last executing test programs:

22.820283969s ago: executing program 2 (id=3210):
syz_genetlink_get_family_id$fou(&(0x7f0000000580), 0xffffffffffffffff)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102376, 0x18fe8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYBLOB="057d857b0d00"/21, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0xa, 0x4e23, 0x7, @ipv4={'\x00', '\xff\xff', @multicast2}, 0xb1}, 0x1c, &(0x7f0000000280)=[{0x0}], 0x1, &(0x7f0000001800)=[@rthdr_2292={{0x64, 0x29, 0x39, {0xff, 0xa, 0x0, 0x9, 0x0, [@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @remote, @remote, @mcast2, @local]}}}, @dontfrag={{0x10, 0x29, 0x3e, 0x2}}, @rthdrdstopts={{0x8c, 0x29, 0x37, {0x4, 0xe, '\x00', [@padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @pad1, @pad1, @generic={0x18, 0x54, "71ea28af473f2d9b1e52e6fb16d7cd2d17a321b6b8b2a7018959dd5a11580da2c963ce2e0adfa391910eced718f8b3a220834028b88a8f5293b9bfbd137c6fe803bcce07416117150d84bf14d30917fc37ed858a"}, @pad1, @calipso={0x7, 0x10, {0x3, 0x2, 0xf7, 0xbac, [0x9]}}]}}}, @rthdr={{0x84, 0x29, 0x39, {0x87, 0xe, 0x0, 0xf2, 0x0, [@mcast2, @mcast1, @remote, @mcast2, @empty, @mcast1, @mcast1]}}}, @tclass={{0x10}}, @tclass={{0x10, 0x29, 0x43, 0x1}}, @hopopts={{0x2c, 0x29, 0x36, {0x3c, 0x3, '\x00', [@padn, @hao={0xc9, 0x10, @loopback}, @ra={0x5, 0x2, 0xd}]}}}, @dstopts={{0x1ac, 0x29, 0x37, {0x0, 0x32, '\x00', [@generic={0x2, 0xd8, "2643e36b1785875b125a39346cb47490823d0f43653d5824b2ce66c6313092b2d672351681192365913f18d34f2aa5941179ff2c7f302f34b43fdd92552b21ce960cbc968128ba2be5be098cc20dc01ee6b02a87764aa7a1dc5e382785f40d81635fe5aa027d1e00940d3c65c2dc0ece79d641bb2400d72a832a6ab1d047114b2568c53779571f44f9b0869dd91c1fbaf9ee2b54e58c54bb0bc69aa8acc08b1f37e377261ad28b0b559f966c5597c385fcb4fef68e7c8ca093373f1f358df9e2b199dd67c297cb0113a46d16c0bf0e26dd8c0e18c4dd2275"}, @enc_lim={0x4, 0x1, 0xdb}, @generic={0x0, 0xb4, "e60a04df37a74fc72c6f2a751999de0c8117fae0b6ce8431ad66fe5ed9c4292083ccee155ccaf67e134652f071999d91b50294d4998cb5ec3002b4cb32098c9a6e88bcd9a67308cab5bb459129b7e315d93675f40be53752909070be64ac7e969fe2b6443398ad53e0eea8995d73ae68b95c94a0958d0eef3cb622f501d14d5c0c77dca6d307a580054ba35c59b7d4139f556cfb023e0c945708499ef764a794afff9ffce920cda12f14047778f500aaeae2684f"}]}}}], 0x37c}, 0x4000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30)
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
write$FUSE_NOTIFY_DELETE(r4, &(0x7f0000000400)={0x36, 0x6, 0x0, {0x0, 0x0, 0xd, 0x0, 'dont_appraise'}}, 0x36)
write$FUSE_INIT(r4, &(0x7f0000000040)={0x50, 0x0, r5}, 0x50)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001580)={&(0x7f00000015c0)=ANY=[@ANYBLOB="200000005200010000000000000000001c"], 0x20}}, 0x0)
openat$hwrng(0xffffff9c, &(0x7f0000000000), 0x161101, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r6, &(0x7f0000000b80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x0, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x1c}}, 0x0)

18.221851903s ago: executing program 2 (id=3223):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x1f, 0x4, 0x9, 0x0, r4, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r5, &(0x7f0000000300), 0x20000000}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r5, 0x0, &(0x7f0000000540)=""/32}, 0x20)

16.328078088s ago: executing program 2 (id=3225):
r0 = syz_genetlink_get_family_id$fou(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102376, 0x18fe8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0xa, 0x4e23, 0x7, @ipv4={'\x00', '\xff\xff', @multicast2}, 0xb1}, 0x1c, &(0x7f0000000280)=[{0x0}], 0x1, &(0x7f0000001800)=[@rthdr_2292={{0x68, 0x29, 0x39, {0xff, 0xa, 0x0, 0x9, 0x0, [@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @remote, @remote, @mcast2, @local]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x2}}, @rthdrdstopts={{0x90, 0x29, 0x37, {0x4, 0xe, '\x00', [@padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @pad1, @pad1, @generic={0x18, 0x54, "71ea28af473f2d9b1e52e6fb16d7cd2d17a321b6b8b2a7018959dd5a11580da2c963ce2e0adfa391910eced718f8b3a220834028b88a8f5293b9bfbd137c6fe803bcce07416117150d84bf14d30917fc37ed858a"}, @pad1, @calipso={0x7, 0x10, {0x3, 0x2, 0xf7, 0xbac, [0x9]}}]}}}, @rthdr={{0x88, 0x29, 0x39, {0x87, 0xe, 0x0, 0xf2, 0x0, [@mcast2, @mcast1, @remote, @mcast2, @empty, @mcast1, @mcast1]}}}, @tclass={{0x14}}, @tclass={{0x14, 0x29, 0x43, 0x1}}, @hopopts={{0x30, 0x29, 0x36, {0x3c, 0x3, '\x00', [@padn, @hao={0xc9, 0x10, @loopback}, @ra={0x5, 0x2, 0xd}]}}}, @dstopts={{0x148, 0x29, 0x37, {0x0, 0x25, '\x00', [@generic={0x2, 0xcb, "2643e36b1785875b125a39346cb47490823d0f43653d5824b2ce66c6313092b2d672351681192365913f18d34f2aa5941179ff2c7f302f34b43fdd92552b21ce960cbc968128ba2be5be098cc20dc01ee6b02a87764aa7a1dc5e382785f40d81635fe5aa027d1e00940d3c65c2dc0ece79d641bb2400d72a832a6ab1d047114b2568c53779571f44f9b0869dd91c1fbaf9ee2b54e58c54bb0bc69aa8acc08b1f37e377261ad28b0b559f966c5597c385fcb4fef68e7c8ca093373f1f358df9e2b199dd67c297cb0113a46d"}, @enc_lim={0x4, 0x1, 0xdb}, @generic={0x0, 0x5a, "e60a04df37a74fc72c6f2a751999de0c8117fae0b6ce8431ad66fe5ed9c4292083ccee155ccaf67e134652f071999d91b50294d4998cb5ec3002b4cb32098c9a6e88bcd9a67308cab5bb459129b7e315d93675f40be537529090"}]}}}], 0x340}, 0x4000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30)
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
write$FUSE_NOTIFY_DELETE(r4, &(0x7f0000000400)={0x36, 0x6, 0x0, {0x0, 0x0, 0xd, 0x0, 'dont_appraise'}}, 0x36)
write$FUSE_INIT(r4, &(0x7f0000000040)={0x50, 0x0, r5}, 0x50)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001580)={&(0x7f00000015c0)=ANY=[@ANYBLOB="200000005200010000000000000000001c"], 0x20}}, 0x0)
openat$hwrng(0xffffff9c, &(0x7f0000000000), 0x161101, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r6, &(0x7f0000000b80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x0, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x1c}}, 0x0)
sendmsg$FOU_CMD_GET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x2c, r0, 0x1, 0x0, 0xffffffff, {0x2}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @local}, @FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @dev={0xac, 0x14, 0x14, 0xb}}]}, 0x2c}}, 0x0)

12.279522344s ago: executing program 4 (id=3236):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18020000000000000000000000000030850000002c00000095000000000000002b4003fe37a077ae55f52c0d80a2649baca85309be96d5a45bbbdb5ff7ffffffd075b3eee14473f51be98db7efbb059842badcfc81364470e8e04acb807fbbabc68abdcce9f672b6bb61c302dfd5c11071adac29fd64d33a3502fbeb1ed99dd0e792f24c420bfcc2635421d339ad521d6953b1137850d9e9ebf65ee988ea2dbee528678eb47efb7b3f19046c6f1bd1bf56e5853ed96137f95b3a11954ed1c8a8676468cf2405e48723d4b1ff"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r2, 0x25, 0x0, @val=@tcx={@void, @value}}, 0x40)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={0xffffffffffffffff, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r1}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0)

12.270044465s ago: executing program 3 (id=3237):
syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000001b00), 0xfffffd9d)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000580)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x800)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10)
sendmmsg$unix(r2, &(0x7f0000000680), 0x4924924924925c6, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000380)={'#! ', '', [{0x20, 'l2tp\x00'}, {0x20, 'l3tp\x00'}, {0x20, 'l2tp\x00\x1a|K\xa5\xd6\xbd\xe6\xd0(\xc1\x11\x8c\xa6ET\x7f.H\xc4\x88\xce\x90\x1b\xbb%\a\xae\x02\xffE\xca\x8b\xba\xd8\xc8\xb7\xf6<y\x8dl\xf7:!?8\xf9\x1aAw\xacf\xa5U\x93X\xbeU\xe8\f\xa2\x8bcgYlw\xda\"\xd2m\x8d\xe9S\xee\r\rn]\xd5em\xb8\xbb\t\xb3\x84\xa9\x96\xcd(b4\x16\xe7VOt\xc1\xa1\xa4\x1fS\xca2q\x9b Ac\x80o\x96\xc0;\xb4U%\x19\xdbh\xd0\xe2\xee\xca\xee_\xfd\xca\xc8D<\xb8\xd7f}\xbc\xedf\xc3?\xb1#\x00\xd7\x95\x11\x1a\x91|\x04o\x83\x9f~\x8dB\xea\xf2\xda\xc3\xde5\xea\xd4\x98\x86+\x03\xb7H\x9dd \xa3\xa8m\xbb\xd6Bd\xbfY^v\xed\n\xd6<\xed\x89z\xae\xc0\xdb:i'}, {0x20, '%('}, {0x20, '\x00\x00\x00\x00\x00\x00M\xf0\x00'}], 0xa, "6f6b9c3452209150e4206eac11a42e1a767337c5b4f1eba5aa01b7f523ad4e0c32e3eec0cc2c0a400babf1089febe79e94e0750f69cabbb7526afa8a5906adfec21fe84770129ba23bf2f62cca945713d95a495663f129d0019eb478c1b7cf517ebd6d"}, 0x14b)

10.814160234s ago: executing program 0 (id=3240):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_setup(0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a500000005"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x4, 0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfff}, 0x0, 0x0)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="04040a0000000000005467920034db81e7abdddc259aee6063e57dfee0dab308ac44bd02bae33aa428c21e8527c5b32e2c96d0a0d523936e2a0c48"], 0xd)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)=@generic={0x0}, 0x14)
r3 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="230902ffffff7ffbe00001000000"], 0x14}}, 0x0)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r4, 0xc0145b0e, &(0x7f0000000040))

10.803221857s ago: executing program 4 (id=3241):
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

10.340822674s ago: executing program 3 (id=3243):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000002000000000000000200000408000000000000000300000000000000000000000200000000000000000000000000000200"/78], 0x0, 0x56, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x6, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r2, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x100000}], 0x2, 0x0, 0x0, 0xb)

10.135140849s ago: executing program 3 (id=3244):
r0 = syz_genetlink_get_family_id$fou(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102376, 0x18fe8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0xa, 0x4e23, 0x7, @ipv4={'\x00', '\xff\xff', @multicast2}, 0xb1}, 0x1c, &(0x7f0000000280)=[{0x0}], 0x1, &(0x7f0000001800)=[@rthdr_2292={{0x68, 0x29, 0x39, {0xff, 0xa, 0x0, 0x9, 0x0, [@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @remote, @remote, @mcast2, @local]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x2}}, @rthdrdstopts={{0x90, 0x29, 0x37, {0x4, 0xe, '\x00', [@padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @pad1, @pad1, @generic={0x18, 0x54, "71ea28af473f2d9b1e52e6fb16d7cd2d17a321b6b8b2a7018959dd5a11580da2c963ce2e0adfa391910eced718f8b3a220834028b88a8f5293b9bfbd137c6fe803bcce07416117150d84bf14d30917fc37ed858a"}, @pad1, @calipso={0x7, 0x10, {0x3, 0x2, 0xf7, 0xbac, [0x9]}}]}}}, @rthdr={{0x88, 0x29, 0x39, {0x87, 0xe, 0x0, 0xf2, 0x0, [@mcast2, @mcast1, @remote, @mcast2, @empty, @mcast1, @mcast1]}}}, @tclass={{0x14}}, @tclass={{0x14, 0x29, 0x43, 0x1}}, @hopopts={{0x30, 0x29, 0x36, {0x3c, 0x3, '\x00', [@padn, @hao={0xc9, 0x10, @loopback}, @ra={0x5, 0x2, 0xd}]}}}, @dstopts={{0x120, 0x29, 0x37, {0x0, 0x20, '\x00', [@generic={0x2, 0xa2, "2643e36b1785875b125a39346cb47490823d0f43653d5824b2ce66c6313092b2d672351681192365913f18d34f2aa5941179ff2c7f302f34b43fdd92552b21ce960cbc968128ba2be5be098cc20dc01ee6b02a87764aa7a1dc5e382785f40d81635fe5aa027d1e00940d3c65c2dc0ece79d641bb2400d72a832a6ab1d047114b2568c53779571f44f9b0869dd91c1fbaf9ee2b54e58c54bb0bc69aa8acc08b1f37e3"}, @enc_lim={0x4, 0x1, 0xdb}, @generic={0x0, 0x5a, "e60a04df37a74fc72c6f2a751999de0c8117fae0b6ce8431ad66fe5ed9c4292083ccee155ccaf67e134652f071999d91b50294d4998cb5ec3002b4cb32098c9a6e88bcd9a67308cab5bb459129b7e315d93675f40be537529090"}]}}}], 0x318}, 0x4000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30)
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
write$FUSE_NOTIFY_DELETE(r4, &(0x7f0000000400)={0x36, 0x6, 0x0, {0x0, 0x0, 0xd, 0x0, 'dont_appraise'}}, 0x36)
write$FUSE_INIT(r4, &(0x7f0000000040)={0x50, 0x0, r5}, 0x50)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001580)={&(0x7f00000015c0)=ANY=[@ANYBLOB="200000005200010000000000000000001c"], 0x20}}, 0x0)
openat$hwrng(0xffffff9c, &(0x7f0000000000), 0x161101, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r6, &(0x7f0000000b80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x0, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x1c}}, 0x0)
sendmsg$FOU_CMD_GET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x2c, r0, 0x1, 0x0, 0xffffffff, {0x2}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @local}, @FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @dev={0xac, 0x14, 0x14, 0xb}}]}, 0x2c}}, 0x0)

9.814653272s ago: executing program 2 (id=3245):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x4, 0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xfff}, 0x0, 0x0)
write$6lowpan_enable(r1, 0x0, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
umount2(&(0x7f0000000280)='./file0\x00', 0xe)
syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="04040a0000000000005467920034db81e7abdddc259aee6063e57dfee0dab308ac44bd02bae33aa428c21e8527c5b32e2c96d0a0d523936e2a0c48"], 0xd)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)=@generic={0x0}, 0x14)
syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="230902ffffff7ffbe00001000000"], 0x14}}, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r2, 0xc0145b0e, &(0x7f0000000040))

7.913019037s ago: executing program 1 (id=3247):
socket$l2tp(0x2, 0x2, 0x73)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x7000004, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xb}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000680), 0xffffffffffffffff)
socket$packet(0x11, 0x2, 0x300)
read(0xffffffffffffffff, 0x0, 0x0)

7.162787322s ago: executing program 0 (id=3248):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x1f, 0x4, 0x9, 0x0, r4, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r5, &(0x7f0000000300), 0x20000000}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r5, 0x0, &(0x7f0000000540)=""/32}, 0x20)

5.923124113s ago: executing program 0 (id=3249):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x3, r1, 0x0, 0x0})
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000900), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000240)={0x18, r3, 0x7, 0x7})

5.892627235s ago: executing program 1 (id=3250):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
r4 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f0000000240)={'filter\x00', 0x7, 0x4, 0x410, 0x218, 0xe8, 0x0, 0x328, 0x328, 0x328, 0x4, 0x0, {[{{@arp={@dev, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac=@remote}, {@mac=@random="64059bf280de"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'dvmrp0\x00', 'sit0\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}, {{@arp={@multicast1, @local, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'hsr0\x00', 'netdevsim0\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ec759c9bd8abef17d071680057cd9a6d71ad0e76926c26a2c1ab2520dfb4ce00814bdaac3aa171fdd8a6cca413899529bed424eb7511bd4aa223ebea3bcf29b0"}}}, {{@arp={@broadcast, @private, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'batadv0\x00', 'veth0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@multicast, @remote, @empty}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x460)
r5 = socket$inet6(0xa, 0x1, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0xfffffefffffbffaf, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f0000001600)='\b', 0xfffffffffffffd68, 0x4004095, 0x0, 0xd56888b5705b13c6)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f000001a640)=""/102400, 0x19000, 0x0, 0x0, 0x40020000}, &(0x7f00000008c0)=0x3b)
munmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_G_EDID(r0, 0xc0285628, &(0x7f0000000080)={0x300, 0x8000, 0x1, '\x00', &(0x7f0000000040)=0x6})

4.863983241s ago: executing program 0 (id=3251):
symlink(0x0, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

4.861927962s ago: executing program 1 (id=3252):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, 0x0, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
write(r3, &(0x7f0000000040)="0600", 0x2)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000180)=ANY=[], 0xe)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f000002eff0)={0x135, &(0x7f0000000000)=[{}]}, 0x10)

4.861371529s ago: executing program 2 (id=3253):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000500)=&(0x7f0000000240))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000ac0))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0xe1cdc000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

4.860664529s ago: executing program 4 (id=3254):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000840)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

3.792612287s ago: executing program 1 (id=3255):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000002000000000000000200000408000000000000000300000000000000000000000200000000000000000000000000000200"/78], 0x0, 0x56, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x6, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r2, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f00000002c0)=@nullb, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x100000}], 0x2, 0x0, 0x0, 0xb)

3.68203318s ago: executing program 0 (id=3256):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r1=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
bind$can_j1939(r2, &(0x7f0000000080)={0x1d, r1, 0x2, {0x0, 0x0, 0x3}}, 0x18)
syz_usb_connect$hid(0x6, 0x0, 0x0, 0x0)
sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x4008802)

3.53169974s ago: executing program 4 (id=3257):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
clock_adjtime(0x0, &(0x7f0000000680)={0x19b1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x10000, 0xe5, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf4b})
socket$nl_generic(0x10, 0x3, 0x10)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000d00)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
writev(r2, &(0x7f00000001c0)=[{&(0x7f0000000180)='0', 0x1}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x504, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, 0x0, &(0x7f0000000200), 0xa7c, r3}, 0x38)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc020f509, &(0x7f0000000340)={r3, 0x95e1, 0xb9, 0x2})
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

3.402000431s ago: executing program 3 (id=3258):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000840)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socket(0x23, 0x5, 0x0)
r4 = gettid()
prctl$PR_SET_PTRACER(0x59616d61, r4)
syz_clone3(&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

2.92873416s ago: executing program 1 (id=3259):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x1f, 0x4, 0x9, 0x0, r4, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r5, &(0x7f0000000300), 0x20000000}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r5, 0x0, &(0x7f0000000540)=""/32}, 0x20)

2.73456661s ago: executing program 0 (id=3260):
r0 = syz_genetlink_get_family_id$fou(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102376, 0x18fe8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0xa, 0x4e23, 0x7, @ipv4={'\x00', '\xff\xff', @multicast2}, 0xb1}, 0x1c, &(0x7f0000000280)=[{0x0}], 0x1, &(0x7f0000001800)=[@rthdr_2292={{0x68, 0x29, 0x39, {0xff, 0xa, 0x0, 0x9, 0x0, [@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @remote, @remote, @mcast2, @local]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x2}}, @rthdrdstopts={{0x90, 0x29, 0x37, {0x4, 0xe, '\x00', [@padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @pad1, @pad1, @generic={0x18, 0x54, "71ea28af473f2d9b1e52e6fb16d7cd2d17a321b6b8b2a7018959dd5a11580da2c963ce2e0adfa391910eced718f8b3a220834028b88a8f5293b9bfbd137c6fe803bcce07416117150d84bf14d30917fc37ed858a"}, @pad1, @calipso={0x7, 0x10, {0x3, 0x2, 0xf7, 0xbac, [0x9]}}]}}}, @rthdr={{0x88, 0x29, 0x39, {0x87, 0xe, 0x0, 0xf2, 0x0, [@mcast2, @mcast1, @remote, @mcast2, @empty, @mcast1, @mcast1]}}}, @tclass={{0x14}}, @tclass={{0x14, 0x29, 0x43, 0x1}}, @hopopts={{0x30, 0x29, 0x36, {0x3c, 0x3, '\x00', [@padn, @hao={0xc9, 0x10, @loopback}, @ra={0x5, 0x2, 0xd}]}}}, @dstopts={{0x150, 0x29, 0x37, {0x0, 0x27, '\x00', [@generic={0x2, 0xd7, "2643e36b1785875b125a39346cb47490823d0f43653d5824b2ce66c6313092b2d672351681192365913f18d34f2aa5941179ff2c7f302f34b43fdd92552b21ce960cbc968128ba2be5be098cc20dc01ee6b02a87764aa7a1dc5e382785f40d81635fe5aa027d1e00940d3c65c2dc0ece79d641bb2400d72a832a6ab1d047114b2568c53779571f44f9b0869dd91c1fbaf9ee2b54e58c54bb0bc69aa8acc08b1f37e377261ad28b0b559f966c5597c385fcb4fef68e7c8ca093373f1f358df9e2b199dd67c297cb0113a46d16c0bf0e26dd8c0e18c4dd22"}, @enc_lim={0x4, 0x1, 0xdb}, @generic={0x0, 0x5a, "e60a04df37a74fc72c6f2a751999de0c8117fae0b6ce8431ad66fe5ed9c4292083ccee155ccaf67e134652f071999d91b50294d4998cb5ec3002b4cb32098c9a6e88bcd9a67308cab5bb459129b7e315d93675f40be537529090"}]}}}], 0x348}, 0x4000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1}}, 0x30)
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
umount2(&(0x7f00000001c0)='./file0\x00', 0x0)
write$FUSE_NOTIFY_DELETE(r4, &(0x7f0000000400)={0x36, 0x6, 0x0, {0x0, 0x0, 0xd, 0x0, 'dont_appraise'}}, 0x36)
write$FUSE_INIT(r4, &(0x7f0000000040)={0x50, 0x0, r5}, 0x50)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001580)={&(0x7f00000015c0)=ANY=[@ANYBLOB="200000005200010000000000000000001c"], 0x20}}, 0x0)
openat$hwrng(0xffffff9c, &(0x7f0000000000), 0x161101, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r6, &(0x7f0000000b80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x0, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x1c}}, 0x0)
sendmsg$FOU_CMD_GET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={0x2c, r0, 0x1, 0x0, 0xffffffff, {0x2}, [@FOU_ATTR_LOCAL_V4={0x8, 0x6, @local}, @FOU_ATTR_IFINDEX={0x8}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @dev={0xac, 0x14, 0x14, 0xb}}]}, 0x2c}}, 0x0)

1.920738023s ago: executing program 3 (id=3261):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x18b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r0 = getpid()
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs$namespace(r0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x6)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x9, &(0x7f0000000080)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004200)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x207601a}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r3, 0x0, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x20088004, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @remote, 0x7}, 0x1c)
sendto$inet6(r2, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c)
setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f0000000040)=0x3, 0x4)
setsockopt$inet6_udp_int(r2, 0x11, 0x1, &(0x7f0000000080), 0x4)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000180)={@remote}, 0x14)

1.871837798s ago: executing program 4 (id=3262):
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$bsg(0xffffffffffffff9c, 0x0, 0x402100, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r4)
sendmsg$NLBL_MGMT_C_ADD(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="ff000000", @ANYRES16=r5, @ANYBLOB], 0x114}}, 0x0)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADD(r4, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x14, r6, 0x200, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4080}, 0x800)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
memfd_create(&(0x7f0000000480)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x5)
r7 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000140), 0x256f16877c9c3f29, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r7, 0xc0045006, &(0x7f0000000200)=0x7)
ioctl$SNDCTL_DSP_GETOPTR(0xffffffffffffffff, 0x800c5012, &(0x7f0000000000))
ioctl$SNDCTL_DSP_STEREO(r7, 0xc0045003, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)

892.265447ms ago: executing program 1 (id=3263):
r0 = io_uring_setup(0x79af, &(0x7f0000001240)={0x0, 0x0, 0x400, 0xfffffffe, 0x248})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, 0x0, 0x0)
connect$inet(r2, &(0x7f0000ccb000)={0x2, 0x4e20, @local}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00000039c0)=ANY=[@ANYBLOB="180000000300000000000000a012544f95002b000000000093adffa82255f674412d020000000000005ab527ee3697f1ed4436dd1164b1b3f427f6ba6b34f98125f30e631d273683626e00dc254d570d4a6b78a5833488cfe410090000004aa900003d3cd62f00158e6eee8501000000520a0000151d016e6cafbe9309aba218812868a51d129e78f6ae170bf5a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b000024b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e8b701d2d17ebc406e89dcbb7677e6528b0856e31eb9474c0106fc48e1f8c1a5f6945ac24cf609068f6ff21e88b3cfc22df01d51e242443618c02e0a428da651366e4bac9d97328fa2a82b5e8741e02056d933bedf59ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e148bf56497e5d56d06c7551b870b2851c3f0a1aab7158edeeccd92e3a88dc0f432187ce92d7b17a21c8f1b3369ebfcb4cb2946601b0f04edb256c604f068773f6db9d661bd7f0e2536f00000000000000005521458b7d1e341c6f864f983d745f5865aad41d29158ae7602a2d6cd415e8351ebc283df54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121a96eb373845255012e028cb2654d493afb4b35faae176f99b745eda2967199cc93685bb444f9bc50713061385537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d0007ae4e1e347c0cff28235a6bb7aa3804b907a8f2880c5cb1cb385e6add14652003c7cdd3324f07d1ff07000000000000000009dd872ec64fa6c718bbd1aa591140cff0be4c6f8df084c5e9734ae30aa9afdc7125f01ab03a9b1074407136b4506000f0916aada035df2e0452a9b39e73aeeb6eaf14652dda689e2051d9b7eb85f3f2d5ab2c51944da8d7391d5b6b97419a3b76600cd1aa0afe5f8f46df4c5124ca425d374b371867a79b31f3f514573f1e30d1fd2d763f3ee9210b15c1d60be2168fffcd599a2cb77f124e22f87673675805494db821f39b50d5fd8c6b2a3a324c257bc97def5f07f2b77f05a4f81a9cf8110971b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c4407eca22debc99335583b00013c3130978fa069af8223b38ced735c2d90c6d84c30a0d87d42647489b39601be5c27696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f240080000534187738655d7a6240412c8f283cc0c1eba2866dc9580000000000000007fffffffff554b82d9c162f3556076b80552d961ca74d1ffdaccf0ea5f02e0163a9ccb9087e6c3b3917bb74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb01f7ada800e50000000000fdaf2f7b3b79a433e08074ea2462974ab2cbd2190780fa39c43ea647eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433d866665b98ca2002c836e89feef904c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc8d0834fb8d124638fec58faeb4c16abb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a68d2bb2dd163e863314e8449801b52bb93f6c9084659ce777dda8563c859656a357770289a61faa95a82bf1cfb7f2f97252e9322abe282c3344fc6738b4467893b9bf0000000000000001062a35376413c29f7c6f7bde29b9f4bddd5e328661f4615e627a6f608ad53a4168fe8e5d7d934aa289b4bd2b870000000000000000000000000000fc4b4ff50000009b777883a02ffd92dfc4cb4114b9f9cf4ad155110cd3ace2b322ae31bfa27847c799c8869a1ea5018e525e6383ad7fd9795170e7b11e247603000000001459c7f606d721d3979676bffb3049166ab84ac1061991bd57c2566c10c296352a5105b6164e3f2491e4793e2b70590dcc71f110da96366c40dd44a2c9882d3aa0f8a797b8fea6efcfb5276b7679f15559cdaabf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5002adef9546abb7a2d9c085b189b5ff30e4e0c13f60870fde1f88d830b11002135e8e7262f29b6d7923bfbe0bd2a8be179e56b41ff3792cee2fc37eee739c3008ce740d8804f8e705f0dc59d000021363e8df94ff175b48dc8c12def681a11647946595445bf1cb7d2778cd27a6b3b2966b08be600000020a8a711d193bae0ab2db9ed9c6cb3c3de42ab89524414cae922141f7baf17ebb790ad60bd0387837e63f9880fd70259e35590afb4843cd4e9989398eaa89cefb3aa13cab8d015cbaf1561d95362decd73b8f8cbf8269cac091cfaaa3c7e46d6e79145fc0f1d1b383752ccb40515a772356d746914540216adf4c0f44f1cff3760afa252720ec6dad3a98671ecdaff46cddffb1f05a0c0976070d603a442d014822369fa3eacbb69bd1b0a074357acd5d02161fed146ad3aa15d2b8101b7bd1e091ada78ecd50181f4b35cae1b29aff91494c916323b61f815c4e0701657087ad11eef97952921365bc898ba2c76a9b6e0052f43b1ad2dfdf3f958fc1d32e692bc8846c78a956ada453c67c1c2cdc4f8b1c94e9adc106e85b31e030d955c5578e107a6e8ca0d4dd05344c3e2af25d9a3b0f7805624016aeab271a75f0bacb101a156ef8948064569154a7de08f80e4df4c339b69431b0a5671097d89212b465b0b32275deae10a77e334c9fc074d181bdeb5be80a6249d472e78e6be57a5ccd354cf181e099605a644ecade221a2be926210b2690d09e4b7a3dea25403397439979c27d5613262de10bacecfff2d58437f012df4252c018795310c25e8fce18ed366ac2caade564ca869727a7d63c26271e17d7aba48971835530311545273d3caadeb5d2017dc816126b6f2068f68a4111ddd587b5df4b5d8f1ce00231a2092eb2e797c491a1e66f73606fd95bb01b53a2d862b6262f0259da51ff7517ace7361460a4669a97f7d0bf095c2787f00bdbfee19670d1e0ec5e6c3cb09972fa4d94986157b96d6695177c99d83716651129320924352cda7b8ead91c3301af620c1e8d7004d29ad77f54836779600bb0b247139d429df96362db3ecfbd36fa8164fabdcf2e58b720e8e1c03a74daf593f92a8ecc03f8c8e3af9ae07dc03780cc0d69da9e3528c1693fb51998731992ceb27dcc0be5be4decefe41b78bc1847bf54b087e095172f06cfa6d4bf958b1d4544947ff1230655199db4f475006047fe83caca97758dffa53cee764f85932eb20d54241b2d515c0826dfe1f0f40ae920455a4548fb35e2a345c05b1c252b7877bb3d834b0b3579a36249146f832ef258df5127318c7017ac1a996c4f902f82deb60fd113ccf812d55ffd625057bd4ff3960992b85bc8d32edfca386be16b1c549aec52e31e1405f86c7760282901750b732ec06b0db735222a56f3ebb16fad3e9269495230cd88b0ea2e3affa196a2f0adf733bc6afd37a659ecc933d636c1b27d3a16c5ea25301f9b5789e4aa8e7228e3002f146aa5e575bb74b1ebb82147edf8161d362704377058e887c608be8719ea1b6c490f79e0832e2ddd7e217c7adddd4731e032d7eb35bdc38160c676d840e2e8be9033a686cf7061f5f55e2851736aa8c2f3bad8ac05c048e20d8c03b68008a70b8f80c93ebd2ababb5c65fe9abc4642d7b58d8c93efd7b6b39c68a16d75a7852dfc37a6a50cb28a9b6f685a465d08fc603d81d8ddd5296fae97be1401a8be7748a71fcdc85ba2049e96c4e6dce59b88cd5472726bc237fbcf3ffcbf32e2aac9b2f9d6013b59780ded723b08c767fa091e2fa4d51863500fcd5041bcc98a685504835743194113ea0b97b4f9ddc395b9ac4defefadd37a8871fd91f31a56eb96ecf90000000000000000000000000000000000000000000c447ea475c236c3b7f24079fe375f3f861fc54d9d8a04a6cb8c0dbf9e9cc53a84a5795ae5ebcbd825e3572df16fbdcd395e995fa4fcbbf31583d9e1d3ff537f401a3139200a8bd2122157887199cd54075a4d5b29935dda5c6aa0f3ac6895eb73c7abbd4603abdaa8629dedb2cab0fa80f9514ad310491a9a300015c18cdfd9342cff50d849d7516134d45d1a8cf157abe0c79de543993cf689f8a7113508fbf8a610417045e6c38a5d4ff4656dbd9656ad6ce625e1674ab57944ebb834743a248a2be304ba1e037cb63a169d340be8befc"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$kcm(0x29, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89e0, &(0x7f0000000180)={r2, r3})
sendmsg$rds(r4, &(0x7f0000002940)={0x0, 0x0, &(0x7f0000002800)=[{&(0x7f0000002980)=""/4112, 0xfffffe09}], 0x1}, 0x0)
write(r4, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

851.604555ms ago: executing program 3 (id=3264):
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x64, 0x3, 0x1, 0x301, 0x0, 0x0, {0x0, 0x0, 0x3}, [@CTA_TUPLE_ORIG={0x14, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_FILTER={0x14, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x300}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x2}]}, @CTA_PROTOINFO={0x10, 0x4, 0x0, 0x1, @CTA_PROTOINFO_DCCP={0xc, 0x2, 0x0, 0x1, [@CTA_PROTOINFO_DCCP_STATE={0x5, 0x1, 0x7}]}}, @CTA_PROTOINFO={0x18, 0x4, 0x0, 0x1, @CTA_PROTOINFO_SCTP={0x14, 0x3, 0x0, 0x1, [@CTA_PROTOINFO_SCTP_VTAG_ORIGINAL={0x8, 0x2, 0x1, 0x0, 0x4}, @CTA_PROTOINFO_SCTP_VTAG_ORIGINAL={0x8, 0x2, 0x1, 0x0, 0x5}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x20000804)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="340000003b0007010000000000000000047c0000ec0000000c00018006000600800a0000100002800c0014"], 0x34}}, 0xc000)

4.946805ms ago: executing program 2 (id=3265):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[], 0x48)
ioctl$IOCTL_VMCI_GET_CONTEXT_ID(r0, 0x7b3, &(0x7f0000000800))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2020, 0x0)
syz_open_pts(0xffffffffffffffff, 0x0)
r3 = getpid()
syz_pidfd_open(r3, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000020c0)='net/wireless\x00')
preadv(r4, &(0x7f0000001540)=[{&(0x7f0000001600)=""/171, 0xab}, {&(0x7f0000000140)=""/88, 0x58}], 0x2, 0x0, 0x0)

0s ago: executing program 4 (id=3266):
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
r3 = syz_io_uring_setup(0x4b6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x3d8}, &(0x7f0000ff0000), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)

kernel console output (not intermixed with test programs):

g ep0 maxpacket: 8
[ 1385.241940][ T5268] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[ 1385.251583][ T5268] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1385.262400][ T5268] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1385.274322][ T5268] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1385.284828][ T5268] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1385.291905][   T29] audit: type=1326 audit(1728557747.151:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16728 comm="syz.2.2572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4a9d7dff9 code=0x7ffc0000
[ 1385.298125][ T5268] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1385.407074][ T5268] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1385.457945][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1385.721213][ T5268] usb 4-1: usb_control_msg returned -71
[ 1385.727299][ T5268] usbtmc 4-1:16.0: can't read capabilities
[ 1385.746357][ T5268] usb 4-1: USB disconnect, device number 59
[ 1387.031443][ T5266] usb 3-1: string descriptor 0 read error: -71
[ 1387.062687][ T5266] ath6kl: Failed to submit usb control message: -71
[ 1387.071273][ T5266] ath6kl: unable to send the bmi data to the device: -71
[ 1387.177806][ T5266] ath6kl: Unable to send get target info: -71
[ 1387.202021][ T5266] ath6kl: Failed to init ath6kl core: -71
[ 1387.213259][ T5266] ath6kl_usb 3-1:0.143: probe with driver ath6kl_usb failed with error -71
[ 1388.193145][ T5266] usb 3-1: USB disconnect, device number 50
[ 1389.244832][ T5221] block nbd0: Receive control failed (result -32)
[ 1389.254669][ T5229] block nbd0: Receive control failed (result -32)
[ 1389.323107][T16789] block nbd0: shutting down sockets
[ 1389.672334][ T5218] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[ 1389.731992][    C0] raw-gadget.0 gadget.2: ignoring, device is not running
[ 1389.892372][ T5218] usb 3-1: device descriptor read/64, error -32
[ 1390.182736][ T5218] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[ 1390.412859][ T5218] usb 3-1: Using ep0 maxpacket: 8
[ 1391.186333][ T5218] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1391.206075][ T5218] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1391.257777][ T5218] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1391.275094][ T5218] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1391.292785][ T5218] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1391.308508][ T5218] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1391.324518][ T5218] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1392.086277][ T5218] usb 3-1: usb_control_msg returned -32
[ 1392.099231][ T5218] usbtmc 3-1:16.0: can't read capabilities
[ 1392.128012][ T5218] usb 3-1: USB disconnect, device number 52
[ 1393.441476][T16841] block nbd4: shutting down sockets
[ 1393.475293][ T5297] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[ 1393.657166][ T5297] usb 1-1: Using ep0 maxpacket: 8
[ 1393.699821][ T5297] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1393.745110][ T5297] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1393.794079][ T5297] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1393.813215][ T5297] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1393.873720][ T5297] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1394.065398][ T5297] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1394.333506][ T5297] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1394.368351][ T5297] usb 1-1: usb_control_msg returned -71
[ 1394.374274][ T5297] usbtmc 1-1:16.0: can't read capabilities
[ 1394.398829][ T5297] usb 1-1: USB disconnect, device number 57
[ 1396.601563][T16887] netlink: 3068 bytes leftover after parsing attributes in process `syz.3.2614'.
[ 1396.622463][T16887] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.2614'.
[ 1397.451047][T16893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2613'.
[ 1397.460102][T16893] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2613'.
[ 1400.572632][ T5229] Bluetooth: hci5: command 0x0406 tx timeout
[ 1400.872475][ T5297] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[ 1400.971837][T16935] netlink: 3068 bytes leftover after parsing attributes in process `syz.2.2626'.
[ 1400.998989][T16935] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.2626'.
[ 1401.042486][ T5297] usb 5-1: config 0 has an invalid interface number: 143 but max is 0
[ 1401.060939][ T5297] usb 5-1: config 0 has no interface number 0
[ 1401.079274][ T5297] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=aa.e9
[ 1401.115303][ T5297] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1401.146305][ T5297] usb 5-1: config 0 descriptor??
[ 1401.750807][   T29] audit: type=1326 audit(1728557763.731:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16930 comm="syz.4.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749f77dff9 code=0x7ffc0000
[ 1402.142449][   T29] audit: type=1326 audit(1728557763.731:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16930 comm="syz.4.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749f77dff9 code=0x7ffc0000
[ 1402.242410][  T935] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[ 1402.305539][   T29] audit: type=1326 audit(1728557763.731:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16930 comm="syz.4.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f749f77dff9 code=0x7ffc0000
[ 1402.327382][   T29] audit: type=1326 audit(1728557763.741:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16930 comm="syz.4.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749f77dff9 code=0x7ffc0000
[ 1402.349156][   T29] audit: type=1326 audit(1728557763.741:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16930 comm="syz.4.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749f77dff9 code=0x7ffc0000
[ 1402.371103][   T29] audit: type=1326 audit(1728557763.741:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16930 comm="syz.4.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f749f77dff9 code=0x7ffc0000
[ 1402.392795][   T29] audit: type=1326 audit(1728557763.741:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16930 comm="syz.4.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749f77dff9 code=0x7ffc0000
[ 1402.415085][   T29] audit: type=1326 audit(1728557763.741:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16930 comm="syz.4.2625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f749f77dff9 code=0x7ffc0000
[ 1402.419889][  T935] usb 3-1: config 0 has an invalid interface number: 143 but max is 0
[ 1402.502533][ T5218] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[ 1402.585303][  T935] usb 3-1: config 0 has no interface number 0
[ 1402.598776][  T935] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=aa.e9
[ 1402.612197][  T935] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1402.634523][  T935] usb 3-1: config 0 descriptor??
[ 1402.715653][ T5218] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1402.732224][ T5218] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1402.763576][ T5218] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1402.800234][ T5218] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1402.836859][ T5218] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1402.855272][ T5218] usb 1-1: config 0 descriptor??
[ 1404.003616][   T29] audit: type=1326 audit(1728557765.361:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16939 comm="syz.2.2628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4a9d7dff9 code=0x7ffc0000
[ 1404.025542][   T29] audit: type=1326 audit(1728557765.361:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16939 comm="syz.2.2628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4a9d7dff9 code=0x7ffc0000
[ 1404.205197][ T5218] usbhid 1-1:0.0: can't add hid device: -71
[ 1404.221508][ T5218] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1404.246661][ T5297] usb 5-1: string descriptor 0 read error: -71
[ 1404.322541][ T5297] ath6kl: Failed to submit usb control message: -71
[ 1404.329329][ T5297] ath6kl: unable to send the bmi data to the device: -71
[ 1404.332691][ T5218] usb 1-1: USB disconnect, device number 58
[ 1404.336588][ T5297] ath6kl: Unable to send get target info: -71
[ 1404.355130][ T5297] ath6kl: Failed to init ath6kl core: -71
[ 1404.361307][ T5297] ath6kl_usb 5-1:0.143: probe with driver ath6kl_usb failed with error -71
[ 1404.750951][T16963] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2630'.
[ 1404.760740][T16963] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2630'.
[ 1405.545776][  T935] usb 3-1: string descriptor 0 read error: -71
[ 1405.569523][  T935] ath6kl: Failed to submit usb control message: -71
[ 1405.589706][  T935] ath6kl: unable to send the bmi data to the device: -71
[ 1405.602584][  T935] ath6kl: Unable to send get target info: -71
[ 1405.619187][  T935] ath6kl: Failed to init ath6kl core: -71
[ 1405.656365][  T935] ath6kl_usb 3-1:0.143: probe with driver ath6kl_usb failed with error -71
[ 1405.793154][  T935] usb 3-1: USB disconnect, device number 53
[ 1405.882571][ T5297] usb 5-1: USB disconnect, device number 68
[ 1412.865347][   T25] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 1413.124179][   T25] usb 4-1: Using ep0 maxpacket: 8
[ 1413.484616][   T25] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1413.511651][   T25] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1413.521880][   T25] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1413.534144][   T25] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1413.658776][   T25] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1413.668643][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1414.313382][   T25] usb 4-1: GET_CAPABILITIES returned 0
[ 1414.325536][   T25] usbtmc 4-1:16.0: can't read capabilities
[ 1414.372396][ T5266] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[ 1414.399585][ T1855] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[ 1414.593084][ T1855] usb 3-1: Using ep0 maxpacket: 8
[ 1415.027610][ T1855] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1415.037663][ T1855] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1415.050887][ T1855] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1415.050993][    C0] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1415.061082][ T1855] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1415.084978][ T1855] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1415.094129][ T1855] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1415.156690][ T5266] usb 2-1: Using ep0 maxpacket: 8
[ 1415.197785][ T5266] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 1415.259688][ T5266] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1415.314574][ T1855] usb 3-1: GET_CAPABILITIES returned 0
[ 1415.320764][ T1855] usbtmc 3-1:16.0: can't read capabilities
[ 1415.337136][ T5266] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1415.635335][ T5266] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1415.646140][ T5266] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1415.659327][ T5266] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1415.672609][ T5221] Bluetooth: hci0: command tx timeout
[ 1415.710994][ T5266] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1416.204236][    C0] usbtmc 4-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1416.222744][ T5218] usb 4-1: USB disconnect, device number 60
[ 1416.537748][ T5266] usb 2-1: can't set config #16, error -71
[ 1417.032879][ T5266] usb 2-1: USB disconnect, device number 50
[ 1417.741310][ T1855] usb 3-1: USB disconnect, device number 54
[ 1419.421804][T17107] fuse: Bad value for 'fd'
[ 1420.656232][T17122] netlink: 1588 bytes leftover after parsing attributes in process `syz.0.2675'.
[ 1422.471036][ T1855] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[ 1423.083590][ T1855] usb 2-1: Using ep0 maxpacket: 8
[ 1423.152217][ T1855] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1423.165593][ T1855] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1423.175458][ T1855] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1423.185660][ T1855] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1423.199523][ T1855] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1423.209279][ T1855] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1423.292358][ T5268] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[ 1423.385381][ T1270] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.392544][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.572378][ T5268] usb 1-1: Using ep0 maxpacket: 8
[ 1423.608344][ T5268] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1423.637109][ T5268] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1423.695241][ T5268] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1423.971429][ T5268] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1424.022456][ T5268] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1424.102944][ T5268] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1424.203239][ T1855] usb 2-1: can't set config #16, error -71
[ 1424.210791][ T5268] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1424.406919][ T1855] usb 2-1: USB disconnect, device number 51
[ 1424.413974][ T5221] Bluetooth: hci2: command tx timeout
[ 1424.683762][ T5268] usb 1-1: usb_control_msg returned -32
[ 1424.689473][ T5268] usbtmc 1-1:16.0: can't read capabilities
[ 1424.751755][ T5268] usb 1-1: USB disconnect, device number 59
[ 1425.032454][   T25] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[ 1425.046083][T17167] fuse: Bad value for 'fd'
[ 1425.222769][   T25] usb 4-1: Using ep0 maxpacket: 8
[ 1425.240571][T17169] netlink: 3068 bytes leftover after parsing attributes in process `syz.1.2686'.
[ 1425.257467][   T25] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1425.268064][T17169] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2686'.
[ 1425.281148][   T25] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1425.291470][T12222] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[ 1425.317545][   T25] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1425.356984][   T25] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1425.482348][T12222] usb 5-1: Using ep0 maxpacket: 8
[ 1425.553072][   T25] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1425.578557][T12222] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1425.592838][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1425.606168][T12222] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1425.616960][T12222] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1425.633464][T12222] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1425.658139][T12222] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1425.668900][T12222] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1425.886147][T12222] usb 5-1: GET_CAPABILITIES returned 0
[ 1425.891767][T12222] usbtmc 5-1:16.0: can't read capabilities
[ 1426.091071][ T5268] usb 5-1: USB disconnect, device number 69
[ 1426.423824][T17180] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2690'.
[ 1426.863175][ T5221] Bluetooth: hci5: command 0x0406 tx timeout
[ 1428.518323][ T1855] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[ 1428.676739][   T25] usb 4-1: usb_control_msg returned -71
[ 1428.683108][   T25] usbtmc 4-1:16.0: can't read capabilities
[ 1428.696757][   T25] usb 4-1: USB disconnect, device number 61
[ 1428.702942][ T1855] usb 2-1: Using ep0 maxpacket: 8
[ 1428.714559][ T1855] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1428.738811][ T1855] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1428.777674][ T1855] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1428.807513][ T1855] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1428.976126][ T1855] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1428.985392][ T1855] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1429.028843][T17209] netlink: 3068 bytes leftover after parsing attributes in process `syz.3.2697'.
[ 1429.080450][T17209] netlink: 199556 bytes leftover after parsing attributes in process `syz.3.2697'.
[ 1429.211262][ T1855] usb 2-1: GET_CAPABILITIES returned 0
[ 1429.216921][ T1855] usbtmc 2-1:16.0: can't read capabilities
[ 1429.439534][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1430.094300][ T5221] Bluetooth: hci2: command tx timeout
[ 1430.618880][T17221] fuse: Bad value for 'fd'
[ 1431.533998][ T5218] usb 2-1: USB disconnect, device number 52
[ 1431.925920][ T8522] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[ 1432.056686][T17236] block nbd0: shutting down sockets
[ 1432.083973][   T40] I/O error, dev nbd0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[ 1432.123091][ T8522] usb 4-1: Using ep0 maxpacket: 8
[ 1432.135724][T17242] netlink: 3068 bytes leftover after parsing attributes in process `syz.1.2708'.
[ 1432.177838][ T8522] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1432.192975][T17242] netlink: 199556 bytes leftover after parsing attributes in process `syz.1.2708'.
[ 1432.552215][ T8522] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1432.566454][ T8522] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1432.576811][ T8522] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1432.590157][ T8522] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1432.599477][ T8522] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1433.310715][ T8522] usb 4-1: GET_CAPABILITIES returned 0
[ 1433.961475][ T8522] usbtmc 4-1:16.0: can't read capabilities
[ 1433.971380][ T8522] usb 4-1: USB disconnect, device number 62
[ 1435.289949][T17271] fuse: Bad value for 'fd'
[ 1436.482348][ T5221] Bluetooth: hci0: command 0x0406 tx timeout
[ 1437.465829][ T1855] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[ 1438.808684][ T5229] Bluetooth: hci0: command 0x0406 tx timeout
[ 1443.272752][ T8522] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[ 1444.102774][ T1855] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[ 1445.195460][ T1855] usb 3-1: Using ep0 maxpacket: 8
[ 1445.322635][T17354] sctp: [Deprecated]: syz.4.2741 (pid 17354) Use of int in maxseg socket option.
[ 1445.322635][T17354] Use struct sctp_assoc_value instead
[ 1445.442458][ T5229] Bluetooth: hci0: command 0x0406 tx timeout
[ 1445.458714][ T1855] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1445.501802][ T1855] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1445.512411][ T1855] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1445.522864][ T1855] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1445.535937][ T1855] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1445.545123][ T1855] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1446.690708][ T1855] usb 3-1: usb_control_msg returned -71
[ 1446.705341][ T1855] usbtmc 3-1:16.0: can't read capabilities
[ 1446.719066][T17368] sctp: [Deprecated]: syz.3.2743 (pid 17368) Use of int in maxseg socket option.
[ 1446.719066][T17368] Use struct sctp_assoc_value instead
[ 1446.767363][ T1855] usb 3-1: USB disconnect, device number 56
[ 1447.224661][T17381] netlink: 19 bytes leftover after parsing attributes in process `syz.2.2745'.
[ 1449.198938][T17386] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2747'.
[ 1450.800214][T17405] netlink: 19 bytes leftover after parsing attributes in process `syz.4.2751'.
[ 1451.534623][T17408] sctp: [Deprecated]: syz.3.2752 (pid 17408) Use of int in maxseg socket option.
[ 1451.534623][T17408] Use struct sctp_assoc_value instead
[ 1451.931431][T17421] sctp: [Deprecated]: syz.1.2757 (pid 17421) Use of int in maxseg socket option.
[ 1451.931431][T17421] Use struct sctp_assoc_value instead
[ 1452.123489][   T25] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[ 1452.300588][   T25] usb 3-1: Using ep0 maxpacket: 8
[ 1452.307359][   T25] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1452.322392][   T25] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1452.332946][   T25] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1452.346074][   T25] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1452.359623][   T25] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1452.369004][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1452.602910][   T25] usb 3-1: GET_CAPABILITIES returned 0
[ 1452.773507][   T25] usbtmc 3-1:16.0: can't read capabilities
[ 1453.200123][ T1855] libceph: connect (1)[c::]:6789 error -101
[ 1453.208720][ T1855] libceph: mon0 (1)[c::]:6789 connect error
[ 1453.265540][T17432] ceph: No mds server is up or the cluster is laggy
[ 1453.391977][T17439] sctp: [Deprecated]: syz.1.2760 (pid 17439) Use of int in maxseg socket option.
[ 1453.391977][T17439] Use struct sctp_assoc_value instead
[ 1454.006607][ T5229] Bluetooth: hci0: command 0x0406 tx timeout
[ 1455.169353][ T1855] usb 3-1: USB disconnect, device number 57
[ 1456.191110][ T5229] Bluetooth: hci6: command 0x0406 tx timeout
[ 1456.502587][ T1855] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[ 1457.351272][ T1855] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1457.362780][ T1855] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1457.390085][ T1855] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1457.433721][ T1855] usb 3-1: config 0 descriptor??
[ 1457.462942][ T1855] pwc: Askey VC010 type 2 USB webcam detected.
[ 1457.732551][ T1855] pwc: send_video_command error -71
[ 1457.738123][ T1855] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 1457.747147][ T1855] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71
[ 1457.783392][ T1855] usb 3-1: USB disconnect, device number 58
[ 1459.040369][T17494] netlink: 19 bytes leftover after parsing attributes in process `syz.3.2775'.
[ 1460.190115][T17508] syz.3.2777: attempt to access beyond end of device
[ 1460.190115][T17508] loop3: rw=0, sector=64, nr_sectors = 1 limit=0
[ 1460.203527][T17508] syz.3.2777: attempt to access beyond end of device
[ 1460.203527][T17508] loop3: rw=0, sector=256, nr_sectors = 1 limit=0
[ 1460.807901][T17509] tty tty1: ldisc open failed (-12), clearing slot 0
[ 1460.815134][T17508] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[ 1460.825039][T17508] syz.3.2777: attempt to access beyond end of device
[ 1460.825039][T17508] loop3: rw=0, sector=512, nr_sectors = 1 limit=0
[ 1460.838080][T17508] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[ 1460.847729][T17508] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[ 1460.855441][T17508] UDF-fs: Scanning with blocksize 512 failed
[ 1460.992950][ T5268] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 1461.649232][T17508] syz.3.2777: attempt to access beyond end of device
[ 1461.649232][T17508] loop3: rw=0, sector=64, nr_sectors = 2 limit=0
[ 1461.676315][T17508] syz.3.2777: attempt to access beyond end of device
[ 1461.676315][T17508] loop3: rw=0, sector=512, nr_sectors = 2 limit=0
[ 1461.694515][T17508] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[ 1461.928193][ T5221] Bluetooth: hci2: command tx timeout
[ 1462.050166][T17508] syz.3.2777: attempt to access beyond end of device
[ 1462.050166][T17508] loop3: rw=0, sector=1024, nr_sectors = 2 limit=0
[ 1462.063411][T17508] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[ 1462.073109][T17508] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[ 1462.081107][T17508] UDF-fs: Scanning with blocksize 1024 failed
[ 1462.087848][T17508] syz.3.2777: attempt to access beyond end of device
[ 1462.087848][T17508] loop3: rw=0, sector=64, nr_sectors = 4 limit=0
[ 1462.102008][T17508] syz.3.2777: attempt to access beyond end of device
[ 1462.102008][T17508] loop3: rw=0, sector=1024, nr_sectors = 4 limit=0
[ 1462.115194][T17508] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[ 1462.124985][T17508] syz.3.2777: attempt to access beyond end of device
[ 1462.124985][T17508] loop3: rw=0, sector=2048, nr_sectors = 4 limit=0
[ 1462.138161][T17508] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[ 1462.147772][T17508] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[ 1462.155579][T17508] UDF-fs: Scanning with blocksize 2048 failed
[ 1462.162088][T17508] syz.3.2777: attempt to access beyond end of device
[ 1462.162088][T17508] loop3: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1462.175163][T17508] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[ 1462.184827][T17508] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[ 1462.194410][T17508] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[ 1462.202426][T17508] UDF-fs: Scanning with blocksize 4096 failed
[ 1462.208497][T17508] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1)
[ 1462.290393][ T5268] usb 2-1: Using ep0 maxpacket: 8
[ 1462.524373][ T5268] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1462.534545][ T5268] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1462.544638][ T5268] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1462.554931][ T5268] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1462.568181][ T5268] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1462.577592][ T5268] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1462.928932][ T5268] usb 2-1: usb_control_msg returned -71
[ 1462.936667][ T5268] usbtmc 2-1:16.0: can't read capabilities
[ 1462.978859][ T5268] usb 2-1: USB disconnect, device number 54
[ 1463.173400][T17529] syzkaller0: entered promiscuous mode
[ 1463.178936][T17529] syzkaller0: entered allmulticast mode
[ 1464.241299][T17548] sctp: [Deprecated]: syz.3.2791 (pid 17548) Use of int in maxseg socket option.
[ 1464.241299][T17548] Use struct sctp_assoc_value instead
[ 1464.536233][T17557] fuse: Invalid rootmode
[ 1464.555529][T17555] overlayfs: failed to resolve './file0': -2
[ 1469.015611][T17593] fuse: Invalid rootmode
[ 1470.571625][ T5221] block nbd4: Receive control failed (result -32)
[ 1470.581306][ T5229] block nbd4: Receive control failed (result -32)
[ 1470.589248][T17612] block nbd4: shutting down sockets
[ 1472.272531][T17631] block nbd0: Device being setup by another task
[ 1472.375625][T17635] fuse: Invalid rootmode
[ 1472.493279][ T5229] block nbd0: Receive control failed (result -32)
[ 1472.558636][   T40] block nbd0: Dead connection, failed to find a fallback
[ 1472.567416][   T40] block nbd0: shutting down sockets
[ 1472.573931][   T40] I/O error, dev nbd0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[ 1475.948602][ T5221] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1475.962944][ T5221] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1475.971730][ T5221] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1475.980079][ T5221] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1476.003126][ T5221] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1476.012068][T17665] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1476.036011][T17665] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1476.041663][ T5221] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1476.065346][T17665] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1476.100250][ T5221] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1476.108058][ T5221] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1476.115593][ T5221] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1478.022783][T17663] lo speed is unknown, defaulting to 1000
[ 1478.091443][T17680] fuse: Bad value for 'rootmode'
[ 1478.115538][T17660] lo speed is unknown, defaulting to 1000
[ 1478.172429][T16705] Bluetooth: hci1: command tx timeout
[ 1478.198947][T17681] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2825'.
[ 1478.268131][T16705] Bluetooth: hci3: command tx timeout
[ 1479.136719][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1479.403618][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1479.460573][T17660] chnl_net:caif_netlink_parms(): no params data found
[ 1479.476957][T17663] chnl_net:caif_netlink_parms(): no params data found
[ 1479.676933][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1479.751468][T17663] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1479.764650][T17663] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1479.832617][T17663] bridge_slave_0: entered allmulticast mode
[ 1479.839695][T17663] bridge_slave_0: entered promiscuous mode
[ 1479.877752][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1479.896252][T17663] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1479.913198][T17663] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1479.938741][T17663] bridge_slave_1: entered allmulticast mode
[ 1479.953781][T17663] bridge_slave_1: entered promiscuous mode
[ 1479.960092][T17660] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1479.972445][T17660] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1479.979644][T17660] bridge_slave_0: entered allmulticast mode
[ 1479.995504][T17660] bridge_slave_0: entered promiscuous mode
[ 1480.011966][T17660] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1480.026460][T17660] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1480.036660][T17660] bridge_slave_1: entered allmulticast mode
[ 1480.050959][T17660] bridge_slave_1: entered promiscuous mode
[ 1480.128359][T17663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1480.141476][T17663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1480.189986][T17660] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1480.218599][T17715] sctp: [Deprecated]: syz.0.2834 (pid 17715) Use of int in maxseg socket option.
[ 1480.218599][T17715] Use struct sctp_assoc_value instead
[ 1480.243731][T16705] Bluetooth: hci1: command tx timeout
[ 1480.318347][T17660] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1480.327540][T16705] Bluetooth: hci3: command tx timeout
[ 1480.478575][T17663] team0: Port device team_slave_0 added
[ 1480.495506][T17717] syz.0.2834 (17717): attempted to duplicate a private mapping with mremap.  This is not supported.
[ 1480.514819][T17663] team0: Port device team_slave_1 added
[ 1480.665511][T17663] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1480.676865][T17663] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1480.777916][T17663] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1480.828112][T17660] team0: Port device team_slave_0 added
[ 1480.855214][T17660] team0: Port device team_slave_1 added
[ 1481.030377][T17663] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1481.065664][T17663] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1481.139724][T17663] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1481.243069][   T12] bridge_slave_1: left allmulticast mode
[ 1481.264095][   T12] bridge_slave_1: left promiscuous mode
[ 1481.276783][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1481.286441][T17732] fuse: Bad value for 'rootmode'
[ 1481.531368][   T12] bridge_slave_0: left allmulticast mode
[ 1481.576643][   T12] bridge_slave_0: left promiscuous mode
[ 1481.681380][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1482.379361][T16705] Bluetooth: hci1: command tx timeout
[ 1482.411953][T16705] Bluetooth: hci3: command tx timeout
[ 1484.984270][ T1270] ieee802154 phy0 wpan0: encryption failed: -22
[ 1485.032322][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.043513][T16705] Bluetooth: hci1: command tx timeout
[ 1485.049064][T16705] Bluetooth: hci3: command tx timeout
[ 1487.087797][T17780] fuse: Bad value for 'rootmode'
[ 1487.169288][T17782] sctp: [Deprecated]: syz.3.2847 (pid 17782) Use of int in maxseg socket option.
[ 1487.169288][T17782] Use struct sctp_assoc_value instead
[ 1487.241907][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1487.257594][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1487.277092][   T12] bond0 (unregistering): Released all slaves
[ 1487.317658][T17660] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1487.332325][T17660] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1487.429732][T17660] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1487.558403][T17663] hsr_slave_0: entered promiscuous mode
[ 1487.629951][T17663] hsr_slave_1: entered promiscuous mode
[ 1487.713548][T17663] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1487.721258][T17663] Cannot create hsr debugfs directory
[ 1487.759944][T17660] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1487.787010][T17660] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1487.837785][T17660] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1488.155075][ T1855] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[ 1489.059239][T17660] hsr_slave_0: entered promiscuous mode
[ 1489.102563][ T1855] usb 5-1: Using ep0 maxpacket: 8
[ 1489.338627][T17660] hsr_slave_1: entered promiscuous mode
[ 1489.402772][T17660] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1489.647534][T17811] sctp: [Deprecated]: syz.3.2853 (pid 17811) Use of int in maxseg socket option.
[ 1489.647534][T17811] Use struct sctp_assoc_value instead
[ 1489.663108][T17660] Cannot create hsr debugfs directory
[ 1489.680987][ T1855] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1489.765665][ T1855] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1489.822524][ T1855] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1489.835521][ T1855] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1489.850662][ T1855] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1489.860800][ T1855] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1489.869380][   T12] hsr_slave_0: left promiscuous mode
[ 1489.891812][   T12] hsr_slave_1: left promiscuous mode
[ 1489.933403][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1489.940877][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1489.980570][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1489.999165][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1490.056196][   T12] veth1_macvtap: left promiscuous mode
[ 1490.063780][   T12] veth0_macvtap: left promiscuous mode
[ 1490.069411][   T12] veth1_vlan: left promiscuous mode
[ 1490.076290][ T5218] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[ 1490.090560][ T1855] usb 5-1: GET_CAPABILITIES returned 0
[ 1490.097764][   T12] veth0_vlan: left promiscuous mode
[ 1490.113628][ T1855] usbtmc 5-1:16.0: can't read capabilities
[ 1490.236939][ T5218] usb 1-1: config 36 has an invalid descriptor of length 255, skipping remainder of the config
[ 1490.277840][ T5218] usb 1-1: config 36 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1490.297222][ T5218] usb 1-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29
[ 1490.306932][ T5218] usb 1-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[ 1490.316648][ T5218] usb 1-1: Manufacturer: syz
[ 1490.326721][ T5218] usb 1-1: SerialNumber: syz
[ 1490.333091][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1490.343953][ T8522] usb 5-1: USB disconnect, device number 70
[ 1490.610780][ T5218] usbhid 1-1:36.0: couldn't find an input interrupt endpoint
[ 1490.628995][ T5218] usb 1-1: USB disconnect, device number 60
[ 1491.732491][ T5218] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[ 1492.553985][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1492.618168][ T5218] usb 1-1: config 36 has an invalid descriptor of length 255, skipping remainder of the config
[ 1492.628868][ T5218] usb 1-1: config 36 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1492.662755][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1492.713410][ T5218] usb 1-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29
[ 1492.732145][ T5218] usb 1-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[ 1492.750045][ T5218] usb 1-1: Manufacturer: syz
[ 1492.755157][ T5218] usb 1-1: SerialNumber: syz
[ 1492.938824][T17842] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2861'.
[ 1493.381044][ T5218] usbhid 1-1:36.0: couldn't find an input interrupt endpoint
[ 1493.400606][ T5218] usb 1-1: USB disconnect, device number 61
[ 1495.005267][T17841] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2860'.
[ 1497.277408][T17663] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1497.465656][T17663] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1498.024619][T17859] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2864'.
[ 1498.192442][T17663] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1498.345952][T17663] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1499.328185][   T12] bridge_slave_1: left allmulticast mode
[ 1499.345028][   T12] bridge_slave_1: left promiscuous mode
[ 1499.361579][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1499.601388][   T12] bridge_slave_0: left allmulticast mode
[ 1499.823334][   T12] bridge_slave_0: left promiscuous mode
[ 1499.839393][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1502.093611][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1502.111863][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1502.133086][   T12] bond0 (unregistering): Released all slaves
[ 1502.171230][T17876] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2867'.
[ 1502.217183][T17663] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1502.236307][T17663] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1502.380355][T17663] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1502.423706][T17663] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1503.857915][   T12] hsr_slave_0: left promiscuous mode
[ 1503.883028][   T12] hsr_slave_1: left promiscuous mode
[ 1503.899447][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1503.952481][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1504.025078][T17939] bio_check_eod: 2 callbacks suppressed
[ 1504.025120][T17939] syz.3.2878: attempt to access beyond end of device
[ 1504.025120][T17939] loop3: rw=0, sector=64, nr_sectors = 1 limit=0
[ 1504.044843][T17939] syz.3.2878: attempt to access beyond end of device
[ 1504.044843][T17939] loop3: rw=0, sector=256, nr_sectors = 1 limit=0
[ 1504.058162][T17939] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[ 1504.068799][T17939] syz.3.2878: attempt to access beyond end of device
[ 1504.068799][T17939] loop3: rw=0, sector=512, nr_sectors = 1 limit=0
[ 1504.082073][T17939] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[ 1504.092163][T17939] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[ 1504.100275][T17939] UDF-fs: Scanning with blocksize 512 failed
[ 1504.109120][T17939] syz.3.2878: attempt to access beyond end of device
[ 1504.109120][T17939] loop3: rw=0, sector=64, nr_sectors = 2 limit=0
[ 1504.123014][T17939] syz.3.2878: attempt to access beyond end of device
[ 1504.123014][T17939] loop3: rw=0, sector=512, nr_sectors = 2 limit=0
[ 1504.136309][T17939] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[ 1504.146780][T17939] syz.3.2878: attempt to access beyond end of device
[ 1504.146780][T17939] loop3: rw=0, sector=1024, nr_sectors = 2 limit=0
[ 1504.160092][T17939] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[ 1504.169771][T17939] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[ 1504.177547][T17939] UDF-fs: Scanning with blocksize 1024 failed
[ 1504.185746][T17939] syz.3.2878: attempt to access beyond end of device
[ 1504.185746][T17939] loop3: rw=0, sector=64, nr_sectors = 4 limit=0
[ 1504.199773][T17939] syz.3.2878: attempt to access beyond end of device
[ 1504.199773][T17939] loop3: rw=0, sector=1024, nr_sectors = 4 limit=0
[ 1504.213111][T17939] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[ 1504.223372][T17939] syz.3.2878: attempt to access beyond end of device
[ 1504.223372][T17939] loop3: rw=0, sector=2048, nr_sectors = 4 limit=0
[ 1504.236851][T17939] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[ 1504.246550][T17939] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[ 1504.254305][T17939] UDF-fs: Scanning with blocksize 2048 failed
[ 1504.262306][T17939] syz.3.2878: attempt to access beyond end of device
[ 1504.262306][T17939] loop3: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1504.276316][T17939] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[ 1504.286640][T17939] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[ 1504.296673][T17939] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[ 1504.304719][T17939] UDF-fs: Scanning with blocksize 4096 failed
[ 1504.310854][T17939] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1)
[ 1504.364290][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1504.371740][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1504.467757][   T12] veth1_macvtap: left promiscuous mode
[ 1504.478508][   T12] veth0_macvtap: left promiscuous mode
[ 1504.486891][   T12] veth1_vlan: left promiscuous mode
[ 1504.498080][   T12] veth0_vlan: left promiscuous mode
[ 1507.975571][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1508.046861][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1508.115512][T12222] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 1508.282413][T12222] usb 4-1: Using ep0 maxpacket: 16
[ 1508.296179][T12222] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1508.310232][T12222] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1508.335576][T12222] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[ 1508.345001][T12222] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1508.354997][T12222] usb 4-1: Product: syz
[ 1508.359211][T12222] usb 4-1: Manufacturer: syz
[ 1508.368648][T12222] usb 4-1: SerialNumber: syz
[ 1508.380970][T12222] usb 4-1: config 0 descriptor??
[ 1508.796024][ T8522] usb 4-1: USB disconnect, device number 63
[ 1508.938949][T17663] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1509.095842][T17660] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1509.178333][T17660] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1509.534507][T17663] 8021q: adding VLAN 0 to HW filter on device team0
[ 1509.552519][T17660] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1509.580369][T17660] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1509.625047][ T5678] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1509.632230][ T5678] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1509.698796][ T5678] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1509.706101][ T5678] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1509.926605][T17660] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1509.980997][T17660] 8021q: adding VLAN 0 to HW filter on device team0
[ 1510.023364][ T5540] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1510.030563][ T5540] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1510.085385][ T5540] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1510.092676][ T5540] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1510.223739][T17660] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1510.275465][T17660] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1510.410567][T17663] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1511.189579][T17663] veth0_vlan: entered promiscuous mode
[ 1511.247195][T17663] veth1_vlan: entered promiscuous mode
[ 1511.414320][T17663] veth0_macvtap: entered promiscuous mode
[ 1511.527963][T17663] veth1_macvtap: entered promiscuous mode
[ 1511.565280][T18025] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2894'.
[ 1511.683691][T17663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1511.750914][T17663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1511.802156][T17663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1511.833958][T17663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1511.863308][T17663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1511.880538][T17663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1511.914315][T17663] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1512.089679][T18036] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2895'.
[ 1512.096958][T17660] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1512.457039][T17663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1512.502372][T17663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1512.512307][T17663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1512.540451][T17663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1512.580475][T17663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1512.596475][T17663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1512.617578][T17663] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1512.642712][T17663] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1512.657698][T17663] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1512.669892][T17663] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1512.683443][T17663] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1512.845156][T17660] veth0_vlan: entered promiscuous mode
[ 1512.945358][T17660] veth1_vlan: entered promiscuous mode
[ 1513.017183][ T5540] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1513.079794][ T5540] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1513.265529][T17660] veth0_macvtap: entered promiscuous mode
[ 1513.348753][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1513.361958][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1513.417957][T17660] veth1_macvtap: entered promiscuous mode
[ 1513.469368][T17660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1513.492763][T18062] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1513.512708][T17660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1513.562680][T18062] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1513.583467][T17660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1513.610247][T17660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1513.642363][T17660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1513.698772][T17660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1513.727112][T17660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1513.738725][T17660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1513.813695][T17660] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1513.887515][T18059] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2899'.
[ 1513.939157][T17660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1514.000141][T17660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1514.036739][T17660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1514.086995][T17660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1514.097164][T17660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1514.107887][T17660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1514.118159][T17660] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1514.128881][T17660] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1514.139683][T17660] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1514.149621][T17660] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1514.158403][T17660] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1514.167363][T17660] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1514.176130][T17660] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1515.295242][   T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1515.314691][   T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1515.425035][ T5678] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1515.444756][ T5678] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1515.716427][ T8522] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[ 1515.917318][ T8522] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1515.940559][ T8522] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1516.706417][ T8522] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1516.780815][ T8522] usb 3-1: config 0 descriptor??
[ 1516.939626][ T8522] pwc: Askey VC010 type 2 USB webcam detected.
[ 1517.806342][ T8522] pwc: send_video_command error -71
[ 1517.811579][ T8522] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 1517.833995][ T8522] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71
[ 1517.878211][ T8522] usb 3-1: USB disconnect, device number 59
[ 1518.063860][T18123] overlayfs: failed to resolve './file0': -2
[ 1518.432373][ T8522] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[ 1518.613639][ T8522] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1518.649609][ T8522] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1518.713505][ T8522] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1518.742207][ T8522] usb 3-1: config 0 descriptor??
[ 1518.768714][ T8522] pwc: Askey VC010 type 2 USB webcam detected.
[ 1519.168952][ T8522] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1519.180064][ T8522] pwc: recv_control_msg error -32 req 02 val 2700
[ 1519.239774][ T8522] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1519.261319][ T8522] pwc: recv_control_msg error -32 req 04 val 1000
[ 1519.355969][ T8522] pwc: recv_control_msg error -32 req 04 val 1300
[ 1519.372933][ T8522] pwc: recv_control_msg error -32 req 04 val 1400
[ 1519.397485][ T8522] pwc: recv_control_msg error -32 req 02 val 2000
[ 1519.415087][ T8522] pwc: recv_control_msg error -32 req 02 val 2100
[ 1519.455457][ T8522] pwc: recv_control_msg error -32 req 04 val 1500
[ 1519.673406][ T8522] pwc: recv_control_msg error -71 req 02 val 2400
[ 1519.732472][ T8522] pwc: recv_control_msg error -71 req 02 val 2600
[ 1520.062367][ T8522] pwc: recv_control_msg error -71 req 02 val 2900
[ 1520.200830][ T8522] pwc: recv_control_msg error -71 req 02 val 2800
[ 1520.221085][ T8522] pwc: recv_control_msg error -71 req 04 val 1100
[ 1520.230101][ T8522] pwc: recv_control_msg error -71 req 04 val 1200
[ 1520.243669][ T8522] pwc: Registered as video71.
[ 1520.335183][ T8522] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input31
[ 1520.681971][ T8522] usb 3-1: USB disconnect, device number 60
[ 1520.777000][T18180] fuse: Unknown parameter 'fd0x0000000000000008'
[ 1522.013135][T18194] netlink: 19 bytes leftover after parsing attributes in process `syz.4.2919'.
[ 1524.700171][T18223] netlink: 19 bytes leftover after parsing attributes in process `syz.4.2925'.
[ 1527.382827][T18241] block nbd2: shutting down sockets
[ 1527.520752][T18245] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2931'.
[ 1528.366452][T18260] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2934'.
[ 1528.375551][T18260] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2934'.
[ 1528.400847][T18260] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[ 1529.042836][T18259] block nbd0: shutting down sockets
[ 1529.144438][T13188] I/O error, dev nbd0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[ 1530.296309][T18276] fuse: Unknown parameter '0x0000000000000003'
[ 1530.637447][T18283] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2933'.
[ 1533.014602][T18303] sctp: [Deprecated]: syz.4.2947 (pid 18303) Use of int in maxseg socket option.
[ 1533.014602][T18303] Use struct sctp_assoc_value instead
[ 1533.263590][T18304] fuse: Unknown parameter '0x0000000000000008'
[ 1534.365380][T18319] netlink: 19 bytes leftover after parsing attributes in process `syz.2.2950'.
[ 1535.020802][T16705] block nbd4: Receive control failed (result -104)
[ 1536.823075][T18335] fuse: Unknown parameter 'fd0x0000000000000008'
[ 1538.326864][T18349] sctp: [Deprecated]: syz.2.2959 (pid 18349) Use of int in maxseg socket option.
[ 1538.326864][T18349] Use struct sctp_assoc_value instead
[ 1539.985780][T18365] overlayfs: failed to resolve './file0': -2
[ 1542.577565][ T5268] libceph: connect (1)[c::]:6789 error -101
[ 1542.598612][ T5268] libceph: mon0 (1)[c::]:6789 connect error
[ 1542.616423][T18380] ceph: No mds server is up or the cluster is laggy
[ 1543.892364][T18392] block nbd1: Device being setup by another task
[ 1544.174138][   T40] block nbd1: Send control failed (result -32)
[ 1544.180507][   T40] block nbd1: Request send failed, requeueing
[ 1544.189898][   T40] block nbd1: Dead connection, failed to find a fallback
[ 1544.197310][T16705] block nbd1: Receive control failed (result -32)
[ 1544.206705][   T40] block nbd1: shutting down sockets
[ 1544.848179][   T40] I/O error, dev nbd1, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[ 1544.896761][ T5221] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1544.908187][ T5221] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1544.928715][ T5221] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1544.938972][ T5221] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1544.949210][T18396] block nbd0: Device being setup by another task
[ 1544.957768][T17665] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1544.966472][T17665] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1545.063888][T18403] block nbd0: shutting down sockets
[ 1545.066515][T18405] lo speed is unknown, defaulting to 1000
[ 1546.172189][ T1270] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.181966][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.480980][T18405] chnl_net:caif_netlink_parms(): no params data found
[ 1547.198994][ T5221] Bluetooth: hci0: command tx timeout
[ 1547.655245][T18405] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1547.692607][T18405] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1547.710230][T18405] bridge_slave_0: entered allmulticast mode
[ 1547.715977][ T8199] libceph: connect (1)[c::]:6789 error -101
[ 1547.723759][ T8199] libceph: mon0 (1)[c::]:6789 connect error
[ 1547.735947][T18432] ceph: No mds server is up or the cluster is laggy
[ 1547.763413][T18405] bridge_slave_0: entered promiscuous mode
[ 1547.794790][T18405] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1547.811115][T18405] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1547.827490][T18405] bridge_slave_1: entered allmulticast mode
[ 1547.837457][T18405] bridge_slave_1: entered promiscuous mode
[ 1547.866022][T18434] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2978'.
[ 1547.926776][T18440] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2978'.
[ 1548.017522][T18443] block nbd2: shutting down sockets
[ 1548.242922][T18443] I/O error, dev nbd2, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[ 1548.303923][T18405] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1548.474529][T18405] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1549.284500][ T5221] Bluetooth: hci0: command tx timeout
[ 1549.331529][T18405] team0: Port device team_slave_0 added
[ 1549.357006][T18445] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2980'.
[ 1549.407565][T18405] team0: Port device team_slave_1 added
[ 1550.238864][T18405] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1550.247338][T18405] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1550.281981][T18405] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1550.297153][T18405] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1550.305160][T18405] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1550.334432][T18405] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1550.395490][T18405] hsr_slave_0: entered promiscuous mode
[ 1550.407193][T18405] hsr_slave_1: entered promiscuous mode
[ 1550.777557][T18405] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1550.914452][T18405] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1551.362686][ T5221] Bluetooth: hci0: command tx timeout
[ 1551.500978][T18405] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1551.649016][T18405] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1552.109559][T18405] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1552.189297][T18405] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1552.221238][T18405] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1552.257331][T18405] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1552.465358][T18405] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1552.559463][T18405] 8021q: adding VLAN 0 to HW filter on device team0
[ 1552.792935][ T1044] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1552.800135][ T1044] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1552.867524][T18405] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1552.878200][T18405] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1552.926517][ T1044] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1552.933728][ T1044] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1553.475606][ T5221] Bluetooth: hci0: command tx timeout
[ 1554.009439][T18405] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1554.873879][T18521] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2995'.
[ 1556.505827][T18405] veth0_vlan: entered promiscuous mode
[ 1556.538315][T18405] veth1_vlan: entered promiscuous mode
[ 1556.560450][T18405] veth0_macvtap: entered promiscuous mode
[ 1556.569708][T18405] veth1_macvtap: entered promiscuous mode
[ 1556.582303][T18405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1556.593061][T18405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.603241][T18405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1556.614148][T18405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.624844][T18405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1556.635482][T18405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.645598][T18405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1556.652017][T18536] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2998'.
[ 1556.656127][T18405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.656147][T18405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1556.656165][T18405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.657602][T18405] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1556.714303][T18405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1556.726046][T18405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.740790][T18405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1556.751423][T18405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.767340][T18405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1556.777993][T18405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.788635][T18405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1556.799307][T18405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.808447][T18539] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2999'.
[ 1556.809396][T18405] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1556.829279][T18405] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1556.844237][T18405] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1556.867828][T18405] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1556.876886][T18405] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1556.897501][T18405] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1556.912646][ T5268] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[ 1556.929617][T18405] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1557.072626][ T5268] usb 3-1: Using ep0 maxpacket: 16
[ 1557.170017][ T5268] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1557.191626][ T5268] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1557.874328][ T5268] usb 3-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[ 1557.889479][   T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1557.897989][ T1069] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1557.909405][ T1069] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1557.997095][ T5268] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1558.020270][   T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1558.046216][ T5268] usb 3-1: Product: syz
[ 1558.057846][ T5268] usb 3-1: Manufacturer: syz
[ 1558.066748][ T5268] usb 3-1: SerialNumber: syz
[ 1558.097277][ T5268] usb 3-1: config 0 descriptor??
[ 1558.268505][T18551] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3002'.
[ 1559.040338][ T5268] usb 3-1: USB disconnect, device number 61
[ 1559.542104][T18561] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3004'.
[ 1566.266685][T13188] block nbd4: Possible stuck request ffff888024ebd400: control (flush@18446744073709551104,0B). Runtime 30 seconds
[ 1567.744111][T17665] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1567.755123][T17665] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1567.764103][T17665] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1567.775863][T17665] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1567.789727][T17665] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1567.797312][T17665] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1567.940792][T18622] lo speed is unknown, defaulting to 1000
[ 1568.217193][T18620] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3019'.
[ 1568.318863][T18622] chnl_net:caif_netlink_parms(): no params data found
[ 1568.950674][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1569.099522][T18622] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1569.142619][T18622] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1569.306238][T18622] bridge_slave_0: entered allmulticast mode
[ 1569.321755][T18622] bridge_slave_0: entered promiscuous mode
[ 1569.425448][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1569.463870][T18622] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1569.483708][T18622] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1569.505912][T18622] bridge_slave_1: entered allmulticast mode
[ 1569.543324][T18622] bridge_slave_1: entered promiscuous mode
[ 1569.842627][T17665] Bluetooth: hci2: command tx timeout
[ 1570.665562][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1571.922497][T17665] Bluetooth: hci2: command tx timeout
[ 1572.235066][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1572.339274][T18622] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1572.405912][T18622] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1572.518235][T18622] team0: Port device team_slave_0 added
[ 1572.566876][T18622] team0: Port device team_slave_1 added
[ 1572.732731][T18622] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1572.755638][T18622] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1572.808857][T18622] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1572.832567][T18661] block nbd0: server does not support multiple connections per device.
[ 1572.844770][T18622] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1572.853387][T18622] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1572.860046][T18661] block nbd0: shutting down sockets
[ 1572.929299][T18622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1572.933139][T13188] I/O error, dev nbd0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[ 1573.575706][T18622] hsr_slave_0: entered promiscuous mode
[ 1573.613937][T18622] hsr_slave_1: entered promiscuous mode
[ 1573.635950][T18622] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1573.655238][T18622] Cannot create hsr debugfs directory
[ 1573.871607][   T11] bridge_slave_1: left allmulticast mode
[ 1573.881551][   T11] bridge_slave_1: left promiscuous mode
[ 1573.923153][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1573.992817][   T11] bridge_slave_0: left allmulticast mode
[ 1573.998820][   T11] bridge_slave_0: left promiscuous mode
[ 1574.012554][T17665] Bluetooth: hci2: command tx timeout
[ 1574.023478][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1575.769321][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1575.784939][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1575.797572][   T11] bond0 (unregistering): Released all slaves
[ 1575.880026][T18693] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1576.083079][T17665] Bluetooth: hci2: command tx timeout
[ 1576.391457][  T935] libceph: connect (1)[c::]:6789 error -101
[ 1576.414533][T18723] ceph: No mds server is up or the cluster is laggy
[ 1576.424876][  T935] libceph: mon0 (1)[c::]:6789 connect error
[ 1577.458824][   T11] hsr_slave_0: left promiscuous mode
[ 1577.502500][   T11] hsr_slave_1: left promiscuous mode
[ 1577.532088][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1577.535145][T18739] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.3039'.
[ 1577.539948][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1577.563063][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1577.570617][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1577.613485][   T11] veth1_macvtap: left promiscuous mode
[ 1577.619064][   T11] veth0_macvtap: left promiscuous mode
[ 1577.671668][   T11] veth1_vlan: left promiscuous mode
[ 1577.688276][   T11] veth0_vlan: left promiscuous mode
[ 1578.986417][   T11] team0 (unregistering): Port device team_slave_1 removed
[ 1579.048579][   T11] team0 (unregistering): Port device team_slave_0 removed
[ 1579.742609][T18758] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3043'.
[ 1579.751862][T18764] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3045'.
[ 1579.795008][T18764] ip6gretap0: entered promiscuous mode
[ 1579.801616][T18764] macvtap1: entered promiscuous mode
[ 1579.891349][T18764] macvtap1: entered allmulticast mode
[ 1579.910743][T18764] ip6gretap0: entered allmulticast mode
[ 1579.929431][T18765] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3045'.
[ 1580.526875][T18774] ceph: No mds server is up or the cluster is laggy
[ 1580.663965][T18572] libceph: connect (1)[c::]:6789 error -101
[ 1580.670212][T18572] libceph: mon0 (1)[c::]:6789 connect error
[ 1581.417543][T18622] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1581.682635][T18622] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1581.785368][T18622] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1581.945299][T18622] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1583.875519][T18814] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.3055'.
[ 1583.973412][T18622] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1584.024449][T18622] 8021q: adding VLAN 0 to HW filter on device team0
[ 1584.076482][ T1044] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1584.083756][ T1044] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1584.125276][ T1044] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1584.132473][ T1044] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1585.056538][T18622] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1585.090557][T18622] veth0_vlan: entered promiscuous mode
[ 1585.168725][T18836] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1585.186785][T18622] veth1_vlan: entered promiscuous mode
[ 1585.231220][T18622] veth0_macvtap: entered promiscuous mode
[ 1585.273285][T18622] veth1_macvtap: entered promiscuous mode
[ 1585.320342][T18842] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.3060'.
[ 1585.363917][T18622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1585.422312][T18622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1585.470546][T18622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1585.480259][T18844] netlink: 19 bytes leftover after parsing attributes in process `syz.2.3059'.
[ 1585.543258][T18622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1585.575302][T18622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1585.593508][T18622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1585.625404][T18622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1585.674831][T18622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1585.769161][T18622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1585.822680][  T935] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[ 1585.934380][T18622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1586.085501][  T935] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1586.204412][T18622] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1586.260021][  T935] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1586.336196][T18622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1586.340286][  T935] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1586.383332][  T935] usb 4-1: config 0 descriptor??
[ 1586.443851][  T935] pwc: Askey VC010 type 2 USB webcam detected.
[ 1586.460639][T18622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1586.526574][T18622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1586.542601][T18622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1586.580707][T18622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1586.620652][T18622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1586.650348][T18622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1586.675774][  T935] pwc: send_video_command error -71
[ 1586.705469][  T935] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 1586.717701][T18622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1586.738837][  T935] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71
[ 1586.752631][T18622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1586.780990][  T935] usb 4-1: USB disconnect, device number 64
[ 1586.791572][T18622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1586.824397][T18622] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1586.840201][T18622] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1586.870045][T18622] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1586.889322][T18622] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1586.909100][T18622] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1586.976204][T18865] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1587.203387][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1587.242115][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1587.272443][T18572] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[ 1587.297494][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1587.306471][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1587.445706][T18572] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1587.491158][T18572] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1587.552676][T18572] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1587.585893][T18572] usb 4-1: config 0 descriptor??
[ 1587.624172][T18572] pwc: Askey VC010 type 2 USB webcam detected.
[ 1587.661720][T18880] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3065'.
[ 1588.028885][T18572] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1588.051881][T18572] pwc: recv_control_msg error -32 req 02 val 2700
[ 1588.096328][T18572] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1588.125196][T18572] pwc: recv_control_msg error -32 req 04 val 1000
[ 1588.141143][T18572] pwc: recv_control_msg error -32 req 04 val 1300
[ 1588.190650][T18572] pwc: recv_control_msg error -32 req 04 val 1400
[ 1588.208157][T18572] pwc: recv_control_msg error -32 req 02 val 2000
[ 1588.245536][T18572] pwc: recv_control_msg error -32 req 02 val 2100
[ 1588.284780][T18572] pwc: recv_control_msg error -32 req 04 val 1500
[ 1588.892539][T18572] pwc: recv_control_msg error -71 req 02 val 2400
[ 1588.928476][T18572] pwc: recv_control_msg error -71 req 02 val 2600
[ 1588.990227][T18572] pwc: recv_control_msg error -71 req 02 val 2900
[ 1589.004960][T18572] pwc: recv_control_msg error -71 req 02 val 2800
[ 1589.026389][T18572] pwc: recv_control_msg error -71 req 04 val 1100
[ 1589.183175][T18572] pwc: recv_control_msg error -71 req 04 val 1200
[ 1589.190903][T18572] pwc: Registered as video71.
[ 1589.196936][T18572] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input32
[ 1589.212228][T18572] usb 4-1: USB disconnect, device number 65
[ 1592.171008][T18945] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3077'.
[ 1592.193296][T18944] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3078'.
[ 1592.202408][T18944] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3078'.
[ 1592.245028][T18946] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3078'.
[ 1596.243142][T18973] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3084'.
[ 1596.253815][T18973] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3084'.
[ 1597.324927][T13188] block nbd4: Possible stuck request ffff888024ebd400: control (flush@18446744073709551104,0B). Runtime 60 seconds
[ 1597.599572][T18988] syzkaller0: entered promiscuous mode
[ 1597.605347][T18988] syzkaller0: entered allmulticast mode
[ 1599.466997][ T5221] Bluetooth: hci3: command 0x0406 tx timeout
[ 1603.363557][T18997] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3092'.
[ 1603.376224][T19013] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3097'.
[ 1603.411398][T19018] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3098'.
[ 1603.570869][T19025] syzkaller0: entered promiscuous mode
[ 1603.601689][T19025] syzkaller0: entered allmulticast mode
[ 1603.852468][  T935] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 1604.815669][T19039] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3105'.
[ 1604.833972][T19042] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3105'.
[ 1604.854112][  T935] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1604.869605][  T935] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1604.885879][  T935] usb 4-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[ 1604.903829][  T935] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1604.959007][  T935] usb 4-1: config 0 descriptor??
[ 1606.079432][  T935] usbhid 4-1:0.0: can't add hid device: -71
[ 1606.099368][  T935] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1606.130369][  T935] usb 4-1: USB disconnect, device number 66
[ 1607.609938][ T1270] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.616504][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[ 1609.384332][T19054] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3101'.
[ 1609.454423][T19061] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3109'.
[ 1612.934782][T19100] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3116'.
[ 1613.027154][T19102] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1615.342473][  T935] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[ 1615.528103][T19134] syzkaller0: entered promiscuous mode
[ 1615.533719][T19134] syzkaller0: entered allmulticast mode
[ 1616.333215][  T935] usb 1-1: device descriptor read/64, error -71
[ 1616.583264][  T935] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[ 1616.719153][  T935] usb 1-1: device descriptor read/64, error -71
[ 1616.833053][  T935] usb usb1-port1: attempt power cycle
[ 1618.131676][  T935] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[ 1618.171651][  T935] usb 1-1: device descriptor read/8, error -71
[ 1623.490274][  T935] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 1623.623620][  T935] usb 4-1: device descriptor read/64, error -71
[ 1624.442669][  T935] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[ 1624.574692][  T935] usb 4-1: device descriptor read/64, error -71
[ 1624.685419][  T935] usb usb4-port1: attempt power cycle
[ 1625.037756][  T935] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[ 1625.069441][  T935] usb 4-1: device descriptor read/8, error -71
[ 1625.322532][  T935] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[ 1625.356493][  T935] usb 4-1: device descriptor read/8, error -71
[ 1625.487842][  T935] usb usb4-port1: unable to enumerate USB device
[ 1625.721861][ T5221] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1625.733236][ T5221] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1625.748116][ T5221] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1625.757021][ T5221] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1625.911725][ T5221] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1625.919294][ T5221] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1625.940930][T19151] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3133'.
[ 1625.966554][T19195] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3143'.
[ 1625.981347][T19210] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3148'.
[ 1626.100330][T19216] lo speed is unknown, defaulting to 1000
[ 1626.347127][T19216] chnl_net:caif_netlink_parms(): no params data found
[ 1626.544955][T19226] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3151'.
[ 1626.799419][ T5678] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1626.841005][T19216] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1626.848878][T19216] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1626.859943][T19216] bridge_slave_0: entered allmulticast mode
[ 1626.984940][T17665] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1627.011929][T19216] bridge_slave_0: entered promiscuous mode
[ 1627.012141][T17665] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1627.019896][T19216] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1627.032117][T19216] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1627.039897][T19216] bridge_slave_1: entered allmulticast mode
[ 1627.047089][T19216] bridge_slave_1: entered promiscuous mode
[ 1627.323159][ T5678] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1627.340822][T17665] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1627.351248][T17665] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1627.360090][T17665] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1627.370616][T17665] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1627.481548][T13188] block nbd4: Possible stuck request ffff888024ebd400: control (flush@18446744073709551104,0B). Runtime 90 seconds
[ 1627.621134][ T5678] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1627.822125][T19216] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1627.995464][T19234] lo speed is unknown, defaulting to 1000
[ 1628.004475][ T5221] Bluetooth: hci1: command tx timeout
[ 1628.803598][ T5678] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1629.207026][T19216] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1629.443855][ T5221] Bluetooth: hci0: command tx timeout
[ 1630.659858][T19234] chnl_net:caif_netlink_parms(): no params data found
[ 1630.702491][ T5221] Bluetooth: hci1: command tx timeout
[ 1630.885986][T19216] team0: Port device team_slave_0 added
[ 1630.921344][T19216] team0: Port device team_slave_1 added
[ 1631.009842][T19216] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1631.017124][T19216] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1631.078466][T19216] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1631.112433][ T8199] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[ 1631.216604][T19216] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1631.228753][T19266] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3158'.
[ 1631.261514][T19216] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1631.295765][T19216] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1631.303196][ T8199] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1631.332755][T19234] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1631.347456][T19234] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1631.356010][ T8199] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1631.363468][T19234] bridge_slave_0: entered allmulticast mode
[ 1631.381952][T19234] bridge_slave_0: entered promiscuous mode
[ 1631.407736][ T5678] bridge_slave_1: left allmulticast mode
[ 1631.410575][ T8199] usb 4-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[ 1631.419947][ T5678] bridge_slave_1: left promiscuous mode
[ 1631.444996][ T5678] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1631.475494][ T8199] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1631.505123][ T5678] bridge_slave_0: left allmulticast mode
[ 1631.524696][T17665] Bluetooth: hci0: command tx timeout
[ 1631.535684][ T5678] bridge_slave_0: left promiscuous mode
[ 1631.536789][ T8199] usb 4-1: config 0 descriptor??
[ 1631.554679][ T5678] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1631.788604][ T5678] ip6gretap0 (unregistering): left allmulticast mode
[ 1632.014050][ T8199] usbhid 4-1:0.0: can't add hid device: -71
[ 1632.043605][ T8199] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1632.092952][ T8199] usb 4-1: USB disconnect, device number 71
[ 1632.628501][ T5221] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1632.641032][ T5221] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1632.652528][ T5221] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1632.667219][ T5221] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1632.677532][ T5221] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1632.685659][ T5221] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1632.722739][T17665] Bluetooth: hci1: command tx timeout
[ 1633.074676][ T5678] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1633.088765][ T5678] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1633.101379][ T5678] bond0 (unregistering): Released all slaves
[ 1633.117524][T19234] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1633.132788][T19234] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1633.140057][T19234] bridge_slave_1: entered allmulticast mode
[ 1633.147971][T19234] bridge_slave_1: entered promiscuous mode
[ 1633.355115][T19283] lo speed is unknown, defaulting to 1000
[ 1633.467646][T19216] hsr_slave_0: entered promiscuous mode
[ 1633.487161][T19216] hsr_slave_1: entered promiscuous mode
[ 1633.494512][T19216] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1633.502139][T19216] Cannot create hsr debugfs directory
[ 1633.510824][T19234] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1633.624359][T17665] Bluetooth: hci0: command tx timeout
[ 1633.640979][T19234] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1633.770445][T19234] team0: Port device team_slave_0 added
[ 1633.810853][ T5678] hsr_slave_0: left promiscuous mode
[ 1633.857162][ T5678] hsr_slave_1: left promiscuous mode
[ 1633.867794][ T5678] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1633.881661][ T5678] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1633.903197][ T5678] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1633.910668][ T5678] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1633.932672][T18572] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[ 1633.954511][ T5678] veth1_macvtap: left promiscuous mode
[ 1633.960026][ T5678] veth0_macvtap: left promiscuous mode
[ 1633.965957][ T5678] veth1_vlan: left promiscuous mode
[ 1633.971370][ T5678] veth0_vlan: left promiscuous mode
[ 1634.723910][T17665] Bluetooth: hci2: command tx timeout
[ 1634.813845][T17665] Bluetooth: hci1: command tx timeout
[ 1634.938011][T18572] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1634.957377][T18572] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1635.657510][T18572] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1635.670150][T18572] usb 4-1: config 0 descriptor??
[ 1635.684064][T17665] Bluetooth: hci0: command tx timeout
[ 1635.692057][T18572] pwc: Askey VC010 type 2 USB webcam detected.
[ 1635.901447][T18572] pwc: send_video_command error -71
[ 1635.922695][T18572] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 1635.942701][T18572] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71
[ 1635.972116][T18572] usb 4-1: USB disconnect, device number 72
[ 1636.028943][ T5678] team0 (unregistering): Port device team_slave_1 removed
[ 1636.081311][ T5678] team0 (unregistering): Port device team_slave_0 removed
[ 1636.455185][T18572] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[ 1636.712296][T18572] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1636.743335][T18572] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1636.765922][T18572] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1636.803605][T17665] Bluetooth: hci2: command tx timeout
[ 1636.867468][T18572] usb 4-1: config 0 descriptor??
[ 1636.904638][T18572] pwc: Askey VC010 type 2 USB webcam detected.
[ 1637.201903][T18572] pwc: send_video_command error -71
[ 1637.208735][T18572] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 1637.274470][T18572] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71
[ 1637.302551][T18572] usb 4-1: USB disconnect, device number 73
[ 1638.600032][T19234] team0: Port device team_slave_1 added
[ 1638.795760][T19234] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1638.809114][T19234] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1638.836735][T19234] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1638.892584][T17665] Bluetooth: hci2: command tx timeout
[ 1638.908704][T19234] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1638.922450][T19234] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1638.949261][T19234] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1639.042850][ T8199] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[ 1639.213950][ T8199] usb 4-1: too many configurations: 9, using maximum allowed: 8
[ 1639.226268][ T8199] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1639.227376][T19234] hsr_slave_0: entered promiscuous mode
[ 1639.248894][ T8199] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[ 1639.259567][T19234] hsr_slave_1: entered promiscuous mode
[ 1639.268608][T19283] chnl_net:caif_netlink_parms(): no params data found
[ 1639.272379][ T8199] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1639.299211][ T8199] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1639.308971][ T8199] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[ 1639.423718][ T8199] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1639.451149][ T8199] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1639.466370][ T8199] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[ 1639.476480][ T8199] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1639.500469][ T8199] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1639.519232][ T8199] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[ 1639.532060][ T8199] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1639.548309][ T8199] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1639.569562][ T8199] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[ 1639.599197][ T8199] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1639.642754][ T8199] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1639.655926][ T8199] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[ 1639.673907][ T8199] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1639.695899][ T8199] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1639.709985][ T8199] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[ 1639.720163][ T8199] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1639.804138][ T8199] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1639.814106][ T8199] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has invalid wMaxPacketSize 0
[ 1639.829713][ T8199] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1639.849653][ T8199] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1640.119119][ T8199] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1640.277072][ T8199] usb 4-1: Product: syz
[ 1640.345297][T19283] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1640.361373][T19283] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1640.369504][T19283] bridge_slave_0: entered allmulticast mode
[ 1640.375476][ T8199] usb 4-1: Manufacturer: syz
[ 1640.375501][ T8199] usb 4-1: SerialNumber: syz
[ 1640.402958][ T8199] usb 4-1: config 0 descriptor??
[ 1640.416301][ T8199] yurex 4-1:0.0: Could not find endpoints
[ 1640.443884][T19283] bridge_slave_0: entered promiscuous mode
[ 1640.658955][ T8199] usb 4-1: USB disconnect, device number 74
[ 1640.940356][ T5678] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1640.962465][T17665] Bluetooth: hci2: command tx timeout
[ 1641.111105][T19283] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1641.134321][T19283] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1641.177118][T19283] bridge_slave_1: entered allmulticast mode
[ 1641.269274][T19283] bridge_slave_1: entered promiscuous mode
[ 1642.504982][ T5678] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1642.897803][T19283] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1643.431823][ T5678] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1643.465396][T19283] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1643.584574][ T5678] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1643.718494][T19283] team0: Port device team_slave_0 added
[ 1643.774069][T19283] team0: Port device team_slave_1 added
[ 1643.909720][T19371] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3178'.
[ 1644.267287][T19234] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1644.416162][T19216] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1644.449259][T19283] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1644.456429][T19283] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1644.489493][T19283] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1644.504377][T19216] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1644.574651][T19234] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1644.595337][T19283] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1644.610829][T19283] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1644.648118][T19283] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1644.665116][T19216] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1644.738414][T19234] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1644.763723][T19216] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1644.855271][T19234] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1644.906546][T19283] hsr_slave_0: entered promiscuous mode
[ 1644.916328][T19283] hsr_slave_1: entered promiscuous mode
[ 1644.924773][T19283] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1644.935963][T19283] Cannot create hsr debugfs directory
[ 1645.077876][ T5678] bridge_slave_1: left allmulticast mode
[ 1645.105248][ T5678] bridge_slave_1: left promiscuous mode
[ 1645.119531][ T5678] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1645.132578][ T5678] bridge_slave_0: left allmulticast mode
[ 1645.138518][ T5678] bridge_slave_0: left promiscuous mode
[ 1645.147719][ T5678] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1645.165175][ T5678] bridge_slave_1: left allmulticast mode
[ 1645.171067][ T5678] bridge_slave_1: left promiscuous mode
[ 1645.187406][ T5678] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1645.204661][ T5678] bridge_slave_0: left allmulticast mode
[ 1645.210578][ T5678] bridge_slave_0: left promiscuous mode
[ 1645.227892][ T5678] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1645.602749][T18572] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[ 1645.786411][T18572] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1645.797964][T18572] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1645.809113][T18572] usb 4-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[ 1645.818354][T18572] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1645.829358][T18572] usb 4-1: config 0 descriptor??
[ 1646.088876][ T5678] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1646.103927][ T5678] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1646.118044][ T5678] bond0 (unregistering): Released all slaves
[ 1646.274291][T18572] usbhid 4-1:0.0: can't add hid device: -71
[ 1646.290586][T18572] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1646.311470][T18572] usb 4-1: USB disconnect, device number 75
[ 1646.328306][ T5678] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1646.340627][ T5678] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1646.351488][ T5678] bond0 (unregistering): Released all slaves
[ 1646.546432][T19234] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1646.591368][T19234] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1646.702672][T19234] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1646.739210][T19234] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1647.020733][T19387] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3183'.
[ 1647.505913][T19387] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3183'.
[ 1649.864706][T19216] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1650.012558][T19216] 8021q: adding VLAN 0 to HW filter on device team0
[ 1650.305654][ T1044] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1650.312858][ T1044] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1650.339155][ T1044] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1650.346360][ T1044] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1650.671276][ T5678] hsr_slave_0: left promiscuous mode
[ 1650.674933][ T5678] hsr_slave_1: left promiscuous mode
[ 1650.684719][T19433] xt_connbytes: Forcing CT accounting to be enabled
[ 1650.701644][T19433] Cannot find add_set index 0 as target
[ 1650.946757][ T5678] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1650.967098][ T5678] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1650.990732][ T5678] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1651.025227][ T5678] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1651.098972][ T5678] hsr_slave_0: left promiscuous mode
[ 1651.105233][ T5678] hsr_slave_1: left promiscuous mode
[ 1651.134777][ T5678] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1651.157287][ T5678] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1651.193223][ T5678] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1651.200701][ T5678] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1651.296634][ T5678] veth1_macvtap: left promiscuous mode
[ 1651.302217][ T5678] veth0_macvtap: left promiscuous mode
[ 1651.324674][ T5678] veth1_vlan: left promiscuous mode
[ 1651.332490][ T5678] veth0_vlan: left promiscuous mode
[ 1651.357896][ T5678] veth1_macvtap: left promiscuous mode
[ 1651.372379][ T5678] veth0_macvtap: left promiscuous mode
[ 1651.378345][ T5678] veth1_vlan: left promiscuous mode
[ 1651.392516][ T5678] veth0_vlan: left promiscuous mode
[ 1652.847365][ T8522] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[ 1653.032530][ T8522] usb 4-1: Using ep0 maxpacket: 8
[ 1653.059325][ T8522] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 1653.086025][ T8522] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1653.101426][ T8522] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1653.810575][ T5678] team0 (unregistering): Port device team_slave_1 removed
[ 1654.238996][ T5678] team0 (unregistering): Port device team_slave_0 removed
[ 1654.338155][T19471] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3197'.
[ 1655.220707][ T8522] usb 4-1: USB disconnect, device number 76
[ 1655.478187][ T5678] team0 (unregistering): Port device team_slave_1 removed
[ 1655.770074][ T5678] team0 (unregistering): Port device team_slave_0 removed
[ 1656.436862][T19475] netlink: 'syz.3.3198': attribute type 10 has an invalid length.
[ 1656.447014][T19475] syz_tun: entered promiscuous mode
[ 1656.457749][T19475] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[ 1656.511301][T19283] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1656.537649][T19283] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1656.554999][T19234] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1656.641598][T19283] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1656.944158][T19234] 8021q: adding VLAN 0 to HW filter on device team0
[ 1657.034977][T19283] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1657.154861][ T5540] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1657.162086][ T5540] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1657.194545][ T5540] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1657.201793][ T5540] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1657.284071][T19216] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1657.523759][T13188] block nbd4: Possible stuck request ffff888024ebd400: control (flush@18446744073709551104,0B). Runtime 120 seconds
[ 1657.614970][T19283] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1657.633641][T19283] 8021q: adding VLAN 0 to HW filter on device team0
[ 1657.670319][T19283] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1657.712625][T19283] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1657.803219][ T5682] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1657.810390][ T5682] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1658.000689][ T5682] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1658.007897][ T5682] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1658.594671][T19216] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1659.536948][T19234] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1659.567349][T19234] veth0_vlan: entered promiscuous mode
[ 1659.582233][T19234] veth1_vlan: entered promiscuous mode
[ 1659.606854][T19234] veth0_macvtap: entered promiscuous mode
[ 1659.624195][T19234] veth1_macvtap: entered promiscuous mode
[ 1659.640245][T19283] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1659.697278][T19234] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1659.723053][T19234] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1659.742419][T19234] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1659.762533][T19234] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1659.783055][T19234] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1659.799898][T19234] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1659.847595][T19234] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1659.886664][T19234] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1659.904752][T19234] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1659.926890][T19234] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1659.941993][T19234] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1659.952463][T19234] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1659.982307][T19234] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1660.000327][T19234] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1660.075406][T19234] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1660.086722][T19234] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1660.098243][T19234] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1660.108104][T19234] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1660.220410][T19216] veth0_vlan: entered promiscuous mode
[ 1660.444429][T19283] veth0_vlan: entered promiscuous mode
[ 1660.592032][T19216] veth1_vlan: entered promiscuous mode
[ 1660.613970][T19216] veth0_macvtap: entered promiscuous mode
[ 1660.624362][T19216] veth1_macvtap: entered promiscuous mode
[ 1660.640780][T19216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1660.651584][T19216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1660.661807][T19216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1660.672577][T19216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1660.682498][T19216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1660.693118][T19216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1660.703043][T19216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1660.713589][T19216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1660.726626][T19216] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1660.769835][T19283] veth1_vlan: entered promiscuous mode
[ 1660.785172][T19527] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3207'.
[ 1660.833872][T19216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1660.844859][T19216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1660.869523][T19216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1660.881027][T19216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1660.891675][T19216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1660.902441][T19216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1660.912442][T19216] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1660.932058][T19216] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1660.961722][T19216] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1661.461411][T19216] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1661.470358][T19216] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1661.480657][T19216] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1661.501964][T19216] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1661.519560][T19283] veth0_macvtap: entered promiscuous mode
[ 1661.531590][T19283] veth1_macvtap: entered promiscuous mode
[ 1661.712535][T19283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1661.736392][T19283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1661.770190][T19283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1661.787327][T19283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1661.812175][T19283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1661.823362][T19283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1661.839476][T19283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1661.857056][T19283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1661.877648][T19283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1661.890693][T19283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1661.922605][T19283] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1661.938848][ T1069] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1661.948924][ T1069] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1661.962562][T19536] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3210'.
[ 1662.026547][T19283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1662.062958][T19283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1662.073244][T19283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1662.092392][T19283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1662.102397][T19283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1662.123447][T19283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1662.149552][T19283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1662.160891][T19283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1662.171452][T19283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1662.182178][T19283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1662.198892][T19283] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1662.241892][T19283] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1662.259508][T19283] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1662.270654][T19283] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1662.279972][T19283] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1662.359949][T16413] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1662.378895][T16413] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1662.444458][ T5678] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1662.488675][ T5678] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1662.523949][ T5682] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1662.536065][ T5682] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1662.579701][ T5682] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1662.610124][ T5682] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1662.675176][   T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1662.710752][   T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1662.813335][T19550] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3149'.
[ 1664.550694][T19570] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3216'.
[ 1664.714635][  T935] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[ 1665.250175][  T935] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1665.277396][  T935] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1665.290167][  T935] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1665.307149][  T935] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1665.327588][  T935] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1665.343506][  T935] usb 2-1: config 0 descriptor??
[ 1666.005731][  T935] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[ 1666.014541][  T935] plantronics 0003:047F:FFFF.0019: No inputs registered, leaving
[ 1666.078242][  T935] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[ 1667.366861][ T8199] usb 2-1: USB disconnect, device number 55
[ 1668.192551][T12222] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[ 1668.365977][T19604] netlink: 'syz.4.3226': attribute type 10 has an invalid length.
[ 1668.452824][T19604] syz_tun: entered promiscuous mode
[ 1668.495021][T19604] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[ 1668.843767][T12222] usb 1-1: Using ep0 maxpacket: 8
[ 1668.863554][T12222] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1668.940270][T12222] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1668.962555][T12222] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1668.981075][T12222] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1668.994600][T12222] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1669.003772][T12222] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1669.063079][T12222] usb 1-1: can't set config #16, error -71
[ 1669.095655][T12222] usb 1-1: USB disconnect, device number 66
[ 1669.179729][ T1270] ieee802154 phy0 wpan0: encryption failed: -22
[ 1669.186212][ T1270] ieee802154 phy1 wpan1: encryption failed: -22
[ 1669.696603][T19602] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3225'.
[ 1669.802588][T17665] Bluetooth: hci2: command tx timeout
[ 1670.306239][T19627] netlink: 'syz.1.3231': attribute type 10 has an invalid length.
[ 1670.503007][T19627] syz_tun: entered promiscuous mode
[ 1670.511499][T19627] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[ 1673.882425][T12222] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[ 1673.999446][T19663] lo speed is unknown, defaulting to 1000
[ 1674.032411][T12222] usb 1-1: Using ep0 maxpacket: 8
[ 1674.165960][T12222] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1674.178293][T12222] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1674.273070][T12222] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1674.283560][T12222] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1674.296981][T12222] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1674.306174][T12222] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1674.541232][T12222] usb 1-1: GET_CAPABILITIES returned 0
[ 1674.546959][T12222] usbtmc 1-1:16.0: can't read capabilities
[ 1674.789815][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1674.915721][T19670] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3244'.
[ 1674.973146][T12222] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[ 1675.143047][T12222] usb 3-1: Using ep0 maxpacket: 8
[ 1675.193674][T12222] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1675.205145][T12222] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1675.215156][T12222] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1675.225284][T12222] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1675.238507][T12222] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1675.247783][T12222] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1675.479445][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1675.691823][T17665] Bluetooth: hci2: command tx timeout
[ 1676.765317][T17665] Bluetooth: hci3: command 0x0406 tx timeout
[ 1677.101014][  T935] usb 1-1: USB disconnect, device number 67
[ 1677.593555][T12222] usb 3-1: usb_control_msg returned -71
[ 1677.599350][T12222] usbtmc 3-1:16.0: can't read capabilities
[ 1679.682356][T12222] usb 3-1: USB disconnect, device number 62
[ 1682.627256][T19733] fuse: Bad value for 'fd'
[ 1684.213697][   T30] INFO: task syz.4.2949:18311 blocked for more than 143 seconds.
[ 1684.221451][   T30]       Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0
[ 1684.240437][T19737] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3260'.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1684.287811][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1684.352976][   T30] task:syz.4.2949      state:D stack:26848 pid:18311 tgid:18309 ppid:14318  flags:0x00004006
[ 1684.411558][   T30] Call Trace:
[ 1684.629384][   T30]  <TASK>
[ 1684.646041][   T30]  __schedule+0x1843/0x4ae0
[ 1684.650981][   T30]  ? __pfx___schedule+0x10/0x10
[ 1685.275255][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1685.280362][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1685.392461][   T30]  ? schedule+0x90/0x320
[ 1685.402898][   T30]  schedule+0x14b/0x320
[ 1685.418556][   T30]  blk_mq_freeze_queue_wait+0xff/0x190
[ 1685.425153][   T30]  ? __pfx_blk_mq_freeze_queue_wait+0x10/0x10
[ 1685.431269][   T30]  ? percpu_ref_put+0x1f/0x250
[ 1685.453251][   T30]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1685.459450][   T30]  ? percpu_ref_kill_and_confirm+0xa0/0x130
[ 1685.479457][   T30]  nbd_set_size+0xe7/0x8a0
[ 1685.484593][   T30]  ? queue_work_on+0x1e3/0x380
[ 1685.489390][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[ 1685.497382][   T30]  ? queue_work_on+0x25f/0x380
[ 1685.514159][   T30]  ? __pfx_nbd_set_size+0x10/0x10
[ 1685.519283][   T30]  ? __pfx_queue_work_on+0x10/0x10
[ 1685.534897][   T30]  ? rcu_read_lock_any_held+0xb7/0x160
[ 1685.544478][   T30]  ? nbd_start_device+0x86f/0xaa0
[ 1685.549577][   T30]  nbd_ioctl+0x5dc/0xf40
[ 1685.554509][   T30]  ? __pfx_nbd_ioctl+0x10/0x10
[ 1685.573212][   T30]  ? __asan_memset+0x23/0x50
[ 1685.577865][   T30]  ? smack_file_ioctl+0x29e/0x3a0
[ 1685.583369][   T30]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1685.588799][   T30]  ? file_to_blk_mode+0xcc/0x140
[ 1685.595949][   T30]  ? __pfx_nbd_ioctl+0x10/0x10
[ 1685.608835][   T30]  blkdev_ioctl+0x57d/0x6a0
[ 1685.615897][   T30]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1685.621044][   T30]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1685.632723][   T30]  __se_sys_ioctl+0xf9/0x170
[ 1685.637463][   T30]  do_syscall_64+0xf3/0x230
[ 1685.644598][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1685.650231][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1685.656643][   T30] RIP: 0033:0x7f749f77dff9
[ 1685.661077][   T30] RSP: 002b:00007f74a0551038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1685.670562][   T30] RAX: ffffffffffffffda RBX: 00007f749f935f80 RCX: 00007f749f77dff9
[ 1685.679471][   T30] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000004
[ 1685.688931][   T30] RBP: 00007f749f7f0296 R08: 0000000000000000 R09: 0000000000000000
[ 1685.697370][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1685.706237][   T30] R13: 0000000000000000 R14: 00007f749f935f80 R15: 00007ffce0dfb088
[ 1685.717012][   T30]  </TASK>
[ 1685.812342][   T30] INFO: task syz.4.2949:18312 blocked for more than 144 seconds.
[ 1685.873202][   T30]       Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0
[ 1685.880898][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1685.989293][   T30] task:syz.4.2949      state:D stack:27360 pid:18312 tgid:18309 ppid:14318  flags:0x00000004
[ 1686.052408][   T30] Call Trace:
[ 1686.056473][   T30]  <TASK>
[ 1686.059435][   T30]  __schedule+0x1843/0x4ae0
[ 1686.097517][   T30]  ? __pfx___schedule+0x10/0x10
[ 1686.112631][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1686.138972][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 1686.158352][   T30]  ? schedule+0x90/0x320
[ 1686.177319][   T30]  schedule+0x14b/0x320
[ 1686.187192][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1686.208959][   T30]  __mutex_lock+0x6a7/0xd70
[ 1686.221009][   T30]  ? __mutex_lock+0x52a/0xd70
[ 1686.226218][   T30]  ? nbd_ioctl+0x13c/0xf40
[ 1686.230684][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1686.236228][   T30]  ? safesetid_security_capable+0xb2/0x1d0
[ 1686.242631][   T30]  ? bpf_lsm_capable+0x9/0x10
[ 1686.247353][   T30]  nbd_ioctl+0x13c/0xf40
[ 1686.251709][   T30]  ? __pfx_nbd_ioctl+0x10/0x10
[ 1686.257461][   T30]  ? __asan_memset+0x23/0x50
[ 1686.264013][   T30]  ? smack_file_ioctl+0x29e/0x3a0
[ 1686.269188][   T30]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1686.274766][   T30]  ? file_to_blk_mode+0xcc/0x140
[ 1686.279822][   T30]  ? __pfx_nbd_ioctl+0x10/0x10
[ 1686.284737][   T30]  blkdev_ioctl+0x57d/0x6a0
[ 1686.289337][   T30]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1686.294567][   T30]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1686.299686][   T30]  __se_sys_ioctl+0xf9/0x170
[ 1686.304470][   T30]  do_syscall_64+0xf3/0x230
[ 1686.309070][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1686.314311][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1686.320313][   T30] RIP: 0033:0x7f749f77dff9
[ 1686.326035][   T30] RSP: 002b:00007f74a0530038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1686.335073][   T30] RAX: ffffffffffffffda RBX: 00007f749f936058 RCX: 00007f749f77dff9
[ 1686.352295][   T30] RDX: 0000000000000000 RSI: 000000000000ab04 RDI: 000000000000000a
[ 1686.361011][   T30] RBP: 00007f749f7f0296 R08: 0000000000000000 R09: 0000000000000000
[ 1686.370114][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1686.379914][   T30] R13: 0000000000000000 R14: 00007f749f936058 R15: 00007ffce0dfb088
[ 1686.388465][   T30]  </TASK>
[ 1686.391738][   T30] 
[ 1686.391738][   T30] Showing all locks held in the system:
[ 1686.406801][   T30] 1 lock held by khungtaskd/30:
[ 1686.411736][   T30]  #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 1686.422732][   T30] 2 locks held by getty/4970:
[ 1686.428141][   T30]  #0: ffff88814bb310a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1686.452905][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[ 1686.465805][   T30] 3 locks held by kworker/u8:11/5682:
[ 1686.471286][   T30]  #0: ffff8880b863ea58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[ 1686.481701][   T30]  #1: ffff8880b8628948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x387/0x7a0
[ 1686.494408][   T30]  #2: ffff8880b863ea58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[ 1686.504887][   T30] 1 lock held by syz.4.2949/18311:
[ 1686.510090][   T30]  #0: ffff8880252c7998 (&nbd->config_lock){+.+.}-{3:3}, at: nbd_ioctl+0x13c/0xf40
[ 1686.519867][   T30] 1 lock held by syz.4.2949/18312:
[ 1686.525098][   T30]  #0: ffff8880252c7998 (&nbd->config_lock){+.+.}-{3:3}, at: nbd_ioctl+0x13c/0xf40
[ 1686.535263][   T30] 3 locks held by syz-executor/19216:
[ 1686.540737][   T30]  #0: ffff88805eaccd80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510
[ 1686.551018][   T30]  #1: ffff88805eacc078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0
[ 1686.561330][   T30]  #2: ffffffff8fe2c168 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240
[ 1686.572346][   T30] 3 locks held by syz-executor/19234:
[ 1686.577841][   T30]  #0: ffff888028c68d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510
[ 1686.588283][   T30]  #1: ffff888028c68078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0
[ 1686.598431][   T30]  #2: ffffffff8fe2c168 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240
[ 1686.609728][   T30] 4 locks held by syz.3.3264/19747:
[ 1686.615162][   T30]  #0: ffff8880759b0d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510
[ 1686.625588][   T30]  #1: ffff8880759b0078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0
[ 1686.636149][   T30]  #2: ffffffff8fe2c168 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240
[ 1686.648178][   T30]  #3: ffffffff8e93d378 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[ 1686.664295][   T30] 3 locks held by syz.2.3265/19755:
[ 1686.670549][   T30]  #0: ffff88805cb60d80 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x203/0x510
[ 1686.683012][   T30]  #1: ffff88805cb60078 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x572/0x11a0
[ 1686.696508][   T30]  #2: ffffffff8fe2c168 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa6/0x240
[ 1686.708147][   T30] 
[ 1686.710540][   T30] =============================================
[ 1686.710540][   T30] 
[ 1686.727282][   T30] NMI backtrace for cpu 0
[ 1686.731689][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0
[ 1686.742235][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1686.752325][   T30] Call Trace:
[ 1686.755609][   T30]  <TASK>
[ 1686.758529][   T30]  dump_stack_lvl+0x241/0x360
[ 1686.763229][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1686.768426][   T30]  ? __pfx__printk+0x10/0x10
[ 1686.773028][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[ 1686.777966][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1686.783413][   T30]  ? _printk+0xd5/0x120
[ 1686.787560][   T30]  ? __pfx__printk+0x10/0x10
[ 1686.792139][   T30]  ? __wake_up_klogd+0xcc/0x110
[ 1686.797002][   T30]  ? __pfx__printk+0x10/0x10
[ 1686.801582][   T30]  ? __rcu_read_unlock+0xa1/0x110
[ 1686.806614][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1686.812592][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[ 1686.818592][   T30]  watchdog+0xff4/0x1040
[ 1686.822850][   T30]  ? watchdog+0x1ea/0x1040
[ 1686.827367][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1686.832048][   T30]  kthread+0x2f0/0x390
[ 1686.836115][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1686.840813][   T30]  ? __pfx_kthread+0x10/0x10
[ 1686.845410][   T30]  ret_from_fork+0x4b/0x80
[ 1686.849829][   T30]  ? __pfx_kthread+0x10/0x10
[ 1686.854417][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1686.859202][   T30]  </TASK>
[ 1686.863381][   T30] Sending NMI from CPU 0 to CPUs 1:
[ 1686.869546][    C1] NMI backtrace for cpu 1
[ 1686.869561][    C1] CPU: 1 UID: 0 PID: 76 Comm: kworker/u8:4 Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0
[ 1686.869581][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1686.869593][    C1] Workqueue: events_unbound cfg80211_wiphy_work
[ 1686.869619][    C1] RIP: 0010:preempt_count_sub+0x66/0x170
[ 1686.869642][    C1] Code: c1 81 e1 ff ff ff 7f 39 d9 7c 27 81 fb fe 00 00 00 77 07 0f b6 c0 85 c0 74 5f 65 8b 05 4b 9a a0 7e f7 db 65 01 1d 42 9a a0 7e <5b> 41 5e c3 cc cc cc cc 90 e8 ac b8 4c 03 85 c0 74 3a 48 c7 c0 30
[ 1686.869662][    C1] RSP: 0018:ffffc900020be658 EFLAGS: 00000293
[ 1686.869676][    C1] RAX: 0000000080000202 RBX: 00000000ffffffff RCX: 0000000000000202
[ 1686.869688][    C1] RDX: dffffc0000000000 RSI: ffffc900020b8000 RDI: 0000000000000001
[ 1686.869700][    C1] RBP: ffffc900020be740 R08: ffffc900020bf658 R09: 0000000000000000
[ 1686.869712][    C1] R10: ffffc900020be790 R11: fffff52000417cf4 R12: dffffc0000000000
[ 1686.869724][    C1] R13: ffffc900020be740 R14: dffffc0000000000 R15: ffffc900020bf668
[ 1686.869738][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 1686.869751][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1686.869762][    C1] CR2: 0000000020042000 CR3: 000000000e734000 CR4: 00000000003526f0
[ 1686.869777][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1686.869787][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1686.869799][    C1] Call Trace:
[ 1686.869805][    C1]  <NMI>
[ 1686.869812][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 1686.869832][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1686.869857][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1686.869877][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1686.869900][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1686.869921][    C1]  ? nmi_handle+0x14f/0x5a0
[ 1686.869937][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1686.869954][    C1]  ? preempt_count_sub+0x66/0x170
[ 1686.869974][    C1]  ? default_do_nmi+0x63/0x160
[ 1686.870000][    C1]  ? exc_nmi+0x123/0x1f0
[ 1686.870020][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1686.870039][    C1]  ? preempt_count_sub+0x66/0x170
[ 1686.870059][    C1]  ? preempt_count_sub+0x66/0x170
[ 1686.870080][    C1]  ? preempt_count_sub+0x66/0x170
[ 1686.870100][    C1]  </NMI>
[ 1686.870106][    C1]  <TASK>
[ 1686.870112][    C1]  unwind_next_frame+0x18e6/0x22d0
[ 1686.870132][    C1]  ? cfg80211_inform_bss_data+0x3ce/0x5e70
[ 1686.870151][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1686.870171][    C1]  arch_stack_walk+0x11c/0x150
[ 1686.870191][    C1]  ? cfg80211_inform_bss_frame_data+0x3b8/0x720
[ 1686.870210][    C1]  stack_trace_save+0x118/0x1d0
[ 1686.870229][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1686.870251][    C1]  ? __pfx_validate_chain+0x10/0x10
[ 1686.870272][    C1]  kasan_save_track+0x3f/0x80
[ 1686.870292][    C1]  ? kasan_save_track+0x3f/0x80
[ 1686.870312][    C1]  ? __kasan_kmalloc+0x98/0xb0
[ 1686.870332][    C1]  ? __kmalloc_noprof+0x1fc/0x400
[ 1686.870348][    C1]  ? ieee802_11_parse_elems_full+0xdb/0x2880
[ 1686.870372][    C1]  ? ieee80211_inform_bss+0x15f/0x1080
[ 1686.870393][    C1]  ? cfg80211_inform_single_bss_data+0xec1/0x2090
[ 1686.870409][    C1]  ? cfg80211_inform_bss_data+0x3ce/0x5e70
[ 1686.870444][    C1]  ? __kmalloc_noprof+0x355/0x400
[ 1686.870462][    C1]  __kasan_kmalloc+0x98/0xb0
[ 1686.870483][    C1]  ? ieee802_11_parse_elems_full+0xdb/0x2880
[ 1686.870505][    C1]  ? ieee802_11_parse_elems_full+0xdb/0x2880
[ 1686.870527][    C1]  __kmalloc_noprof+0x1fc/0x400
[ 1686.870546][    C1]  ieee802_11_parse_elems_full+0xdb/0x2880
[ 1686.870570][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1686.870596][    C1]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 1686.870618][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1686.870642][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1686.870663][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1686.870689][    C1]  ? __pfx_ieee802_11_parse_elems_full+0x10/0x10
[ 1686.870711][    C1]  ? kvfree_call_rcu+0x48c/0x790
[ 1686.870732][    C1]  ? __pfx_kvfree_call_rcu+0x10/0x10
[ 1686.870755][    C1]  ? cfg80211_update_known_bss+0xba1/0x1590
[ 1686.870775][    C1]  ieee80211_inform_bss+0x15f/0x1080
[ 1686.870798][    C1]  ? __cfg80211_bss_update+0x109b/0x2030
[ 1686.870824][    C1]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[ 1686.870848][    C1]  ? cfg80211_inform_single_bss_data+0xb2d/0x2090
[ 1686.870864][    C1]  ? cfg80211_inform_single_bss_data+0xb2d/0x2090
[ 1686.870881][    C1]  ? cfg80211_inform_single_bss_data+0xd6e/0x2090
[ 1686.870898][    C1]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[ 1686.870920][    C1]  cfg80211_inform_single_bss_data+0xec1/0x2090
[ 1686.870941][    C1]  ? deref_stack_reg+0x17c/0x210
[ 1686.870956][    C1]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[ 1686.870983][    C1]  ? ret_from_fork_asm+0x1a/0x30
[ 1686.871011][    C1]  ? cfg80211_inform_bss_data+0x3b6/0x5e70
[ 1686.871030][    C1]  cfg80211_inform_bss_data+0x3ce/0x5e70
[ 1686.871058][    C1]  ? __pfx_validate_chain+0x10/0x10
[ 1686.871085][    C1]  ? __pfx_validate_chain+0x10/0x10
[ 1686.871104][    C1]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[ 1686.871125][    C1]  ? mark_lock+0x9a/0x360
[ 1686.871141][    C1]  ? __lock_acquire+0x1384/0x2050
[ 1686.871177][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1686.871200][    C1]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[ 1686.871224][    C1]  cfg80211_inform_bss_frame_data+0x3b8/0x720
[ 1686.871245][    C1]  ? ieee80211_bss_info_update+0x3d9/0xbc0
[ 1686.871266][    C1]  ieee80211_bss_info_update+0x8a7/0xbc0
[ 1686.871290][    C1]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[ 1686.871313][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1686.871345][    C1]  ieee80211_ibss_rx_queued_mgmt+0x1962/0x2d70
[ 1686.871375][    C1]  ? ieee80211_ibss_rx_queued_mgmt+0xf7e/0x2d70
[ 1686.871396][    C1]  ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10
[ 1686.871422][    C1]  ? mark_lock+0x9a/0x360
[ 1686.871439][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1686.871464][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1686.871488][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1686.871515][    C1]  ieee80211_iface_work+0x8a5/0xf20
[ 1686.871541][    C1]  cfg80211_wiphy_work+0x2db/0x490
[ 1686.871561][    C1]  ? process_scheduled_works+0x976/0x1850
[ 1686.871583][    C1]  process_scheduled_works+0xa63/0x1850
[ 1686.871617][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1686.871642][    C1]  ? assign_work+0x364/0x3d0
[ 1686.871665][    C1]  worker_thread+0x870/0xd30
[ 1686.871690][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1686.871713][    C1]  ? __kthread_parkme+0x169/0x1d0
[ 1686.871737][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1686.871759][    C1]  kthread+0x2f0/0x390
[ 1686.871774][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1686.871795][    C1]  ? __pfx_kthread+0x10/0x10
[ 1686.871811][    C1]  ret_from_fork+0x4b/0x80
[ 1686.871834][    C1]  ? __pfx_kthread+0x10/0x10
[ 1686.871849][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1686.871877][    C1]  </TASK>
[ 1686.889256][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[ 1686.889275][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00061-gb983b271662b #0
[ 1686.889299][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1686.889312][   T30] Call Trace:
[ 1686.889320][   T30]  <TASK>
[ 1686.889328][   T30]  dump_stack_lvl+0x241/0x360
[ 1686.889355][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1686.889375][   T30]  ? __pfx__printk+0x10/0x10
[ 1686.889407][   T30]  ? vscnprintf+0x5d/0x90
[ 1686.889430][   T30]  panic+0x349/0x880
[ 1686.889456][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1686.889479][   T30]  ? __pfx_panic+0x10/0x10
[ 1686.889501][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[ 1686.889523][   T30]  ? __irq_work_queue_local+0x137/0x410
[ 1686.889547][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[ 1686.889567][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1686.889588][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[ 1686.889611][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[ 1686.889636][   T30]  watchdog+0x1033/0x1040
[ 1686.889661][   T30]  ? watchdog+0x1ea/0x1040
[ 1686.889688][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1686.889711][   T30]  kthread+0x2f0/0x390
[ 1686.889730][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1686.889759][   T30]  ? __pfx_kthread+0x10/0x10
[ 1686.889778][   T30]  ret_from_fork+0x4b/0x80
[ 1686.889802][   T30]  ? __pfx_kthread+0x10/0x10
[ 1686.889820][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1686.889855][   T30]  </TASK>
[ 1687.673161][   T30] Kernel Offset: disabled
[ 1687.677481][   T30] Rebooting in 86400 seconds..