ 2280.635154][ T6404] Bluetooth: Wrong link type (-22)
[ 2280.799742][T11935] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2280.806938][T11935] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2280.825262][T11935] bridge_slave_0: entered allmulticast mode
[ 2280.833887][T11935] bridge_slave_0: entered promiscuous mode
[ 2280.844827][T11935] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2280.852474][T11935] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2280.868096][T11935] bridge_slave_1: entered allmulticast mode
[ 2280.880660][T11935] bridge_slave_1: entered promiscuous mode
[ 2280.976711][T12024] netlink: 'syz.3.7833': attribute type 6 has an invalid length.
[ 2280.987249][T12024] netlink: 'syz.3.7833': attribute type 8 has an invalid length.
[ 2281.009214][T12024] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7833'.
[ 2281.068693][T11935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2281.102686][T11935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2281.159005][   T12] bridge_slave_1: left allmulticast mode
[ 2281.166933][   T12] bridge_slave_1: left promiscuous mode
[ 2281.174606][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2281.192159][   T12] bridge_slave_0: left allmulticast mode
[ 2281.197869][   T12] bridge_slave_0: left promiscuous mode
[ 2281.209671][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2281.231247][   T12] bridge_slave_1: left allmulticast mode
[ 2281.236951][   T12] bridge_slave_1: left promiscuous mode
[ 2281.250568][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2281.278351][   T12] bridge_slave_0: left allmulticast mode
[ 2281.295354][   T12] bridge_slave_0: left promiscuous mode
[ 2281.301437][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2281.409370][ T5146] usb 4-1: new high-speed USB device number 122 using dummy_hcd
[ 2281.611919][ T5146] usb 4-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 2281.631235][ T5146] usb 4-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 2281.641556][ T5146] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2281.651208][ T5146] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2281.783576][ T6404] Bluetooth: hci0: command tx timeout
[ 2282.019540][ T6404] Bluetooth: hci4: command tx timeout
[ 2282.201254][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2282.215928][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2282.227511][   T12] bond0 (unregistering): Released all slaves
[ 2282.438084][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2282.450687][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2282.466955][   T12] bond0 (unregistering): Released all slaves
[ 2282.567765][T11731] veth0_vlan: entered promiscuous mode
[ 2282.606193][T12031] : entered promiscuous mode
[ 2282.632394][ T5146] usb 4-1: string descriptor 0 read error: -71
[ 2282.636884][T11935] team0: Port device team_slave_0 added
[ 2282.650670][ T5146] usb 4-1: USB disconnect, device number 122
[ 2282.654846][T11935] team0: Port device team_slave_1 added
[ 2282.749096][T11935] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2282.756762][T11935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2282.783903][T11935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2282.823800][T11935] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2282.836338][T11935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2282.864184][T11935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2282.943175][T11817] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2282.970176][T11731] veth1_vlan: entered promiscuous mode
[ 2283.081164][T11817] 8021q: adding VLAN 0 to HW filter on device team0
[ 2283.128531][T12620] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2283.135932][T12620] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2283.164343][T11935] hsr_slave_0: entered promiscuous mode
[ 2283.171005][T11935] hsr_slave_1: entered promiscuous mode
[ 2283.177165][T11935] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2283.186923][T11935] Cannot create hsr debugfs directory
[ 2283.237574][T14051] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2283.244716][T14051] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2283.574868][   T12] hsr_slave_0: left promiscuous mode
[ 2283.592703][   T12] hsr_slave_1: left promiscuous mode
[ 2283.601536][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2283.609509][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2283.617856][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2283.639569][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2283.663572][   T12] hsr_slave_0: left promiscuous mode
[ 2283.673097][   T12] hsr_slave_1: left promiscuous mode
[ 2283.685475][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2283.696274][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2283.719514][T14051] usb 4-1: new high-speed USB device number 123 using dummy_hcd
[ 2283.728157][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2283.744337][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2283.817145][   T12] veth1_macvtap: left promiscuous mode
[ 2283.828552][   T12] veth0_macvtap: left promiscuous mode
[ 2283.837053][   T12] veth1_vlan: left promiscuous mode
[ 2283.848401][   T12] veth0_vlan: left promiscuous mode
[ 2283.855720][   T12] veth1_macvtap: left promiscuous mode
[ 2283.862803][   T12] veth0_macvtap: left promiscuous mode
[ 2283.868597][   T12] veth1_vlan: left promiscuous mode
[ 2283.872794][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[ 2283.874577][   T12] veth0_vlan: left promiscuous mode
[ 2283.880716][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[ 2283.919328][T14051] usb 4-1: Using ep0 maxpacket: 32
[ 2283.929339][T14051] usb 4-1: config 11 has an invalid interface number: 101 but max is 2
[ 2283.937773][T14051] usb 4-1: config 11 has an invalid interface number: 170 but max is 2
[ 2283.957747][T14051] usb 4-1: config 11 has an invalid interface number: 139 but max is 2
[ 2283.966686][T14051] usb 4-1: config 11 has no interface number 0
[ 2283.973164][T14051] usb 4-1: config 11 has no interface number 1
[ 2283.979831][T14051] usb 4-1: config 11 has no interface number 2
[ 2283.986073][T14051] usb 4-1: config 11 interface 101 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 8
[ 2284.000198][T14051] usb 4-1: config 11 interface 101 altsetting 2 has a duplicate endpoint with address 0x6, skipping
[ 2284.012341][T14051] usb 4-1: config 11 interface 101 altsetting 2 endpoint 0x5 has invalid maxpacket 1024, setting to 64
[ 2284.025509][T14051] usb 4-1: config 11 interface 101 altsetting 2 endpoint 0x8B has invalid maxpacket 512, setting to 64
[ 2284.037033][T14051] usb 4-1: config 11 interface 101 altsetting 2 has a duplicate endpoint with address 0xB, skipping
[ 2284.049630][T14051] usb 4-1: config 11 interface 101 altsetting 2 endpoint 0xE has invalid maxpacket 512, setting to 64
[ 2284.064115][T14051] usb 4-1: config 11 interface 101 altsetting 2 has a duplicate endpoint with address 0xC, skipping
[ 2284.075490][T14051] usb 4-1: config 11 interface 101 altsetting 2 has a duplicate endpoint with address 0xB, skipping
[ 2284.087359][T14051] usb 4-1: config 11 interface 170 altsetting 2 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[ 2284.099024][T14051] usb 4-1: config 11 interface 170 altsetting 2 endpoint 0x7 has invalid maxpacket 512, setting to 64
[ 2284.106039][ T6404] Bluetooth: hci4: command tx timeout
[ 2284.138764][T14051] usb 4-1: config 11 interface 170 altsetting 2 has a duplicate endpoint with address 0x5, skipping
[ 2284.162090][T14051] usb 4-1: config 11 interface 170 altsetting 2 has an invalid descriptor for endpoint zero, skipping
[ 2284.195164][T14051] usb 4-1: config 11 interface 170 altsetting 2 has a duplicate endpoint with address 0x5, skipping
[ 2284.214914][T14051] usb 4-1: config 11 interface 170 altsetting 2 has a duplicate endpoint with address 0x2, skipping
[ 2284.228745][T14051] usb 4-1: config 11 interface 170 altsetting 2 has a duplicate endpoint with address 0xC, skipping
[ 2284.248970][T14051] usb 4-1: config 11 interface 139 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[ 2284.262000][T14051] usb 4-1: config 11 interface 139 altsetting 7 has a duplicate endpoint with address 0xA, skipping
[ 2284.273444][T14051] usb 4-1: config 11 interface 139 altsetting 7 has a duplicate endpoint with address 0x2, skipping
[ 2284.287710][T14051] usb 4-1: config 11 interface 139 altsetting 7 endpoint 0xD has invalid maxpacket 1023, setting to 64
[ 2284.299460][T14051] usb 4-1: config 11 interface 139 altsetting 7 has a duplicate endpoint with address 0xA, skipping
[ 2284.311093][T14051] usb 4-1: config 11 interface 139 altsetting 7 has a duplicate endpoint with address 0x1, skipping
[ 2284.323591][T14051] usb 4-1: config 11 interface 139 altsetting 7 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[ 2284.336932][T14051] usb 4-1: config 11 interface 139 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[ 2284.348749][T14051] usb 4-1: config 11 interface 139 altsetting 7 has a duplicate endpoint with address 0xC, skipping
[ 2284.361759][T14051] usb 4-1: config 11 interface 139 altsetting 7 has a duplicate endpoint with address 0xC, skipping
[ 2284.376600][T14051] usb 4-1: config 11 interface 139 altsetting 7 has a duplicate endpoint with address 0xB, skipping
[ 2284.393105][T14051] usb 4-1: config 11 interface 139 altsetting 7 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[ 2284.407716][T14051] usb 4-1: config 11 interface 139 altsetting 7 has a duplicate endpoint with address 0x7, skipping
[ 2284.420461][T14051] usb 4-1: config 11 interface 101 has no altsetting 0
[ 2284.427816][T14051] usb 4-1: config 11 interface 170 has no altsetting 0
[ 2284.435136][T14051] usb 4-1: config 11 interface 139 has no altsetting 0
[ 2284.444950][T14051] usb 4-1: Dual-Role OTG device on HNP port
[ 2284.451507][T14051] usb 4-1: New USB device found, idVendor=1b3d, idProduct=0154, bcdDevice=3f.49
[ 2284.464432][T14051] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2284.476093][T14051] usb 4-1: Product: 뉦珝㳩냺荴螺ᥖ朌ꈂ勄쳡细鬄䝮埖祣魛毘℺ጚ綢曝㱫톏乀쁾ꈣ鑺鉐⾇땵替᭍ቤᮨ唳ꈀ퍬㪓ꍤ⣎뎨掤謓鮒ʏ䌳䥌潱ṇ쀛恛⡝矿Ї캘ꊶﳧ㴷쬯⨥覮䫯ꩭᯔ꾍ꏒ笿횫
[ 2284.507719][T14051] usb 4-1: Manufacturer: ꥦ⻥蒒ᔚ罢㪱묒᎞ᵜ栐ꭋࣅ藘옟ἦщ떭䰓᩼㼪ს辣䕎랂汬捀吙Ɗጇ栞ﰴ悇텖⑕蕀㩻鍽㭑粞肞眓ዺ⃄梽斕뵶᠁懴礈Ԉ擷镛斛羸栗ᩦ샣
[ 2284.545793][T14051] usb 4-1: SerialNumber: syz
[ 2284.556172][T12039] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 2284.805862][T14051] ftdi_sio 4-1:11.101: FTDI USB Serial Device converter detected
[ 2284.825725][T14051] ftdi_sio ttyUSB0: unknown device type: 0x3f49
[ 2284.847084][T14051] ftdi_sio 4-1:11.170: FTDI USB Serial Device converter detected
[ 2284.860180][T14051] ftdi_sio ttyUSB1: unknown device type: 0x3f49
[ 2284.880703][T14051] ftdi_sio 4-1:11.139: FTDI USB Serial Device converter detected
[ 2284.897652][T14051] ftdi_sio ttyUSB2: unknown device type: 0x3f49
[ 2284.908840][T14051] usb 4-1: USB disconnect, device number 123
[ 2284.926192][T14051] ftdi_sio 4-1:11.101: device disconnected
[ 2284.935870][T14051] ftdi_sio 4-1:11.170: device disconnected
[ 2284.946115][T14051] ftdi_sio 4-1:11.139: device disconnected
[ 2285.157937][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 2285.233410][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 2285.976756][T12620] usb 4-1: new high-speed USB device number 124 using dummy_hcd
[ 2286.159374][T12620] usb 4-1: Using ep0 maxpacket: 32
[ 2286.167772][T12620] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2286.179410][ T6404] Bluetooth: hci4: command tx timeout
[ 2286.185381][T12620] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2286.225012][T12620] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2286.234294][T12620] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2286.244896][T12620] usb 4-1: config 0 descriptor??
[ 2286.254004][T12620] hub 4-1:0.0: USB hub found
[ 2286.478077][T12620] hub 4-1:0.0: config failed, can't read hub descriptor (err -22)
[ 2286.503047][T12620] usbhid 4-1:0.0: can't add hid device: -71
[ 2286.515159][T12620] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 2286.538158][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 2286.568671][T12620] usb 4-1: USB disconnect, device number 124
[ 2286.611897][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 2287.335296][T11731] veth0_macvtap: entered promiscuous mode
[ 2287.393937][T11731] veth1_macvtap: entered promiscuous mode
[ 2287.417151][T11731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2287.441469][T11731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2287.470791][T11731] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2287.502322][T11889] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2287.543303][T11731] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2287.557707][T11731] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2287.582548][T11731] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2287.636889][T11889] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2287.673682][T11889] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2287.734452][T11731] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2287.759375][T11731] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2287.768132][T11731] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2287.789259][T11731] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2287.901070][T11889] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2287.984291][T11817] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2288.034941][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x0e
[ 2288.041652][ T6404] Bluetooth: Wrong link type (-22)
[ 2288.046946][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x0f
[ 2288.054637][ T6404] Bluetooth: Wrong link type (-22)
[ 2288.060424][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x10
[ 2288.067135][ T6404] Bluetooth: Wrong link type (-22)
[ 2288.369403][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2288.377275][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2288.639036][   T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2288.641245][T11817] veth0_vlan: entered promiscuous mode
[ 2288.656733][   T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2288.795680][T11817] veth1_vlan: entered promiscuous mode
[ 2288.827154][T11889] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2288.886080][T11935] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 2288.898996][T11935] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 2288.953442][T11935] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 2288.975602][T11935] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 2289.023434][T11817] veth0_macvtap: entered promiscuous mode
[ 2289.048496][T11817] veth1_macvtap: entered promiscuous mode
[ 2289.078011][T11889] 8021q: adding VLAN 0 to HW filter on device team0
[ 2289.089495][T14051] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[ 2289.105169][T11817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2289.122595][T11817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2289.140184][T11817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2289.153160][T11817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2289.166882][T11817] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2289.192525][ T5150] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2289.199777][ T5150] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2289.216888][T11817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2289.228713][T11817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2289.239858][T11817] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2289.252479][T11817] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2289.266440][T11817] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2289.275774][   T58] usb 4-1: new high-speed USB device number 125 using dummy_hcd
[ 2289.295566][T11817] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2289.305823][T11817] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2289.315786][T11817] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2289.327154][T14051] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 2289.337223][T14051] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2289.346629][T11817] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2289.357998][T14051] usb 2-1: config 0 descriptor??
[ 2289.367798][T14051] cp210x 2-1:0.0: cp210x converter detected
[ 2289.390220][ T5181] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2289.397388][ T5181] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2289.477810][   T58] usb 4-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 2289.501968][   T58] usb 4-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 2289.519240][   T58] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2289.528545][   T58] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2289.574021][T14051] cp210x 2-1:0.0: failed to get vendor val 0x370b size 1: -32
[ 2289.607737][T14051] cp210x 2-1:0.0: querying part number failed
[ 2289.635618][T14051] usb 2-1: cp210x converter now attached to ttyUSB0
[ 2289.833501][T12086] openvswitch: : Dropping previously announced user features
[ 2289.893383][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2289.914687][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2289.981558][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2289.991941][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2290.017933][T11935] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2290.075504][T11889] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2290.084346][   T58] usb 4-1: string descriptor 0 read error: -71
[ 2290.109543][   T58] usb 4-1: USB disconnect, device number 125
[ 2290.147236][T11935] 8021q: adding VLAN 0 to HW filter on device team0
[ 2290.214235][T12620] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2290.221486][T12620] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2290.287776][ T1446] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2290.295333][ T1446] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2290.414830][T11889] veth0_vlan: entered promiscuous mode
[ 2290.474267][T11889] veth1_vlan: entered promiscuous mode
[ 2290.572892][T11935] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2290.608055][T11889] veth0_macvtap: entered promiscuous mode
[ 2290.626308][T11889] veth1_macvtap: entered promiscuous mode
[ 2290.669599][T12620] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 2290.732979][T11889] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2290.759229][T11889] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2290.770350][T11889] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2290.781407][T11889] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2290.792132][T11889] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2290.817401][T11889] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2290.836162][T11889] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2290.869391][T12620] usb 3-1: Using ep0 maxpacket: 32
[ 2290.870436][T11889] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2290.878813][T12620] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2290.892802][T11889] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2290.916543][T12620] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2290.919834][T11889] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2290.940107][T12620] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2290.943958][T11889] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2290.962606][T12620] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2290.966734][T11889] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2290.990834][T11889] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2290.993753][T12620] usb 3-1: config 0 descriptor??
[ 2291.005418][T11889] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2291.036628][T12620] hub 3-1:0.0: USB hub found
[ 2291.040719][T11935] veth0_vlan: entered promiscuous mode
[ 2291.081514][T11889] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2291.091281][T11889] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2291.103477][T11889] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2291.113757][T11889] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2291.144983][T11935] veth1_vlan: entered promiscuous mode
[ 2291.159462][ T8900] usb 4-1: new high-speed USB device number 126 using dummy_hcd
[ 2291.349855][ T8900] usb 4-1: Using ep0 maxpacket: 8
[ 2291.367860][T11935] veth0_macvtap: entered promiscuous mode
[ 2291.377697][ T8900] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2291.406262][ T8900] usb 4-1: New USB device found, idVendor=20a6, idProduct=1105, bcdDevice=c2.ab
[ 2291.416742][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2291.420428][T12620] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[ 2291.440377][ T8900] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2291.449035][ T8900] usb 4-1: Product: syz
[ 2291.451026][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2291.477124][T12620] usbhid 3-1:0.0: can't add hid device: -71
[ 2291.477839][T11935] veth1_macvtap: entered promiscuous mode
[ 2291.488979][ T8900] usb 4-1: Manufacturer: syz
[ 2291.496144][T12620] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 2291.504128][ T8900] usb 4-1: SerialNumber: syz
[ 2291.514394][ T8900] usb 4-1: config 0 descriptor??
[ 2291.525333][ T8900] usb 4-1: bad CDC descriptors
[ 2291.545669][ T8900] option 4-1:0.0: GSM modem (1-port) converter detected
[ 2291.555106][T12620] usb 3-1: USB disconnect, device number 36
[ 2291.618055][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2291.640002][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2291.662503][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2291.682180][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2291.697324][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2291.710187][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2291.720244][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2291.735758][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2291.748889][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2291.762937][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2291.791482][T11935] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2291.799638][ T1446] usb 2-1: USB disconnect, device number 10
[ 2291.816449][ T1446] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 2291.872205][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2291.887121][ T1446] cp210x 2-1:0.0: device disconnected
[ 2291.897055][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2291.924785][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2291.943337][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2291.954578][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2291.969364][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2292.008107][T11935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2292.026161][T11935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2292.053738][T11935] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2292.080776][T11935] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2292.094490][T11935] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2292.104801][T11935] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2292.138762][T11935] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2292.370519][T23065] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2292.378407][T23065] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2292.470325][T12131] FAULT_INJECTION: forcing a failure.
[ 2292.470325][T12131] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2292.483734][ T1446] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[ 2292.487129][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2292.515846][T12131] CPU: 0 PID: 12131 Comm: syz.2.7844 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[ 2292.526058][T12131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2292.536150][T12131] Call Trace:
[ 2292.539430][T12131]  <TASK>
[ 2292.542388][T12131]  dump_stack_lvl+0x241/0x360
[ 2292.546739][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2292.547076][T12131]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2292.547108][T12131]  ? __pfx__printk+0x10/0x10
[ 2292.564173][T12131]  ? __pfx_lock_release+0x10/0x10
[ 2292.569239][T12131]  should_fail_ex+0x3b0/0x4e0
[ 2292.573955][T12131]  _copy_from_user+0x2f/0xe0
[ 2292.578580][T12131]  memdup_user+0x64/0xc0
[ 2292.582845][T12131]  kvm_arch_vcpu_ioctl+0x1cbc/0x2cd0
[ 2292.588141][T12131]  ? kvm_arch_vcpu_ioctl+0x4a0/0x2cd0
[ 2292.593525][T12131]  ? validate_chain+0x11e/0x5900
[ 2292.598456][T12131]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[ 2292.604084][T12131]  ? __pfx_lock_acquire+0x10/0x10
[ 2292.609098][T12131]  ? is_bpf_text_address+0x26/0x2a0
[ 2292.614948][T12131]  ? __pfx_lock_release+0x10/0x10
[ 2292.619989][T12131]  ? __pfx_validate_chain+0x10/0x10
[ 2292.625200][T12131]  ? is_bpf_text_address+0x285/0x2a0
[ 2292.630489][T12131]  ? is_bpf_text_address+0x26/0x2a0
[ 2292.635723][T12131]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2292.644212][T12131]  ? kernel_text_address+0xa7/0xe0
[ 2292.649607][T12131]  ? __kernel_text_address+0xd/0x40
[ 2292.654822][T12131]  ? unwind_get_return_address+0x91/0xc0
[ 2292.660464][T12131]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2292.666959][T12131]  ? arch_stack_walk+0x16d/0x1b0
[ 2292.671949][T12131]  ? mark_lock+0x9a/0x350
[ 2292.676310][T12131]  ? __pfx_stack_trace_save+0x10/0x10
[ 2292.681722][T12131]  ? __lock_acquire+0x1346/0x1fd0
[ 2292.686771][T12131]  ? __mutex_trylock_common+0x183/0x2e0
[ 2292.692423][T12131]  ? __pfx___might_resched+0x10/0x10
[ 2292.697793][T12131]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 2292.703717][T12131]  ? rcu_is_watching+0x15/0xb0
[ 2292.708565][T12131]  ? trace_contention_end+0x3c/0x120
[ 2292.713878][T12131]  ? __mutex_lock+0x2ef/0xd70
[ 2292.718579][T12131]  ? __pfx_lock_release+0x10/0x10
[ 2292.723622][T12131]  ? kvm_vcpu_ioctl+0x1d9/0xd00
[ 2292.728473][T12131]  ? __pfx___mutex_lock+0x10/0x10
[ 2292.733645][T12131]  ? tomoyo_path_number_perm+0x71a/0x880
[ 2292.739272][T12131]  ? __lock_acquire+0x1346/0x1fd0
[ 2292.744294][T12131]  kvm_vcpu_ioctl+0x6e0/0xd00
[ 2292.748962][T12131]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2292.754941][T12131]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 2292.760247][T12131]  kvm_vcpu_compat_ioctl+0x242/0x450
[ 2292.766372][T12131]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[ 2292.772908][T12131]  ? __fget_files+0x3f6/0x470
[ 2292.777612][T12131]  ? bpf_lsm_file_ioctl_compat+0x9/0x10
[ 2292.783178][T12131]  ? security_file_ioctl_compat+0x87/0xb0
[ 2292.788934][T12131]  __se_compat_sys_ioctl+0x51c/0xca0
[ 2292.794261][T12131]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[ 2292.800131][T12131]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2292.806184][T12131]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2292.812572][T12131]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2292.819882][T12131]  ? lockdep_hardirqs_on+0x99/0x150
[ 2292.825472][T12131]  __do_fast_syscall_32+0xb4/0x120
[ 2292.830788][T12131]  ? exc_page_fault+0x590/0x8c0
[ 2292.836008][T12131]  do_fast_syscall_32+0x34/0x80
[ 2292.840882][T12131]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2292.848185][T12131] RIP: 0023:0xf73b1579
[ 2292.852921][T12131] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2292.877264][T12131] RSP: 002b:00000000f5cca57c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 2292.886417][T12131] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 000000004008ae89
[ 2292.894407][T12131] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
[ 2292.902391][T12131] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2292.910497][T12131] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2292.918509][T12131] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2292.926505][T12131]  </TASK>
[ 2293.049406][ T1446] usb 2-1: Using ep0 maxpacket: 32
[ 2293.068423][ T1446] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2293.091138][ T1446] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2293.108204][ T1446] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2293.124849][ T1446] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2293.137941][ T1446] usb 2-1: config 0 descriptor??
[ 2293.155548][ T1446] hub 2-1:0.0: USB hub found
[ 2293.351566][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x0e
[ 2293.358399][ T6404] Bluetooth: Wrong link type (-22)
[ 2293.368601][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x0f
[ 2293.375450][ T6404] Bluetooth: Wrong link type (-22)
[ 2293.382906][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x10
[ 2293.389571][ T6404] Bluetooth: Wrong link type (-22)
[ 2293.390198][ T6577] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 2293.395431][ T1446] hub 2-1:0.0: config failed, can't read hub descriptor (err -22)
[ 2293.417212][ T1446] usbhid 2-1:0.0: can't add hid device: -71
[ 2293.424063][ T1446] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2293.461982][ T1446] usb 2-1: USB disconnect, device number 11
[ 2293.611436][T12145] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7849'.
[ 2293.622467][T12145] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7849'.
[ 2293.633794][ T6577] usb 1-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[ 2293.643974][ T6577] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2293.657808][ T6577] usb 1-1: config 0 descriptor??
[ 2293.756015][T12620] usb 4-1: USB disconnect, device number 126
[ 2293.767750][T12620] option 4-1:0.0: device disconnected
[ 2293.799823][ T4873] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[ 2293.882729][ T6577] pegasus 1-1:0.0: probe with driver pegasus failed with error -71
[ 2293.897657][ T6577] usb 1-1: USB disconnect, device number 38
[ 2293.930242][T14051] usb 5-1: new high-speed USB device number 116 using dummy_hcd
[ 2293.991326][ T4873] usb 3-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[ 2294.006610][ T4873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2294.018199][ T4873] usb 3-1: config 0 descriptor??
[ 2294.088268][T12149] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7851'.
[ 2294.105196][T12149] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7851'.
[ 2294.118459][T14051] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 2294.128646][T14051] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2294.152348][T14051] usb 5-1: config 0 descriptor??
[ 2294.240388][ T4873] pegasus 3-1:0.0: probe with driver pegasus failed with error -71
[ 2294.259570][ T4873] usb 3-1: USB disconnect, device number 37
[ 2294.299718][T12620] usb 4-1: new high-speed USB device number 127 using dummy_hcd
[ 2294.500332][T12620] usb 4-1: Using ep0 maxpacket: 16
[ 2294.519017][T12620] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79
[ 2294.544401][T12620] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2294.545729][T12157] FAULT_INJECTION: forcing a failure.
[ 2294.545729][T12157] name failslab, interval 1, probability 0, space 0, times 0
[ 2294.553236][T12620] usb 4-1: Product: syz
[ 2294.609028][T14051] [drm] vendor descriptor length:b9 data:20 30 c4 a4 1b 38 94 62 92 09 29
[ 2294.614572][T12620] usb 4-1: Manufacturer: syz
[ 2294.627839][T12157] CPU: 1 PID: 12157 Comm: syz.0.7854 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[ 2294.634893][T12620] usb 4-1: SerialNumber: syz
[ 2294.638127][T12157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2294.638149][T12157] Call Trace:
[ 2294.638158][T12157]  <TASK>
[ 2294.659017][T12157]  dump_stack_lvl+0x241/0x360
[ 2294.663731][T12157]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2294.668968][T12157]  ? __pfx__printk+0x10/0x10
[ 2294.673631][T12157]  should_fail_ex+0x3b0/0x4e0
[ 2294.678428][T12157]  ? __alloc_skb+0x1c3/0x440
[ 2294.680472][T12620] usb 4-1: config 0 descriptor??
[ 2294.683029][T12157]  should_failslab+0x9/0x20
[ 2294.683062][T12157]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 2294.698323][T12157]  __alloc_skb+0x1c3/0x440
[ 2294.702781][T12157]  ? __pfx___alloc_skb+0x10/0x10
[ 2294.707840][T12157]  ? __local_bh_enable_ip+0x168/0x200
[ 2294.713239][T12157]  ? pppoe_sendmsg+0x51/0x750
[ 2294.717939][T12157]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 2294.723690][T12157]  sock_wmalloc+0xab/0x120
[ 2294.728140][T12157]  pppoe_sendmsg+0x1f7/0x750
[ 2294.732773][T12157]  ? security_socket_sendmsg+0x87/0xb0
[ 2294.738245][T12157]  ? __pfx_pppoe_sendmsg+0x10/0x10
[ 2294.743379][T12157]  __sock_sendmsg+0x221/0x270
[ 2294.748073][T12157]  ____sys_sendmsg+0x525/0x7d0
[ 2294.752839][T12157]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2294.758200][T12157]  ? rcu_is_watching+0x15/0xb0
[ 2294.762989][T12157]  __sys_sendmmsg+0x4af/0x740
[ 2294.767697][T12157]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2294.772910][T12157]  ? __pfx_lock_acquire+0x10/0x10
[ 2294.777939][T12157]  ? get_pid_task+0x23/0x1f0
[ 2294.782529][T12157]  ? __pfx_lock_release+0x10/0x10
[ 2294.787543][T12157]  ? kstrtouint_from_user+0x128/0x190
[ 2294.792928][T12157]  ? __pfx_lock_release+0x10/0x10
[ 2294.797978][T12157]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 2294.803738][T12157]  ? __fget_files+0x3f6/0x470
[ 2294.808445][T12157]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2294.814440][T12157]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2294.820777][T12157]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 2294.826325][T12157]  __do_fast_syscall_32+0xb4/0x120
[ 2294.831437][T12157]  ? exc_page_fault+0x590/0x8c0
[ 2294.836397][T12157]  do_fast_syscall_32+0x34/0x80
[ 2294.841268][T12157]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2294.847594][T12157] RIP: 0023:0xf746d579
[ 2294.851657][T12157] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2294.871513][T12157] RSP: 002b:00000000f5d8657c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 2294.879920][T12157] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001dc0
[ 2294.887915][T12157] RDX: 0000000000000213 RSI: 0000000000000000 RDI: 0000000000000000
[ 2294.896488][T12157] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2294.904556][T12157] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2294.912529][T12157] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2294.920530][T12157]  </TASK>
[ 2294.931302][T14051] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[ 2294.951846][T14051] [drm:udl_init] *ERROR* Selecting channel failed
[ 2294.987844][T14051] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2
[ 2295.019198][T14051] [drm] Initialized udl on minor 2
[ 2295.033714][T14051] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2295.036139][T12620] usb 4-1: Limiting number of CPorts to U8_MAX
[ 2295.050087][T14051] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[ 2295.062796][ T4873] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2295.084064][T12620] usb 4-1: Not enough endpoints found in device, aborting!
[ 2295.099927][ T4873] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2295.110670][T14051] usb 5-1: USB disconnect, device number 116
[ 2295.116888][ T4873] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[ 2295.246256][T12161] loop0: detected capacity change from 0 to 7
[ 2295.286893][T12161] Dev loop0: unable to read RDB block 7
[ 2295.319227][T12161]  loop0: unable to read partition table
[ 2295.325148][T12161] loop0: partition table beyond EOD, truncated
[ 2295.353573][T12161] loop_reread_partitions: partition scan of loop0 (�被x������ڬ��dƤ����ݡ�����
[ 2295.353573][T12161] 
) failed (rc=-5)
[ 2295.565777][T12147] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2295.578607][T12147] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2295.832550][T12620] usb 4-1: USB disconnect, device number 127
[ 2295.966679][T12181] FAULT_INJECTION: forcing a failure.
[ 2295.966679][T12181] name failslab, interval 1, probability 0, space 0, times 0
[ 2295.991153][T12182] loop0: detected capacity change from 0 to 7
[ 2295.996278][T12181] CPU: 1 PID: 12181 Comm: syz.3.7863 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[ 2296.007426][T12181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2296.017502][T12181] Call Trace:
[ 2296.020802][T12181]  <TASK>
[ 2296.023756][T12181]  dump_stack_lvl+0x241/0x360
[ 2296.028551][T12181]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2296.033781][T12181]  ? __pfx__printk+0x10/0x10
[ 2296.038392][T12181]  ? __pfx___might_resched+0x10/0x10
[ 2296.043697][T12181]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2296.049707][T12181]  should_fail_ex+0x3b0/0x4e0
[ 2296.055290][T12181]  ? rdma_resolve_ip+0x68/0x850
[ 2296.060166][T12181]  should_failslab+0x9/0x20
[ 2296.064694][T12181]  kmalloc_trace_noprof+0x6c/0x2c0
[ 2296.069851][T12181]  rdma_resolve_ip+0x68/0x850
[ 2296.074552][T12181]  ? __pfx_addr_handler+0x10/0x10
[ 2296.079693][T12181]  rdma_resolve_addr+0x6db/0x21b0
[ 2296.084743][T12181]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 2296.090667][T12181]  ? __pfx_rdma_resolve_addr+0x10/0x10
[ 2296.096147][T12181]  ? rcu_is_watching+0x15/0xb0
[ 2296.100942][T12181]  ? trace_contention_end+0x3c/0x120
[ 2296.106256][T12181]  ? __mutex_lock+0x2ef/0xd70
[ 2296.111094][T12181]  ? ucma_resolve_ip+0x1c8/0x300
[ 2296.116051][T12181]  ? __pfx___mutex_lock+0x10/0x10
[ 2296.121074][T12181]  ? ucma_get_ctx+0x28c/0x3a0
[ 2296.125761][T12181]  ? __pfx_ucma_get_ctx+0x10/0x10
[ 2296.130788][T12181]  ? __might_fault+0xc6/0x120
[ 2296.135471][T12181]  ucma_resolve_ip+0x212/0x300
[ 2296.140261][T12181]  ? __pfx_ucma_resolve_ip+0x10/0x10
[ 2296.145717][T12181]  ? __might_fault+0xc6/0x120
[ 2296.150391][T12181]  ? __pfx_ucma_resolve_ip+0x10/0x10
[ 2296.155667][T12181]  ucma_write+0x2df/0x430
[ 2296.160011][T12181]  ? __pfx_ucma_write+0x10/0x10
[ 2296.164938][T12181]  ? bpf_lsm_file_permission+0x9/0x10
[ 2296.170308][T12181]  ? rw_verify_area+0x1d2/0x6b0
[ 2296.175237][T12181]  ? __pfx_ucma_write+0x10/0x10
[ 2296.180083][T12181]  vfs_write+0x2a2/0xc90
[ 2296.184322][T12181]  ? __pfx_vfs_write+0x10/0x10
[ 2296.189086][T12181]  ? __fget_files+0x29/0x470
[ 2296.193760][T12181]  ? __fget_files+0x3f6/0x470
[ 2296.198427][T12181]  ? __fget_files+0x29/0x470
[ 2296.203023][T12181]  ksys_write+0x1a0/0x2c0
[ 2296.207350][T12181]  ? __pfx_ksys_write+0x10/0x10
[ 2296.212220][T12181]  ? __secure_computing+0x125/0x370
[ 2296.217420][T12181]  __do_fast_syscall_32+0xb4/0x120
[ 2296.222523][T12181]  ? exc_page_fault+0x590/0x8c0
[ 2296.227366][T12181]  do_fast_syscall_32+0x34/0x80
[ 2296.232211][T12181]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2296.238531][T12181] RIP: 0023:0xf73e0579
[ 2296.242592][T12181] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2296.262215][T12181] RSP: 002b:00000000f5cf957c EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[ 2296.270649][T12181] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 0000000020000340
[ 2296.279317][T12181] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000
[ 2296.287279][T12181] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2296.295241][T12181] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2296.303206][T12181] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2296.311186][T12181]  </TASK>
[ 2296.314487][T12182] Dev loop0: unable to read RDB block 7
[ 2296.329304][T12182]  loop0: unable to read partition table
[ 2296.356352][T12182] loop0: partition table beyond EOD, truncated
[ 2296.366430][T12182] loop_reread_partitions: partition scan of loop0 (�被x������ڬ��dƤ����ݡ�����
[ 2296.366430][T12182] 
) failed (rc=-5)
[ 2296.411458][T20784] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 2296.599752][T20784] usb 1-1: Using ep0 maxpacket: 32
[ 2296.607372][T20784] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2296.619165][T12185] netlink: 108 bytes leftover after parsing attributes in process `syz.4.7865'.
[ 2296.642730][T20784] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2296.643648][   T29] kauditd_printk_skb: 50 callbacks suppressed
[ 2296.643662][   T29] audit: type=1326 audit(1720132865.222:11409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12184 comm="syz.4.7865" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7489579 code=0x0
[ 2296.669184][T20784] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2296.704365][ T6404] Bluetooth: hci2: Received unexpected HCI Event 0x00
[ 2296.729529][T20784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2296.763652][T20784] usb 1-1: config 0 descriptor??
[ 2296.783312][T20784] hub 1-1:0.0: USB hub found
[ 2296.984063][ T4873] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 2297.003164][T20784] hub 1-1:0.0: config failed, can't read hub descriptor (err -22)
[ 2297.024815][T20784] usbhid 1-1:0.0: can't add hid device: -71
[ 2297.033743][T20784] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 2297.094044][T20784] usb 1-1: USB disconnect, device number 39
[ 2297.204855][ T4873] usb 4-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[ 2297.219979][ T4873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2297.240965][ T4873] usb 4-1: config 0 descriptor??
[ 2297.242271][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x0e
[ 2297.257547][ T6404] Bluetooth: Wrong link type (-22)
[ 2297.262870][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x0f
[ 2297.269990][ T6404] Bluetooth: Wrong link type (-22)
[ 2297.275158][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x10
[ 2297.282185][ T6404] Bluetooth: Wrong link type (-22)
[ 2297.547558][ T4873] pegasus 4-1:0.0: probe with driver pegasus failed with error -71
[ 2297.594557][ T4873] usb 4-1: USB disconnect, device number 2
[ 2297.633098][T12206] netlink: 'syz.4.7874': attribute type 3 has an invalid length.
[ 2297.660160][T12206] netlink: 'syz.4.7874': attribute type 4 has an invalid length.
[ 2297.680280][T12206] netlink: 'syz.4.7874': attribute type 7 has an invalid length.
[ 2297.701421][T12210] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7874'.
[ 2297.709539][T12206] netlink: 'syz.4.7874': attribute type 8 has an invalid length.
[ 2297.718321][T12206] netlink: 'syz.4.7874': attribute type 7 has an invalid length.
[ 2297.726778][T12206] netlink: 198200 bytes leftover after parsing attributes in process `syz.4.7874'.
[ 2297.803430][T12212] bridge0: port 3(team0) entered blocking state
[ 2297.817297][T12212] bridge0: port 3(team0) entered disabled state
[ 2297.825977][T12212] team0: entered allmulticast mode
[ 2297.829452][    T9] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 2297.843118][T12212] team_slave_0: entered allmulticast mode
[ 2297.848885][T12212] team_slave_1: entered allmulticast mode
[ 2297.855547][T12217] netlink: 5754 bytes leftover after parsing attributes in process `syz.2.7877'.
[ 2297.875980][T12217] netlink: 49432 bytes leftover after parsing attributes in process `syz.2.7877'.
[ 2297.912414][T12212] team0: entered promiscuous mode
[ 2297.917509][T12212] team_slave_0: entered promiscuous mode
[ 2297.937203][T12212] team_slave_1: entered promiscuous mode
[ 2297.963258][T12212] bridge0: port 3(team0) entered blocking state
[ 2297.969766][T12212] bridge0: port 3(team0) entered forwarding state
[ 2298.059298][    T9] usb 2-1: Using ep0 maxpacket: 16
[ 2298.085652][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2298.097911][    T9] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2298.108063][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2298.147587][    T9] usb 2-1: config 0 descriptor??
[ 2298.362239][T12204] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2298.375655][T12204] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2298.409402][ T4873] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 2298.611168][ T4873] usb 1-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 2298.633175][ T4873] usb 1-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 2298.652102][ T4873] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2298.673302][T12204] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2298.679205][ T4873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2298.714940][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x0e
[ 2298.722087][ T6404] Bluetooth: Wrong link type (-22)
[ 2298.727476][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x0f
[ 2298.734629][ T6404] Bluetooth: Wrong link type (-22)
[ 2298.739796][T12204] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2298.752656][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x10
[ 2298.759714][ T6404] Bluetooth: Wrong link type (-22)
[ 2298.765092][ T6404] Bluetooth: hci3: link tx timeout
[ 2298.772768][    T9] usbhid 2-1:0.0: can't add hid device: -71
[ 2298.778800][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2298.800833][    T9] usb 2-1: USB disconnect, device number 12
[ 2298.945142][ T6404] Bluetooth: hci0: Received unexpected HCI Event 0x00
[ 2298.954071][T12225] : entered promiscuous mode
[ 2299.191056][T20784] usb 3-1: new low-speed USB device number 38 using dummy_hcd
[ 2299.213565][ T4873] usb 1-1: string descriptor 0 read error: -32
[ 2299.253691][ T4873] usb 1-1: USB disconnect, device number 40
[ 2299.419328][T20784] usb 3-1: Invalid ep0 maxpacket: 16
[ 2299.424902][ T6577] IPVS: starting estimator thread 0...
[ 2299.439457][    T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[ 2299.519328][T12255] IPVS: using max 19 ests per chain, 45600 per kthread
[ 2299.547176][ T6404] Bluetooth: hci1: SCO packet for unknown connection handle 0
[ 2299.592241][T20784] usb 3-1: new low-speed USB device number 39 using dummy_hcd
[ 2299.629264][    T9] usb 4-1: Using ep0 maxpacket: 32
[ 2299.636384][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2299.647867][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2299.661937][    T9] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2299.671768][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2299.681548][    T9] usb 4-1: config 0 descriptor??
[ 2299.694891][    T9] hub 4-1:0.0: USB hub found
[ 2299.789614][T20784] usb 3-1: Invalid ep0 maxpacket: 16
[ 2299.799812][T20784] usb usb3-port1: attempt power cycle
[ 2299.836512][T12264] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7892'.
[ 2299.846616][T12264] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7892'.
[ 2299.879427][ T6577] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 2299.905190][    T9] hub 4-1:0.0: config failed, can't read hub descriptor (err -22)
[ 2299.932432][    T9] usbhid 4-1:0.0: can't add hid device: -71
[ 2299.938497][    T9] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 2299.982367][    T9] usb 4-1: USB disconnect, device number 3
[ 2300.020857][T12620] usb 5-1: new high-speed USB device number 117 using dummy_hcd
[ 2300.061834][ T6577] usb 2-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[ 2300.073124][ T6577] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2300.087180][ T6577] usb 2-1: config 0 descriptor??
[ 2300.129277][ T8900] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[ 2300.214899][T12620] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[ 2300.227604][T12620] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2300.239513][T20784] usb 3-1: new low-speed USB device number 40 using dummy_hcd
[ 2300.249955][T12620] usb 5-1: config 0 descriptor??
[ 2300.298267][T20784] usb 3-1: Invalid ep0 maxpacket: 16
[ 2300.342506][ T8900] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 2300.352926][ T8900] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2300.365816][ T8900] usb 1-1: config 0 descriptor??
[ 2300.449283][T20784] usb 3-1: new low-speed USB device number 41 using dummy_hcd
[ 2300.474894][T12620] pegasus 5-1:0.0: probe with driver pegasus failed with error -71
[ 2300.498405][T20784] usb 3-1: Invalid ep0 maxpacket: 16
[ 2300.530180][T12620] usb 5-1: USB disconnect, device number 117
[ 2300.534506][T20784] usb usb3-port1: unable to enumerate USB device
[ 2300.677422][ T6577] pegasus 2-1:0.0: probe with driver pegasus failed with error -71
[ 2300.690768][ T6577] usb 2-1: USB disconnect, device number 13
[ 2300.748278][T12272] FAULT_INJECTION: forcing a failure.
[ 2300.748278][T12272] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2300.762012][T12272] CPU: 1 PID: 12272 Comm: syz.3.7894 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[ 2300.772283][T12272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2300.782362][T12272] Call Trace:
[ 2300.785674][T12272]  <TASK>
[ 2300.788635][T12272]  dump_stack_lvl+0x241/0x360
[ 2300.793353][T12272]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2300.798557][T12272]  ? __pfx__printk+0x10/0x10
[ 2300.803148][T12272]  ? __pfx_lock_release+0x10/0x10
[ 2300.808193][T12272]  should_fail_ex+0x3b0/0x4e0
[ 2300.812868][T12272]  _copy_from_iter+0x1f6/0x1960
[ 2300.817751][T12272]  ? __virt_addr_valid+0x183/0x520
[ 2300.822885][T12272]  ? __pfx_lock_release+0x10/0x10
[ 2300.827922][T12272]  ? __pfx__copy_from_iter+0x10/0x10
[ 2300.833238][T12272]  ? __virt_addr_valid+0x183/0x520
[ 2300.838354][T12272]  ? __virt_addr_valid+0x183/0x520
[ 2300.843574][T12272]  ? __virt_addr_valid+0x44e/0x520
[ 2300.848717][T12272]  ? __phys_addr_symbol+0x2f/0x70
[ 2300.853748][T12272]  ? __check_object_size+0x49c/0x900
[ 2300.859079][T12272]  file_tty_write+0x4bb/0x9b0
[ 2300.863785][T12272]  vfs_write+0xa72/0xc90
[ 2300.868040][T12272]  ? __pfx_tty_write+0x10/0x10
[ 2300.872799][T12272]  ? __pfx_vfs_write+0x10/0x10
[ 2300.877595][T12272]  ksys_write+0x1a0/0x2c0
[ 2300.881963][T12272]  ? __pfx_ksys_write+0x10/0x10
[ 2300.886839][T12272]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2300.893542][T12272]  ? lockdep_hardirqs_on+0x99/0x150
[ 2300.898759][T12272]  __do_fast_syscall_32+0xb4/0x120
[ 2300.903872][T12272]  ? exc_page_fault+0x590/0x8c0
[ 2300.908748][T12272]  do_fast_syscall_32+0x34/0x80
[ 2300.913613][T12272]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2300.919934][T12272] RIP: 0023:0xf73e0579
[ 2300.924059][T12272] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2300.943856][T12272] RSP: 002b:00000000f5cf957c EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[ 2300.952272][T12272] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000040
[ 2300.960258][T12272] RDX: 0000000000001006 RSI: 0000000000000000 RDI: 0000000000000000
[ 2300.968246][T12272] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2300.976222][T12272] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2300.984215][T12272] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2300.992221][T12272]  </TASK>
[ 2301.004949][ T8900] [drm] vendor descriptor length:b9 data:20 30 c4 a4 1b 38 94 62 92 09 29
[ 2301.025911][ T8900] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[ 2301.038941][ T8900] [drm:udl_init] *ERROR* Selecting channel failed
[ 2301.058380][ T8900] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2
[ 2301.066573][ T8900] [drm] Initialized udl on minor 2
[ 2301.076139][ T8900] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2301.087571][ T8900] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[ 2301.098323][ T6577] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2301.119783][ T8900] usb 1-1: USB disconnect, device number 41
[ 2301.138153][ T6577] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[ 2301.328086][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x0e
[ 2301.345262][ T6404] Bluetooth: Wrong link type (-22)
[ 2301.352860][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x0f
[ 2301.360206][ T6404] Bluetooth: Wrong link type (-22)
[ 2301.365495][ T6404] Bluetooth: Unknown BR/EDR signaling command 0x10
[ 2301.372921][ T6404] Bluetooth: Wrong link type (-22)
[ 2301.378267][ T6404] Bluetooth: hci3: link tx timeout
[ 2301.523250][T12283] input: syz0 as /devices/virtual/input/input63
[ 2301.652661][T12283] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 2301.679319][ T6404] Bluetooth: hci4: SCO packet for unknown connection handle 0
[ 2301.739287][ T4873] usb 5-1: new high-speed USB device number 118 using dummy_hcd
[ 2301.822489][T12285] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7898'.
[ 2301.969254][ T4873] usb 5-1: Using ep0 maxpacket: 16
[ 2301.977480][ T4873] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2301.999089][ T4873] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2302.029254][ T4873] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2302.056342][ T4873] usb 5-1: config 0 descriptor??
[ 2302.240027][T20784] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 2302.291831][T12279] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2302.339057][T12279] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2302.427019][ T1446] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[ 2302.442930][T20784] usb 4-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 2302.459423][T20784] usb 4-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 2302.468502][T20784] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2302.480951][T20784] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2302.613069][T12300] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7904'.
[ 2302.622441][T12300] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7904'.
[ 2302.660169][ T1446] usb 3-1: Using ep0 maxpacket: 32
[ 2302.669890][ T1446] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2302.689449][ T1446] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2302.707730][ T1446] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2302.718482][ T1446] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2302.730772][T12294] openvswitch: : Dropping previously announced user features
[ 2302.740915][ T1446] usb 3-1: config 0 descriptor??
[ 2302.755047][ T1446] hub 3-1:0.0: USB hub found
[ 2302.847954][ T4873] usbhid 5-1:0.0: can't add hid device: -71
[ 2302.863854][ T4873] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 2302.886732][T12302] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.7905'.
[ 2302.895325][ T4873] usb 5-1: USB disconnect, device number 118
[ 2302.912109][ T8900] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 2302.962782][ T1446] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[ 2302.972809][T20784] usb 4-1: string descriptor 0 read error: -32
[ 2302.999867][T20784] usb 4-1: USB disconnect, device number 4
[ 2303.014001][ T1446] usbhid 3-1:0.0: can't add hid device: -71
[ 2303.055168][ T1446] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 2303.110483][ T1446] usb 3-1: USB disconnect, device number 42
[ 2303.116957][ T8900] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 2303.127262][ T8900] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2303.167642][ T8900] usb 2-1: config 0 descriptor??
[ 2303.609325][T20784] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[ 2303.618366][T12312] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7910'.
[ 2303.651335][T12312] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7910'.
[ 2303.797093][ T6404] Bluetooth: hci2: SCO packet for unknown connection handle 0
[ 2303.828299][   T53] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2303.849074][   T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2303.859296][T20784] usb 1-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[ 2303.870825][T20784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2303.882730][T20784] usb 1-1: config 0 descriptor??
[ 2303.906563][   T53] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2303.922464][   T53] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2303.938485][   T53] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 2303.953878][   T53] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2303.968656][ T6577] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 2304.039322][ T8900] [drm] vendor descriptor length:b9 data:20 30 c4 a4 1b 38 94 62 92 09 29
[ 2304.058776][ T8900] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[ 2304.138797][ T8900] [drm:udl_init] *ERROR* Selecting channel failed
[ 2304.152975][T20784] pegasus 1-1:0.0: probe with driver pegasus failed with error -71
[ 2304.172455][T20784] usb 1-1: USB disconnect, device number 42
[ 2304.204209][ T8900] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2
[ 2304.220729][ T6577] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 2304.244827][ T8900] [drm] Initialized udl on minor 2
[ 2304.262517][ T6577] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2304.291334][ T8900] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2304.302635][T12324] FAULT_INJECTION: forcing a failure.
[ 2304.302635][T12324] name failslab, interval 1, probability 0, space 0, times 0
[ 2304.318814][ T6577] usb 4-1: config 0 descriptor??
[ 2304.324158][T12324] CPU: 1 PID: 12324 Comm: syz.2.7913 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[ 2304.324191][T12324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2304.324203][T12324] Call Trace:
[ 2304.324212][T12324]  <TASK>
[ 2304.324222][T12324]  dump_stack_lvl+0x241/0x360
[ 2304.324256][T12324]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2304.324281][T12324]  ? __pfx__printk+0x10/0x10
[ 2304.324308][T12324]  ? ref_tracker_alloc+0x332/0x490
[ 2304.324339][T12324]  should_fail_ex+0x3b0/0x4e0
[ 2304.324368][T12324]  ? skb_clone+0x20c/0x390
[ 2304.324390][T12324]  should_failslab+0x9/0x20
[ 2304.324414][T12324]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 2304.324444][T12324]  skb_clone+0x20c/0x390
[ 2304.324480][T12324]  __netlink_deliver_tap+0x3cc/0x7c0
[ 2304.324516][T12324]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2304.324539][T12324]  netlink_deliver_tap+0x19d/0x1b0
[ 2304.324564][T12324]  netlink_unicast+0x7b8/0x980
[ 2304.324593][T12324]  ? __pfx_netlink_unicast+0x10/0x10
[ 2304.324613][T12324]  ? __virt_addr_valid+0x183/0x520
[ 2304.324640][T12324]  ? __check_object_size+0x49c/0x900
[ 2304.324665][T12324]  ? bpf_lsm_netlink_send+0x9/0x10
[ 2304.324691][T12324]  netlink_sendmsg+0x8db/0xcb0
[ 2304.343945][ T8900] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[ 2304.344882][T12324]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2304.359009][T12620] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2304.361013][T12324]  ? aa_sock_msg_perm+0x91/0x160
[ 2304.361046][T12324]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 2304.361064][T12324]  ? security_socket_sendmsg+0x87/0xb0
[ 2304.361085][T12324]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2304.361107][T12324]  __sock_sendmsg+0x221/0x270
[ 2304.361136][T12324]  ____sys_sendmsg+0x525/0x7d0
[ 2304.361165][T12324]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2304.361198][T12324]  __sys_sendmsg+0x2b0/0x3a0
[ 2304.381076][T12620] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2304.384919][T12324]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2304.401918][ T8900] usb 2-1: USB disconnect, device number 14
[ 2304.405106][T12324]  ? vfs_write+0x7c4/0xc90
[ 2304.432821][T12620] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[ 2304.436113][T12324]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2304.537697][T12324]  ? lockdep_hardirqs_on+0x99/0x150
[ 2304.542937][T12324]  __do_fast_syscall_32+0xb4/0x120
[ 2304.548090][T12324]  ? exc_page_fault+0x590/0x8c0
[ 2304.552981][T12324]  do_fast_syscall_32+0x34/0x80
[ 2304.558194][T12324]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2304.564799][T12324] RIP: 0023:0xf73b1579
[ 2304.569411][T12324] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2304.589060][T12324] RSP: 002b:00000000f5cca57c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2304.597503][T12324] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000040
[ 2304.605498][T12324] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2304.613620][T12324] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2304.621618][T12324] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2304.629794][T12324] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2304.637802][T12324]  </TASK>
[ 2304.640919][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2304.814314][ T2447] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2304.862488][ T6577] [drm] vendor descriptor length:b9 data:20 30 c4 a4 1b 38 94 62 92 09 29
[ 2304.880621][ T6577] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[ 2304.919351][ T6577] [drm:udl_init] *ERROR* Selecting channel failed
[ 2304.956557][ T6577] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 3
[ 2304.981531][ T6577] [drm] Initialized udl on minor 3
[ 2305.015991][ T6577] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2305.036230][ T6577] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[ 2305.047322][T12620] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 2305.048161][ T2447] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2305.075220][ T6577] usb 4-1: USB disconnect, device number 5
[ 2305.084871][T12620] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[ 2305.185453][T12329] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7914'.
[ 2305.337231][ T2447] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2305.463907][ T2447] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2305.504158][T12318] chnl_net:caif_netlink_parms(): no params data found
[ 2305.713016][T12318] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2305.720825][T12318] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2305.728196][T12318] bridge_slave_0: entered allmulticast mode
[ 2305.736594][T12318] bridge_slave_0: entered promiscuous mode
[ 2305.749938][ T6404] Bluetooth: hci3: SCO packet for unknown connection handle 201
[ 2305.769373][T12318] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2305.785756][T12318] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2305.793850][T12318] bridge_slave_1: entered allmulticast mode
[ 2305.805464][T12318] bridge_slave_1: entered promiscuous mode
[ 2305.904988][T12318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2305.922077][T12318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2306.013725][ T2447] bridge_slave_1: left allmulticast mode
[ 2306.025076][ T2447] bridge_slave_1: left promiscuous mode
[ 2306.031711][ T2447] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2306.046971][ T2447] bridge_slave_0: left allmulticast mode
[ 2306.053725][ T2447] bridge_slave_0: left promiscuous mode
[ 2306.060353][ T2447] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2306.109632][ T6404] Bluetooth: hci5: command tx timeout
[ 2306.248949][T12354] FAULT_INJECTION: forcing a failure.
[ 2306.248949][T12354] name failslab, interval 1, probability 0, space 0, times 0
[ 2306.279341][T12354] CPU: 1 PID: 12354 Comm: syz.1.7921 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[ 2306.289637][T12354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2306.299713][T12354] Call Trace:
[ 2306.303006][T12354]  <TASK>
[ 2306.305936][T12354]  dump_stack_lvl+0x241/0x360
[ 2306.310616][T12354]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2306.315809][T12354]  ? __pfx__printk+0x10/0x10
[ 2306.320395][T12354]  ? ref_tracker_alloc+0x332/0x490
[ 2306.325505][T12354]  should_fail_ex+0x3b0/0x4e0
[ 2306.330177][T12354]  ? skb_clone+0x20c/0x390
[ 2306.334599][T12354]  should_failslab+0x9/0x20
[ 2306.339184][T12354]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 2306.344584][T12354]  skb_clone+0x20c/0x390
[ 2306.348906][T12354]  __netlink_deliver_tap+0x3cc/0x7c0
[ 2306.354274][T12354]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2306.359464][T12354]  netlink_deliver_tap+0x19d/0x1b0
[ 2306.364566][T12354]  netlink_unicast+0x7b8/0x980
[ 2306.369340][T12354]  ? __pfx_netlink_unicast+0x10/0x10
[ 2306.374639][T12354]  ? __virt_addr_valid+0x183/0x520
[ 2306.379754][T12354]  ? __check_object_size+0x49c/0x900
[ 2306.385039][T12354]  ? bpf_lsm_netlink_send+0x9/0x10
[ 2306.390144][T12354]  netlink_sendmsg+0x8db/0xcb0
[ 2306.394908][T12354]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2306.400209][T12354]  ? aa_sock_msg_perm+0x91/0x160
[ 2306.405160][T12354]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 2306.410448][T12354]  ? security_socket_sendmsg+0x87/0xb0
[ 2306.415908][T12354]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2306.421225][T12354]  __sock_sendmsg+0x221/0x270
[ 2306.425900][T12354]  ____sys_sendmsg+0x525/0x7d0
[ 2306.430664][T12354]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2306.435951][T12354]  __sys_sendmsg+0x2b0/0x3a0
[ 2306.440533][T12354]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2306.445647][T12354]  ? vfs_write+0x7c4/0xc90
[ 2306.450094][T12354]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2306.456679][T12354]  ? lockdep_hardirqs_on+0x99/0x150
[ 2306.461875][T12354]  __do_fast_syscall_32+0xb4/0x120
[ 2306.466984][T12354]  ? exc_page_fault+0x590/0x8c0
[ 2306.471920][T12354]  do_fast_syscall_32+0x34/0x80
[ 2306.476778][T12354]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2306.483104][T12354] RIP: 0023:0xf7406579
[ 2306.487196][T12354] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2306.506798][T12354] RSP: 002b:00000000f5d1f57c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2306.515297][T12354] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000180
[ 2306.523270][T12354] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2306.531254][T12354] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2306.539254][T12354] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2306.547222][T12354] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2306.555198][T12354]  </TASK>
[ 2306.558223][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2306.581931][   T58] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[ 2306.618386][T12356] sg_write: data in/out 196608/1 bytes for SCSI command 0xf2-- guessing data in;
[ 2306.618386][T12356]    program syz.0.7922 not setting count and/or reply_len properly
[ 2306.811705][   T58] usb 3-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config
[ 2306.823180][   T58] usb 3-1: config 9 has 0 interfaces, different from the descriptor's value: 1
[ 2306.834764][   T58] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 2306.852756][   T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2306.964344][T20784] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[ 2307.094284][ T2447] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2307.106829][ T2447] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2307.118631][ T2447] bond0 (unregistering): Released all slaves
[ 2307.145031][T12318] team0: Port device team_slave_0 added
[ 2307.179770][T20784] usb 1-1: config 44 has too many interfaces: 150, using maximum allowed: 32
[ 2307.195337][T20784] usb 1-1: config 44 has an invalid descriptor of length 17, skipping remainder of the config
[ 2307.207366][T20784] usb 1-1: config 44 has 0 interfaces, different from the descriptor's value: 150
[ 2307.216817][T20784] usb 1-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[ 2307.239659][T20784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2307.262014][T12352] : entered promiscuous mode
[ 2307.300347][T12318] team0: Port device team_slave_1 added
[ 2307.361947][   T58] usb 3-1: string descriptor 0 read error: -32
[ 2307.380333][T12318] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2307.386497][ T4873] usb 3-1: USB disconnect, device number 43
[ 2307.401586][T12318] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2307.434206][T12318] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2307.477449][T12356] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2307.493770][T12356] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2307.525999][T20784] usb 1-1: string descriptor 0 read error: -71
[ 2307.538082][T20784] usb 1-1: USB disconnect, device number 43
[ 2307.592373][T12318] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2307.618804][T12318] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2307.640343][T12370] FAULT_INJECTION: forcing a failure.
[ 2307.640343][T12370] name failslab, interval 1, probability 0, space 0, times 0
[ 2307.648800][T12318] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2307.671656][T12370] CPU: 1 PID: 12370 Comm: syz.3.7925 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[ 2307.681876][T12370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2307.692040][T12370] Call Trace:
[ 2307.695413][T12370]  <TASK>
[ 2307.698544][T12370]  dump_stack_lvl+0x241/0x360
[ 2307.703230][T12370]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2307.708466][T12370]  ? __pfx__printk+0x10/0x10
[ 2307.713094][T12370]  ? ref_tracker_alloc+0x332/0x490
[ 2307.718219][T12370]  should_fail_ex+0x3b0/0x4e0
[ 2307.722914][T12370]  ? skb_clone+0x20c/0x390
[ 2307.727331][T12370]  should_failslab+0x9/0x20
[ 2307.731833][T12370]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 2307.737228][T12370]  skb_clone+0x20c/0x390
[ 2307.741486][T12370]  __netlink_deliver_tap+0x3cc/0x7c0
[ 2307.746793][T12370]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2307.752003][T12370]  netlink_deliver_tap+0x19d/0x1b0
[ 2307.757114][T12370]  netlink_unicast+0x7b8/0x980
[ 2307.761883][T12370]  ? __pfx_netlink_unicast+0x10/0x10
[ 2307.767161][T12370]  ? __virt_addr_valid+0x183/0x520
[ 2307.772270][T12370]  ? __check_object_size+0x49c/0x900
[ 2307.777638][T12370]  ? bpf_lsm_netlink_send+0x9/0x10
[ 2307.782750][T12370]  netlink_sendmsg+0x8db/0xcb0
[ 2307.787535][T12370]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2307.792904][T12370]  ? aa_sock_msg_perm+0x91/0x160
[ 2307.797838][T12370]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 2307.803120][T12370]  ? security_socket_sendmsg+0x87/0xb0
[ 2307.808583][T12370]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2307.814063][T12370]  __sock_sendmsg+0x221/0x270
[ 2307.818780][T12370]  ____sys_sendmsg+0x525/0x7d0
[ 2307.823558][T12370]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2307.828855][T12370]  __sys_sendmsg+0x2b0/0x3a0
[ 2307.833445][T12370]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2307.838546][T12370]  ? vfs_write+0x7c4/0xc90
[ 2307.842989][T12370]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2307.849569][T12370]  ? lockdep_hardirqs_on+0x99/0x150
[ 2307.854761][T12370]  __do_fast_syscall_32+0xb4/0x120
[ 2307.859869][T12370]  ? exc_page_fault+0x590/0x8c0
[ 2307.864715][T12370]  do_fast_syscall_32+0x34/0x80
[ 2307.869562][T12370]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2307.875879][T12370] RIP: 0023:0xf73e0579
[ 2307.879937][T12370] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2307.899535][T12370] RSP: 002b:00000000f5cf957c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2307.907941][T12370] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000440
[ 2307.915941][T12370] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2307.923905][T12370] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2307.931873][T12370] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2307.939835][T12370] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2307.947894][T12370]  </TASK>
[ 2307.951000][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2307.996195][T12318] hsr_slave_0: entered promiscuous mode
[ 2308.003178][T12318] hsr_slave_1: entered promiscuous mode
[ 2308.011188][T12318] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2308.018882][T12318] Cannot create hsr debugfs directory
[ 2308.154572][T12375] loop0: detected capacity change from 0 to 7
[ 2308.172035][T12375] Dev loop0: unable to read RDB block 7
[ 2308.181673][ T6404] Bluetooth: hci5: command tx timeout
[ 2308.204899][T12375]  loop0: unable to read partition table
[ 2308.236837][T12375] loop0: partition table beyond EOD, truncated
[ 2308.267139][T12375] loop_reread_partitions: partition scan of loop0 (�被x������ڬ��dƤ����ݡ�����
[ 2308.267139][T12375] 
) failed (rc=-5)
[ 2308.452531][ T2447] hsr_slave_0: left promiscuous mode
[ 2308.468001][ T2447] hsr_slave_1: left promiscuous mode
[ 2308.487892][ T2447] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2308.497920][ T2447] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2308.506552][ T2447] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2308.515971][ T2447] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2308.556346][ T2447] veth1_macvtap: left promiscuous mode
[ 2308.565886][ T2447] veth0_macvtap: left promiscuous mode
[ 2308.571934][ T2447] veth1_vlan: left promiscuous mode
[ 2308.577562][ T2447] veth0_vlan: left promiscuous mode
[ 2308.669292][   T58] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[ 2308.789659][T12620] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[ 2308.867191][   T58] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 2308.882410][   T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2308.905817][   T58] usb 3-1: config 0 descriptor??
[ 2308.917550][   T58] cp210x 3-1:0.0: cp210x converter detected
[ 2308.987279][T12620] usb 4-1: Using ep0 maxpacket: 16
[ 2309.005869][T12620] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2309.021617][T12620] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2309.031902][T12620] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2309.057244][T12620] usb 4-1: config 0 descriptor??
[ 2309.129097][   T58] cp210x 3-1:0.0: failed to get vendor val 0x370b size 1: -32
[ 2309.138543][   T58] cp210x 3-1:0.0: querying part number failed
[ 2309.151047][   T58] usb 3-1: cp210x converter now attached to ttyUSB0
[ 2309.600133][T12393] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2309.628309][T12393] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2309.634618][T12406] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2309.664276][T12620] hid (null): invalid report_count 983040256
[ 2309.675168][T12620] hid (null): unknown global tag 0xc
[ 2309.688913][T12620] hid-generic 0003:0158:0100.007D: unknown main item tag 0x0
[ 2309.703323][T12620] hid-generic 0003:0158:0100.007D: invalid report_count 983040256
[ 2309.713771][T12620] hid-generic 0003:0158:0100.007D: item 0 4 1 9 parsing failed
[ 2309.722142][ T2447] team0 (unregistering): Port device team_slave_1 removed
[ 2309.726340][T12620] hid-generic 0003:0158:0100.007D: probe with driver hid-generic failed with error -22
[ 2309.834942][ T2447] team0 (unregistering): Port device team_slave_0 removed
[ 2310.262990][ T6404] Bluetooth: hci5: command tx timeout
[ 2310.601904][T12620] usb 4-1: USB disconnect, device number 6
[ 2311.320304][T12620] usb 3-1: USB disconnect, device number 44
[ 2311.342580][T12620] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 2311.362495][T12620] cp210x 3-1:0.0: device disconnected
[ 2311.474863][T12415] FAULT_INJECTION: forcing a failure.
[ 2311.474863][T12415] name failslab, interval 1, probability 0, space 0, times 0
[ 2311.488081][T12415] CPU: 0 PID: 12415 Comm: syz.2.7937 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[ 2311.498254][T12415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2311.508313][T12415] Call Trace:
[ 2311.511597][T12415]  <TASK>
[ 2311.514537][T12415]  dump_stack_lvl+0x241/0x360
[ 2311.519232][T12415]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2311.524438][T12415]  ? __pfx__printk+0x10/0x10
[ 2311.529052][T12415]  should_fail_ex+0x3b0/0x4e0
[ 2311.533741][T12415]  ? __alloc_skb+0x1c3/0x440
[ 2311.538341][T12415]  should_failslab+0x9/0x20
[ 2311.542872][T12415]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 2311.548695][T12415]  __alloc_skb+0x1c3/0x440
[ 2311.553126][T12415]  ? __pfx___alloc_skb+0x10/0x10
[ 2311.558523][T12415]  ? bpf_lsm_file_permission+0x9/0x10
[ 2311.564008][T12415]  ? security_file_permission+0x7f/0xa0
[ 2311.569850][T12415]  ppp_write+0xbd/0x2a0
[ 2311.574025][T12415]  ? __pfx_ppp_write+0x10/0x10
[ 2311.578803][T12415]  vfs_write+0x2a2/0xc90
[ 2311.583280][T12415]  ? __pfx_vfs_write+0x10/0x10
[ 2311.588078][T12415]  ? __fget_files+0x29/0x470
[ 2311.592710][T12415]  ? __fget_files+0x3f6/0x470
[ 2311.597411][T12415]  ? __fget_files+0x29/0x470
[ 2311.602024][T12415]  ksys_write+0x1a0/0x2c0
[ 2311.606468][T12415]  ? __pfx_ksys_write+0x10/0x10
[ 2311.611331][T12415]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 2311.617942][T12415]  ? lockdep_hardirqs_on+0x99/0x150
[ 2311.623149][T12415]  __do_fast_syscall_32+0xb4/0x120
[ 2311.628273][T12415]  ? exc_page_fault+0x590/0x8c0
[ 2311.633134][T12415]  do_fast_syscall_32+0x34/0x80
[ 2311.637997][T12415]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2311.644418][T12415] RIP: 0023:0xf73b1579
[ 2311.648580][T12415] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2311.668275][T12415] RSP: 002b:00000000f5cca57c EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[ 2311.676787][T12415] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000200002c0
[ 2311.684767][T12415] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000
[ 2311.693001][T12415] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2311.700986][T12415] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2311.708979][T12415] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2311.716958][T12415]  </TASK>
[ 2312.879689][ T6404] Bluetooth: hci5: command tx timeout
[ 2312.977608][T12425] sg_write: data in/out 196608/1 bytes for SCSI command 0xf2-- guessing data in;
[ 2312.977608][T12425]    program syz.1.7941 not setting count and/or reply_len properly
[ 2313.329322][T12620] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[ 2313.339246][T32747] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[ 2313.520255][T32747] usb 1-1: Using ep0 maxpacket: 8
[ 2313.528737][T32747] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 2313.540449][T32747] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 2313.553378][T12620] usb 2-1: config 44 has too many interfaces: 150, using maximum allowed: 32
[ 2313.569271][T12620] usb 2-1: config 44 has an invalid descriptor of length 17, skipping remainder of the config
[ 2313.580407][T32747] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3D has an invalid bInterval 19, changing to 7
[ 2313.601727][T12620] usb 2-1: config 44 has 0 interfaces, different from the descriptor's value: 150
[ 2313.622165][T12620] usb 2-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4
[ 2313.643215][T32747] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a4, bcdDevice=9e.7e
[ 2313.656755][T32747] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2313.665391][T12620] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2313.684844][T32747] usb 1-1: Product: syz
[ 2313.698808][T32747] usb 1-1: Manufacturer: syz
[ 2313.710768][T32747] usb 1-1: SerialNumber: syz
[ 2313.727770][T32747] usb 1-1: config 0 descriptor??
[ 2313.743959][T32747] usbtest 1-1:0.0: couldn't get endpoints, -22
[ 2313.750815][T32747] usbtest 1-1:0.0: probe with driver usbtest failed with error -22
[ 2313.901605][T12425] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2313.913453][T12425] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2313.924907][ T6404] Bluetooth: hci1: link tx timeout
[ 2313.932304][ T6404] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2313.959352][T12620] usb 2-1: string descriptor 0 read error: -71
[ 2313.990170][T12620] usb 2-1: USB disconnect, device number 15
[ 2317.868212][   T53] Bluetooth: hci1: command 0x0406 tx timeout
[ 2317.887563][ T8900] usb 1-1: USB disconnect, device number 44
[ 2318.339228][T12620] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 2318.522188][T12620] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 2318.539188][T12620] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2318.559007][T12620] usb 2-1: config 0 descriptor??
[ 2318.577481][T12620] cp210x 2-1:0.0: cp210x converter detected
[ 2318.779731][T12620] cp210x 2-1:0.0: failed to get vendor val 0x370b size 1: -32
[ 2318.797507][T12620] cp210x 2-1:0.0: querying part number failed
[ 2318.824955][T12620] usb 2-1: cp210x converter now attached to ttyUSB0
[ 2319.136915][T32261] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2319.147894][T32261] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2319.157023][T32261] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2319.168400][T32261] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2319.178228][T32261] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 2319.185917][T32261] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2321.071448][T12620] usb 2-1: USB disconnect, device number 16
[ 2321.095648][T12620] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 2321.122781][T12620] cp210x 2-1:0.0: device disconnected
[ 2321.219317][T32261] Bluetooth: hci0: command tx timeout
[ 2326.039313][T32261] Bluetooth: hci0: command tx timeout
[ 2330.939986][ T6404] Bluetooth: hci0: command tx timeout
[ 2331.001307][T32261] Bluetooth: hci1: SCO packet for unknown connection handle 201
[ 2331.406866][T32261] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 2331.436017][T32261] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 2331.448853][T32261] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 2331.466171][T32261] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 2331.477000][T32261] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 2331.489398][T32261] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 2337.480065][T32261] Bluetooth: hci0: command tx timeout
[ 2337.485605][T32261] Bluetooth: hci6: command tx timeout
[ 2337.769467][T32261] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 2337.788889][T32261] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 2337.808864][T32261] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 2337.818463][T32261] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 2337.835142][T32261] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 2337.845627][T32261] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 2346.370464][T32261] Bluetooth: hci6: command tx timeout
[ 2346.376006][T32261] Bluetooth: hci7: command tx timeout
[ 2346.724286][T32261] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 2346.744757][T32261] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 2346.762474][T32261] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 2346.776992][T32261] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 2346.787830][T32261] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[ 2346.799797][T32261] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 2358.594708][T32261] Bluetooth: hci7: command tx timeout
[ 2358.600437][T32261] Bluetooth: hci6: command tx timeout
[ 2358.605916][T32261] Bluetooth: hci8: command tx timeout
[ 2358.614522][   T19] rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 1-.... } 3256 jiffies s: 384193 root: 0x2/.
[ 2358.626613][   T19] rcu: blocking rcu_node structures (internal RCU debug):
[ 2358.634147][   T19] Sending NMI from CPU 0 to CPUs 1:
[ 2358.639506][    C1] NMI backtrace for cpu 1
[ 2358.639522][    C1] CPU: 1 PID: 12384 Comm: syz.3.7931 Not tainted 6.10.0-rc6-syzkaller-00069-g795c58e4c7fc #0
[ 2358.639559][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2358.639570][    C1] RIP: 0010:lock_acquire+0xdc/0x550
[ 2358.639596][    C1] Code: 08 0f 83 f4 02 00 00 89 c3 48 89 d8 48 c1 e8 06 48 8d 3c c5 a8 4d ad 8f be 08 00 00 00 e8 4c 77 89 00 48 0f a3 1d cc e5 3a 0e <73> 16 e8 1d ec 09 00 84 c0 75 0d 80 3d cd 55 25 0e 00 0f 84 f9 02
[ 2358.639612][    C1] RSP: 0018:ffffc90000a188e0 EFLAGS: 00000057
[ 2358.639628][    C1] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff817267d4
[ 2358.639641][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff8fad4da8
[ 2358.639652][    C1] RBP: ffffc90000a18a28 R08: ffffffff8fad4daf R09: 1ffffffff1f5a9b5
[ 2358.639666][    C1] R10: dffffc0000000000 R11: fffffbfff1f5a9b6 R12: 1ffff92000143124
[ 2358.639680][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: dffffc0000000000
[ 2358.639693][    C1] FS:  0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[ 2358.639708][    C1] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 2358.639721][    C1] CR2: 000000000c3ee3a2 CR3: 000000000e132000 CR4: 00000000003506f0
[ 2358.639737][    C1] DR0: 0000000000000000 DR1: 0000000000000003 DR2: 0000000000000000
[ 2358.639747][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2358.639759][    C1] Call Trace:
[ 2358.639768][    C1]  <NMI>
[ 2358.639777][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 2358.639797][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 2358.639817][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2358.639834][    C1]  ? nmi_handle+0x2a/0x5a0
[ 2358.639868][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 2358.639887][    C1]  ? nmi_handle+0x14f/0x5a0
[ 2358.639911][    C1]  ? nmi_handle+0x2a/0x5a0
[ 2358.639935][    C1]  ? lock_acquire+0xdc/0x550
[ 2358.639952][    C1]  ? default_do_nmi+0x63/0x160
[ 2358.639971][    C1]  ? exc_nmi+0x123/0x1f0
[ 2358.639989][    C1]  ? end_repeat_nmi+0xf/0x53
[ 2358.640018][    C1]  ? lock_acquire+0xd4/0x550
[ 2358.640036][    C1]  ? lock_acquire+0xdc/0x550
[ 2358.640054][    C1]  ? lock_acquire+0xdc/0x550
[ 2358.640072][    C1]  ? lock_acquire+0xdc/0x550
[ 2358.640090][    C1]  </NMI>
[ 2358.640096][    C1]  <IRQ>
[ 2358.640103][    C1]  ? advance_sched+0xa02/0xca0
[ 2358.640130][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 2358.640151][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 2358.640174][    C1]  ? taprio_set_budgets+0x32c/0x370
[ 2358.640197][    C1]  ? advance_sched+0xa02/0xca0
[ 2358.640226][    C1]  ? advance_sched+0xa02/0xca0
[ 2358.640252][    C1]  _raw_spin_lock_irq+0xd3/0x120
[ 2358.640277][    C1]  ? __hrtimer_run_queues+0x670/0xd50
[ 2358.640301][    C1]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 2358.640331][    C1]  __hrtimer_run_queues+0x670/0xd50
[ 2358.640354][    C1]  ? ktime_get_update_offsets_now+0x3c/0x250
[ 2358.640383][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 2358.640411][    C1]  hrtimer_interrupt+0x396/0x990
[ 2358.640447][    C1]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[ 2358.640474][    C1]  sysvec_apic_timer_interrupt+0x52/0xc0
[ 2358.640496][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2358.640522][    C1] RIP: 0010:handle_softirqs+0x1df/0x970
[ 2358.640540][    C1] Code: 89 7c 24 70 0f b7 db 48 c7 c7 40 b0 c9 8b e8 08 03 2c 0a 65 66 c7 05 b6 d2 a9 7e 00 00 e8 f9 88 43 00 fb 49 c7 c4 c0 a0 00 8e <b8> ff ff ff ff 0f bc c3 41 89 c7 41 ff c7 0f 84 e6 03 00 00 89 5c
[ 2358.640556][    C1] RSP: 0018:ffffc90000a18e40 EFLAGS: 00000286
[ 2358.640570][    C1] RAX: cc1a2f97333ef400 RBX: 0000000000000386 RCX: ffffffff8172da0a
[ 2358.640583][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcabb40 RDI: ffffffff8c1fe940
[ 2358.640597][    C1] RBP: ffffc90000a18f50 R08: ffffffff92fa76ef R09: 1ffffffff25f4edd
[ 2358.640611][    C1] R10: dffffc0000000000 R11: fffffbfff25f4ede R12: ffffffff8e00a0c0
[ 2358.640624][    C1] R13: 0000000000000000 R14: dffffc0000000000 R15: 1ffff920001431dc
[ 2358.640642][    C1]  ? mark_lock+0x9a/0x350
[ 2358.640666][    C1]  ? ktime_get+0x9b/0xb0
[ 2358.640690][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[ 2358.640710][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 2358.640729][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[ 2358.640755][    C1]  __irq_exit_rcu+0xf4/0x1c0
[ 2358.640772][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[ 2358.640794][    C1]  irq_exit_rcu+0x9/0x30
[ 2358.640809][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 2358.640831][    C1]  </IRQ>
[ 2358.640838][    C1]  <TASK>
[ 2358.640845][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2358.640869][    C1] RIP: 0010:lock_acquire+0x264/0x550
[ 2358.640886][    C1] Code: 2b 00 74 08 4c 89 f7 e8 6a 73 89 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[ 2358.640901][    C1] RSP: 0018:ffffc9000ddef4a0 EFLAGS: 00000206
[ 2358.640916][    C1] RAX: 0000000000000001 RBX: 1ffff92001bbdea0 RCX: 0000000000000001
[ 2358.640927][    C1] RDX: dffffc0000000000 RSI: ffffffff8bcaccc0 RDI: ffffffff8c1fe940
[ 2358.640940][    C1] RBP: ffffc9000ddef5e8 R08: ffffffff94047077 R09: 1ffffffff2808e0e
[ 2358.640954][    C1] R10: dffffc0000000000 R11: fffffbfff2808e0f R12: 1ffff92001bbde9c
[ 2358.640967][    C1] R13: dffffc0000000000 R14: ffffc9000ddef500 R15: 0000000000000246
[ 2358.640993][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 2358.641011][    C1]  ? __pfx_lockdep_init_map_type+0x10/0x10
[ 2358.641036][    C1]  ? __init_swait_queue_head+0xae/0x150
[ 2358.641062][    C1]  ? __flush_workqueue+0x1b0/0x1710
[ 2358.641082][    C1]  __flush_workqueue+0x1c9/0x1710
[ 2358.641101][    C1]  ? __flush_workqueue+0x1b0/0x1710
[ 2358.641122][    C1]  ? rcu_is_watching+0x15/0xb0
[ 2358.641142][    C1]  ? trace_contention_end+0x3c/0x120
[ 2358.641168][    C1]  ? __pfx___flush_workqueue+0x10/0x10
[ 2358.641201][    C1]  drain_workqueue+0xc9/0x3a0
[ 2358.641229][    C1]  hci_dev_close_sync+0x484/0xf60
[ 2358.641258][    C1]  hci_unregister_dev+0x1db/0x4e0
[ 2358.641284][    C1]  vhci_release+0x83/0xd0
[ 2358.641303][    C1]  ? __pfx_vhci_release+0x10/0x10
[ 2358.641324][    C1]  __fput+0x24a/0x8a0
[ 2358.641347][    C1]  task_work_run+0x24f/0x310
[ 2358.641373][    C1]  ? __pfx_task_work_run+0x10/0x10
[ 2358.641397][    C1]  ? do_exit+0xa22/0x27e0
[ 2358.641416][    C1]  ? kmem_cache_free+0x145/0x350
[ 2358.641443][    C1]  do_exit+0xa27/0x27e0
[ 2358.641469][    C1]  ? __pfx_do_exit+0x10/0x10
[ 2358.641490][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 2358.641516][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2358.641536][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2358.641553][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[ 2358.641581][    C1]  do_group_exit+0x207/0x2c0
[ 2358.641602][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2358.641618][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 2358.641641][    C1]  get_signal+0x16a1/0x1740
[ 2358.641675][    C1]  ? __pfx_get_signal+0x10/0x10
[ 2358.641704][    C1]  arch_do_signal_or_restart+0x96/0x860
[ 2358.641725][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 2358.641747][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2358.641777][    C1]  ? syscall_exit_to_user_mode+0xa3/0x360
[ 2358.641801][    C1]  syscall_exit_to_user_mode+0xc9/0x360
[ 2358.641826][    C1]  __do_fast_syscall_32+0xc4/0x120
[ 2358.641851][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2358.641875][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 2358.641898][    C1]  do_fast_syscall_32+0x34/0x80
[ 2358.641922][    C1]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2358.641940][    C1] RIP: 0023:0xf73e0579
[ 2358.641953][    C1] Code: Unable to access opcode bytes at 0xf73e054f.
[ 2358.641962][    C1] RSP: 002b:00000000f7532a9c EFLAGS: 00000206 ORIG_RAX: 00000000000001b4
[ 2358.641978][    C1] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 000000000000001e
[ 2358.641989][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2358.642000][    C1] RBP: 0000000000000360 R08: 0000000000000000 R09: 0000000000000000
[ 2358.642011][    C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2358.642022][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2358.642042][    C1]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor)