last executing test programs:

23.929763012s ago: executing program 4 (id=4420):
pselect6(0x40, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x4000, 0x800}, 0x0, &(0x7f0000000680)={0xff, 0x0, 0x0, 0x7f, 0xc7}, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
r2 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000040)={'vcan0\x00'})
r3 = socket(0x1d, 0x0, 0x6)
eventfd2(0x0, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
socket$nl_route(0x10, 0x3, 0x0)
dup3(r4, 0xffffffffffffffff, 0x0)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000240)={0x1d, r5, 0x0, {0x0, 0x0, 0x4}}, 0x18)
bind$can_j1939(r3, &(0x7f0000000000)={0x1d, r5, 0x0, {0x0, 0x0, 0x4}}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14)
socket$packet(0x11, 0xa, 0x300)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x58, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'syz_tun\x00'}]}]}]}], {0x14}}, 0x80}}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000001500)={@local, @random="bf7d132b5a64", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@newlink={0x20, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7}}, 0x20}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002680)={0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f00000003c0)="a4e5b02d1c7ffa7b68b5c942445bc327fb0283ec570f6b01c1a767b1b8acab91febb0760616d1e163fd58bcd74265405868f9299f0cbeb2d33c1d3bb97901a77f03d4af07dffc18482e604d26d48977724b274d9e046320dabcf3c71b6ab25cbb7605166c53f0d652bc08c6735fde42e69b31f589199aba1028e9b6ead6dd49db6259f5204ab946ab1d638db9fc0a2a3c9d245da78c300e9db57a87fa4015a3b841477616fb87111671981a5f6cb841503465f4c9a29e914a5826df91b2c1d0d130ff6e2ffd9589417d587ed3aa5ebb7c73af9ea33fc8ce2263514d7aea795c68e4f55389fc263ca28d515032b37e9ab6b9e0f4cc2f7e50c5856280989c0fc0ecb4a16b2417bee0606394ee20a76d64be08900eedf5ab1a004e382ba526ac9cce3b915a5a35ae7e93f3d10591f921f8503683451cbf8137d7564f0b2acc5f11df1629892ab7c926a97f66f02641287f950f0ac756c6d3377452fb5b495bc706c3f5b4b2e23ca1a2b84adb79ca73acce8d377a4d99c8f56b6f6b956dfb458e8eb96aa50cec11a90da84c9b6bb867c98d69a69ed5b4fbb069864a92ea9c9e885b21ccb120df669d4c9fd29e81ab3763001c1485be5d82cf46dd87c9ad36612f57b3ace8173a8dd455214f6cfab2cb7894a7f5d6bc08ef8e697ae86d076ba5a291b1fdee071b73c525c6de0e78580d7c6156a8f7b7fc4e236fb0d6aff75e10629fdc99d1ab3cfcb9b03f64653ecc8bb5b69eb57f90ce92cc30c6e3eb06fa984805cb35c841fad9f72b26cbc993dcb6bed925b0201f9ba482b7f9797f02441f9a5f36a285b8728b883fbc23c34eadca443f0a611b08034bb4896b8fad7f4357a032bde001dc8f467e99c2c0f72fa1059e36c6fc348a33e8eccdbd2ec5f6f4853cccaa3dbd70547bba6968c8187cb05095d6f7a29434099ac48c49b58854e4ba0f48813e4596a5b1140887f697b9bf2615fa96490a5f25328768099399a9fc6d942e86112af2024e5911f2d64e4cfd04a405e2f5a27120c547e48e1af647d19015540701faf706c2263976de6616f365cfef3ed64b85834b7252eb3165f8c86db134a2ae2f0ea3735f49d148f10f640661b2d4329eab4dcb9e04186643f6f18e5c96f79e139f8e541c1dbe2f62bea14953b4896ac46b81c3a8298e7819448e461317ce2b13aa0bc1e135355ad9a1c5c2ba410917a751d7e0dc4db52eb46bdaad9b20f3bbcc4f2fb23c24ed006dce16b0bc6e4b5deeffd22a607ed7fafc9c464d925c7268468ebfe25770b18e3457e0268d8cf32d82ca3fd5a391bfa7c333490f6264fd213bcefbd2b17dfbb0a5ae961d3994478bf5ac6d88e8986b8351d105862cd9f05b0bfc8bd6d54fb2d50d642da92c1165f06ec4baf7a9c87d984439927b835d7087f28e82d9d2e0312986beaf9b1d7efa95d7bff2c72bbc7419b902b58bb0f1bbf0071aec1098122579b301302b7ddd49385c7c9172ba3cc1aae62760836e156fbc59c9292220cf437550f6c27a23049cce5a2c8f1cbd86f61b26ce5453db05a26771efdf46e96ef78cf061520aa769b0b5d30ff83f31920be55227b2385286eaeac2d44e91a10bb22a5d80e7906439d6635c9ae1fbe30318c80758665eb68794039fe9d9d945874aa18ec942f526b81ca277e223329a50fa209088677a75c43f88e5f555b8156fc572f6710d8d4e6cd608294f0ab05c2d0d992ff8f6365ff784596874f2dc12ab6952a2f2d693ccf3d624d53fd56894826e78dc01f95a65d65f1370c330755112809604f48a28528b0004cc0c1957561ca5b97e6b68bed39ead403c8d6116cfb3a30bc37828cb76573ab65f2c4d738891a5cf23bf6ed449f3fe743a5ebaea84bd031fe7e32c1499510b123d7a9e6116beea49cd2286e7ce2a0687c560eeb55634655c322a34243319dbfdecf53b5199c4905d85c8cf133f5a17dfc48683578902eafcf4b63e13fb36c9798610afec95b961f6215f1f44275bd7ea02daeefe09a1227b86a891ba133ff2686f11ad71f2d40f53f61d0f561ce4d3305c83a41467dfabc3c2664b21cb8edbe6dabde62205ca8e79eec12ea8ae3228a25758f136d5492d6b6736a9b2a49b4563494aaf535afa9655eef94078f04f5c1cb385123ce95610a2d0bc2886e76903d1eda0a8e40710ba53d94df3ec8d4fac4bc3c7dedad541cd5b580478a2432b2aa2fcaa0649bf2b46f4ecd90e55a576a236b2daf322b33b76b32341589ae5aff45d48e55664a3025557497a6ebf6219d90da0b044615157d860f87cbd9466c8cfee47c8281a61ca4e2e6ee7a5e515ef19e308c915c363bf3e536ec5e44ce08892645c55f94d844abdd11455499c396af31342af32d0bbe93eb2ecf3c93258b41a220681f7ac84ffbc5939eb0c7cbfb59764484e5886e0fa50ffb55817b6cfcdaab64054b2d5a673b4fdeb849eadb8a6699ebb295f973db7f4ec0ac65182d284a5753d3954e439ee0124c3dd95603a389ee54d1313f4da95ac251f31fe77211ce1c3fee6c7bc8de376b12b4836ae4b26e1e9d73368be43cc93a0c4e6cb42596357d58ade783af7d2eaed445e4ac899c7749327ef8618f5187df9f7b37ccb497bab8776984397a521b442b51cabce7144c37520896aa77733a85a4bd3a2b13a721ea509ca17aa8df71156cc612b91330418fc6ba8eee7ce04d611a687a32c4c50a5690f564c9e65197e6212dd9a3e30eefcccc307407e0a975aa5b43069d2ed447d209dd110598f9622fbe573db976c5f4bef82f5474dd0ea5bfe736e0f3f969bb38469839ff24b7157e6b8846b4710d7ad7f3cc3ac3be89160b9b429a899d4722fefaf6b05e540afae163b1a1a88deba6ea8501c375e856c5997dd6587a8a02c910df6ea9516c8d9e9a2422e980b5c044d4e57a2fb3f8c39a749176669f22d270dbca7cd656e88d2467271e38f79748205af3e8c154d74253e5223fe00ef53df3acdddc732d1139b6e6ce3382c7d0aa5885f1c98c53cedc5c4850eed9393277516a125c96d61b8319771a83fb02ff0e6cde27ce894ecfc4b42695b45037ebc6db705a661e29e031509b2eaa4dd48a2fe9768440278ffd9dbdca1a36b788fee353c45b2197be3805feea42012efdbecc6521dd0e24271a16", 0x8a7}], 0x1}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e03002a000b05d25a806c8c6f94f90424fc601100077a0a000312050282c137153e370e0c1180fc0b0c000300", 0x33fe0}], 0x1}, 0x0)
write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
r9 = socket(0xa, 0x6, 0x0)
getsockopt$inet6_mreq(r9, 0x10d, 0xf1, 0x0, &(0x7f0000000000))
r10 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r10, 0xc0285628, &(0x7f0000000300)={0x7})

23.622649055s ago: executing program 4 (id=4421):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r2, &(0x7f0000000140)={0x0, 0x300, &(0x7f0000000180)={&(0x7f0000000280)={0x1c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x1c000000}, 0x0)

23.507611244s ago: executing program 4 (id=4423):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600093582c137153e370c0c188002ac0f0003", 0x2d}], 0x1}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$lock(r0, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r0, 0x26, &(0x7f0000000600)={0x0, 0x2, 0x0, 0x2})
fcntl$lock(r0, 0x6, &(0x7f0000000000))
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='comm\x00')
syz_usb_connect$printer(0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x2b, &(0x7f0000000200)=ANY=[@ANYBLOB="2b07689fee09ef62644e9c0ef436f3d12f8530448d58456eeb2c4d11e855f8b208fd732a4e90b0bc4ea68f"]}]})
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r4 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r4, 0x81044804, &(0x7f0000000400)={0x1})
syz_usb_control_io$hid(r3, &(0x7f0000000100)={0x24, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0003"], 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r3, &(0x7f00000002c0)={0x24, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0003040000000403"], 0x0, 0x0}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r1)
write$UHID_INPUT(r5, &(0x7f0000001040)={0xfc, {"a2e3ad21ed0d09f91b45090987f70906d038e7ff7fc6e5539b0d3d0e8b089b3f33000e090890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b5b070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210380106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b07c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
write$binfmt_misc(r2, &(0x7f0000000040)=ANY=[], 0xe09)
r6 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, @loopback={0xff00000000000000}}})
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

20.437507649s ago: executing program 4 (id=4438):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001040)={0x9b, {"a2e3ad09ed0d09f91a5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f363063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b31070d0773090acd3b78130daa61d8e8040001000000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffebd}}, 0x1006)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000000)=<r2=>0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x7)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="043e1f0a00c9000001aaaaaaaaaa50"], 0x22)

19.137352257s ago: executing program 1 (id=4445):
connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e24, @loopback}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r2, 0x10d, 0xee, 0x0, &(0x7f00000000c0))

19.001567591s ago: executing program 1 (id=4448):
syz_clone3(&(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
setpriority(0x1, 0x0, 0xfffffffffffffffd)

18.857355509s ago: executing program 1 (id=4449):
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x0, 0x300)
socket$inet6(0xa, 0x0, 0x88)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2}, 0x1c)
syz_emit_ethernet(0x83, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x5, 0x0, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000001c80)={0x3, 0x0, [{0xd000, 0xf9, &(0x7f0000000640)=""/249}, {0x0, 0x47, &(0x7f0000000940)=""/71}, {0x86956090991702cc, 0x91, &(0x7f0000001e80)=""/145}]})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000040)="d80000001e0081054e81f782db4cb904021d080006007c09e8fe08a118000e800a00142603600e45aad2c5e38383c39d11b01c1208000f0000000406a80016c0080009400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a9295", 0xd8}], 0x1}, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x278, 0x98, 0x8, 0xfa04, 0x98, 0x6c02, 0x1e0, 0x194, 0x194, 0x1e0, 0x194, 0x3, 0x0, {[{{@ip={@broadcast, @broadcast, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x70, 0x98, 0x0, {0x0, 0x74020000}}, @common=@inet=@TCPMSS={0x28}}, {{@ip={@multicast2, @dev, 0x0, 0x0, '\x00', 'batadv_slave_0\x00'}, 0x0, 0xe0, 0x148, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'amanda\x00'}}, @common=@unspec=@connlabel={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2d8)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt(r6, 0x0, 0x5, &(0x7f0000000f00)="df4c8860a5cccff370123dd7fc6e", 0xe)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x3, 0x3}}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x0)

18.707219497s ago: executing program 4 (id=4451):
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x800)
preadv(r0, &(0x7f0000000340)=[{&(0x7f0000000080)=""/82, 0x52}], 0x1, 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000001b40)='./binderfs/binder1\x00', 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0)
ioctl$BINDER_GET_EXTENDED_ERROR(r1, 0xc018620b, &(0x7f000001ed80))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000000000008f9000000d3670f93ced9177a45cbc0e1594c63546cde5aabfb8ef7f535b87f79689f1b35ebe4e5c6dc7d5a5d532df00ad25c321bc8415f8c939fad0da3b49bef279064b276909120f69f468f0a3bd660c915ffff563dea29c061e09df2bbd8816ca0fb6f9b2dc0844e16385b153a0abc310c53d1cd248ad93ba69bcbd1943212d07883f0668c80144f17330ac83230d505dc50fa573c5eff24d5f75efb4128548ebf71c1eb4c04d58d37025a8187cd10875d92327efafdcd463958c3eca0555134e18e27d3eb54549fe25d9a9090d4e270464bfea383eac04450f8474240f54e566873c68827bc7d69fae81e7988"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r2}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0)
chdir(&(0x7f0000000100)='./file0\x00')
rename(&(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000800)='./file0\x00')
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r5, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000040)=0x1b3a, 0x4)
sendto$inet(r5, &(0x7f0000000080)='m', 0x1, 0x0, 0x0, 0x0)
recvmsg(r5, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=""/188, 0xbc}, 0x2000)
r6 = fcntl$dupfd(r4, 0x0, r4)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, 0x0}], 0x1, 0x0, &(0x7f00000002c0)=[@flags={0x3, 0x10200}], 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r7, 0xae80, 0x0)

18.400225976s ago: executing program 4 (id=4455):
syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x3)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
sched_setaffinity(0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{0x0}], 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f0000000400)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="00010c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000100)=ANY=[@ANYBLOB="0001280000007818c4079760a769bc929f3d49ec0817a87b13935e6624d843a85bcca3788af1c9d63438aa6920b897d20f204181e61f4e0973eb"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000b00)={0x84, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00('], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = socket$inet6(0xa, 0x3, 0x2c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c)
write$binfmt_misc(r1, &(0x7f00000000c0)=ANY=[@ANYRES32=r1], 0xfff7)

18.097440499s ago: executing program 3 (id=4457):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x26, 0x4, 0x0, 0x0, 0x98, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0xd5, 0x0, 0x9, [0x20401, 0x0, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private}, {@multicast1}, {@broadcast}, {@local, 0x659}, {@remote}, {@remote}, {@multicast1, 0xffd200}, {@private}]}, @noop, @noop, @noop, @lsrr={0x83, 0xb, 0xdc, [@private=0xa010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev={0xac, 0x14, 0x14, 0x40}, @remote, @multicast1, @private, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$alg(0x26, 0x5, 0x0)
fsopen(&(0x7f00000003c0)='ext3\x00', 0x0)
r2 = syz_usbip_server_init(0x3)
socket$l2tp6(0xa, 0x2, 0x73)
write(r2, &(0x7f0000000f40)="b410a1e8252ce0a1a3be3d593e8bf96f9615aea940ed08d314cbc50631fb02a0647a3c2ed4c85c8eef57d078ec90823a", 0x30)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
preadv(r3, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
mbind(&(0x7f0000596000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x3)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
msgget$private(0x0, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000040)={'veth1_to_bond\x00', &(0x7f0000000400)=@ethtool_sset_info={0x4e, 0x10, 0x8000, [0x7f00, 0x1, 0x3, 0x5, 0x8]}})
r5 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
ioctl$SOUND_PCM_READ_BITS(r1, 0x80045005, &(0x7f0000000080))
r6 = fsmount(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(r6, &(0x7f0000000000)='cpu.stat\x00', 0x300, 0x0)
read$FUSE(r6, &(0x7f000001cac0)={0x2020}, 0x2020)

17.981754018s ago: executing program 2 (id=4458):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
unshare(0x8000000)
unshare(0x8040080)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x4048aec9, &(0x7f0000000080)={[{0x0, 0x0, 0x0, 0xfd}, {0x0, 0x4a, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x3e}]})
socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020a040007000000b6f1ffff0000854105001a"], 0x38}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e"], 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
preadv(r4, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

17.866729438s ago: executing program 1 (id=4459):
syz_clone3(&(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
setpriority(0x1, 0x0, 0xfffffffffffffffd)

17.583006778s ago: executing program 1 (id=4460):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x74, 0x93, 0x1d, 0x40, 0xc45, 0x614a, 0xe6af, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9c, 0x80, 0xf4}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000003c0)={0x34, &(0x7f0000000180)=ANY=[@ANYBLOB="00000000e100"], 0x0, 0x0, 0x0, 0x0, 0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x2, 0x3}, 0x48)
syz_io_uring_setup(0x0, &(0x7f0000000400)={0x0, 0x0, 0x80, 0x2}, 0x0, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
pwritev2(0xffffffffffffffff, &(0x7f00000012c0)=[{&(0x7f0000000100)="7270aa3f0c63ef31716980d71af481e691d156e5c690c37493c965008b713ed133a85027d43b49d05b8ec0e538f674752205f76fb42632a5233a7d64e1cea692029b6a", 0x43}], 0x1, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000ac0)={0x1, 0x0, [{0x0, 0xd3, &(0x7f0000000780)=""/211}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000880))
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=""/253, 0x0, &(0x7f0000000600)=""/91})
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000040)={0x2, <r3=>r1, 0x80000})
ioctl$VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, &(0x7f0000000500))
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f00000001c0)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x5}, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d80)={0xffffffffffffffff, 0xe0, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000a80)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3, &(0x7f0000000b00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000b40)=[0x0, 0x0, 0x0], <r5=>0x0, 0x11, &(0x7f0000000b80), 0x0, 0x10, &(0x7f0000000bc0), &(0x7f0000000540), 0x8, 0x74, 0x8, 0x8, &(0x7f0000000c40)}}, 0x10)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0)=r5, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@bloom_filter={0x1e, 0x401, 0x8, 0xffffffff, 0x88, 0xffffffffffffffff, 0x0, '\x00', 0x0, r6, 0x3, 0x5, 0x2, 0x5}, 0x48)
socket$inet_udp(0x2, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000440)='wlan0\x00', 0x10)

16.995423102s ago: executing program 3 (id=4461):
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000000)=0x91, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1}, 0x48)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x28011, r0, 0x60)

16.825387136s ago: executing program 3 (id=4462):
socket$nl_generic(0x11, 0x3, 0x10)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000140)={0x895}, 0x10, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
r2 = landlock_create_ruleset(&(0x7f0000000140)={0x895}, 0x10, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
truncate(&(0x7f0000000000)='./file1\x00', 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000100000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0000000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f0000e1ab14140000000000000000000084300400000000000000000000000041554449540000bcb92dfff07fca000000466ef58f5dc8438b000000000000000800"/376]}, 0x1f0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000ff623140fd0704005026010203010902120001000000000904000000ff"], 0x0)

16.582002018s ago: executing program 2 (id=4463):
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000000)=0x91, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1}, 0x48)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3020, 0x604000000000000, 0x28011, r0, 0x0)

16.426196948s ago: executing program 2 (id=4464):
sendmmsg$sock(0xffffffffffffffff, &(0x7f00000003c0), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140))
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f000000a040)=[{{0x0, 0x0, &(0x7f0000003f00)=[{&(0x7f0000000e40)="958d805bf14fbf04e1b3d1e9be4f8326a1d9b63a455073da21a008f67e69228331793783eaae1d33c81a8f2b1e36d3e15c1d298c543326377169b8dc908f10ec82be00df5b8f9097d8ca8fc9fedd586783e79d2de778fb6ad54f6e882fcdf4e6823b1d39807b0efb0a9f00ee6411d8329c82ecbc2be25dd70e6197c3f7b569581c88ba3e1293997a7cf04d0cb5f90eabc7321dccfcad5f112c30b08f6b1ad6874ed256562e3d63ffd7865d46e53df1ef858bc60ba1ad9867f0326dbcbbca3e463fe295f07df1111c57023a8d9d8cae73bfaa5ec45517f6b51bed2444110c2c84ef8a2407145dae8fb5bf47218b272f82529f2cc5b350a96980a63ca16ed42a09d3ea39459ac81302f73cb25a0f3691b8d759613aa72967c4d516fb1a2ccf7c6cec0273768bb849b9eaebc23ee729e0bf06bcac13cc9683bc616b8a4e5077c0d59cd6e2f7e0e95d856b0779873e50d3f03f3272aa8f7e33f7268d8932485b05a713bde55cb5e1654fdad201713bcedb681f6f54a12cd9decbba8441c41919dd3b7b0a0acf6ff93a229729a875b0a0ca44a2e492e700433c1b5749a905c93a7350420cf93132146df1d3bb01c1e8cd8c27a27be3cedb1681bff806899d1392fd2f4db8e3a0dceb0b8f11fe916634701452e6fbdaad62df0d5d94dac750a3ef7e4e15f883ee43b477c12aba8461710781f36c6540efcb827a2a5ebccd25b7892fcbb70c9cf13e71f8037ba448a68314236ce3841679da4082817f68c3bd549a9ca55f83bef2fc216ec6c275a01054e35e7ee1ef74def105755fb7a07d82b62ae6186cb6ab86ad6405a8a4eef879c146e60c4cf79a5f90e5586b7eb288e29835c8697dbf8e63fa4e8215abf7764882cc81a680c9f72bac28bb86efe2c87fda5d510de157f23f504a0da6e649b05ffbedfb3a59a5965f039530ac8c4f053904c08d4c02a2c3ed7691da14e6e712a8e221a2f638df3ae1aa2d7f42414143308fddb30f62c0b56449e9118b5ff9f4eeafecc49ab239750e823ac21af0a8c2891c9ec930daa139ec40fc5a894de2e67c49b19a458032c5809ba3c5a3f1db49f07c488ecfc5c3bb6f2d2f8152b1bc03b362a979b4567e173d9fd7d8e935e8610370c25b634f7874936bec5dd984baf6604a020e5b50bd471309f3d78ab3e7b9b21d80684d0905f788", 0x344}, {&(0x7f0000002e40)="92109e91e19e53f9fb273a91e4064e6047e8a1b784e9f88dad09db1855fde00124dc87cb3e460cad18abbdd31ce629fe83bddf6b08c3fbbf716d5010804aee5fae63ea7fc037c4d07102a207f7b9cb37cbb026c5ec2a4ef475644f1153bf39d3661153a2e2c5", 0x66}], 0x2, &(0x7f0000005300)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r3], 0x78, 0x24000010}}], 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r4, 0x0, 0x0)
sendmmsg$inet(r4, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_buf(r4, 0x0, 0x28, 0x0, 0x0)
syz_usb_connect$hid(0x5, 0x3f, &(0x7f0000000300)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x224, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x5, 0xb0, 0x3, [{{0x9, 0x4, 0x0, 0xd0, 0x2, 0x3, 0x1, 0x1, 0x63, {0x9, 0x21, 0x9875, 0xa6, 0x1, {0x22, 0x902}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x4, 0x73, 0x2}}, [{{0x9, 0x5, 0x2, 0x3, 0x10, 0x0, 0x81, 0x5}}]}}}]}}]}}, &(0x7f00000008c0)={0xa, &(0x7f0000000340)={0xa, 0x6, 0x200, 0x2, 0x0, 0x6, 0x10, 0x9}, 0xb5, &(0x7f0000000900)=ANY=[@ANYBLOB="050fb500030710020a2708019f100a5b529d692abdc04a87d6c1b9a6c852e6e1eca991213f259e2f9e4e7d772515c3a91a5b578e7c4640616f0d12e56c473611cb60739fbe3f0f5172d5964553083678c5288b886df688a8cc69a74fef8638a8e510c25e8470274d26f391da67513ba37e7f000000219b29fad9a026067c92209f7e0081eaed32af37f6141741a46322091e2e43767cd99fe924d582db998a1ec96f3d9a441b5b6a9ab4d20a100302050007000700302fe953e7cd4e4314d387bddc35b3541e62ee8adde72621ab4548ec24af3ac7287db6d5da417a13807499ef9d9448d0e3eb2ecac4703209db62dd90f80990460bbeeb09257f201435bf7646068a57e67fe641d6b9667aa19a93d239729438134d2d9c68a0b89c7cbb0faba7be83b3ca080cdb66c324083cdeb6f62a6af79271497506"], 0x1, [{0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0xc04}}]})
sendmmsg$inet6(r0, &(0x7f0000000a40)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000001b00)=ANY=[@ANYBLOB="1800000000000000290000003600000048e0000000000000"], 0x18}}, {{0x0, 0x0, &(0x7f0000001480)=[{0x0}], 0x1}}, {{&(0x7f00000015c0)={0xa, 0x0, 0x3, @local}, 0x1c, &(0x7f0000001a40)=[{0x0}, {&(0x7f0000001640)="88", 0x1}], 0x2}, 0x58f0}, {{0x0, 0x0, 0x0}}], 0x4, 0xc080)
r5 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x1)
ioctl$KDFONTOP_COPY(r5, 0x4b72, &(0x7f0000000180)={0x3, 0x1, 0xe, 0x19, 0x4f, &(0x7f0000000400)})
r6 = socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000200)={'bridge_slave_1\x00', &(0x7f00000001c0)=@ethtool_gfeatures={0x3a, 0x3, [{}, {}, {}]}})
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
openat$cgroup(r7, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'geneve1\x00'})

16.209365041s ago: executing program 3 (id=4465):
sendmmsg$sock(0xffffffffffffffff, &(0x7f00000003c0), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140))
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f000000a040)=[{{0x0, 0x0, &(0x7f0000003f00)=[{&(0x7f0000000e40)="958d805bf14fbf04e1b3d1e9be4f8326a1d9b63a455073da21a008f67e69228331793783eaae1d33c81a8f2b1e36d3e15c1d298c543326377169b8dc908f10ec82be00df5b8f9097d8ca8fc9fedd586783e79d2de778fb6ad54f6e882fcdf4e6823b1d39807b0efb0a9f00ee6411d8329c82ecbc2be25dd70e6197c3f7b569581c88ba3e1293997a7cf04d0cb5f90eabc7321dccfcad5f112c30b08f6b1ad6874ed256562e3d63ffd7865d46e53df1ef858bc60ba1ad9867f0326dbcbbca3e463fe295f07df1111c57023a8d9d8cae73bfaa5ec45517f6b51bed2444110c2c84ef8a2407145dae8fb5bf47218b272f82529f2cc5b350a96980a63ca16ed42a09d3ea39459ac81302f73cb25a0f3691b8d759613aa72967c4d516fb1a2ccf7c6cec0273768bb849b9eaebc23ee729e0bf06bcac13cc9683bc616b8a4e5077c0d59cd6e2f7e0e95d856b0779873e50d3f03f3272aa8f7e33f7268d8932485b05a713bde55cb5e1654fdad201713bcedb681f6f54a12cd9decbba8441c41919dd3b7b0a0acf6ff93a229729a875b0a0ca44a2e492e700433c1b5749a905c93a7350420cf93132146df1d3bb01c1e8cd8c27a27be3cedb1681bff806899d1392fd2f4db8e3a0dceb0b8f11fe916634701452e6fbdaad62df0d5d94dac750a3ef7e4e15f883ee43b477c12aba8461710781f36c6540efcb827a2a5ebccd25b7892fcbb70c9cf13e71f8037ba448a68314236ce3841679da4082817f68c3bd549a9ca55f83bef2fc216ec6c275a01054e35e7ee1ef74def105755fb7a07d82b62ae6186cb6ab86ad6405a8a4eef879c146e60c4cf79a5f90e5586b7eb288e29835c8697dbf8e63fa4e8215abf7764882cc81a680c9f72bac28bb86efe2c87fda5d510de157f23f504a0da6e649b05ffbedfb3a59a5965f039530ac8c4f053904c08d4c02a2c3ed7691da14e6e712a8e221a2f638df3ae1aa2d7f42414143308fddb30f62c0b56449e9118b5ff9f4eeafecc49ab239750e823ac21af0a8c2891c9ec930daa139ec40fc5a894de2e67c49b19a458032c5809ba3c5a3f1db49f07c488ecfc5c3bb6f2d2f8152b1bc03b362a979b4567e173d9fd7d8e935e8610370c25b634f7874936bec5dd984baf6604a020e5b50bd471309f3d78ab3e7b9b21d80684d0905f788", 0x344}, {&(0x7f0000002e40)="92109e91e19e53f9fb273a91e4064e6047e8a1b784e9f88dad09db1855fde00124dc87cb3e460cad18abbdd31ce629fe83bddf6b08c3fbbf716d5010804aee5fae63ea7fc037c4d07102a207f7b9cb37cbb026c5ec2a4ef475644f1153bf39d3661153a2e2c5", 0x66}], 0x2, &(0x7f0000005300)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r3], 0x78, 0x24000010}}], 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r4, 0x0, 0x0)
sendmmsg$inet(r4, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_buf(r4, 0x0, 0x28, 0x0, 0x0)
syz_usb_connect$hid(0x5, 0x3f, &(0x7f0000000300)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x224, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x5, 0xb0, 0x3, [{{0x9, 0x4, 0x0, 0xd0, 0x2, 0x3, 0x1, 0x1, 0x63, {0x9, 0x21, 0x9875, 0xa6, 0x1, {0x22, 0x902}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x4, 0x73, 0x2}}, [{{0x9, 0x5, 0x2, 0x3, 0x10, 0x0, 0x81, 0x5}}]}}}]}}]}}, &(0x7f00000008c0)={0xa, &(0x7f0000000340)={0xa, 0x6, 0x200, 0x2, 0x0, 0x6, 0x10, 0x9}, 0xb5, &(0x7f0000000900)=ANY=[@ANYBLOB="050fb500030710020a2708019f100a5b529d692abdc04a87d6c1b9a6c852e6e1eca991213f259e2f9e4e7d772515c3a91a5b578e7c4640616f0d12e56c473611cb60739fbe3f0f5172d5964553083678c5288b886df688a8cc69a74fef8638a8e510c25e8470274d26f391da67513ba37e7f000000219b29fad9a026067c92209f7e0081eaed32af37f6141741a46322091e2e43767cd99fe924d582db998a1ec96f3d9a441b5b6a9ab4d20a100302050007000700302fe953e7cd4e4314d387bddc35b3541e62ee8adde72621ab4548ec24af3ac7287db6d5da417a13807499ef9d9448d0e3eb2ecac4703209db62dd90f80990460bbeeb09257f201435bf7646068a57e67fe641d6b9667aa19a93d239729438134d2d9c68a0b89c7cbb0faba7be83b3ca080cdb66c324083cdeb6f62a6af79271497506"], 0x1, [{0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0xc04}}]})
sendmmsg$inet6(r0, &(0x7f0000000a40)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000001b00)=ANY=[@ANYBLOB="1800000000000000290000003600000048e0000000000000"], 0x18}}, {{0x0, 0x0, &(0x7f0000001480)=[{0x0}], 0x1}}, {{&(0x7f00000015c0)={0xa, 0x0, 0x3, @local}, 0x1c, &(0x7f0000001a40)=[{0x0}, {&(0x7f0000001640)="88", 0x1}], 0x2}, 0x58f0}, {{0x0, 0x0, 0x0}}], 0x4, 0xc080)
r5 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x1)
ioctl$KDFONTOP_COPY(r5, 0x4b72, &(0x7f0000000180)={0x3, 0x1, 0xe, 0x19, 0x4f, &(0x7f0000000400)})
r6 = socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000200)={'bridge_slave_1\x00', &(0x7f00000001c0)=@ethtool_gfeatures={0x3a, 0x3, [{}, {}, {}]}})
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
openat$cgroup(r7, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'geneve1\x00'})

15.68098257s ago: executing program 1 (id=4467):
connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e24, @loopback}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r2, 0x10d, 0xfa, 0x0, &(0x7f00000000c0))

14.801431495s ago: executing program 2 (id=4468):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0406000000000000005872133b22b9441a168f2463fce7e35d03"], 0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0x8000, 0xffffffff, 0x2, 0x8000}, 0x10)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="62000000000000007b0a00ff000000001d0a000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="100000002500000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0xa, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x47, 0x10, 0x0, 0x1e}, 0x2d)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
open(0x0, 0x0, 0x0)
syz_open_dev$video(&(0x7f0000003d00), 0x9, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000780)={'batadv_slave_1\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
sendto$inet6(r2, &(0x7f0000000280)="db723ff32dad7a0cca6ded8e26ef071d862c7a8a75d50da3c795f51a961515a61526e478e55b938e16cfe68cc992c5ae3afc4bdf7c24dbe8e10bca950673c4c0452b9bedb64084db07fd2dec021b908050e4f6581d88f81b018a4fe31951df34220c8e05302835eac96c49d26a55bfe8ffbe56c08f6eb7211fb2f9e4c4bea5a48b6e410fe4df074c42d148a8189722e06e0b4a72e5679bab0069171df200f82156f802004e1a5219dde42d9428e4de0da9e09eec40bc65a11678fb59e6f7d2d6c67901f9451a55e3ebcdeb24717ea633afcc672441db7a6f60b81a13fa711b8b", 0xe0, 0x0, 0x0, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000001880)=[{&(0x7f000001aa80)=""/102399, 0x18fff}], 0x1, 0x0, 0x5)
close(0xffffffffffffffff)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(0xffffffffffffffff, 0x0)
ioctl$sock_SIOCOUTQNSD(r4, 0x894b, &(0x7f0000000180))
bind$inet6(0xffffffffffffffff, 0x0, 0x0)

14.418687105s ago: executing program 2 (id=4470):
syz_open_dev$video(&(0x7f0000002040), 0xaf, 0x4400)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x1f, 0xea, 0x36, 0x10, 0x4fc, 0x504a, 0x33d2, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x63, 0x64, 0x7f}}]}}]}}, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='fdinfo\x00')
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="2e6876c4dc081f97ef02ca03034507e3c19b15d9e35ea870ee7d8bfbdc168879d3f4219e3a7776d21d903355aa34ae4a7d8b2a7321cd589779486ff3e103fb2a16ade281c3aac41d3c5c91ec625fe150c639fd906a120391f296b00a83fa0dee00c5fcd5a4468482e30fe0bf114c92ec84c60868330130ae91de7ea2a82c662ddf5f9e1075a0ec9ab262f0", @ANYRES8=r0], 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040))
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000001900)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
r2 = syz_open_dev$media(&(0x7f0000000280), 0x3, 0x8000)
ioctl$MEDIA_IOC_ENUM_LINKS(r2, 0xc0287c02, &(0x7f00000000c0)={0x80000000, 0x0, &(0x7f0000000300)=[{}, {{}, {<r3=>0x80000000, <r4=>0x0}}]})
ioctl$MEDIA_IOC_ENUM_ENTITIES(0xffffffffffffffff, 0xc1007c01, &(0x7f0000001640)={r3})
ioctl$MEDIA_IOC_SETUP_LINK(r1, 0xc0347c03, &(0x7f0000000080)={{0x80000000, r4, 0x4, [0x0, 0xfff]}, {r3, 0x0, 0x0, [0x4, 0x5]}, 0x2, [0x4, 0x1]})
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r5, 0x402c5342, &(0x7f0000000000)={0x0, 0x8a, 0x43b, {0x0, 0x10000}, 0x6})
socket$l2tp6(0xa, 0x2, 0x73)
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xff16)
sendmsg$kcm(r1, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000380)='net/rt_acct\x00')
r7 = fanotify_init(0x200, 0x0)
fanotify_mark(r7, 0x409, 0x8, r6, 0x0)
ioctl$TUNSETSTEERINGEBPF(r6, 0x800454e0, &(0x7f0000000100))
r8 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r8, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000007fc0), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

14.200866119s ago: executing program 3 (id=4471):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000f80)={0x99, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x40, 0x13, 0x43}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, &(0x7f0000000140)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x24)
connect$rxrpc(r1, &(0x7f0000001bc0)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0x24)
syz_usb_control_io(r0, 0x0, &(0x7f0000001740)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2, "b3f0"}, 0x0, 0x0, 0x0, 0x0})
fsetxattr$security_ima(r1, &(0x7f0000000680), &(0x7f00000006c0)=@md5={0x1, "65f008cbf2ac0835e7d5f7d2f81cf102"}, 0x11, 0x1)
r2 = socket$netlink(0x10, 0x3, 0x0)
writev(r2, &(0x7f0000000140)=[{&(0x7f0000000000)="3900000013000b4700bb65e1c3e4ffff010000003d000000560000022500000019000a001000000007fd17e5ffff080004000000000000000a", 0x39}], 0x1)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f0000000640)=0x5)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r3, 0xc2604110, &(0x7f0000000280)={0x0, [[0x7ff], [0x0, 0xfffffffe], [0xfff]], '\x00', [{0x0, 0x1, 0x1}, {}, {}, {0x0, 0xfffffffd}]})
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000012c0)={0x44, &(0x7f0000000180)=ANY=[@ANYBLOB="0007010000003b345928e0c521c16d6f029b13ef8e6cdbf2cf03f0a77dbf92ca709362981ddbc6ff0a852987620bb2217fa7cc37c0c6a8dc534cc04ee084d01380296584104ced7048a029f9b06f4777c7196f3139077d5d140e2d284ea474c34e0ad7496b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000000040))
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x404c534a, &(0x7f00000000c0))
timer_create(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280), 0x48)
r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
writev(r5, &(0x7f0000000100)=[{&(0x7f0000000640)='r', 0x1}], 0x1)
ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x8004f50e, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r7, &(0x7f0000000440)={&(0x7f0000000280), 0xc, &(0x7f0000000400)={&(0x7f0000000580)={0x94, r8, 0x0, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x4}, @TIPC_NLA_BEARER={0x4}, @TIPC_NLA_BEARER={0x78, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x1, @private1}}, {0x14, 0x2, @in={0x2, 0x4e22, @local}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x94}}, 0x2000c041)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue1\x00'})

12.246583626s ago: executing program 2 (id=4475):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0406000000000000005872133b22b9441a168f2463fce7e35d03"], 0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0x8000, 0xffffffff, 0x2, 0x8000}, 0x10)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="62000000000000007b0a00ff000000001d0a000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="100000002500000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0xa, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x47, 0x10, 0x0, 0x1e}, 0x2d)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
open(0x0, 0x0, 0x0)
r1 = syz_open_dev$video(&(0x7f0000003d00), 0x9, 0x0)
read(r1, &(0x7f0000000d00)=""/132, 0x84)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000780)={'batadv_slave_1\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000000280)="db723ff32dad7a0cca6ded8e26ef071d862c7a8a75d50da3c795f51a961515a61526e478e55b938e16cfe68cc992c5ae3afc4bdf7c24dbe8e10bca950673c4c0452b9bedb64084db07fd2dec021b908050e4f6581d88f81b018a4fe31951df34220c8e05302835eac96c49d26a55bfe8ffbe56c08f6eb7211fb2f9e4c4bea5a48b6e410fe4df074c42d148a8189722e06e0b4a72e5679bab0069171df200f82156f802004e1a5219dde42d9428e4de0da9e09eec40bc65a11678fb59e6f7d2d6c67901f9451a55e3ebcdeb24717ea633afcc672441db7a6f60b81a13fa711b8b", 0xe0, 0x0, 0x0, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000001880)=[{&(0x7f000001aa80)=""/102399, 0x18fff}], 0x1, 0x0, 0x5)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r5, 0x0)
ioctl$sock_SIOCOUTQNSD(r6, 0x894b, &(0x7f0000000180))
bind$inet6(0xffffffffffffffff, 0x0, 0x0)

8.310577334s ago: executing program 3 (id=4479):
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000180), 0x80, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000d00)={0xc})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000d00)={0xc})
ioctl$IOMMU_DESTROY$ioas(0xffffffffffffffff, 0x3b80, 0x0)
mkdir(0x0, 0xfe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x0, 0x6, 0xbaa}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r4}, 0x38)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000000097000040"])
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000240)={0x28, 0x0, r7, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000})
ioctl$IOMMU_VFIO_IOAS$SET(r6, 0x3b88, &(0x7f00000002c0)={0xc, r7})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000040)={0x28, 0x0, r7, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000140)={0x28, 0x0, r7, 0x0, &(0x7f0000ffc000/0x2000)=nil, 0x2000})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f00000000c0)={0x50, 0x0, r7, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000})
ioctl$IOMMU_VFIO_SET_IOMMU(r6, 0x3b66, 0x1)
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000100)={0x28, 0x0, r7, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000})
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r6, 0x3b72, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000ff2f00000000000001"])
r8 = open(&(0x7f0000000040)='./bus\x00', 0x46ed02, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r8, &(0x7f00000001c0)={0x2, 0x4e22, @multicast1}, 0x10)

1.524835684s ago: executing program 0 (id=4485):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000340)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x6b)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=ANY=[@ANYBLOB="580000001000390427bd7000e9ffffff000003e4", @ANYRES32=r2, @ANYBLOB="00500600c31006003800128008000100736974002c00028008001400", @ANYRES32, @ANYBLOB="08000300e0faff01050009"], 0x58}}, 0x0)

1.385777416s ago: executing program 0 (id=4486):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x2, 0xf, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in, @in=@multicast2}}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @local}}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @private}}]}, 0x80}}, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f00), 0xffffffffffffffff)
sendmsg$NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x20, r1, 0x100, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x3, 0x55}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x40004}, 0x24000901)
r2 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r3 = socket(0x840000000002, 0x3, 0xfa)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000940)={{0x1, 0x1, 0x18, <r4=>r2, {0x4d6}}, './file0\x00'})
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e00)={r4, &(0x7f0000000c40)="61e54cf8f8c1967d663626fa2089bb45ed15ae5ee934f783394b22a6c62aaa2d2b334fe44e451e50caf777e474ba2dab2bbe90e599af984db81d8915c331fef4f9610545cb65d2c4be43dced7c0cd8d4bdd4e887d4b9d91713c0bb115ae5db037121e8a5a2a822b68b500b6b4007b194a6125dfe6a0cc7625b3e3656be6d927d0a01f0c72ba514eaf845d23142dd2e8d", &(0x7f0000000d00)=""/244, 0x4}, 0x20)
socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet_mreqn(r4, 0x0, 0x20, &(0x7f0000000e40)={@multicast1}, &(0x7f0000000e80)=0xc)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r5 = memfd_secret(0x0)
fadvise64(r5, 0x0, 0x0, 0x0)
sendmmsg$inet(r3, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_msfilter(r3, 0x0, 0x17, 0x0, 0x0)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
userfaultfd(0x0)
mremap(&(0x7f000016c000/0x4000)=nil, 0x4000, 0x40000000, 0x0, &(0x7f000063c000/0x3000)=nil)
writev(r2, &(0x7f0000000b80)=[{&(0x7f0000000040)="b50d13e72cbea9949cac7f", 0xb}, {&(0x7f0000000080)}, {&(0x7f00000000c0)="25e849a32d8cf2e874", 0x9}, {&(0x7f0000000100)="0151ad48f450b2899dc0f463ce6177d88c2bd6889f9c71df37989bd97708ad0e959b06b8fba7d85ee8f5bbd3e3787e9ce3081c64b9821fe234861f9bbc5e62544706c022a442ed9a3af738e77934967ba4de6134cddac86bfd5630879b1616547f032c7e8e025cade37b9c16c826a8a69e9a94b54c8fa21d3dff4422896117d7f26cfb6605c4b183aa3126d29a4b504cd8d3732d7bbb6c268c150c9e16941b5d22a1109deb57701a7e36b84188a1172b0354beb1deda6c1ab7f2b31797bc19af82f624d6c22940446dec2ff707", 0xcd}, {&(0x7f0000000200)="630d1c172fe2e2e0b51b1c6874af0bf832cb25959545692cd26d0dee3153984776bacfba4fa2fbbb50ea17719c439ce8c5a3f2d8a40225936c261790741863b3750204fddc98543428462d0b7406fc336c00cb5fd2b973222a604c3d5dbe54a2ee4fa40863e6cd462a49f26ae90ae56ede3f", 0x72}, {&(0x7f0000000780)="1c638c9dc2b998c2405d5b82b9b7da95537a8c1e7bf49cab9f79f02b3b0baa6dd3a8ec9ef27a431db7e24f288aaca3ef9e7d42148d8875b9fab7074d5cd043262d93c040171dc7acbf47905b8470a7a53df962aa7c435761d5631b7e41eef28e778509604ca67f0cb96bc3e1e294edf04c64349f7fdea5a369aaa474cc2616941205bb9b71cc132c2a66c25bb7506a7391443889c309744d742dd7143d501de48f1e1e3b7dbd1c318b1bdd54c1177f8da39de3c67407b763ccb85c9146402435308d19d98bb2206b31f59d87fdb53023f095308278fc65e1b8160e4171f9fda2b89e0d8853", 0xe5}, {&(0x7f0000000880)="f1831c31bd29a75f503a337c6af64ebac802eecbfa04b21b4a138befbee59fea848f711f4849f8b02ec091198fab2dbaaa0d5eac2f02ab2b47dd174c13dfc3fd2278061b02c4aa46dfb2df8539cbf14bcac677eb2f43a84ac7fc6638d0616cee37969b1069c189c6450fc84760b2da250f148e971ca714ea93d73459e363bd8cf85107f9e076bccd56e2836090d44195220eebc60e60", 0x96}, {&(0x7f0000000980)="84e07893acd4785a6435021cb26f04d9d02a7a1b5d8928df84995429a5bb7628f9eab5e85753bfecc87d0ca0895927a2530f79a99ab5535516056476063082e2866d54151121edfbd5c22cb730201f451d5e8361b02ddf43807c065e7a1e54c9fa56e507e7629764b901dd40d17729b09f6db4c79037a68e180d27af2a3a4a76d4a675dae331a7a629d2ad8b00f9741a826a97484ef63c68641ff6b04e7f0e5d06e87d42058ae38f75438175dad3f2f97872367673b14fc06d900ed537b14ea182535ca60e4ba99f39f7705ad9a83f15bcd55ddd9fffc3932887bf6b", 0xdc}, {&(0x7f0000000a80)="7922b93e47997af9445e5a16f7dac6288d1b10ca2013524f4f3b315c9af82458f9031f6b89d6668d31045de7b6d8a0cf7543473c2fe317480a9e9dbfc52526bd7806a83fb76c7b6db8fea2d4d2e7c1ed0144d63f76ffd6e0628aac4380a741bcf45bafa1c0eabeeb84e330dfef29269cb3d823f552cb4245de900545a4b49501d75c2b9ff45aadcf97e28e045960f30c454c1788a2308ec1e79eec7d48362031f2b28e38afcb4352f1a2a4fce695c924cf0646c5bd23dbe1d566bbeb3d362eb31e27e116c64af92284467c6c098f127d31d50c047f06afd1c34255c8ba41cc1fbdbff05e65b91bfc17bdd3c8de37a39f85381d64c66798", 0xf7}], 0x9)
r6 = add_key$keyring(&(0x7f0000000800), &(0x7f0000000840)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$get_persistent(0x16, 0xffffffffffffffff, r6)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r7 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4001, &(0x7f0000000000)=0x1, 0x7, 0x0)
remap_file_pages(&(0x7f0000ff9000/0x7000)=nil, 0x7000, 0x0, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000080), 0x3, 0x105101)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r7, 0xc4c85512, &(0x7f0000000280)={{0xd, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd]})

1.263855763s ago: executing program 0 (id=4487):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="0406000000000000005872133b22b9441a168f2463fce7e35d03"], 0x1a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req={0x8000, 0xffffffff, 0x2, 0x8000}, 0x10)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="62000000000000007b0a00ff000000001d0a000000000000950000000000000018100000", @ANYRES32, @ANYBLOB="100000002500000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0xa, 0xffa0, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x47, 0x10, 0x0, 0x1e}, 0x2d)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
open(0x0, 0x0, 0x0)
syz_open_dev$video(&(0x7f0000003d00), 0x9, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000180))

1.073550192s ago: executing program 0 (id=4488):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet_sctp(0x2, 0x0, 0x84)
r0 = socket(0xa, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x2, 0x230, [0x4100, 0x0, 0x0, 0x0, 0x0, 0x200004c0], 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000050000000000000000000000000000feffffff01000000030000000000000081006e7230000000000000002000000000007465616d300000000000000000000020766c616e30000000000000004000000076657468305f746f5f7465616d000000aaaaaaf991bb000000000000aaaaaaaaaabb0000000000000000d0000000d000000000010000766c616e0069df4e5100000000000000000000079ba316000000000000000000080000000000000208000000892f0700636f6e6e6c6162656c000000000000000000e5ffffff00000000000020000000080000000000000000000000000000004e465154455545000000000000000000000000000000000000000000000000000800000000000000000800000000000400000000000000000000000080000000000000000000000001fcffffffffffff0000000001000000ffffffff000000000000000000000000000400000000efff000000000000000000000000000000000000000001000000feffffff010000000b00006b90088754ea234d6f6e6430000000000000000000000074489c4c2c0000000000000000000000626f6e64300000ff000000000000000076657468315f744d8abdc76964676500aaaaaaaaaabb0000000000e7feffffffffff00000008000000007000000070000000a0000000434f4e4e5345434d3c964de64039918d16289341524b0000000020827903000000000000000000000000000804000000"]}, 0x2a8)

107.005077ms ago: executing program 0 (id=4489):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={&(0x7f0000000300)=@phonet={0x23, 0x8, 0x0, 0x9}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000380)="96", 0x1}], 0x1}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@newqdisc={0x80, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x5, 0x4, 0x6, 0x7, 0x3}, 0xd0f, 0x1, 0x16d6, 0x7, 0x1, 0x0, 0xe, 0x1a, 0x1, 0x6, {0x6, 0xe2da, 0x75a, 0x7, 0x6, 0xc64}}}}]}, 0x80}}, 0x0)

0s ago: executing program 0 (id=4490):
sendmmsg$sock(0xffffffffffffffff, &(0x7f00000003c0), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140))
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f000000a040)=[{{0x0, 0x0, &(0x7f0000003f00)=[{&(0x7f0000000e40)="958d805bf14fbf04e1b3d1e9be4f8326a1d9b63a455073da21a008f67e69228331793783eaae1d33c81a8f2b1e36d3e15c1d298c543326377169b8dc908f10ec82be00df5b8f9097d8ca8fc9fedd586783e79d2de778fb6ad54f6e882fcdf4e6823b1d39807b0efb0a9f00ee6411d8329c82ecbc2be25dd70e6197c3f7b569581c88ba3e1293997a7cf04d0cb5f90eabc7321dccfcad5f112c30b08f6b1ad6874ed256562e3d63ffd7865d46e53df1ef858bc60ba1ad9867f0326dbcbbca3e463fe295f07df1111c57023a8d9d8cae73bfaa5ec45517f6b51bed2444110c2c84ef8a2407145dae8fb5bf47218b272f82529f2cc5b350a96980a63ca16ed42a09d3ea39459ac81302f73cb25a0f3691b8d759613aa72967c4d516fb1a2ccf7c6cec0273768bb849b9eaebc23ee729e0bf06bcac13cc9683bc616b8a4e5077c0d59cd6e2f7e0e95d856b0779873e50d3f03f3272aa8f7e33f7268d8932485b05a713bde55cb5e1654fdad201713bcedb681f6f54a12cd9decbba8441c41919dd3b7b0a0acf6ff93a229729a875b0a0ca44a2e492e700433c1b5749a905c93a7350420cf93132146df1d3bb01c1e8cd8c27a27be3cedb1681bff806899d1392fd2f4db8e3a0dceb0b8f11fe916634701452e6fbdaad62df0d5d94dac750a3ef7e4e15f883ee43b477c12aba8461710781f36c6540efcb827a2a5ebccd25b7892fcbb70c9cf13e71f8037ba448a68314236ce3841679da4082817f68c3bd549a9ca55f83bef2fc216ec6c275a01054e35e7ee1ef74def105755fb7a07d82b62ae6186cb6ab86ad6405a8a4eef879c146e60c4cf79a5f90e5586b7eb288e29835c8697dbf8e63fa4e8215abf7764882cc81a680c9f72bac28bb86efe2c87fda5d510de157f23f504a0da6e649b05ffbedfb3a59a5965f039530ac8c4f053904c08d4c02a2c3ed7691da14e6e712a8e221a2f638df3ae1aa2d7f42414143308fddb30f62c0b56449e9118b5ff9f4eeafecc49ab239750e823ac21af0a8c2891c9ec930daa139ec40fc5a894de2e67c49b19a458032c5809ba3c5a3f1db49f07c488ecfc5c3bb6f2d2f8152b1bc03b362a979b4567e173d9fd7d8e935e8610370c25b634f7874936bec5dd984baf6604a020e5b50bd471309f3d78ab3e7b9b21d80684d0905f788", 0x344}, {&(0x7f0000002e40)="92109e91e19e53f9fb273a91e4064e6047e8a1b784e9f88dad09db1855fde00124dc87cb3e460cad18abbdd31ce629fe83bddf6b08c3fbbf716d5010804aee5fae63ea7fc037c4d07102a207f7b9cb37cbb026c5ec2a4ef475644f1153bf39d3661153a2e2c5", 0x66}], 0x2, &(0x7f0000005300)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r3], 0x78, 0x24000010}}], 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r4, 0x0, 0x0)
sendmmsg$inet(r4, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_buf(r4, 0x0, 0x28, 0x0, 0x0)
syz_usb_connect$hid(0x5, 0x3f, &(0x7f0000000300)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x224, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x5, 0xb0, 0x3, [{{0x9, 0x4, 0x0, 0xd0, 0x2, 0x3, 0x1, 0x1, 0x63, {0x9, 0x21, 0x9875, 0xa6, 0x1, {0x22, 0x902}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x4, 0x73, 0x2}}, [{{0x9, 0x5, 0x2, 0x3, 0x10, 0x0, 0x81, 0x5}}]}}}]}}]}}, &(0x7f00000008c0)={0xa, &(0x7f0000000340)={0xa, 0x6, 0x200, 0x2, 0x0, 0x6, 0x10, 0x9}, 0xb5, &(0x7f0000000900)=ANY=[@ANYBLOB="050fb500030710020a2708019f100a5b529d692abdc04a87d6c1b9a6c852e6e1eca991213f259e2f9e4e7d772515c3a91a5b578e7c4640616f0d12e56c473611cb60739fbe3f0f5172d5964553083678c5288b886df688a8cc69a74fef8638a8e510c25e8470274d26f391da67513ba37e7f000000219b29fad9a026067c92209f7e0081eaed32af37f6141741a46322091e2e43767cd99fe924d582db998a1ec96f3d9a441b5b6a9ab4d20a100302050007000700302fe953e7cd4e4314d387bddc35b3541e62ee8adde72621ab4548ec24af3ac7287db6d5da417a13807499ef9d9448d0e3eb2ecac4703209db62dd90f80990460bbeeb09257f201435bf7646068a57e67fe641d6b9667aa19a93d239729438134d2d9c68a0b89c7cbb0faba7be83b3ca080cdb66c324083cdeb6f62a6af79271497506"], 0x1, [{0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0xc04}}]})
sendmmsg$inet6(r0, &(0x7f0000000a40)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000001b00)=ANY=[@ANYBLOB="1800000000000000290000003600000048e0000000000000"], 0x18}}, {{0x0, 0x0, &(0x7f0000001480)=[{0x0}], 0x1}}, {{&(0x7f00000015c0)={0xa, 0x0, 0x3, @local}, 0x1c, &(0x7f0000001a40)=[{0x0}, {&(0x7f0000001640)="88", 0x1}], 0x2}, 0x58f0}, {{0x0, 0x0, 0x0}}], 0x4, 0xc080)
r5 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x1)
ioctl$KDFONTOP_COPY(r5, 0x4b72, &(0x7f0000000180)={0x3, 0x1, 0xe, 0x19, 0x4f, &(0x7f0000000400)})
socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000200)={'bridge_slave_1\x00', &(0x7f00000001c0)=@ethtool_gfeatures={0x3a, 0x3, [{}, {}, {}]}})
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
openat$cgroup(r6, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'geneve1\x00'})

kernel console output (not intermixed with test programs):

t 20000 - 0
[  898.551945][T22617] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  898.560770][T22617] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  898.577439][T22617] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  898.598620][T22617] netdevsim netdevsim4 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  898.610170][T22617] netdevsim netdevsim4 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  898.619910][T22617] netdevsim netdevsim4 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  898.639316][T22617] netdevsim netdevsim4 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  898.660505][T22617] geneve2: entered promiscuous mode
[  898.670235][T22617] geneve2: entered allmulticast mode
[  898.830196][ T5137] usb 4-1: USB disconnect, device number 116
[  898.882914][T22632] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4049'.
[  899.402588][ T5137] usb 4-1: new high-speed USB device number 117 using dummy_hcd
[  899.555218][T22644] FAULT_INJECTION: forcing a failure.
[  899.555218][T22644] name failslab, interval 1, probability 0, space 0, times 0
[  899.622561][T22644] CPU: 1 PID: 22644 Comm: syz.0.4052 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[  899.632726][T22644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  899.642768][T22644] Call Trace:
[  899.646033][T22644]  <TASK>
[  899.648945][T22644]  dump_stack_lvl+0x241/0x360
[  899.653616][T22644]  ? __pfx_dump_stack_lvl+0x10/0x10
[  899.658798][T22644]  ? __pfx__printk+0x10/0x10
[  899.663374][T22644]  ? ref_tracker_alloc+0x332/0x490
[  899.668472][T22644]  should_fail_ex+0x3b0/0x4e0
[  899.673147][T22644]  ? skb_clone+0x20c/0x390
[  899.677556][T22644]  should_failslab+0x9/0x20
[  899.682055][T22644]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  899.687456][T22644]  skb_clone+0x20c/0x390
[  899.691732][T22644]  __netlink_deliver_tap+0x3cc/0x7c0
[  899.697032][T22644]  ? netlink_deliver_tap+0x2e/0x1b0
[  899.702215][T22644]  netlink_deliver_tap+0x19d/0x1b0
[  899.707310][T22644]  netlink_unicast+0x7b8/0x980
[  899.712089][T22644]  ? __pfx_netlink_unicast+0x10/0x10
[  899.717356][T22644]  ? __virt_addr_valid+0x183/0x520
[  899.722454][T22644]  ? __check_object_size+0x49c/0x900
[  899.727721][T22644]  ? bpf_lsm_netlink_send+0x9/0x10
[  899.732833][T22644]  netlink_sendmsg+0x8db/0xcb0
[  899.737629][T22644]  ? __pfx_netlink_sendmsg+0x10/0x10
[  899.742905][T22644]  ? __import_iovec+0x536/0x820
[  899.747740][T22644]  ? aa_sock_msg_perm+0x91/0x160
[  899.752669][T22644]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  899.757935][T22644]  ? security_socket_sendmsg+0x87/0xb0
[  899.763378][T22644]  ? __pfx_netlink_sendmsg+0x10/0x10
[  899.768643][T22644]  __sock_sendmsg+0x221/0x270
[  899.773308][T22644]  ____sys_sendmsg+0x525/0x7d0
[  899.778057][T22644]  ? __pfx_____sys_sendmsg+0x10/0x10
[  899.783353][T22644]  __sys_sendmsg+0x2b0/0x3a0
[  899.787956][T22644]  ? __pfx___sys_sendmsg+0x10/0x10
[  899.793069][T22644]  ? vfs_write+0x7c4/0xc90
[  899.797497][T22644]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  899.803808][T22644]  ? do_syscall_64+0x100/0x230
[  899.808576][T22644]  ? do_syscall_64+0xb6/0x230
[  899.813263][T22644]  do_syscall_64+0xf3/0x230
[  899.817759][T22644]  ? clear_bhb_loop+0x35/0x90
[  899.822423][T22644]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  899.828308][T22644] RIP: 0033:0x7fc0c1175bd9
[  899.832725][T22644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  899.852341][T22644] RSP: 002b:00007fc0c1fa9048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  899.860743][T22644] RAX: ffffffffffffffda RBX: 00007fc0c1304038 RCX: 00007fc0c1175bd9
[  899.868695][T22644] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  899.876660][T22644] RBP: 00007fc0c1fa90a0 R08: 0000000000000000 R09: 0000000000000000
[  899.884631][T22644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  899.892593][T22644] R13: 000000000000006e R14: 00007fc0c1304038 R15: 00007fc0c142fa78
[  899.900559][T22644]  </TASK>
[  899.986792][ T5137] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  900.018560][ T5137] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  900.036752][ T5137] usb 4-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  900.064639][ T5137] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  900.097748][ T5137] usb 4-1: config 0 descriptor??
[  900.651360][T22656] netlink: 4068 bytes leftover after parsing attributes in process `syz.0.4056'.
[  901.688660][T22684] xt_bpf: check failed: parse error
[  901.827295][T22686] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  901.833849][T22686] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  901.854802][T22686] vhci_hcd vhci_hcd.0: Device attached
[  901.885086][T22687] vhci_hcd: connection closed
[  901.909590][   T35] vhci_hcd: stop threads
[  901.938006][   T35] vhci_hcd: release socket
[  901.955005][   T35] vhci_hcd: disconnect device
[  901.963056][T22684] netlink: 'syz.4.4065': attribute type 9 has an invalid length.
[  902.042749][ T5137] usbhid 4-1:0.0: can't add hid device: -71
[  902.069263][ T5137] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  902.095241][ T5137] usb 4-1: USB disconnect, device number 117
[  902.260065][T22693] bridge1: entered promiscuous mode
[  902.265819][T22693] bridge1: entered allmulticast mode
[  902.603497][T22375] Bluetooth: hci1: unexpected event 0x06 length: 23 > 3
[  902.662486][   T81] usb 2-1: new high-speed USB device number 109 using dummy_hcd
[  902.872206][   T81] usb 2-1: Using ep0 maxpacket: 8
[  902.894685][   T81] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  902.937111][   T81] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  902.948796][   T81] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  902.960246][   T81] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  903.034396][   T81] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  903.083258][   T81] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  903.458122][   T81] usb 2-1: GET_CAPABILITIES returned 0
[  903.466712][   T81] usbtmc 2-1:16.0: can't read capabilities
[  903.572118][T22739] xt_bpf: check failed: parse error
[  903.741245][T22744] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  903.747774][T22744] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  903.777114][T22744] vhci_hcd vhci_hcd.0: Device attached
[  903.819211][T22745] vhci_hcd: connection closed
[  903.819403][ T1106] vhci_hcd: stop threads
[  903.830896][ T1106] vhci_hcd: release socket
[  903.872173][ T1106] vhci_hcd: disconnect device
[  903.882163][T22737] netlink: 'syz.4.4083': attribute type 9 has an invalid length.
[  904.073444][    T9] usb 4-1: new full-speed USB device number 118 using dummy_hcd
[  904.280855][    T9] usb 4-1: config 1 interface 0 altsetting 8 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[  904.311568][    T9] usb 4-1: config 1 interface 0 has no altsetting 0
[  904.340182][    T9] usb 4-1: string descriptor 0 read error: -22
[  904.349585][    T9] usb 4-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.40
[  904.389748][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  904.427623][T22747] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  904.671943][T21892] Bluetooth: hci1: command 0x2046 tx timeout
[  904.672496][T22375] Bluetooth: hci1: Opcode 0x2046 failed: -110
[  904.831099][    T9] usbhid 4-1:1.0: can't add hid device: -71
[  904.872392][    T9] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  904.881394][T22375] Bluetooth: hci5: unexpected event 0x06 length: 23 > 3
[  904.954768][    T9] usb 4-1: USB disconnect, device number 118
[  905.392907][   T81] usb 2-1: USB disconnect, device number 109
[  905.680860][T21892] Bluetooth: hci1: unexpected event 0x06 length: 23 > 3
[  906.371928][ T5097] usb 2-1: new high-speed USB device number 110 using dummy_hcd
[  906.499210][T22792] xt_bpf: check failed: parse error
[  906.590737][T22788] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[  906.597263][T22788] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  906.604507][ T5097] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  906.624015][ T5097] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  906.657016][T22788] vhci_hcd vhci_hcd.0: Device attached
[  906.686020][T22795] vhci_hcd: connection closed
[  906.687415][ T2470] vhci_hcd: stop threads
[  906.706083][T22788] netlink: 'syz.4.4097': attribute type 9 has an invalid length.
[  906.706979][ T5097] usb 2-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  906.752215][ T2470] vhci_hcd: release socket
[  906.770009][ T2470] vhci_hcd: disconnect device
[  906.791843][ T5097] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  906.820277][ T5097] usb 2-1: config 0 descriptor??
[  906.912081][T22375] Bluetooth: hci5: Opcode 0x2046 failed: -110
[  906.912182][T21892] Bluetooth: hci5: command 0x2046 tx timeout
[  907.408260][T21892] Bluetooth: hci3: unexpected event 0x06 length: 23 > 3
[  907.593535][ T5097] hid-led 0003:1D34:000A.0025: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.1-1/input0
[  907.656651][ T5097] hid-led 0003:1D34:000A.0025: Dream Cheeky Webmail Notifier initialized
[  908.513046][T22835] xt_bpf: check failed: parse error
[  908.623811][T22833] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  908.630332][T22833] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  908.652532][T22833] vhci_hcd vhci_hcd.0: Device attached
[  908.779908][T22839] vhci_hcd: connection closed
[  908.826023][   T12] vhci_hcd: stop threads
[  908.841429][T22833] netlink: 'syz.0.4111': attribute type 9 has an invalid length.
[  908.887534][   T12] vhci_hcd: release socket
[  908.937867][   T12] vhci_hcd: disconnect device
[  909.002152][ T5146] usb 10-1: enqueue for inactive port 0
[  909.075589][T22849] FAULT_INJECTION: forcing a failure.
[  909.075589][T22849] name failslab, interval 1, probability 0, space 0, times 0
[  909.088266][T22849] CPU: 1 PID: 22849 Comm: syz.4.4115 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[  909.098405][T22849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  909.108472][T22849] Call Trace:
[  909.111737][T22849]  <TASK>
[  909.114661][T22849]  dump_stack_lvl+0x241/0x360
[  909.119335][T22849]  ? __pfx_dump_stack_lvl+0x10/0x10
[  909.124518][T22849]  ? __pfx__printk+0x10/0x10
[  909.129097][T22849]  should_fail_ex+0x3b0/0x4e0
[  909.133777][T22849]  ? dst_alloc+0x12b/0x190
[  909.138174][T22849]  should_failslab+0x9/0x20
[  909.142674][T22849]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  909.148066][T22849]  ? __pfx_rt6_find_cached_rt+0x10/0x10
[  909.153603][T22849]  ? __pfx_ip6_dst_gc+0x10/0x10
[  909.158439][T22849]  dst_alloc+0x12b/0x190
[  909.162672][T22849]  ip6_pol_route+0xb87/0x15d0
[  909.167338][T22849]  ? ip6_pol_route+0x198/0x15d0
[  909.172186][T22849]  ? __pfx_ip6_pol_route+0x10/0x10
[  909.177287][T22849]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  909.183250][T22849]  fib6_rule_lookup+0x58c/0x790
[  909.188085][T22849]  ? __pfx_ip6_pol_route_input+0x10/0x10
[  909.193704][T22849]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  909.199064][T22849]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[  909.204242][T22849]  ? nf_conntrack_in+0x15e6/0x1880
[  909.209343][T22849]  ip6_route_input+0x859/0xd90
[  909.214096][T22849]  ? __pfx_ip6_route_input+0x10/0x10
[  909.219375][T22849]  ? __pfx_lock_release+0x10/0x10
[  909.224385][T22849]  ? ip6_rcv_finish_core+0x20f/0x410
[  909.229650][T22849]  ip6_rcv_finish+0x144/0x180
[  909.234308][T22849]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  909.239495][T22849]  NF_HOOK+0x3a4/0x450
[  909.243564][T22849]  ? skb_orphan+0x4b/0xd0
[  909.247904][T22849]  ? NF_HOOK+0x9a/0x450
[  909.252044][T22849]  ? __pfx_NF_HOOK+0x10/0x10
[  909.256633][T22849]  ? __pfx_ip6_rcv_finish+0x10/0x10
[  909.261818][T22849]  ? __pfx_ipv6_rcv+0x10/0x10
[  909.266476][T22849]  __netif_receive_skb+0x1ea/0x650
[  909.271577][T22849]  ? __pfx_lock_acquire+0x10/0x10
[  909.276586][T22849]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  909.282813][T22849]  ? __pfx___netif_receive_skb+0x10/0x10
[  909.288430][T22849]  ? __kasan_slab_alloc+0x66/0x80
[  909.293466][T22849]  ? read_tsc+0x9/0x20
[  909.297543][T22849]  ? timekeeping_get_ns+0x2c0/0x420
[  909.302738][T22849]  ? netif_receive_skb+0x131/0x890
[  909.307832][T22849]  ? netif_receive_skb+0x131/0x890
[  909.312927][T22849]  netif_receive_skb+0x1e8/0x890
[  909.317865][T22849]  ? tun_rx_batched+0x160/0x8f0
[  909.322700][T22849]  ? __pfx_netif_receive_skb+0x10/0x10
[  909.328145][T22849]  ? tun_rx_batched+0x160/0x8f0
[  909.332977][T22849]  tun_rx_batched+0x1b7/0x8f0
[  909.337638][T22849]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  909.342403][    T9] usb 3-1: new high-speed USB device number 107 using dummy_hcd
[  909.343945][T22849]  ? __pfx_lock_acquire+0x10/0x10
[  909.356565][T22849]  ? __pfx_tun_rx_batched+0x10/0x10
[  909.361796][T22849]  tun_get_user+0x2f35/0x4560
[  909.366483][T22849]  ? tun_get_user+0x2a2f/0x4560
[  909.371348][T22849]  ? __pfx_tun_get_user+0x10/0x10
[  909.376382][T22849]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  909.381861][T22849]  ? tun_get+0x1e/0x2f0
[  909.386029][T22849]  ? tun_get+0x1e/0x2f0
[  909.390191][T22849]  ? tun_get+0x27d/0x2f0
[  909.394443][T22849]  tun_chr_write_iter+0x113/0x1f0
[  909.399483][T22849]  vfs_write+0xa72/0xc90
[  909.403747][T22849]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  909.409293][T22849]  ? __pfx_vfs_write+0x10/0x10
[  909.414075][T22849]  ksys_write+0x1a0/0x2c0
[  909.418413][T22849]  ? __pfx_ksys_write+0x10/0x10
[  909.423259][T22849]  ? do_syscall_64+0x100/0x230
[  909.428022][T22849]  ? do_syscall_64+0xb6/0x230
[  909.432700][T22849]  do_syscall_64+0xf3/0x230
[  909.437208][T22849]  ? clear_bhb_loop+0x35/0x90
[  909.441880][T22849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  909.447789][T22849] RIP: 0033:0x7f94e237475f
[  909.452204][T22849] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  909.471807][T22849] RSP: 002b:00007f94e3138010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  909.480233][T22849] RAX: ffffffffffffffda RBX: 00007f94e2503f60 RCX: 00007f94e237475f
[  909.488215][T22849] RDX: 000000000000007a RSI: 0000000020000280 RDI: 00000000000000c8
[  909.492159][T22375] Bluetooth: hci3: command 0x2046 tx timeout
[  909.496167][T22849] RBP: 00007f94e31380a0 R08: 0000000000000000 R09: 0000000000000000
[  909.496183][T22849] R10: 000000000000007a R11: 0000000000000293 R12: 0000000000000001
[  909.496197][T22849] R13: 000000000000000b R14: 00007f94e2503f60 R15: 00007f94e262fa78
[  909.496228][T22849]  </TASK>
[  909.554097][T21892] Bluetooth: hci3: Opcode 0x2046 failed: -110
[  909.582793][ T5097] usb 2-1: USB disconnect, device number 110
[  909.613029][ T5146] usb usb10-port1: attempt power cycle
[  909.770909][T21892] Bluetooth: hci2: unexpected event 0x06 length: 23 > 3
[  909.783732][    T9] usb 3-1: Using ep0 maxpacket: 8
[  909.824609][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  909.878383][    T9] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  909.907777][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  909.943453][    T9] usb 3-1: config 0 descriptor??
[  909.983372][    T9] gspca_main: vc032x-2.14.0 probing 046d:0892
[  910.169496][   T29] audit: type=1326 audit(1720546849.233:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22856 comm="syz.3.4118" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1507f75bd9 code=0x0
[  910.293654][ T5146] usb usb10-port1: unable to enumerate USB device
[  911.230547][    T9] gspca_vc032x: reg_w err -71
[  911.235567][    T9] vc032x 3-1:0.0: probe with driver vc032x failed with error -71
[  911.259854][    T9] usb 3-1: USB disconnect, device number 107
[  911.284056][T14617] usb 4-1: new high-speed USB device number 119 using dummy_hcd
[  911.523196][T14617] usb 4-1: Using ep0 maxpacket: 16
[  911.543949][T14617] usb 4-1: New USB device found, idVendor=2770, idProduct=9050, bcdDevice=11.97
[  911.565118][T14617] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  911.595808][T14617] usb 4-1: config 0 descriptor??
[  911.615124][T14617] gspca_main: sq905c-2.14.0 probing 2770:9050
[  912.142509][T14617] gspca_sq905c: sq905c_command: usb_control_msg failed (-110)
[  912.180685][T14617] sq905c 4-1:0.0: Get version command failed
[  912.210301][T14617] sq905c 4-1:0.0: probe with driver sq905c failed with error -110
[  912.220800][T22897] xt_bpf: check failed: parse error
[  912.287185][T22897] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  912.293718][T22897] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  912.354913][T22897] vhci_hcd vhci_hcd.0: Device attached
[  912.361606][ T5097] usb 4-1: USB disconnect, device number 119
[  912.372651][T22899] vhci_hcd: connection closed
[  912.382655][T22901] netlink: 'syz.1.4130': attribute type 9 has an invalid length.
[  912.432944][ T1091] vhci_hcd: stop threads
[  912.437305][ T1091] vhci_hcd: release socket
[  912.474853][ T1091] vhci_hcd: disconnect device
[  912.598113][T22907] netlink: 4076 bytes leftover after parsing attributes in process `syz.4.4133'.
[  913.059408][T22920] IPVS: Scheduler module ip_vs_ not found
[  913.092124][ T5146] usb 5-1: new full-speed USB device number 100 using dummy_hcd
[  913.293907][ T5146] usb 5-1: config 1 interface 0 altsetting 8 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[  913.313134][ T5146] usb 5-1: config 1 interface 0 has no altsetting 0
[  913.325492][ T5146] usb 5-1: string descriptor 0 read error: -22
[  913.331980][ T5146] usb 5-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.40
[  913.344298][ T5146] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  913.362727][T22915] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  913.463309][ T5143] usb 3-1: new full-speed USB device number 108 using dummy_hcd
[  913.665676][ T5146] usbhid 5-1:1.0: can't add hid device: -71
[  913.687556][ T5143] usb 3-1: config 1 interface 0 altsetting 8 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[  913.698682][ T5146] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  913.710735][ T5143] usb 3-1: config 1 interface 0 has no altsetting 0
[  913.741273][ T5146] usb 5-1: USB disconnect, device number 100
[  913.805456][ T5143] usb 3-1: string descriptor 0 read error: -22
[  913.818789][   T29] audit: type=1326 audit(1720546852.883:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22932 comm="syz.0.4142" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc0c1175bd9 code=0x0
[  913.848164][ T5143] usb 3-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice= 0.40
[  913.868212][ T5143] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  913.895914][T22929] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  914.049483][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  914.149137][ T5143] usbhid 3-1:1.0: can't add hid device: -71
[  914.174357][ T5143] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  914.201729][ T5143] usb 3-1: USB disconnect, device number 108
[  914.259707][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  914.377637][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  914.673793][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  914.731253][T22375] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  914.743664][T22375] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  914.751692][T22375] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  914.788908][T22375] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  914.798027][T22375] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  914.811302][T22943] hsr0: entered promiscuous mode
[  914.819033][T22375] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  914.866148][T22943] macsec1: entered promiscuous mode
[  914.871615][T22943] macsec1: entered allmulticast mode
[  914.954684][T22943] hsr0: entered allmulticast mode
[  914.983126][T22943] hsr_slave_0: entered allmulticast mode
[  914.991448][T22956] xt_bpf: check failed: parse error
[  915.013203][T22943] hsr_slave_1: entered allmulticast mode
[  915.052189][T22943] hsr0: left allmulticast mode
[  915.057047][T22943] hsr_slave_0: left allmulticast mode
[  915.075636][T22943] hsr_slave_1: left allmulticast mode
[  915.107055][T22961] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  915.113603][T22961] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  915.132267][ T5137] usb 2-1: new high-speed USB device number 111 using dummy_hcd
[  915.142084][T22961] vhci_hcd vhci_hcd.0: Device attached
[  915.168664][T22962] vhci_hcd: connection closed
[  915.168914][   T12] vhci_hcd: stop threads
[  915.188438][   T12] vhci_hcd: release socket
[  915.244897][T22961] netlink: 'syz.0.4147': attribute type 9 has an invalid length.
[  915.253056][   T12] vhci_hcd: disconnect device
[  915.334746][ T5137] usb 2-1: config 4 has too many interfaces: 196, using maximum allowed: 32
[  915.352102][ T5137] usb 2-1: config 4 has 1 interface, different from the descriptor's value: 196
[  915.379175][ T5137] usb 2-1: New USB device found, idVendor=0cf3, idProduct=7010, bcdDevice=92.9f
[  915.422650][ T5137] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  915.443589][ T5137] usb 2-1: Product: syz
[  915.462788][ T5137] usb 2-1: Manufacturer: syz
[  915.478376][ T5137] usb 2-1: SerialNumber: syz
[  915.486314][   T35] bridge_slave_1: left allmulticast mode
[  915.518544][   T35] bridge_slave_1: left promiscuous mode
[  915.546813][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  915.590032][   T35] bridge_slave_0: left allmulticast mode
[  915.621992][   T35] bridge_slave_0: left promiscuous mode
[  915.629755][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  915.827211][ T5097] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[  915.935063][ T5137] usb 2-1: ath9k_htc: Device endpoint numbers are not the expected ones
[  915.987938][ T5137] usb 2-1: USB disconnect, device number 111
[  916.021948][ T5097] usb 3-1: Using ep0 maxpacket: 8
[  916.060713][ T5097] usb 3-1: config 4 has an invalid interface number: 216 but max is 1
[  916.080960][ T5097] usb 3-1: config 4 has no interface number 1
[  916.103703][ T5097] usb 3-1: config 4 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  916.130982][ T5097] usb 3-1: config 4 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  916.153311][ T5097] usb 3-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice=1d.68
[  916.186821][ T5097] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  916.199875][ T5097] usb 3-1: Product: syz
[  916.224790][ T5097] usb 3-1: Manufacturer: syz
[  916.229414][ T5097] usb 3-1: SerialNumber: syz
[  916.275545][ T5097] r8712u: register rtl8712_netdev_ops to netdev_ops
[  916.283601][ T5097] usb 3-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[  916.471093][T22969] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  916.488110][T22969] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  916.542119][ T5097] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed
[  916.562134][ T5097] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  916.581890][ T5097] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  916.640159][ T5097] r8712u: register rtl8712_netdev_ops to netdev_ops
[  916.661267][ T5097] usb 3-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[  916.679574][ T5097] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed
[  916.699373][ T5097] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  916.732212][ T5097] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  916.774276][ T5097] usb 3-1: USB disconnect, device number 109
[  916.892258][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  916.922041][T22375] Bluetooth: hci1: command tx timeout
[  916.928561][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  916.972373][   T35] bond0 (unregistering): Released all slaves
[  917.318437][   T29] audit: type=1326 audit(1720546856.393:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23005 comm="syz.1.4157" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5a91575bd9 code=0x0
[  918.613790][T21892] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  918.624192][T21892] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  918.633181][T21892] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  918.644199][T21892] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  918.655198][T21892] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  918.669588][T21892] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  918.720199][T22954] chnl_net:caif_netlink_parms(): no params data found
[  918.760308][   T29] audit: type=1326 audit(1720546857.833:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23036 comm="syz.0.4162" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc0c1175bd9 code=0x0
[  918.814742][T23044] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4163'.
[  918.914325][   T35] hsr_slave_0: left promiscuous mode
[  918.949666][   T35] hsr_slave_1: left promiscuous mode
[  918.973848][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  918.986516][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  918.992341][T22375] Bluetooth: hci1: command tx timeout
[  919.004522][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  919.016518][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  919.043525][   T35] veth1_macvtap: left promiscuous mode
[  919.049294][   T35] veth0_macvtap: left promiscuous mode
[  919.055185][   T35] veth1_vlan: left promiscuous mode
[  919.060655][   T35] veth0_vlan: left promiscuous mode
[  919.940718][   T35] team0 (unregistering): Port device team_slave_1 removed
[  919.991429][   T35] team0 (unregistering): Port device team_slave_0 removed
[  920.577889][T23053] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4164'.
[  920.752008][T22375] Bluetooth: hci3: command tx timeout
[  920.879878][T22954] bridge0: port 1(bridge_slave_0) entered blocking state
[  920.895477][T22954] bridge0: port 1(bridge_slave_0) entered disabled state
[  920.907854][T22954] bridge_slave_0: entered allmulticast mode
[  920.915799][T22954] bridge_slave_0: entered promiscuous mode
[  920.955015][T22954] bridge0: port 2(bridge_slave_1) entered blocking state
[  920.962533][T22954] bridge0: port 2(bridge_slave_1) entered disabled state
[  920.977542][T22954] bridge_slave_1: entered allmulticast mode
[  920.992058][    T9] usb 2-1: new high-speed USB device number 112 using dummy_hcd
[  921.009607][T22954] bridge_slave_1: entered promiscuous mode
[  921.072164][T22375] Bluetooth: hci1: command tx timeout
[  921.124982][T22954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  921.164035][T22954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  921.220916][T22954] team0: Port device team_slave_0 added
[  921.222642][    T9] usb 2-1: Using ep0 maxpacket: 8
[  921.260658][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  921.271242][    T9] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  921.280687][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  921.293422][    T9] usb 2-1: config 0 descriptor??
[  921.301585][    T9] gspca_main: vc032x-2.14.0 probing 046d:0892
[  921.318389][T22954] team0: Port device team_slave_1 added
[  921.366722][T22954] batman_adv: batadv0: Adding interface: batadv_slave_0
[  921.374664][T22954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  921.404055][T22954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  921.417162][T22954] batman_adv: batadv0: Adding interface: batadv_slave_1
[  921.424197][T22954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  921.450152][T22954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  921.516571][T23045] chnl_net:caif_netlink_parms(): no params data found
[  921.546434][T22954] hsr_slave_0: entered promiscuous mode
[  921.563625][T22954] hsr_slave_1: entered promiscuous mode
[  921.801137][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  921.967718][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  922.046844][T23045] bridge0: port 1(bridge_slave_0) entered blocking state
[  922.061977][T23045] bridge0: port 1(bridge_slave_0) entered disabled state
[  922.080068][T23045] bridge_slave_0: entered allmulticast mode
[  922.098061][T23045] bridge_slave_0: entered promiscuous mode
[  922.112986][T23045] bridge0: port 2(bridge_slave_1) entered blocking state
[  922.130048][T23045] bridge0: port 2(bridge_slave_1) entered disabled state
[  922.139758][T23045] bridge_slave_1: entered allmulticast mode
[  922.149074][T23045] bridge_slave_1: entered promiscuous mode
[  922.205036][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  922.307754][   T29] audit: type=1326 audit(1720546861.383:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23110 comm="syz.2.4174" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57f9775bd9 code=0x0
[  922.425592][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  922.486893][T23045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  922.545198][    T9] gspca_vc032x: reg_w err -71
[  922.553161][    T9] vc032x 2-1:0.0: probe with driver vc032x failed with error -71
[  922.564389][T23045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  922.580331][    T9] usb 2-1: USB disconnect, device number 112
[  922.701207][T23045] team0: Port device team_slave_0 added
[  922.745171][T23045] team0: Port device team_slave_1 added
[  922.832239][T22375] Bluetooth: hci3: command tx timeout
[  922.981247][T23045] batman_adv: batadv0: Adding interface: batadv_slave_0
[  922.988502][T23045] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  923.017625][T23045] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  923.030439][T23045] batman_adv: batadv0: Adding interface: batadv_slave_1
[  923.051040][T23045] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  923.077652][T23045] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  923.152311][T22375] Bluetooth: hci1: command tx timeout
[  923.291404][   T35] bridge_slave_1: left allmulticast mode
[  923.299035][   T35] bridge_slave_1: left promiscuous mode
[  923.311709][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  923.335316][   T35] bridge_slave_0: left allmulticast mode
[  923.340949][   T35] bridge_slave_0: left promiscuous mode
[  923.371241][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  923.666397][ T5144] usb 2-1: new high-speed USB device number 113 using dummy_hcd
[  923.862011][ T5144] usb 2-1: Using ep0 maxpacket: 16
[  923.875958][ T5144] usb 2-1: config 1 interface 0 altsetting 208 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  923.888327][ T5144] usb 2-1: config 1 interface 0 has no altsetting 0
[  923.993700][ T5144] usb 2-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.40
[  924.003275][ T5144] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  924.011371][ T5144] usb 2-1: Product: syz
[  924.021862][ T5144] usb 2-1: Manufacturer: syz
[  924.026489][ T5144] usb 2-1: SerialNumber: syz
[  924.106838][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  924.140406][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  924.168288][   T35] bond0 (unregistering): Released all slaves
[  924.403356][T23045] hsr_slave_0: entered promiscuous mode
[  924.405079][ T5144] usbhid 2-1:1.0: can't add hid device: -71
[  924.417759][T23045] hsr_slave_1: entered promiscuous mode
[  924.418328][ T5144] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  924.436522][T23045] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  924.443886][ T5144] usb 2-1: USB disconnect, device number 113
[  924.476616][T23045] Cannot create hsr debugfs directory
[  924.764717][   T35] hsr_slave_0: left promiscuous mode
[  924.782131][   T35] hsr_slave_1: left promiscuous mode
[  924.790889][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  924.805807][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  924.818361][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  924.828447][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  924.875937][   T35] veth1_macvtap: left promiscuous mode
[  924.881629][   T35] veth0_macvtap: left promiscuous mode
[  924.887988][   T35] veth1_vlan: left promiscuous mode
[  924.893538][   T35] veth0_vlan: left promiscuous mode
[  924.912478][T22375] Bluetooth: hci3: command tx timeout
[  925.403725][   T29] audit: type=1326 audit(1720546864.483:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23151 comm="syz.0.4183" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc0c1175bd9 code=0x0
[  925.656862][   T35] team0 (unregistering): Port device team_slave_1 removed
[  925.741522][   T35] team0 (unregistering): Port device team_slave_0 removed
[  926.443943][T22954] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  926.466559][T22954] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  926.519854][T22954] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  926.667890][T22954] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  926.993673][T22375] Bluetooth: hci3: command tx timeout
[  927.351311][   T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  927.398340][T21892] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  927.409200][T21892] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  927.430091][T21892] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  927.440866][T21892] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  927.451931][T21892] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  927.461009][T21892] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  927.534655][   T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  927.586247][T22954] 8021q: adding VLAN 0 to HW filter on device bond0
[  927.642807][   T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  927.754905][   T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  927.796229][T23045] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  927.815480][T23045] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  927.829705][T23045] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  927.842242][    T9] usb 2-1: new high-speed USB device number 114 using dummy_hcd
[  927.869645][T23045] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  927.948185][T22954] 8021q: adding VLAN 0 to HW filter on device team0
[  927.982782][ T5143] bridge0: port 1(bridge_slave_0) entered blocking state
[  927.989990][ T5143] bridge0: port 1(bridge_slave_0) entered forwarding state
[  928.000806][ T5143] bridge0: port 2(bridge_slave_1) entered blocking state
[  928.007985][ T5143] bridge0: port 2(bridge_slave_1) entered forwarding state
[  928.042200][    T9] usb 2-1: Using ep0 maxpacket: 16
[  928.049612][    T9] usb 2-1: config 1 interface 0 altsetting 208 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  928.063169][    T9] usb 2-1: config 1 interface 0 has no altsetting 0
[  928.073918][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.40
[  928.091796][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  928.107901][    T9] usb 2-1: Product: syz
[  928.113130][    T9] usb 2-1: Manufacturer: syz
[  928.117749][    T9] usb 2-1: SerialNumber: syz
[  928.176506][T22954] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  928.187558][T22954] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  928.248948][   T35] bridge_slave_1: left allmulticast mode
[  928.265745][   T35] bridge_slave_1: left promiscuous mode
[  928.285973][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  928.307834][   T35] bridge_slave_0: left allmulticast mode
[  928.321958][   T35] bridge_slave_0: left promiscuous mode
[  928.327954][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  928.985353][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  928.997910][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  929.011000][   T35] bond0 (unregistering): Released all slaves
[  929.092544][    T9] usbhid 2-1:1.0: can't add hid device: -71
[  929.098572][    T9] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  929.133620][    T9] usb 2-1: USB disconnect, device number 114
[  929.295220][T23045] 8021q: adding VLAN 0 to HW filter on device bond0
[  929.335663][T22954] 8021q: adding VLAN 0 to HW filter on device batadv0
[  929.465872][T23177] chnl_net:caif_netlink_parms(): no params data found
[  929.537741][T23045] 8021q: adding VLAN 0 to HW filter on device team0
[  929.555340][T22375] Bluetooth: hci5: command tx timeout
[  929.624233][ T5137] bridge0: port 1(bridge_slave_0) entered blocking state
[  929.631436][ T5137] bridge0: port 1(bridge_slave_0) entered forwarding state
[  929.753075][   T35] hsr_slave_0: left promiscuous mode
[  929.786148][   T29] audit: type=1326 audit(1720546868.863:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23222 comm="syz.1.4192" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5a91575bd9 code=0x0
[  929.812031][   T35] hsr_slave_1: left promiscuous mode
[  929.857841][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  929.862939][T23218] xt_TCPMSS: Only works on TCP SYN packets
[  929.890973][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  929.900600][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  929.912898][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  930.138689][   T35] veth1_macvtap: left promiscuous mode
[  930.227094][   T35] veth0_macvtap: left promiscuous mode
[  930.238172][   T35] veth1_vlan: left promiscuous mode
[  930.247656][   T35] veth0_vlan: left promiscuous mode
[  930.959298][   T35] team0 (unregistering): Port device team_slave_1 removed
[  931.000367][   T35] team0 (unregistering): Port device team_slave_0 removed
[  931.459698][ T5137] bridge0: port 2(bridge_slave_1) entered blocking state
[  931.466868][ T5137] bridge0: port 2(bridge_slave_1) entered forwarding state
[  931.496337][T22954] veth0_vlan: entered promiscuous mode
[  931.632045][T22375] Bluetooth: hci5: command tx timeout
[  931.802421][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  931.809147][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  931.870286][T23177] bridge0: port 1(bridge_slave_0) entered blocking state
[  931.888381][T23177] bridge0: port 1(bridge_slave_0) entered disabled state
[  931.918018][T23177] bridge_slave_0: entered allmulticast mode
[  931.929988][T23177] bridge_slave_0: entered promiscuous mode
[  931.960126][T22954] veth1_vlan: entered promiscuous mode
[  931.994533][T23177] bridge0: port 2(bridge_slave_1) entered blocking state
[  932.003284][T23177] bridge0: port 2(bridge_slave_1) entered disabled state
[  932.042597][T23177] bridge_slave_1: entered allmulticast mode
[  932.049916][T23177] bridge_slave_1: entered promiscuous mode
[  932.174410][T23177] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  932.249629][T23177] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  932.448703][T23177] team0: Port device team_slave_0 added
[  932.533640][T23177] team0: Port device team_slave_1 added
[  932.693002][T23177] batman_adv: batadv0: Adding interface: batadv_slave_0
[  932.700060][T23177] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  932.741013][T23177] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  932.788387][T22954] veth0_macvtap: entered promiscuous mode
[  932.813236][T23177] batman_adv: batadv0: Adding interface: batadv_slave_1
[  932.823251][T23177] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  932.879852][T23177] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  932.935145][T22954] veth1_macvtap: entered promiscuous mode
[  932.972812][T23045] 8021q: adding VLAN 0 to HW filter on device batadv0
[  933.095379][T23177] hsr_slave_0: entered promiscuous mode
[  933.116504][T23177] hsr_slave_1: entered promiscuous mode
[  933.132875][T23177] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  933.150467][T23177] Cannot create hsr debugfs directory
[  933.227328][T22954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  933.249452][T22954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.261569][T22954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  933.274497][T22954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.286781][T22954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  933.297354][T22954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.308773][T22954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  933.320848][T22954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.340614][T22954] batman_adv: batadv0: Interface activated: batadv_slave_0
[  933.415211][T22954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  933.436351][T22954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.446839][T22954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  933.457696][T22954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.476042][T22954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  933.491368][T22954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.504990][T22954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  933.521103][T22954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  933.539921][T22954] batman_adv: batadv0: Interface activated: batadv_slave_1
[  933.582068][    T9] usb 2-1: new high-speed USB device number 115 using dummy_hcd
[  933.621184][T22954] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  933.630322][T22954] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  933.641253][T22954] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  933.650354][T22954] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  933.710534][T23045] veth0_vlan: entered promiscuous mode
[  933.716955][T22375] Bluetooth: hci5: command tx timeout
[  933.771941][    T9] usb 2-1: Using ep0 maxpacket: 16
[  933.779409][    T9] usb 2-1: config 1 interface 0 altsetting 208 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  933.780642][T23045] veth1_vlan: entered promiscuous mode
[  933.797249][    T9] usb 2-1: config 1 interface 0 has no altsetting 0
[  933.823507][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.40
[  933.841903][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  933.850072][    T9] usb 2-1: Product: syz
[  933.872982][    T9] usb 2-1: Manufacturer: syz
[  933.877803][    T9] usb 2-1: SerialNumber: syz
[  934.126477][T23045] veth0_macvtap: entered promiscuous mode
[  934.194999][T23045] veth1_macvtap: entered promiscuous mode
[  934.198914][    T9] usbhid 2-1:1.0: can't add hid device: -71
[  934.219707][    T9] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  934.241663][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  934.250076][    T9] usb 2-1: USB disconnect, device number 115
[  934.276462][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  934.318925][T23045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  934.337616][T23045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  934.348864][T23045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  934.371275][T23045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  934.385049][T23045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  934.395852][T23045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  934.405862][T23045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  934.416821][T23045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  934.427051][T23045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  934.437949][T23045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  934.450220][T23045] batman_adv: batadv0: Interface activated: batadv_slave_0
[  934.529016][T23045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  934.543386][T23045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  934.554038][T23045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  934.565876][T23045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  934.576228][T23045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  934.587082][T23045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  934.598715][T23045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  934.611620][T23045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  934.621490][T23045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  934.632012][T23045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  934.643119][T23045] batman_adv: batadv0: Interface activated: batadv_slave_1
[  934.658602][T23045] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  934.668242][T23045] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  934.677765][T23045] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  934.687340][T23045] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  934.719192][ T1106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  934.739824][ T1106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  934.810095][T23308] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4200'.
[  934.943820][T23177] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  935.005004][T23177] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  935.081395][T23177] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  935.128107][T23177] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  935.244809][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  935.312296][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  935.399403][ T2470] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  935.436933][ T2470] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  935.645441][T23338] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4207'.
[  935.660060][T23177] 8021q: adding VLAN 0 to HW filter on device bond0
[  935.736211][T23177] 8021q: adding VLAN 0 to HW filter on device team0
[  935.787405][ T5137] bridge0: port 1(bridge_slave_0) entered blocking state
[  935.794676][ T5137] bridge0: port 1(bridge_slave_0) entered forwarding state
[  935.802103][T22375] Bluetooth: hci5: command tx timeout
[  935.817390][ T2470] tipc: Subscription rejected, illegal request
[  935.925058][ T5097] bridge0: port 2(bridge_slave_1) entered blocking state
[  935.932316][ T5097] bridge0: port 2(bridge_slave_1) entered forwarding state
[  936.187998][T23177] 8021q: adding VLAN 0 to HW filter on device batadv0
[  936.319473][T23177] veth0_vlan: entered promiscuous mode
[  936.366937][T23177] veth1_vlan: entered promiscuous mode
[  936.481066][T23177] veth0_macvtap: entered promiscuous mode
[  936.500737][T23177] veth1_macvtap: entered promiscuous mode
[  936.550571][T23177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  936.561677][T23177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  936.579483][T23177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  936.603889][T23177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  936.632996][T23177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  936.654188][T23177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  936.668403][T23177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  936.688770][T23177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  936.710044][T23177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  936.737486][T23177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  936.758841][T23177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  936.770657][T23177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  936.800399][T23177] batman_adv: batadv0: Interface activated: batadv_slave_0
[  936.845039][T23177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  936.872920][ T5137] usb 2-1: new high-speed USB device number 116 using dummy_hcd
[  936.922049][T23177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  936.937491][T23177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  936.948386][T23177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  936.968095][T23177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  936.980001][T23177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  936.999967][T23177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  937.012137][T23177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  937.030537][T23177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  937.051245][T23177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  937.054789][   T29] audit: type=1326 audit(1720546876.133:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23386 comm="syz.3.4216" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc638d75bd9 code=0x0
[  937.077543][T23177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  937.084503][ T5137] usb 2-1: Using ep0 maxpacket: 8
[  937.105454][ T5137] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  937.116793][ T5137] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  937.120562][T23177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  937.132362][ T5137] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  937.151612][ T5137] usb 2-1: config 0 descriptor??
[  937.159340][T23177] batman_adv: batadv0: Interface activated: batadv_slave_1
[  937.161261][ T5137] gspca_main: vc032x-2.14.0 probing 046d:0892
[  937.186641][T23177] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  937.195996][T23177] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  937.208307][T23177] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  937.218934][T23177] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  937.243020][T23387] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4216'.
[  937.271704][T23387] vlan2: entered promiscuous mode
[  937.455746][T23400] netlink: 4076 bytes leftover after parsing attributes in process `syz.4.4217'.
[  937.471530][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  937.487396][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  937.527991][ T2470] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  937.561881][ T2470] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  938.164186][ T5137] gspca_vc032x: reg_r err -71
[  938.168926][ T5137] vc032x 2-1:0.0: probe with driver vc032x failed with error -71
[  938.196490][ T5137] usb 2-1: USB disconnect, device number 116
[  938.430362][T23431] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4222'.
[  939.073607][ T5097] usb 4-1: new high-speed USB device number 120 using dummy_hcd
[  939.118091][T23451] netlink: 'syz.1.4227': attribute type 3 has an invalid length.
[  939.196270][T23453] netlink: 4068 bytes leftover after parsing attributes in process `syz.0.4228'.
[  939.283355][ T5097] usb 4-1: Using ep0 maxpacket: 8
[  939.299766][ T5097] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  939.327494][ T5097] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  939.343923][ T5097] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  939.355115][ T5097] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  939.369287][ T5097] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  939.426509][ T5097] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  939.458270][ T5097] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  939.561489][T23460] xt_TCPMSS: Only works on TCP SYN packets
[  939.739326][ T5097] usb 4-1: usb_control_msg returned -32
[  939.771072][ T5097] usbtmc 4-1:16.0: can't read capabilities
[  940.120361][T23490] sock: sock_timestamping_bind_phc: sock not bind to device
[  940.168300][T23490] binder: 23489:23490 ioctl c018620c 200005c0 returned -1
[  940.340641][T23496] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4239'.
[  940.520755][T23498] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4241'.
[  940.650529][ T1106] tipc: Subscription rejected, illegal request
[  940.782300][T23506] xt_TCPMSS: Only works on TCP SYN packets
[  941.189549][T23518] xt_TCPMSS: Only works on TCP SYN packets
[  941.565970][T23533] netlink: 'syz.1.4249': attribute type 2 has an invalid length.
[  941.576247][T23533] netlink: 'syz.1.4249': attribute type 1 has an invalid length.
[  941.587461][T23533] netlink: 181400 bytes leftover after parsing attributes in process `syz.1.4249'.
[  941.786769][    T9] usb 4-1: USB disconnect, device number 120
[  942.284717][ T5097] usb 2-1: new high-speed USB device number 117 using dummy_hcd
[  942.483509][ T5097] usb 2-1: config 0 has an invalid interface number: 181 but max is 0
[  942.504696][ T5097] usb 2-1: config 0 has no interface number 0
[  942.516779][T23568] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4257'.
[  942.524174][ T5097] usb 2-1: New USB device found, idVendor=05ac, idProduct=0230, bcdDevice=3f.dc
[  942.551854][ T5097] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  942.579505][ T5097] usb 2-1: config 0 descriptor??
[  942.664358][T23569] xt_TCPMSS: Only works on TCP SYN packets
[  942.694773][ T1106] tipc: Subscription rejected, illegal request
[  942.909821][ T5097] usb 2-1: string descriptor 0 read error: -71
[  942.940889][ T5097] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.181/input/input132
[  942.959418][ T4531] bcm5974 2-1:0.181: could not read from device
[  942.969411][T23587] syz_tun: entered promiscuous mode
[  942.981908][ T5097] usb 2-1: USB disconnect, device number 117
[  943.037013][T23587] syz_tun: left promiscuous mode
[  943.169976][T23591] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4263'.
[  943.503573][T23602] usb usb9: usbfs: process 23602 (syz.0.4268) did not claim interface 0 before use
[  944.210208][T23632] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4277'.
[  944.342641][ T2470] tipc: Subscription rejected, illegal request
[  944.523625][T23639] xt_TCPMSS: Only works on TCP SYN packets
[  944.661671][T23646] xt_TCPMSS: Only works on TCP SYN packets
[  944.874257][T23652] program syz.2.4281 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  945.159372][T23658] netlink: 'syz.1.4284': attribute type 29 has an invalid length.
[  945.188930][T23658] netlink: 'syz.1.4284': attribute type 29 has an invalid length.
[  945.222326][T23660] netlink: 'syz.1.4284': attribute type 29 has an invalid length.
[  945.626075][   T29] audit: type=1326 audit(1720546884.703:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23671 comm="syz.4.4288" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f495af75bd9 code=0x0
[  945.684685][  T785] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[  945.874807][  T785] usb 3-1: Using ep0 maxpacket: 16
[  945.887616][  T785] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 11
[  945.901557][  T785] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  945.924764][  T785] usb 3-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  945.936566][   T81] usb 4-1: new high-speed USB device number 121 using dummy_hcd
[  945.946743][  T785] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  945.975441][  T785] usb 3-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  945.988294][  T785] usb 3-1: config 1 interface 0 has no altsetting 0
[  945.995012][  T785] usb 3-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  946.004921][  T785] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  946.019993][  T785] ums-sddr09 3-1:1.0: USB Mass Storage device detected
[  946.141875][   T81] usb 4-1: Using ep0 maxpacket: 8
[  946.159383][   T81] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  946.198140][   T81] usb 4-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  946.208812][   T81] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  946.238899][   T81] usb 4-1: Product: syz
[  946.257185][   T81] usb 4-1: Manufacturer: syz
[  946.269378][   T81] usb 4-1: SerialNumber: syz
[  946.304721][  T785] ums-sddr09 3-1:1.0: probe with driver ums-sddr09 failed with error -22
[  946.320692][   T81] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input135
[  946.336672][  T785] usb 3-1: USB disconnect, device number 110
[  946.494304][T23689] program syz.4.4292 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  946.737227][T23680] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  946.756449][T23680] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  947.742344][T23713] xt_TCPMSS: Only works on TCP SYN packets
[  947.931205][T23680] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4290'.
[  947.961711][T23731] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[  947.968248][T23731] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  947.981246][T23731] vhci_hcd vhci_hcd.0: Device attached
[  947.997494][T23734] usbip_core: unknown command
[  948.007451][T23734] vhci_hcd: unknown pdu 3020988904
[  948.013405][T23734] usbip_core: unknown command
[  948.018659][   T35] vhci_hcd: stop threads
[  948.023307][   T35] vhci_hcd: release socket
[  948.027743][   T35] vhci_hcd: disconnect device
[  948.245743][ T4531] bcm5974 4-1:1.0: could not read from device
[  948.253321][  T785] usb 4-1: USB disconnect, device number 121
[  948.263006][ T4531] bcm5974 4-1:1.0: could not read from device
[  948.295161][ T4531] bcm5974 4-1:1.0: could not read from device
[  949.117301][T23759] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4311'.
[  949.295349][ T2470] tipc: Subscription rejected, illegal request
[  949.303740][T23778] fuse: Bad value for 'fd'
[  949.327285][T23778] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4318'.
[  949.368462][T23773] xt_TCPMSS: Only works on TCP SYN packets
[  949.534204][T23783] sit0: entered promiscuous mode
[  949.555730][T23783] netlink: 'syz.1.4319': attribute type 1 has an invalid length.
[  949.599033][T23783] netlink: 1 bytes leftover after parsing attributes in process `syz.1.4319'.
[  950.181113][T23796] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4323'.
[  950.252003][T23798] program syz.3.4325 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  950.412684][    T9] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[  950.502770][ T5141] usb 2-1: new high-speed USB device number 118 using dummy_hcd
[  950.614628][    T9] usb 5-1: Using ep0 maxpacket: 8
[  950.624899][    T9] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  950.646841][    T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  950.661915][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  950.674819][    T9] usb 5-1: Product: syz
[  950.679067][    T9] usb 5-1: Manufacturer: syz
[  950.700518][    T9] usb 5-1: SerialNumber: syz
[  950.716731][ T5141] usb 2-1: config index 0 descriptor too short (expected 106, got 36)
[  950.733094][ T5141] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  950.751400][    T9] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input137
[  950.765589][ T5141] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  950.765637][ T5141] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00
[  950.785841][ T5141] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  950.809320][ T5141] usb 2-1: config 0 descriptor??
[  950.912631][T23817] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4332'.
[  951.030532][ T5141] usbhid 2-1:0.0: can't add hid device: -71
[  951.057183][ T5141] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  951.118591][ T5141] usb 2-1: USB disconnect, device number 118
[  951.143057][ T2470] tipc: Subscription rejected, illegal request
[  951.316952][T23824] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  951.331641][T23824] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  951.682658][T23830] FAULT_INJECTION: forcing a failure.
[  951.682658][T23830] name failslab, interval 1, probability 0, space 0, times 0
[  951.737661][T23830] CPU: 0 PID: 23830 Comm: syz.3.4337 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[  951.747869][T23830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  951.757968][T23830] Call Trace:
[  951.761265][T23830]  <TASK>
[  951.764215][T23830]  dump_stack_lvl+0x241/0x360
[  951.768922][T23830]  ? __pfx_dump_stack_lvl+0x10/0x10
[  951.774148][T23830]  ? __pfx__printk+0x10/0x10
[  951.778776][T23830]  ? __pfx___might_resched+0x10/0x10
[  951.784087][T23830]  should_fail_ex+0x3b0/0x4e0
[  951.788786][T23830]  should_failslab+0x9/0x20
[  951.793310][T23830]  kmalloc_node_trace_noprof+0x74/0x300
[  951.798880][T23830]  ? page_pool_create_percpu+0x77/0x7c0
[  951.804456][T23830]  page_pool_create_percpu+0x77/0x7c0
[  951.810289][T23830]  __veth_napi_enable_range+0x1d2/0x820
[  951.815952][T23830]  ? __pfx___veth_napi_enable_range+0x10/0x10
[  951.822054][T23830]  ? netif_napi_add_weight+0x96d/0xc30
[  951.827540][T23830]  veth_napi_enable_range+0xce/0x150
[  951.832860][T23830]  veth_set_features+0x1d1/0x2b0
[  951.837797][T23830]  ? __pfx_veth_set_features+0x10/0x10
[  951.843260][T23830]  __netdev_update_features+0x98c/0x18f0
[  951.848925][T23830]  ? __pfx___netdev_update_features+0x10/0x10
[  951.855013][T23830]  ? __pfx___might_resched+0x10/0x10
[  951.860303][T23830]  ? __might_fault+0xaa/0x120
[  951.864979][T23830]  ? __pfx_lock_release+0x10/0x10
[  951.870001][T23830]  ? aa_get_newest_label+0xff/0x6f0
[  951.875207][T23830]  ? __might_fault+0xc6/0x120
[  951.879884][T23830]  ethtool_set_one_feature+0x2d6/0x340
[  951.885338][T23830]  ? apparmor_capable+0x138/0x1b0
[  951.890361][T23830]  ? __pfx_ethtool_set_one_feature+0x10/0x10
[  951.896333][T23830]  ? security_capable+0x90/0xb0
[  951.901183][T23830]  dev_ethtool+0x1605/0x1bc0
[  951.905779][T23830]  ? __pfx_dev_ethtool+0x10/0x10
[  951.910725][T23830]  ? dev_load+0x21/0x1f0
[  951.914965][T23830]  dev_ioctl+0x785/0x1340
[  951.919292][T23830]  sock_do_ioctl+0x240/0x460
[  951.923881][T23830]  ? __pfx_sock_do_ioctl+0x10/0x10
[  951.929002][T23830]  sock_ioctl+0x629/0x8e0
[  951.933327][T23830]  ? __pfx_sock_ioctl+0x10/0x10
[  951.938170][T23830]  ? __fget_files+0x29/0x470
[  951.942756][T23830]  ? __fget_files+0x3f6/0x470
[  951.947421][T23830]  ? __fget_files+0x29/0x470
[  951.952019][T23830]  ? bpf_lsm_file_ioctl+0x9/0x10
[  951.956960][T23830]  ? security_file_ioctl+0x87/0xb0
[  951.962080][T23830]  ? __pfx_sock_ioctl+0x10/0x10
[  951.966942][T23830]  __se_sys_ioctl+0xfc/0x170
[  951.971532][T23830]  do_syscall_64+0xf3/0x230
[  951.976042][T23830]  ? clear_bhb_loop+0x35/0x90
[  951.980714][T23830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  951.986605][T23830] RIP: 0033:0x7fc638d75bd9
[  951.991013][T23830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  952.010627][T23830] RSP: 002b:00007fc639a7e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  952.019041][T23830] RAX: ffffffffffffffda RBX: 00007fc638f03f60 RCX: 00007fc638d75bd9
[  952.027022][T23830] RDX: 0000000020000040 RSI: 0000000000008946 RDI: 0000000000000005
[  952.034997][T23830] RBP: 00007fc639a7e0a0 R08: 0000000000000000 R09: 0000000000000000
[  952.042965][T23830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  952.050928][T23830] R13: 000000000000000b R14: 00007fc638f03f60 R15: 00007fc63902fa78
[  952.058907][T23830]  </TASK>
[  952.062104][    C0] vkms_vblank_simulate: vblank timer overrun
[  952.134598][T23830] veth1_to_bond: set_features() failed (-12); wanted 0x000061164fdd59e9, left 0x000061164fdd19e9
[  952.182296][T23840] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4340'.
[  952.285027][T21892] Bluetooth: hci2: command 0x0406 tx timeout
[  952.508053][T23850] mmap: syz.0.4345 (23850): VmData 37593088 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  952.867064][T23793] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4324'.
[  953.013252][T23862] can: request_module (can-proto-0) failed.
[  953.214930][ T4531] bcm5974 5-1:1.0: could not read from device
[  953.215260][  T785] usb 5-1: USB disconnect, device number 101
[  953.236701][    T9] usb 3-1: new high-speed USB device number 111 using dummy_hcd
[  953.252442][ T4531] bcm5974 5-1:1.0: could not read from device
[  953.272253][T23871] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4350'.
[  953.461857][    T9] usb 3-1: Using ep0 maxpacket: 8
[  953.479605][    T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  953.509163][    T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  953.532906][    T9] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  953.554014][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  953.564767][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  953.580123][    T9] usb 3-1: Product: syz
[  953.596454][ T5097] usb 2-1: new high-speed USB device number 119 using dummy_hcd
[  953.596516][    T9] usb 3-1: Manufacturer: syz
[  953.619143][    T9] usb 3-1: SerialNumber: syz
[  953.685022][    T9] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input138
[  953.802074][ T5097] usb 2-1: Using ep0 maxpacket: 32
[  953.827791][ T5097] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  953.869248][ T5097] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  953.899932][ T5097] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  953.932262][T23879] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  953.950163][ T5097] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  953.973541][T23879] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  953.992797][ T5097] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 8
[  954.032275][ T5097] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  954.064067][ T5097] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  954.092201][ T5097] usb 2-1: Product: syz
[  954.096405][ T5097] usb 2-1: Manufacturer: syz
[  954.101012][ T5097] usb 2-1: SerialNumber: syz
[  954.226565][ T4531] bcm5974 3-1:1.0: could not read from device
[  954.249616][ T4531] bcm5974 3-1:1.0: could not read from device
[  954.265874][    T9] usb 3-1: USB disconnect, device number 111
[  954.383467][ T5097] cdc_ncm 2-1:1.0: bind() failure
[  954.422063][ T5097] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  954.462098][ T5097] cdc_ncm 2-1:1.1: bind() failure
[  954.483357][ T5097] usb 2-1: USB disconnect, device number 119
[  955.128726][T23905] xt_TCPMSS: Only works on TCP SYN packets
[  955.152299][ T5097] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[  955.215625][T23908] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4365'.
[  955.344448][ T5097] usb 5-1: Using ep0 maxpacket: 32
[  955.376362][ T5097] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  955.423544][ T5097] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  955.442102][ T5097] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  955.473596][ T5097] usb 5-1: Product: syz
[  955.492286][ T5097] usb 5-1: Manufacturer: syz
[  955.508765][ T5097] usb 5-1: SerialNumber: syz
[  955.532535][T23891] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  955.561043][ T5097] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  955.728458][   T29] audit: type=1326 audit(1720546894.803:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23915 comm="syz.1.4368" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5a91575bd9 code=0x0
[  955.902798][T23891] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  955.938351][T23891] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  956.272676][ T5143] usb 4-1: new high-speed USB device number 122 using dummy_hcd
[  956.411852][    T9] usb 3-1: new high-speed USB device number 112 using dummy_hcd
[  956.500628][T23949] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4376'.
[  956.512848][ T5143] usb 4-1: Using ep0 maxpacket: 8
[  956.522325][ T5143] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  956.542152][ T5143] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  956.564773][ T5143] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  956.596460][ T5143] usb 4-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  956.611907][ T5143] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  956.621943][    T9] usb 3-1: Using ep0 maxpacket: 8
[  956.637028][ T5143] usb 4-1: Product: syz
[  956.641563][ T5143] usb 4-1: Manufacturer: syz
[  956.647000][ T5143] usb 4-1: SerialNumber: syz
[  956.653654][    T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  956.667995][    T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  956.687103][ T5143] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input141
[  956.696725][    T9] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  956.715312][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  956.741972][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  956.756166][    T9] usb 3-1: Product: syz
[  956.760387][    T9] usb 3-1: Manufacturer: syz
[  956.765716][    T9] usb 3-1: SerialNumber: syz
[  956.780124][    T9] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input142
[  956.795105][T23954] netlink: 4068 bytes leftover after parsing attributes in process `syz.0.4377'.
[  956.974981][T23961] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  956.984643][T23961] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  956.991451][T23963] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4381'.
[  957.065716][T23964] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  957.085825][T23964] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  957.205775][ T4531] bcm5974 4-1:1.0: could not read from device
[  957.228176][ T5143] usb 4-1: USB disconnect, device number 122
[  957.236587][ T4531] bcm5974 4-1:1.0: could not read from device
[  957.339432][ T4531] bcm5974 3-1:1.0: could not read from device
[  957.347313][    T9] usb 3-1: USB disconnect, device number 112
[  957.549272][T22375] Bluetooth: hci2: unexpected event 0x06 length: 23 > 3
[  957.807065][T23982] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4387'.
[  957.875622][ T5137] usb 5-1: USB disconnect, device number 102
[  957.985185][T23987] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4389'.
[  958.039904][   T29] audit: type=1326 audit(1720546897.083:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23984 comm="syz.1.4388" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5a91575bd9 code=0x0
[  958.093091][T23992] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4389'.
[  959.192028][ T5143] usb 4-1: new high-speed USB device number 123 using dummy_hcd
[  959.452904][ T5143] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  959.527496][T24030] netlink: 'syz.1.4398': attribute type 1 has an invalid length.
[  959.562576][ T5143] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  959.585418][ T5143] usb 4-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  959.601799][ T5143] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  959.625466][ T5143] usb 4-1: config 0 descriptor??
[  960.093479][   T81] usb 3-1: new high-speed USB device number 113 using dummy_hcd
[  960.263152][ T5143] hid-led 0003:1D34:000A.0026: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.3-1/input0
[  960.302173][   T81] usb 3-1: Using ep0 maxpacket: 8
[  960.316497][ T5143] hid-led 0003:1D34:000A.0026: Dream Cheeky Webmail Notifier initialized
[  960.332960][   T81] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  960.386958][   T81] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  960.427157][   T81] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  960.477532][   T81] usb 3-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  960.507434][   T81] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  960.547198][   T81] usb 3-1: Product: syz
[  960.586275][   T81] usb 3-1: Manufacturer: syz
[  960.590911][   T81] usb 3-1: SerialNumber: syz
[  960.640986][   T81] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input143
[  960.669327][T24047] fuse: Bad value for 'fd'
[  960.895139][T24053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  960.915680][T24053] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  961.159125][ T4531] bcm5974 3-1:1.0: could not read from device
[  961.196852][ T4531] bcm5974 3-1:1.0: could not read from device
[  961.197746][   T81] usb 3-1: USB disconnect, device number 113
[  961.387375][T24055] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4405'.
[  961.600293][T24059] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4407'.
[  961.632031][T21892] Bluetooth: hci2: command 0x0406 tx timeout
[  961.743290][ T5137] usb 4-1: USB disconnect, device number 123
[  961.942155][   T81] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[  962.065831][T24082] FAULT_INJECTION: forcing a failure.
[  962.065831][T24082] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  962.081191][T24082] CPU: 0 PID: 24082 Comm: syz.3.4416 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[  962.091385][T24082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  962.101455][T24082] Call Trace:
[  962.104758][T24082]  <TASK>
[  962.107690][T24082]  dump_stack_lvl+0x241/0x360
[  962.112394][T24082]  ? __pfx_dump_stack_lvl+0x10/0x10
[  962.117617][T24082]  ? __pfx__printk+0x10/0x10
[  962.122228][T24082]  should_fail_ex+0x3b0/0x4e0
[  962.126904][T24082]  prepare_alloc_pages+0x1da/0x5d0
[  962.132025][T24082]  __alloc_pages_noprof+0x166/0x6c0
[  962.137246][T24082]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  962.142111][   T81] usb 5-1: Using ep0 maxpacket: 8
[  962.142964][T24082]  ? aa_file_perm+0x137/0xf60
[  962.149620][   T81] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  962.152630][T24082]  alloc_pages_mpol_noprof+0x3e8/0x680
[  962.152666][T24082]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  962.152693][T24082]  ? __pfx_lock_release+0x10/0x10
[  962.152711][T24082]  ? alloc_pages_noprof+0xef/0x170
[  962.152736][T24082]  get_free_pages_noprof+0xc/0x30
[  962.152762][T24082]  vcs_read+0x5d/0xe20
[  962.152782][T24082]  ? end_current_label_crit_section+0x14e/0x180
[  962.152810][T24082]  ? common_file_perm+0x1a6/0x210
[  962.152839][T24082]  ? bpf_lsm_file_permission+0x9/0x10
[  962.152859][T24082]  ? security_file_permission+0x7f/0xa0
[  962.152885][T24082]  ? rw_verify_area+0x52a/0x6b0
[  962.152909][T24082]  vfs_readv+0x6c2/0xa90
[  962.152943][T24082]  ? __pfx_vcs_read+0x10/0x10
[  962.152963][T24082]  ? __pfx_vfs_readv+0x10/0x10
[  962.153001][T24082]  ? __fget_files+0x29/0x470
[  962.153037][T24082]  __x64_sys_preadv+0x1c7/0x2d0
[  962.171000][   T81] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  962.174127][T24082]  ? __pfx___x64_sys_preadv+0x10/0x10
[  962.174157][T24082]  ? do_syscall_64+0x100/0x230
[  962.174186][T24082]  ? do_syscall_64+0xb6/0x230
[  962.174218][T24082]  do_syscall_64+0xf3/0x230
[  962.174243][T24082]  ? clear_bhb_loop+0x35/0x90
[  962.174264][T24082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  962.174290][T24082] RIP: 0033:0x7fc638d75bd9
[  962.174309][T24082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  962.174326][T24082] RSP: 002b:00007fc639a7e048 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  962.174349][T24082] RAX: ffffffffffffffda RBX: 00007fc638f03f60 RCX: 00007fc638d75bd9
[  962.174364][T24082] RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000003
[  962.174378][T24082] RBP: 00007fc639a7e0a0 R08: 0000000000000000 R09: 0000000000000000
[  962.174391][T24082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  962.174403][T24082] R13: 000000000000000b R14: 00007fc638f03f60 R15: 00007fc63902fa78
[  962.174430][T24082]  </TASK>
[  962.179546][   T81] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  962.388654][   T81] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  962.403903][   T81] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  962.413330][   T81] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  962.451858][ T5097] usb 2-1: new high-speed USB device number 120 using dummy_hcd
[  962.575642][T24091] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4418'.
[  962.631875][ T5097] usb 2-1: Using ep0 maxpacket: 8
[  962.648108][   T81] usb 5-1: usb_control_msg returned -71
[  962.668005][ T5097] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  962.683363][   T81] usbtmc 5-1:16.0: can't read capabilities
[  962.707919][   T81] usb 5-1: USB disconnect, device number 103
[  962.729268][ T5097] usb 2-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  962.759419][ T5097] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  962.767637][ T5097] usb 2-1: Product: syz
[  962.774159][ T5097] usb 2-1: Manufacturer: syz
[  962.778795][ T5097] usb 2-1: SerialNumber: syz
[  962.812445][ T5097] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input144
[  963.034876][T14617] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[  963.055541][T24094] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  963.068590][T24094] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  963.281917][T14617] usb 3-1: Using ep0 maxpacket: 8
[  963.291197][T14617] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  963.351764][T14617] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  963.365576][T24075] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4413'.
[  963.391893][T14617] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  963.424374][T24097] netlink: 'syz.4.4420': attribute type 12 has an invalid length.
[  963.449254][T24097] netlink: 'syz.4.4420': attribute type 11 has an invalid length.
[  963.458843][ T4531] bcm5974 2-1:1.0: could not read from device
[  963.467793][T14617] usb 3-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  963.479781][T14617] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  963.488221][T14617] usb 3-1: Product: syz
[  963.493817][T14617] usb 3-1: Manufacturer: syz
[  963.500787][ T4531] bcm5974 2-1:1.0: could not read from device
[  963.507073][T24097] netlink: 190580 bytes leftover after parsing attributes in process `syz.4.4420'.
[  963.523461][T14617] usb 3-1: SerialNumber: syz
[  963.523738][ T5097] usb 2-1: USB disconnect, device number 120
[  963.540065][T14617] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input145
[  963.787643][T24102] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  963.806857][T24102] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  963.930329][ T4531] bcm5974 3-1:1.0: could not read from device
[  963.961019][T14617] usb 3-1: USB disconnect, device number 114
[  963.973104][ T4531] bcm5974 3-1:1.0: could not read from device
[  964.241990][ T5141] usb 5-1: new high-speed USB device number 104 using dummy_hcd
[  964.325420][T24112] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4425'.
[  964.431464][T22375] Bluetooth: hci2: unexpected event 0x06 length: 23 > 3
[  964.447051][ T5141] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  964.500729][ T5141] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  964.535909][ T5141] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  964.568028][ T5141] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  964.607536][ T5141] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  964.632196][ T5141] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  964.640954][ T5141] usb 5-1: Manufacturer: syz
[  964.667981][ T5141] usb 5-1: config 0 descriptor??
[  964.670280][T24119] syz_tun: entered promiscuous mode
[  964.719744][T24119] syz_tun: left promiscuous mode
[  964.952287][T14617] usb 3-1: new high-speed USB device number 115 using dummy_hcd
[  965.103702][ T5141] appleir 0003:05AC:8243.0027: unknown main item tag 0x0
[  965.141865][T14617] usb 3-1: Using ep0 maxpacket: 16
[  965.152092][ T5141] appleir 0003:05AC:8243.0027: No inputs registered, leaving
[  965.171989][T14617] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 11
[  965.194805][ T5141] appleir 0003:05AC:8243.0027: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[  965.207434][T14617] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  965.276281][T14617] usb 3-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  965.324111][T14617] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  965.366446][T14617] usb 3-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  965.398358][T14617] usb 3-1: config 1 interface 0 has no altsetting 0
[  965.440950][T14617] usb 3-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  965.453789][T14617] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  965.490915][T14617] ums-sddr09 3-1:1.0: USB Mass Storage device detected
[  965.839260][T14617] ums-sddr09 3-1:1.0: probe with driver ums-sddr09 failed with error -22
[  965.883602][T14617] usb 3-1: USB disconnect, device number 115
[  965.974317][T24105] loop0: detected capacity change from 0 to 7
[  965.987437][T24105] Dev loop0: unable to read RDB block 7
[  966.004998][T24105]  loop0: unable to read partition table
[  966.022285][T24105] loop0: partition table beyond EOD, truncated
[  966.040450][T24105] loop_reread_partitions: partition scan of loop0 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[  966.040450][T24105] 
) failed (rc=-5)
[  966.098241][ T5141] usb 5-1: USB disconnect, device number 104
[  966.269683][T24154] xt_TCPMSS: Only works on TCP SYN packets
[  967.064359][T22375] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  967.064429][T22375] CPU: 0 PID: 22375 Comm: kworker/u9:1 Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[  967.064443][T22375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  967.064451][T22375] Workqueue: hci3 hci_rx_work
[  967.064473][T22375] Call Trace:
[  967.064479][T22375]  <TASK>
[  967.064485][T22375]  dump_stack_lvl+0x241/0x360
[  967.064505][T22375]  ? __pfx_dump_stack_lvl+0x10/0x10
[  967.064522][T22375]  ? __pfx__printk+0x10/0x10
[  967.064539][T22375]  ? sysfs_create_dir_ns+0x28a/0x3a0
[  967.064555][T22375]  ? kmalloc_trace_noprof+0x19c/0x2c0
[  967.064574][T22375]  sysfs_create_dir_ns+0x2ce/0x3a0
[  967.064591][T22375]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  967.064611][T22375]  kobject_add_internal+0x435/0x8d0
[  967.064633][T22375]  kobject_add+0x152/0x220
[  967.064648][T22375]  ? do_raw_spin_unlock+0x13c/0x8b0
[  967.064664][T22375]  ? device_add+0x3e7/0xbf0
[  967.064680][T22375]  ? __pfx_kobject_add+0x10/0x10
[  967.064695][T22375]  ? _raw_spin_unlock+0x28/0x50
[  967.064708][T22375]  ? get_device_parent+0x165/0x410
[  967.064725][T22375]  device_add+0x4e5/0xbf0
[  967.064744][T22375]  hci_conn_add_sysfs+0xe8/0x200
[  967.064759][T22375]  le_conn_complete_evt+0xc9f/0x12e0
[  967.064780][T22375]  ? trace_contention_end+0x3c/0x120
[  967.064796][T22375]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  967.064813][T22375]  ? __mutex_unlock_slowpath+0x21d/0x750
[  967.064827][T22375]  ? __copy_skb_header+0x437/0x5b0
[  967.064842][T22375]  ? skb_pull_data+0x112/0x230
[  967.064860][T22375]  hci_le_enh_conn_complete_evt+0x185/0x420
[  967.064881][T22375]  hci_event_packet+0xa53/0x1540
[  967.064897][T22375]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  967.064916][T22375]  ? __pfx_hci_event_packet+0x10/0x10
[  967.064928][T22375]  ? do_raw_spin_unlock+0x13c/0x8b0
[  967.064947][T22375]  ? hci_send_to_monitor+0xd8/0x7f0
[  967.064964][T22375]  ? kcov_remote_start+0x9e/0x7e0
[  967.064980][T22375]  hci_rx_work+0x3e8/0xca0
[  967.065002][T22375]  ? process_scheduled_works+0x945/0x1830
[  967.065014][T22375]  process_scheduled_works+0xa2c/0x1830
[  967.065041][T22375]  ? __pfx_process_scheduled_works+0x10/0x10
[  967.065058][T22375]  ? assign_work+0x364/0x3d0
[  967.065073][T22375]  worker_thread+0x86d/0xd50
[  967.065089][T22375]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  967.065103][T22375]  ? __kthread_parkme+0x169/0x1d0
[  967.065118][T22375]  ? __pfx_worker_thread+0x10/0x10
[  967.065130][T22375]  kthread+0x2f0/0x390
[  967.065144][T22375]  ? __pfx_worker_thread+0x10/0x10
[  967.065155][T22375]  ? __pfx_kthread+0x10/0x10
[  967.065169][T22375]  ret_from_fork+0x4b/0x80
[  967.065183][T22375]  ? __pfx_kthread+0x10/0x10
[  967.065196][T22375]  ret_from_fork_asm+0x1a/0x30
[  967.065220][T22375]  </TASK>
[  967.065285][T22375] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  967.065323][T22375] Bluetooth: hci3: failed to register connection device
[  967.159720][T22375] Bluetooth: hci2: unexpected event 0x06 length: 23 > 3
[  967.252560][   T81] usb 4-1: new high-speed USB device number 124 using dummy_hcd
[  967.436710][   T81] usb 4-1: Using ep0 maxpacket: 8
[  967.446433][   T81] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  967.446469][   T81] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  967.446484][   T81] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  967.448040][   T81] usb 4-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.40
[  967.448078][   T81] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  967.448090][   T81] usb 4-1: Product: syz
[  967.448099][   T81] usb 4-1: Manufacturer: syz
[  967.448108][   T81] usb 4-1: SerialNumber: syz
[  967.453986][   T81] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input146
[  967.838166][T24175] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  967.838364][T24175] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  968.331613][   T81] usb 4-1: USB disconnect, device number 124
[  968.341019][ T4531] bcm5974 4-1:1.0: could not read from device
[  968.598296][T24193] xt_TCPMSS: Only works on TCP SYN packets
[  968.845138][T22375] Bluetooth: hci5: unexpected event 0x06 length: 23 > 3
[  969.072335][T22375] Bluetooth: hci3: command tx timeout
[  969.322299][T24218] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[  969.328857][T24218] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  969.353952][T24218] vhci_hcd vhci_hcd.0: Device attached
[  969.365535][T24219] usbip_core: unknown command
[  969.379080][T24219] vhci_hcd: unknown pdu 3020988904
[  969.421117][T24219] usbip_core: unknown command
[  969.458386][ T2470] vhci_hcd: stop threads
[  969.474895][ T2470] vhci_hcd: release socket
[  969.492921][ T2470] vhci_hcd: disconnect device
[  969.564997][T14617] vhci_hcd: vhci_device speed not set
[  969.981856][    T9] usb 2-1: new high-speed USB device number 121 using dummy_hcd
[  970.197857][    T9] usb 2-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af
[  970.231946][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  970.265909][    T9] usb 2-1: config 0 descriptor??
[  970.289816][    T9] gspca_main: sonixj-2.14.0 probing 0c45:614a
[  970.912142][T22375] Bluetooth: hci5: command 0x2046 tx timeout
[  970.919082][T21892] Bluetooth: hci5: Opcode 0x2046 failed: -110
[  970.958083][    T9] gspca_sonixj: reg_w1 err -71
[  970.963169][    T9] sonixj 2-1:0.0: probe with driver sonixj failed with error -71
[  970.993468][    T9] usb 2-1: USB disconnect, device number 121
[  971.282204][   T81] usb 3-1: new high-speed USB device number 116 using dummy_hcd
[  971.452239][  T785] usb 4-1: new high-speed USB device number 125 using dummy_hcd
[  971.488217][   T81] usb 3-1: Using ep0 maxpacket: 16
[  971.498504][   T81] usb 3-1: config 1 interface 0 altsetting 208 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  971.524229][   T81] usb 3-1: config 1 interface 0 has no altsetting 0
[  971.549377][   T81] usb 3-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.40
[  971.567650][   T81] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  971.586438][   T81] usb 3-1: Product: syz
[  971.590636][   T81] usb 3-1: Manufacturer: syz
[  971.641936][   T81] usb 3-1: SerialNumber: syz
[  971.654256][  T785] usb 4-1: Using ep0 maxpacket: 16
[  971.693504][  T785] usb 4-1: config 1 interface 0 altsetting 208 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  971.712085][  T785] usb 4-1: config 1 interface 0 has no altsetting 0
[  971.746106][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  971.773445][  T785] usb 4-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.40
[  971.793120][  T785] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  971.816751][  T785] usb 4-1: Product: syz
[  971.826510][  T785] usb 4-1: Manufacturer: syz
[  971.853229][  T785] usb 4-1: SerialNumber: syz
[  971.896050][   T81] usbhid 3-1:1.0: can't add hid device: -71
[  971.932582][   T81] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  971.956038][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  971.980881][   T81] usb 3-1: USB disconnect, device number 116
[  972.187600][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  972.255310][  T785] usbhid 4-1:1.0: can't add hid device: -71
[  972.274688][  T785] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  972.314071][  T785] usb 4-1: USB disconnect, device number 125
[  972.444236][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  972.528957][T21892] Bluetooth: hci5: unexpected event 0x06 length: 23 > 3
[  972.714171][T22375] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  972.737273][T22375] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  972.747958][T22375] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  972.774494][T22375] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  972.782340][T22375] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  972.789633][T22375] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  972.990482][   T11] bridge_slave_1: left allmulticast mode
[  973.020152][   T11] bridge_slave_1: left promiscuous mode
[  973.040635][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  973.110507][   T11] bridge_slave_0: left allmulticast mode
[  973.140022][   T11] bridge_slave_0: left promiscuous mode
[  973.173951][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  973.342205][   T81] usb 3-1: new high-speed USB device number 117 using dummy_hcd
[  973.432285][T14617] usb 4-1: new high-speed USB device number 126 using dummy_hcd
[  973.554011][   T81] usb 3-1: Using ep0 maxpacket: 16
[  973.568115][   T81] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=33.d2
[  973.590031][   T81] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  973.612165][   T81] usb 3-1: Product: syz
[  973.616360][   T81] usb 3-1: Manufacturer: syz
[  973.633608][   T81] usb 3-1: SerialNumber: syz
[  973.641857][T14617] usb 4-1: Using ep0 maxpacket: 8
[  973.653666][T14617] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  973.672817][   T81] usb 3-1: config 0 descriptor??
[  973.684080][T14617] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  973.706858][   T81] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  973.719293][T14617] usb 4-1: config 0 descriptor??
[  973.967172][T14617] asix 4-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  974.161894][   T81] gspca_sunplus: reg_r err -71
[  974.207898][   T81] usb 3-1: USB disconnect, device number 117
[  974.290324][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  974.316905][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  974.337367][   T11] bond0 (unregistering): Released all slaves
[  974.443830][T24266] netlink: 'syz.3.4471': attribute type 10 has an invalid length.
[  974.529756][T24266] team0: Device veth1_macvtap failed to register rx_handler
[  974.832009][T22375] Bluetooth: hci2: command tx timeout
[  974.864668][T14617] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  974.890511][T14617] asix 4-1:0.0: probe with driver asix failed with error -71
[  974.928149][T14617] usb 4-1: USB disconnect, device number 126
[  975.274076][   T11] hsr_slave_0: left promiscuous mode
[  975.284963][T24266] syz.3.4471 (24266) used greatest stack depth: 17144 bytes left
[  975.421401][   T11] hsr_slave_1: left promiscuous mode
[  975.440579][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  975.452387][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  975.481911][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  975.489345][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  975.680193][   T11] veth1_macvtap: left promiscuous mode
[  975.712230][   T11] veth0_macvtap: left promiscuous mode
[  975.717935][   T11] veth1_vlan: left promiscuous mode
[  975.744632][   T11] veth0_vlan: left promiscuous mode
[  976.162888][T21892] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  976.181970][T21892] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  976.191159][T21892] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  976.199839][T21892] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  976.208588][T21892] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  976.215926][T21892] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  976.919307][T22375] Bluetooth: hci2: command tx timeout
[  977.460750][   T11] team0 (unregistering): Port device team_slave_1 removed
[  977.576870][   T11] team0 (unregistering): Port device team_slave_0 removed
[  978.272351][T22375] Bluetooth: hci5: command tx timeout
[  978.992740][T22375] Bluetooth: hci2: command tx timeout
[  979.276557][T21892] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  979.289024][T21892] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  979.306806][T21892] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  979.330915][T21892] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  979.341951][T21892] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  979.349913][T21892] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  979.432349][T24260] chnl_net:caif_netlink_parms(): no params data found
[  979.785226][T24315] chnl_net:caif_netlink_parms(): no params data found
[  979.919888][T22375] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  979.935435][T22375] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  979.948840][T22375] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  979.961024][T22375] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  979.969090][T22375] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  979.980023][T22375] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  980.040488][T24260] bridge0: port 1(bridge_slave_0) entered blocking state
[  980.049902][T24260] bridge0: port 1(bridge_slave_0) entered disabled state
[  980.057254][T24260] bridge_slave_0: entered allmulticast mode
[  980.065103][T24260] bridge_slave_0: entered promiscuous mode
[  980.073131][T24260] bridge0: port 2(bridge_slave_1) entered blocking state
[  980.080413][T24260] bridge0: port 2(bridge_slave_1) entered disabled state
[  980.087954][T24260] bridge_slave_1: entered allmulticast mode
[  980.095406][T24260] bridge_slave_1: entered promiscuous mode
[  980.159636][   T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  980.214444][T24260] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  980.249927][   T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  980.305182][T24260] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  980.352608][T22375] Bluetooth: hci5: command tx timeout
[  980.403982][   T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  980.419363][T24315] bridge0: port 1(bridge_slave_0) entered blocking state
[  980.427262][T24315] bridge0: port 1(bridge_slave_0) entered disabled state
[  980.435207][T24315] bridge_slave_0: entered allmulticast mode
[  980.443566][T24315] bridge_slave_0: entered promiscuous mode
[  980.484725][T24315] bridge0: port 2(bridge_slave_1) entered blocking state
[  980.492437][T24315] bridge0: port 2(bridge_slave_1) entered disabled state
[  980.502941][T24315] bridge_slave_1: entered allmulticast mode
[  980.510239][T24315] bridge_slave_1: entered promiscuous mode
[  980.559340][   T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  980.607364][T24260] team0: Port device team_slave_0 added
[  980.657444][T24315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  980.668484][T24260] team0: Port device team_slave_1 added
[  980.736641][T24315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  980.776669][T24260] batman_adv: batadv0: Adding interface: batadv_slave_0
[  980.790948][T24260] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  980.818863][T24260] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  980.879081][T24260] batman_adv: batadv0: Adding interface: batadv_slave_1
[  980.888431][T24260] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  980.915079][T24260] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  980.985839][T24315] team0: Port device team_slave_0 added
[  981.000138][T24315] team0: Port device team_slave_1 added
[  981.046142][T24315] batman_adv: batadv0: Adding interface: batadv_slave_0
[  981.056166][T24315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  981.083975][T22375] Bluetooth: hci2: command tx timeout
[  981.089579][T24315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  981.169852][T24315] batman_adv: batadv0: Adding interface: batadv_slave_1
[  981.177260][T24315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  981.203797][T24315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  981.259443][T24337] chnl_net:caif_netlink_parms(): no params data found
[  981.323333][T24260] hsr_slave_0: entered promiscuous mode
[  981.329720][T24260] hsr_slave_1: entered promiscuous mode
[  981.336403][T24260] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  981.344714][T24260] Cannot create hsr debugfs directory
[  981.392216][T22375] Bluetooth: hci6: command tx timeout
[  981.444529][T24315] hsr_slave_0: entered promiscuous mode
[  981.452120][T24315] hsr_slave_1: entered promiscuous mode
[  981.458578][T24315] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  981.469445][T24315] Cannot create hsr debugfs directory
[  981.560994][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  981.784810][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  981.915585][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  981.996754][T24353] chnl_net:caif_netlink_parms(): no params data found
[  982.042872][T22375] Bluetooth: hci1: command tx timeout
[  982.084673][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  982.141294][T24337] bridge0: port 1(bridge_slave_0) entered blocking state
[  982.152047][T24337] bridge0: port 1(bridge_slave_0) entered disabled state
[  982.159927][T24337] bridge_slave_0: entered allmulticast mode
[  982.172804][T24337] bridge_slave_0: entered promiscuous mode
[  982.185076][T24337] bridge0: port 2(bridge_slave_1) entered blocking state
[  982.192355][T24337] bridge0: port 2(bridge_slave_1) entered disabled state
[  982.199971][T24337] bridge_slave_1: entered allmulticast mode
[  982.209600][T24337] bridge_slave_1: entered promiscuous mode
[  982.323423][T24337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  982.346167][T24337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  982.432132][T22375] Bluetooth: hci5: command tx timeout
[  982.723809][T24353] bridge0: port 1(bridge_slave_0) entered blocking state
[  982.732576][T24353] bridge0: port 1(bridge_slave_0) entered disabled state
[  982.748633][T24353] bridge_slave_0: entered allmulticast mode
[  982.757521][T24353] bridge_slave_0: entered promiscuous mode
[  982.816344][T24337] team0: Port device team_slave_0 added
[  982.932924][T24353] bridge0: port 2(bridge_slave_1) entered blocking state
[  982.940211][T24353] bridge0: port 2(bridge_slave_1) entered disabled state
[  982.948130][T24353] bridge_slave_1: entered allmulticast mode
[  982.963110][T24353] bridge_slave_1: entered promiscuous mode
[  983.002204][T24337] team0: Port device team_slave_1 added
[  983.137121][T24353] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  983.152631][T24353] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  983.162644][T24337] batman_adv: batadv0: Adding interface: batadv_slave_0
[  983.169601][T24337] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  983.196075][T24337] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  983.212315][T24337] batman_adv: batadv0: Adding interface: batadv_slave_1
[  983.219265][T24337] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  983.245881][T24337] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  983.289970][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  983.417639][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  983.450431][T24353] team0: Port device team_slave_0 added
[  983.472233][T22375] Bluetooth: hci6: command tx timeout
[  983.550193][T24353] team0: Port device team_slave_1 added
[  983.595310][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  983.635280][T24337] hsr_slave_0: entered promiscuous mode
[  983.641576][T24337] hsr_slave_1: entered promiscuous mode
[  983.648407][T24337] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  983.656317][T24337] Cannot create hsr debugfs directory
[  983.669868][T24353] batman_adv: batadv0: Adding interface: batadv_slave_0
[  983.677093][T24353] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  983.703307][T24353] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  983.719468][T24353] batman_adv: batadv0: Adding interface: batadv_slave_1
[  983.727085][T24353] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  983.760014][T24353] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  983.797505][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  983.887002][T24353] hsr_slave_0: entered promiscuous mode
[  983.896837][T24353] hsr_slave_1: entered promiscuous mode
[  983.903234][T24353] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  983.910784][T24353] Cannot create hsr debugfs directory
[  984.105826][T24260] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  984.123240][T22375] Bluetooth: hci1: command tx timeout
[  984.180970][T24260] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  984.197638][   T11] bridge_slave_1: left allmulticast mode
[  984.206359][   T11] bridge_slave_1: left promiscuous mode
[  984.213267][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  984.222744][   T11] bridge_slave_0: left allmulticast mode
[  984.229614][   T11] bridge_slave_0: left promiscuous mode
[  984.235493][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  984.250829][   T11] bridge_slave_1: left allmulticast mode
[  984.256636][   T11] bridge_slave_1: left promiscuous mode
[  984.263658][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  984.274809][   T11] bridge_slave_0: left allmulticast mode
[  984.280452][   T11] bridge_slave_0: left promiscuous mode
[  984.286757][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  984.298659][   T11] bridge_slave_1: left allmulticast mode
[  984.305549][   T11] bridge_slave_1: left promiscuous mode
[  984.311175][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  984.320133][   T11] bridge_slave_0: left allmulticast mode
[  984.326311][   T11] bridge_slave_0: left promiscuous mode
[  984.333220][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  984.515280][T22375] Bluetooth: hci5: command tx timeout
[  985.222899][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  985.237491][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  985.248653][   T11] bond0 (unregistering): Released all slaves
[  985.375414][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  985.387420][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  985.399396][   T11] bond0 (unregistering): Released all slaves
[  985.525380][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  985.536403][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  985.551310][   T11] bond0 (unregistering): Released all slaves
[  985.560233][T22375] Bluetooth: hci6: command tx timeout
[  985.576712][T24260] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  985.628676][T24260] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  985.821293][T24411] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4485'.
[  986.193534][T22375] Bluetooth: hci1: command tx timeout
[  986.221239][T24260] 8021q: adding VLAN 0 to HW filter on device bond0
[  986.350645][T24260] 8021q: adding VLAN 0 to HW filter on device team0
[  986.400672][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  986.407887][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  986.434735][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  986.441918][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  987.034345][T24260] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  987.347675][T24260] 8021q: adding VLAN 0 to HW filter on device batadv0
[  987.402771][   T11] hsr_slave_0: left promiscuous mode
[  987.408710][   T11] hsr_slave_1: left promiscuous mode
[  987.418846][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  987.430664][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  987.442284][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  987.458594][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  987.469211][   T11] hsr_slave_0: left promiscuous mode
[  987.482168][   T11] hsr_slave_1: left promiscuous mode
[  987.488036][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  987.497288][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  987.505511][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  987.513414][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  987.525753][   T11] hsr_slave_0: left promiscuous mode
[  987.531648][   T11] hsr_slave_1: left promiscuous mode
[  987.537826][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  987.545532][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  987.556211][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  987.564547][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  987.615657][   T11] veth1_macvtap: left promiscuous mode
[  987.621200][   T11] veth0_macvtap: left promiscuous mode
[  987.628133][   T11] veth1_vlan: left promiscuous mode
[  987.634105][   T11] veth0_vlan: left promiscuous mode
[  987.641901][   T11] veth0_macvtap: left promiscuous mode
[  987.642330][T22375] Bluetooth: hci6: command tx timeout
[  987.647470][   T11] veth1_vlan: left promiscuous mode
[  987.658234][   T11] veth0_vlan: left promiscuous mode
[  988.272395][T22375] Bluetooth: hci1: command tx timeout
[  993.235268][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  993.242718][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  997.986524][T21892] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  997.997516][T21892] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  998.006322][T21892] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  998.016918][T21892] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  998.032489][T21892] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  998.039917][T21892] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1000.112253][T22375] Bluetooth: hci3: command tx timeout
[ 1002.208637][T22375] Bluetooth: hci3: command tx timeout
[ 1004.271929][T22375] Bluetooth: hci3: command tx timeout
[ 1006.351901][T22375] Bluetooth: hci3: command tx timeout
[ 1033.042472][T21892] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1033.054013][T21892] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1033.063365][T21892] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1033.079696][T21892] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1033.087477][T21892] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 1033.095475][T21892] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1035.151951][T21892] Bluetooth: hci7: command tx timeout
[ 1036.034643][T22375] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1036.047428][T22375] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1036.056347][T22375] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1036.066990][T22375] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1036.075097][T22375] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[ 1036.083104][T22375] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1037.231854][T22375] Bluetooth: hci7: command tx timeout
[ 1038.192471][T22375] Bluetooth: hci8: command tx timeout
[ 1039.322986][T21892] Bluetooth: hci7: command tx timeout
[ 1040.118683][T21892] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 1040.129676][T21892] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 1040.138847][T21892] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 1040.147566][T21892] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 1040.173708][T21892] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[ 1040.185750][ T5100] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 1040.196417][ T5100] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 1040.204980][ T5102] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 1040.213196][ T5102] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 1040.233608][ T5102] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 1040.242971][ T5102] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[ 1040.250547][ T5102] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 1040.283216][T21892] Bluetooth: hci8: command tx timeout
[ 1041.391818][T21892] Bluetooth: hci7: command tx timeout
[ 1042.272268][T21892] Bluetooth: hci9: command tx timeout
[ 1042.352157][ T5100] Bluetooth: hci10: command tx timeout
[ 1042.355853][T21892] Bluetooth: hci8: command tx timeout
[ 1044.361185][T21892] Bluetooth: hci9: command tx timeout
[ 1044.441870][T21892] Bluetooth: hci8: command tx timeout
[ 1044.442150][ T5100] Bluetooth: hci10: command tx timeout
[ 1046.431801][ T5100] Bluetooth: hci9: command tx timeout
[ 1046.511871][ T5100] Bluetooth: hci10: command tx timeout
[ 1048.512099][ T5100] Bluetooth: hci9: command tx timeout
[ 1048.591911][ T5100] Bluetooth: hci10: command tx timeout
[ 1054.677888][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.685897][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[ 1058.554645][T21892] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[ 1058.565105][T21892] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[ 1058.573456][T21892] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[ 1058.587687][T21892] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[ 1058.602629][T21892] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[ 1058.610036][T21892] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[ 1060.682093][ T5100] Bluetooth: hci11: command tx timeout
[ 1062.752029][ T5100] Bluetooth: hci11: command tx timeout
[ 1064.841327][ T5100] Bluetooth: hci11: command tx timeout
[ 1066.911940][ T5100] Bluetooth: hci11: command tx timeout
[ 1093.152713][T21892] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[ 1093.162646][T21892] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[ 1093.170871][T21892] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[ 1093.179760][T21892] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[ 1093.188704][T21892] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[ 1093.196181][T21892] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[ 1095.241908][T21892] Bluetooth: hci12: command tx timeout
[ 1096.162814][ T5102] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[ 1096.175355][ T5102] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[ 1096.184775][ T5102] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[ 1096.194171][ T5102] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[ 1096.205250][ T5102] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[ 1096.212692][ T5102] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[ 1097.321987][ T5100] Bluetooth: hci12: command tx timeout
[ 1097.712158][ T5100] Bluetooth: hci2: command 0x0406 tx timeout
[ 1098.271819][T21892] Bluetooth: hci13: command tx timeout
[ 1099.391927][T21892] Bluetooth: hci12: command tx timeout
[ 1100.157726][ T5100] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[ 1100.169546][ T5100] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[ 1100.177720][ T5100] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[ 1100.187056][ T5100] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[ 1100.195713][ T5100] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[ 1100.203374][ T5100] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[ 1100.315963][T21892] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[ 1100.326641][T21892] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[ 1100.335342][T21892] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[ 1100.344435][T21892] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[ 1100.352993][T21892] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[ 1100.360869][T21892] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[ 1100.368035][ T5102] Bluetooth: hci13: command tx timeout
[ 1101.471823][T24465] Bluetooth: hci12: command tx timeout
[ 1102.272173][T24465] Bluetooth: hci14: command tx timeout
[ 1102.432009][T24465] Bluetooth: hci15: command tx timeout
[ 1102.438158][T22375] Bluetooth: hci13: command tx timeout
[ 1102.831869][T22375] Bluetooth: hci6: command 0x0406 tx timeout
[ 1102.844036][T24465] Bluetooth: hci5: command 0x0406 tx timeout
[ 1102.852020][T22375] Bluetooth: hci1: command 0x0406 tx timeout
[ 1104.351984][T21892] Bluetooth: hci14: command tx timeout
[ 1104.511952][T21892] Bluetooth: hci13: command tx timeout
[ 1104.511958][ T5102] Bluetooth: hci15: command tx timeout
[ 1106.432179][ T5102] Bluetooth: hci14: command tx timeout
[ 1106.591814][ T5102] Bluetooth: hci15: command tx timeout
[ 1108.511956][ T5102] Bluetooth: hci14: command tx timeout
[ 1108.672011][ T5102] Bluetooth: hci15: command tx timeout
[ 1116.117310][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.124045][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[ 1119.147917][T21892] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[ 1119.158419][T21892] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[ 1119.166908][T21892] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[ 1119.176328][T21892] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[ 1119.187768][T21892] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3
[ 1119.196735][T21892] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[ 1121.236530][ T5102] Bluetooth: hci16: command tx timeout
[ 1123.311868][ T5102] Bluetooth: hci3: command 0x0406 tx timeout
[ 1123.311886][T24465] Bluetooth: hci16: command tx timeout
[ 1125.391814][T21892] Bluetooth: hci16: command tx timeout
[ 1127.481814][T21892] Bluetooth: hci16: command tx timeout
[ 1139.151981][   T30] INFO: task dhcpcd:4759 blocked for more than 143 seconds.
[ 1139.159740][   T30]       Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[ 1139.167569][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1139.176336][   T30] task:dhcpcd          state:D stack:22656 pid:4759  tgid:4759  ppid:1      flags:0x00000002
[ 1139.187102][   T30] Call Trace:
[ 1139.190400][   T30]  <TASK>
[ 1139.193381][   T30]  __schedule+0x17e8/0x4a20
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1139.197911][   T30]  ? __pfx___schedule+0x10/0x10
[ 1139.202929][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1139.208613][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 1139.214689][   T30]  ? schedule+0x90/0x320
[ 1139.218957][   T30]  schedule+0x14b/0x320
[ 1139.223273][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1139.228756][   T30]  __mutex_lock+0x6a4/0xd70
[ 1139.233400][   T30]  ? __mutex_lock+0x527/0xd70
[ 1139.238104][   T30]  ? vlan_ioctl_handler+0x112/0x9d0
[ 1139.244020][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1139.249088][   T30]  ? __might_fault+0xc6/0x120
[ 1139.281774][   T30]  vlan_ioctl_handler+0x112/0x9d0
[ 1139.286942][   T30]  ? sock_ioctl+0x664/0x8e0
[ 1139.293060][   T30]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[ 1139.298648][   T30]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[ 1139.305309][   T30]  sock_ioctl+0x683/0x8e0
[ 1139.309676][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[ 1139.315056][   T30]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1139.320015][   T30]  ? security_file_ioctl+0x87/0xb0
[ 1139.325291][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[ 1139.330160][   T30]  __se_sys_ioctl+0xfc/0x170
[ 1139.335056][   T30]  do_syscall_64+0xf3/0x230
[ 1139.339583][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1139.344453][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1139.350369][   T30] RIP: 0033:0x7fb18e156d49
[ 1139.354851][   T30] RSP: 002b:00007ffc937c54d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1139.366962][   T30] RAX: ffffffffffffffda RBX: 00005638c4b7e910 RCX: 00007fb18e156d49
[ 1139.375209][   T30] RDX: 00007ffc937c54e0 RSI: 0000000000008982 RDI: 0000000000000011
[ 1139.383316][   T30] RBP: 0000000000000002 R08: 0000000000000008 R09: 0000000000000000
[ 1139.391300][   T30] R10: 00007ffc937d5b60 R11: 0000000000000246 R12: 00007ffc937c54e0
[ 1139.399392][   T30] R13: 00007ffc937c55a0 R14: 00005638c4b7e910 R15: 00005638c4bfc830
[ 1139.407554][   T30]  </TASK>
[ 1139.410658][   T30] INFO: task kworker/0:4:5141 blocked for more than 143 seconds.
[ 1139.418778][   T30]       Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[ 1139.426749][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1139.436774][   T30] task:kworker/0:4     state:D stack:20432 pid:5141  tgid:5141  ppid:2      flags:0x00004000
[ 1139.447093][   T30] Workqueue: events linkwatch_event
[ 1139.452559][   T30] Call Trace:
[ 1139.455848][   T30]  <TASK>
[ 1139.458800][   T30]  __schedule+0x17e8/0x4a20
[ 1139.463454][   T30]  ? __pfx___schedule+0x10/0x10
[ 1139.468326][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1139.474488][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1139.479604][   T30]  ? kick_pool+0x1bd/0x620
[ 1139.484385][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1139.489607][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[ 1139.494867][   T30]  ? schedule+0x90/0x320
[ 1139.499131][   T30]  schedule+0x14b/0x320
[ 1139.503443][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1139.508909][   T30]  __mutex_lock+0x6a4/0xd70
[ 1139.513761][   T30]  ? __mutex_lock+0x527/0xd70
[ 1139.518469][   T30]  ? linkwatch_event+0xe/0x60
[ 1139.523289][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1139.528347][   T30]  ? process_scheduled_works+0x945/0x1830
[ 1139.534241][   T30]  linkwatch_event+0xe/0x60
[ 1139.538773][   T30]  process_scheduled_works+0xa2c/0x1830
[ 1139.544470][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1139.550479][   T30]  ? assign_work+0x364/0x3d0
[ 1139.555388][   T30]  worker_thread+0x86d/0xd50
[ 1139.560012][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1139.566417][   T30]  ? __kthread_parkme+0x169/0x1d0
[ 1139.571466][   T30]  ? __pfx_worker_thread+0x10/0x10
[ 1139.576616][   T30]  kthread+0x2f0/0x390
[ 1139.580703][   T30]  ? __pfx_worker_thread+0x10/0x10
[ 1139.586106][   T30]  ? __pfx_kthread+0x10/0x10
[ 1139.590732][   T30]  ret_from_fork+0x4b/0x80
[ 1139.595371][   T30]  ? __pfx_kthread+0x10/0x10
[ 1139.599974][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1139.604848][   T30]  </TASK>
[ 1139.608358][   T30] INFO: task kworker/u8:4:21134 blocked for more than 143 seconds.
[ 1139.616388][   T30]       Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[ 1139.624579][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1139.633578][   T30] task:kworker/u8:4    state:D stack:25552 pid:21134 tgid:21134 ppid:2      flags:0x00004000
[ 1139.644070][   T30] Workqueue: ipv6_addrconf addrconf_dad_work
[ 1139.650088][   T30] Call Trace:
[ 1139.653836][   T30]  <TASK>
[ 1139.656777][   T30]  __schedule+0x17e8/0x4a20
[ 1139.661288][   T30]  ? __pfx___schedule+0x10/0x10
[ 1139.666764][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1139.672170][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 1139.677658][   T30]  ? kthread_data+0x52/0xd0
[ 1139.682568][   T30]  ? schedule+0x90/0x320
[ 1139.686833][   T30]  ? wq_worker_sleeping+0x66/0x240
[ 1139.692265][   T30]  ? schedule+0x90/0x320
[ 1139.696526][   T30]  schedule+0x14b/0x320
[ 1139.700707][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1139.706215][   T30]  __mutex_lock+0x6a4/0xd70
[ 1139.710716][   T30]  ? mark_lock+0x9a/0x350
[ 1139.715315][   T30]  ? __mutex_lock+0x527/0xd70
[ 1139.720013][   T30]  ? addrconf_dad_work+0xd0/0x16f0
[ 1139.725233][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1139.730273][   T30]  addrconf_dad_work+0xd0/0x16f0
[ 1139.735407][   T30]  ? __pfx_addrconf_dad_work+0x10/0x10
[ 1139.740888][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1139.747316][   T30]  ? process_scheduled_works+0x945/0x1830
[ 1139.753166][   T30]  process_scheduled_works+0xa2c/0x1830
[ 1139.758772][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1139.764829][   T30]  ? assign_work+0x364/0x3d0
[ 1139.769432][   T30]  worker_thread+0x86d/0xd50
[ 1139.774226][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1139.780296][   T30]  ? __kthread_parkme+0x169/0x1d0
[ 1139.785437][   T30]  ? __pfx_worker_thread+0x10/0x10
[ 1139.790638][   T30]  kthread+0x2f0/0x390
[ 1139.795978][   T30]  ? __pfx_worker_thread+0x10/0x10
[ 1139.801133][   T30]  ? __pfx_kthread+0x10/0x10
[ 1139.809499][   T30]  ret_from_fork+0x4b/0x80
[ 1139.815302][   T30]  ? __pfx_kthread+0x10/0x10
[ 1139.819921][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1139.825797][   T30]  </TASK>
[ 1139.828909][   T30] INFO: task syz-executor:24260 blocked for more than 144 seconds.
[ 1139.837440][   T30]       Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[ 1139.845534][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1139.854610][   T30] task:syz-executor    state:D stack:19888 pid:24260 tgid:24260 ppid:1      flags:0x00004004
[ 1139.864923][   T30] Call Trace:
[ 1139.868214][   T30]  <TASK>
[ 1139.871161][   T30]  __schedule+0x17e8/0x4a20
[ 1139.877519][   T30]  ? __pfx___schedule+0x10/0x10
[ 1139.882711][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1139.887767][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 1139.894181][   T30]  ? schedule+0x90/0x320
[ 1139.898442][   T30]  schedule+0x14b/0x320
[ 1139.903298][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1139.908802][   T30]  __mutex_lock+0x6a4/0xd70
[ 1139.913799][   T30]  ? __mutex_lock+0x527/0xd70
[ 1139.918523][   T30]  ? rtnetlink_rcv_msg+0x842/0x1180
[ 1139.924020][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1139.929085][   T30]  rtnetlink_rcv_msg+0x842/0x1180
[ 1139.934228][   T30]  ? rtnetlink_rcv_msg+0x208/0x1180
[ 1139.939443][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1139.944965][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1139.950956][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1139.957504][   T30]  ? __local_bh_enable_ip+0x168/0x200
[ 1139.962951][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[ 1139.968187][   T30]  ? __local_bh_enable_ip+0x168/0x200
[ 1139.973658][   T30]  ? dev_hard_start_xmit+0x773/0x7e0
[ 1139.978976][   T30]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 1139.984186][   T30]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1139.989937][   T30]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 1139.995123][   T30]  ? __dev_queue_xmit+0x16c9/0x3d30
[ 1140.000346][   T30]  ? __dev_queue_xmit+0x2d2/0x3d30
[ 1140.005546][   T30]  ? ref_tracker_free+0x643/0x7e0
[ 1140.010603][   T30]  netlink_rcv_skb+0x1e3/0x430
[ 1140.015720][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1140.021208][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1140.026609][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1140.031959][   T30]  netlink_unicast+0x7ea/0x980
[ 1140.036754][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[ 1140.042144][   T30]  ? __virt_addr_valid+0x183/0x520
[ 1140.047280][   T30]  ? __check_object_size+0x49c/0x900
[ 1140.052655][   T30]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1140.057791][   T30]  netlink_sendmsg+0x8db/0xcb0
[ 1140.062792][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1140.068112][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1140.074378][   T30]  ? aa_sock_msg_perm+0x91/0x160
[ 1140.079345][   T30]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1140.084676][   T30]  ? security_socket_sendmsg+0x87/0xb0
[ 1140.090164][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1140.095757][   T30]  __sock_sendmsg+0x221/0x270
[ 1140.100455][   T30]  __sys_sendto+0x3a4/0x4f0
[ 1140.105032][   T30]  ? __pfx___sys_sendto+0x10/0x10
[ 1140.110082][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1140.117554][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1140.124184][   T30]  __x64_sys_sendto+0xde/0x100
[ 1140.128977][   T30]  do_syscall_64+0xf3/0x230
[ 1140.133732][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1140.138431][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1140.144408][   T30] RIP: 0033:0x7f8c0417796c
[ 1140.148850][   T30] RSP: 002b:00007f8c0442f670 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 1140.157342][   T30] RAX: ffffffffffffffda RBX: 00007f8c04e34620 RCX: 00007f8c0417796c
[ 1140.165403][   T30] RDX: 0000000000000028 RSI: 00007f8c04e34670 RDI: 0000000000000003
[ 1140.173546][   T30] RBP: 0000000000000000 R08: 00007f8c0442f6c4 R09: 000000000000000c
[ 1140.181538][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[ 1140.189585][   T30] R13: 0000000000000000 R14: 00007f8c04e34670 R15: 0000000000000000
[ 1140.197651][   T30]  </TASK>
[ 1140.200676][   T30] INFO: task syz-executor:24315 blocked for more than 144 seconds.
[ 1140.208616][   T30]       Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[ 1140.216299][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1140.225319][   T30] task:syz-executor    state:D stack:21024 pid:24315 tgid:24315 ppid:1      flags:0x00000004
[ 1140.235563][   T30] Call Trace:
[ 1140.238856][   T30]  <TASK>
[ 1140.242131][   T30]  __schedule+0x17e8/0x4a20
[ 1140.246682][   T30]  ? __pfx___schedule+0x10/0x10
[ 1140.251544][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1140.257179][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 1140.262973][   T30]  ? schedule+0x90/0x320
[ 1140.267235][   T30]  schedule+0x14b/0x320
[ 1140.271404][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1140.277521][   T30]  __mutex_lock+0x6a4/0xd70
[ 1140.282448][   T30]  ? __mutex_lock+0x527/0xd70
[ 1140.287153][   T30]  ? new_device_store+0x1b4/0x890
[ 1140.293670][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1140.298723][   T30]  ? __pfx_lock_acquire+0x10/0x10
[ 1140.304187][   T30]  new_device_store+0x1b4/0x890
[ 1140.309055][   T30]  ? kernfs_fop_write_iter+0x1eb/0x500
[ 1140.314993][   T30]  ? __pfx_new_device_store+0x10/0x10
[ 1140.320396][   T30]  ? sysfs_kf_write+0x182/0x2a0
[ 1140.325690][   T30]  ? bus_attr_store+0x4f/0xa0
[ 1140.330385][   T30]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1140.335999][   T30]  kernfs_fop_write_iter+0x3a1/0x500
[ 1140.341302][   T30]  vfs_write+0xa72/0xc90
[ 1140.345995][   T30]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1140.352256][   T30]  ? __pfx_vfs_write+0x10/0x10
[ 1140.357056][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1140.363479][   T30]  ksys_write+0x1a0/0x2c0
[ 1140.367830][   T30]  ? __pfx_ksys_write+0x10/0x10
[ 1140.373218][   T30]  ? do_syscall_64+0x100/0x230
[ 1140.378017][   T30]  ? do_syscall_64+0xb6/0x230
[ 1140.383148][   T30]  do_syscall_64+0xf3/0x230
[ 1140.387679][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1140.392909][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1140.398836][   T30] RIP: 0033:0x7fbc0977475f
[ 1140.403674][   T30] RSP: 002b:00007fbc09a2f220 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1140.412374][   T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fbc0977475f
[ 1140.420356][   T30] RDX: 0000000000000003 RSI: 00007fbc09a2f270 RDI: 0000000000000005
[ 1140.428768][   T30] RBP: 00007fbc097e45c4 R08: 0000000000000000 R09: 00007fbc09a2f077
[ 1140.436973][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[ 1140.445008][   T30] R13: 00007fbc09a2f270 R14: 00007fbc0a434620 R15: 0000000000000003
[ 1140.453288][   T30]  </TASK>
[ 1140.456340][   T30] INFO: task syz-executor:24337 blocked for more than 144 seconds.
[ 1140.464509][   T30]       Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[ 1140.472188][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1140.480852][   T30] task:syz-executor    state:D stack:21024 pid:24337 tgid:24337 ppid:1      flags:0x00000004
[ 1140.491304][   T30] Call Trace:
[ 1140.494693][   T30]  <TASK>
[ 1140.497642][   T30]  __schedule+0x17e8/0x4a20
[ 1140.502479][   T30]  ? __pfx___schedule+0x10/0x10
[ 1140.507350][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1140.512455][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 1140.517941][   T30]  ? schedule+0x90/0x320
[ 1140.522806][   T30]  schedule+0x14b/0x320
[ 1140.526992][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1140.532852][   T30]  __mutex_lock+0x6a4/0xd70
[ 1140.537370][   T30]  ? __mutex_lock+0x527/0xd70
[ 1140.542426][   T30]  ? new_device_store+0x1b4/0x890
[ 1140.547471][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1140.552964][   T30]  ? __pfx_lock_acquire+0x10/0x10
[ 1140.558017][   T30]  new_device_store+0x1b4/0x890
[ 1140.563337][   T30]  ? kernfs_fop_write_iter+0x1eb/0x500
[ 1140.568822][   T30]  ? __pfx_new_device_store+0x10/0x10
[ 1140.574398][   T30]  ? sysfs_kf_write+0x182/0x2a0
[ 1140.579292][   T30]  ? bus_attr_store+0x4f/0xa0
[ 1140.585182][   T30]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1140.591500][   T30]  kernfs_fop_write_iter+0x3a1/0x500
[ 1140.598194][   T30]  vfs_write+0xa72/0xc90
[ 1140.602531][   T30]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1140.608330][   T30]  ? __pfx_vfs_write+0x10/0x10
[ 1140.613232][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1140.619243][   T30]  ksys_write+0x1a0/0x2c0
[ 1140.623884][   T30]  ? __pfx_ksys_write+0x10/0x10
[ 1140.628757][   T30]  ? do_syscall_64+0x100/0x230
[ 1140.633669][   T30]  ? do_syscall_64+0xb6/0x230
[ 1140.638375][   T30]  do_syscall_64+0xf3/0x230
[ 1140.642963][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1140.647650][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1140.653923][   T30] RIP: 0033:0x7fe5c217475f
[ 1140.658353][   T30] RSP: 002b:00007fe5c242f220 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1140.666850][   T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fe5c217475f
[ 1140.675253][   T30] RDX: 0000000000000003 RSI: 00007fe5c242f270 RDI: 0000000000000005
[ 1140.683776][   T30] RBP: 00007fe5c21e45c4 R08: 0000000000000000 R09: 00007fe5c242f077
[ 1140.693575][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[ 1140.701565][   T30] R13: 00007fe5c242f270 R14: 00007fe5c2e34620 R15: 0000000000000003
[ 1140.710467][   T30]  </TASK>
[ 1140.713793][   T30] INFO: task syz-executor:24353 blocked for more than 144 seconds.
[ 1140.721776][   T30]       Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[ 1140.729415][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1140.738208][   T30] task:syz-executor    state:D stack:21024 pid:24353 tgid:24353 ppid:1      flags:0x00004006
[ 1140.748605][   T30] Call Trace:
[ 1140.752435][   T30]  <TASK>
[ 1140.755382][   T30]  __schedule+0x17e8/0x4a20
[ 1140.759918][   T30]  ? __pfx___schedule+0x10/0x10
[ 1140.764851][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1140.769896][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 1140.775734][   T30]  ? schedule+0x90/0x320
[ 1140.779999][   T30]  schedule+0x14b/0x320
[ 1140.784249][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1140.789725][   T30]  __mutex_lock+0x6a4/0xd70
[ 1140.795689][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1140.800924][   T30]  ? __mutex_lock+0x527/0xd70
[ 1140.806771][   T30]  ? nsim_destroy+0x71/0x5c0
[ 1140.811375][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1140.816695][   T30]  ? __pfx_mntput_no_expire+0x10/0x10
[ 1140.822402][   T30]  ? _raw_spin_unlock+0x28/0x50
[ 1140.827277][   T30]  ? simple_release_fs+0x9c/0xd0
[ 1140.840568][   T30]  nsim_destroy+0x71/0x5c0
[ 1140.845088][   T30]  __nsim_dev_port_del+0x14b/0x1b0
[ 1140.850217][   T30]  nsim_dev_reload_destroy+0x28a/0x490
[ 1140.855734][   T30]  ? __pfx_nsim_bus_remove+0x10/0x10
[ 1140.861042][   T30]  nsim_drv_remove+0x58/0x160
[ 1140.865848][   T30]  device_release_driver_internal+0x4a9/0x7c0
[ 1140.872000][   T30]  bus_remove_device+0x34f/0x420
[ 1140.876973][   T30]  device_del+0x57a/0x9b0
[ 1140.881318][   T30]  ? __pfx_device_del+0x10/0x10
[ 1140.886254][   T30]  device_unregister+0x20/0xc0
[ 1140.891047][   T30]  del_device_store+0x363/0x480
[ 1140.895976][   T30]  ? __pfx_del_device_store+0x10/0x10
[ 1140.901373][   T30]  ? sysfs_kf_write+0x182/0x2a0
[ 1140.906319][   T30]  ? bus_attr_store+0x4f/0xa0
[ 1140.911015][   T30]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1140.916274][   T30]  kernfs_fop_write_iter+0x3a1/0x500
[ 1140.921600][   T30]  vfs_write+0xa72/0xc90
[ 1140.926462][   T30]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1140.932584][   T30]  ? __pfx_vfs_write+0x10/0x10
[ 1140.937468][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1140.942874][   T30]  ? blkcg_maybe_throttle_current+0x1ab/0xb80
[ 1140.949052][   T30]  ksys_write+0x1a0/0x2c0
[ 1140.953917][   T30]  ? __pfx_ksys_write+0x10/0x10
[ 1140.958798][   T30]  ? do_syscall_64+0x100/0x230
[ 1140.963763][   T30]  ? do_syscall_64+0xb6/0x230
[ 1140.968464][   T30]  do_syscall_64+0xf3/0x230
[ 1140.973050][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1140.977744][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1140.984099][   T30] RIP: 0033:0x7fa82e57475f
[ 1140.988537][   T30] RSP: 002b:00007fa82e82f220 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1140.997213][   T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fa82e57475f
[ 1141.006072][   T30] RDX: 0000000000000001 RSI: 00007fa82e82f270 RDI: 0000000000000005
[ 1141.014365][   T30] RBP: 00007fa82e5e45a0 R08: 0000000000000000 R09: 00007fa82e82f077
[ 1141.022403][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1141.030428][   T30] R13: 00007fa82e82f270 R14: 00007fa82f234620 R15: 0000000000000003
[ 1141.038508][   T30]  </TASK>
[ 1141.041553][   T30] INFO: task syz.0.4490:24445 blocked for more than 145 seconds.
[ 1141.049330][   T30]       Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[ 1141.057128][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1141.066428][   T30] task:syz.0.4490      state:D stack:27360 pid:24445 tgid:24443 ppid:8898   flags:0x00000004
[ 1141.077467][   T30] Call Trace:
[ 1141.080834][   T30]  <TASK>
[ 1141.084049][   T30]  __schedule+0x17e8/0x4a20
[ 1141.088601][   T30]  ? __pfx___schedule+0x10/0x10
[ 1141.093579][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1141.098624][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 1141.105566][   T30]  ? schedule+0x90/0x320
[ 1141.109854][   T30]  schedule+0x14b/0x320
[ 1141.114299][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1141.119774][   T30]  __mutex_lock+0x6a4/0xd70
[ 1141.124385][   T30]  ? __mutex_lock+0x527/0xd70
[ 1141.129079][   T30]  ? do_ip_setsockopt+0x127d/0x3cd0
[ 1141.134328][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1141.139388][   T30]  do_ip_setsockopt+0x127d/0x3cd0
[ 1141.144498][   T30]  ? __pfx_do_ip_setsockopt+0x10/0x10
[ 1141.149882][   T30]  ? aa_sk_perm+0x967/0xab0
[ 1141.154625][   T30]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1141.159503][   T30]  ? __pfx_lock_acquire+0x10/0x10
[ 1141.164704][   T30]  ? aa_sock_opt_perm+0x79/0x120
[ 1141.169672][   T30]  ip_setsockopt+0x63/0x100
[ 1141.174286][   T30]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1141.180202][   T30]  do_sock_setsockopt+0x3af/0x720
[ 1141.185298][   T30]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1141.190857][   T30]  ? __fget_files+0x29/0x470
[ 1141.195493][   T30]  ? __fget_files+0x3f6/0x470
[ 1141.200203][   T30]  __sys_setsockopt+0x1ae/0x250
[ 1141.205656][   T30]  __x64_sys_setsockopt+0xb5/0xd0
[ 1141.210703][   T30]  do_syscall_64+0xf3/0x230
[ 1141.215478][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1141.220180][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1141.226362][   T30] RIP: 0033:0x7fc0c1175bd9
[ 1141.230789][   T30] RSP: 002b:00007fc0c1fa9048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1141.239257][   T30] RAX: ffffffffffffffda RBX: 00007fc0c1304038 RCX: 00007fc0c1175bd9
[ 1141.247318][   T30] RDX: 0000000000000028 RSI: 0000000000000000 RDI: 0000000000000008
[ 1141.255352][   T30] RBP: 00007fc0c11e4e60 R08: 0000000000000000 R09: 0000000000000000
[ 1141.263363][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1141.271350][   T30] R13: 000000000000006e R14: 00007fc0c1304038 R15: 00007fc0c142fa78
[ 1141.279513][   T30]  </TASK>
[ 1141.282592][   T30] 
[ 1141.282592][   T30] Showing all locks held in the system:
[ 1141.290300][   T30] 4 locks held by kworker/u8:0/11:
[ 1141.295493][   T30] 1 lock held by khungtaskd/30:
[ 1141.300356][   T30]  #0: ffffffff8e333f20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 1141.311346][   T30] 2 locks held by dhcpcd/4759:
[ 1141.316584][   T30]  #0: ffffffff8f5cbf48 (vlan_ioctl_mutex){+.+.}-{3:3}, at: sock_ioctl+0x664/0x8e0
[ 1141.326081][   T30]  #1: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: vlan_ioctl_handler+0x112/0x9d0
[ 1141.335701][   T30] 2 locks held by getty/4845:
[ 1141.340376][   T30]  #0: ffff88802a5f50a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1141.350527][   T30]  #1: ffffc90002f162f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[ 1141.360966][   T30] 3 locks held by kworker/1:3/5097:
[ 1141.367428][   T30]  #0: ffff888015081948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 1141.380152][   T30]  #1: ffffc9000383fd00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 1141.391368][   T30]  #2: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x91/0xea0
[ 1141.401408][   T30] 3 locks held by kworker/0:4/5141:
[ 1141.406826][   T30]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 1141.418998][   T30]  #1: ffffc90004347d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 1141.430095][   T30]  #2: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[ 1141.439358][   T30] 3 locks held by kworker/u8:4/21134:
[ 1141.444805][   T30]  #0: ffff888029f19948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 1141.456552][   T30]  #1: ffffc900032dfd00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 1141.470354][   T30]  #2: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[ 1141.480580][   T30] 1 lock held by syz-executor/24260:
[ 1141.485975][   T30]  #0: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[ 1141.495907][   T30] 4 locks held by syz-executor/24315:
[ 1141.501277][   T30]  #0: ffff88802f7da420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[ 1141.510250][   T30]  #1: ffff8880560e1888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[ 1141.520856][   T30]  #2: ffff888022f62a58 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[ 1141.531751][   T30]  #3: ffffffff8eef4408 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890
[ 1141.542224][   T30] 4 locks held by syz-executor/24337:
[ 1141.547605][   T30]  #0: ffff88802f7da420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[ 1141.556848][   T30]  #1: ffff888011d1f488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[ 1141.566925][   T30]  #2: ffff888022f62a58 (kn->active#50){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[ 1141.577295][   T30]  #3: ffffffff8eef4408 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: new_device_store+0x1b4/0x890
[ 1141.588010][   T30] 7 locks held by syz-executor/24353:
[ 1141.593689][   T30]  #0: ffff88802f7da420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x227/0xc90
[ 1141.603045][   T30]  #1: ffff888058377488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1eb/0x500
[ 1141.613123][   T30]  #2: ffff888022f62b48 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20f/0x500
[ 1141.623457][   T30]  #3: ffffffff8eef4408 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[ 1141.634096][   T30]  #4: ffff88806b3c60e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[ 1141.644972][   T30]  #5: ffff88806b3c7250 (&devlink->lock_key#46){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160
[ 1141.655407][   T30]  #6: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0
[ 1141.664651][   T30] 1 lock held by syz.0.4490/24445:
[ 1141.669776][   T30]  #0: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: do_ip_setsockopt+0x127d/0x3cd0
[ 1141.679746][   T30] 2 locks held by syz-executor/24450:
[ 1141.685368][   T30]  #0: ffffffff8f5da590 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0
[ 1141.694875][   T30]  #1: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[ 1141.705011][   T30] 2 locks held by syz-executor/24454:
[ 1141.710388][   T30]  #0: ffffffff8f5da590 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0
[ 1141.720032][   T30]  #1: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[ 1141.730099][   T30] 2 locks held by syz-executor/24457:
[ 1141.735664][   T30]  #0: ffffffff8f5da590 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0
[ 1141.745167][   T30]  #1: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[ 1141.755279][   T30] 2 locks held by syz-executor/24466:
[ 1141.760646][   T30]  #0: ffffffff8f5da590 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0
[ 1141.770105][   T30]  #1: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[ 1141.780173][   T30] 2 locks held by syz-executor/24467:
[ 1141.785596][   T30]  #0: ffffffff8f5da590 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0
[ 1141.795726][   T30]  #1: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[ 1141.806150][   T30] 2 locks held by syz-executor/24471:
[ 1141.811536][   T30]  #0: ffffffff8f5da590 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0
[ 1141.821377][   T30]  #1: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[ 1141.831646][   T30] 2 locks held by syz-executor/24475:
[ 1141.837027][   T30]  #0: ffffffff8f5da590 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0
[ 1141.846552][   T30]  #1: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[ 1141.856651][   T30] 2 locks held by syz-executor/24478:
[ 1141.862073][   T30]  #0: ffffffff8f5da590 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0
[ 1141.871514][   T30]  #1: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[ 1141.887631][   T30] 2 locks held by syz-executor/24482:
[ 1141.893296][   T30]  #0: ffffffff8f5da590 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0
[ 1141.902961][   T30]  #1: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[ 1141.913088][   T30] 2 locks held by syz-executor/24484:
[ 1141.918464][   T30]  #0: ffffffff8f5da590 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0
[ 1141.927937][   T30]  #1: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[ 1141.938104][   T30] 2 locks held by syz-executor/24490:
[ 1141.943577][   T30]  #0: ffffffff8f5da590 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c6/0x7b0
[ 1141.953176][   T30]  #1: ffffffff8f5e6dc8 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[ 1141.963281][   T30] 
[ 1141.965612][   T30] =============================================
[ 1141.965612][   T30] 
[ 1141.974100][   T30] NMI backtrace for cpu 0
[ 1141.978434][   T30] CPU: 0 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[ 1141.988331][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1141.998387][   T30] Call Trace:
[ 1142.001672][   T30]  <TASK>
[ 1142.004612][   T30]  dump_stack_lvl+0x241/0x360
[ 1142.009310][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1142.014518][   T30]  ? __pfx__printk+0x10/0x10
[ 1142.019104][   T30]  ? vprintk_emit+0x631/0x770
[ 1142.023784][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[ 1142.028815][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[ 1142.033750][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1142.039200][   T30]  ? _printk+0xd5/0x120
[ 1142.043351][   T30]  ? __pfx__printk+0x10/0x10
[ 1142.047971][   T30]  ? __wake_up_klogd+0xcc/0x110
[ 1142.052816][   T30]  ? __pfx__printk+0x10/0x10
[ 1142.057398][   T30]  ? __rcu_read_unlock+0xa1/0x110
[ 1142.062420][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1142.068392][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[ 1142.074366][   T30]  watchdog+0xfde/0x1020
[ 1142.078600][   T30]  ? watchdog+0x1ea/0x1020
[ 1142.083010][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1142.087676][   T30]  kthread+0x2f0/0x390
[ 1142.091747][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1142.096422][   T30]  ? __pfx_kthread+0x10/0x10
[ 1142.101004][   T30]  ret_from_fork+0x4b/0x80
[ 1142.105413][   T30]  ? __pfx_kthread+0x10/0x10
[ 1142.109994][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1142.114847][   T30]  </TASK>
[ 1142.118304][   T30] Sending NMI from CPU 0 to CPUs 1:
[ 1142.123576][    C1] NMI backtrace for cpu 1
[ 1142.123588][    C1] CPU: 1 PID: 4528 Comm: syslogd Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[ 1142.123607][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1142.123617][    C1] RIP: 0010:kasan_check_range+0x1bf/0x290
[ 1142.123642][    C1] Code: 48 85 ed 48 0f 49 dd 48 83 e3 f8 48 29 dd 74 12 41 80 3b 00 0f 85 a6 00 00 00 49 ff c3 48 ff cd 75 ee 5b 41 5c 41 5e 41 5f 5d <c3> cc cc cc cc 40 84 ed 75 5f f7 c5 00 ff 00 00 75 5c f7 c5 00 00
[ 1142.123656][    C1] RSP: 0018:ffffc9000321f7c8 EFLAGS: 00000056
[ 1142.123671][    C1] RAX: 0000000000000001 RBX: 0000000000000021 RCX: ffffffff81728075
[ 1142.123683][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff92fa7580
[ 1142.123694][    C1] RBP: 58cce5e7c8d5ebdc R08: ffffffff92fa7587 R09: 1ffffffff25f4eb0
[ 1142.123710][    C1] R10: dffffc0000000000 R11: fffffbfff25f4eb1 R12: ffff88807bd28000
[ 1142.123722][    C1] R13: ffff88807bd28000 R14: 0000000000000001 R15: ffff88807bd28000
[ 1142.123734][    C1] FS:  00007ff4b9b41380(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[ 1142.123750][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1142.123762][    C1] CR2: 00005622b549b058 CR3: 000000007c1f2000 CR4: 00000000003506f0
[ 1142.123777][    C1] Call Trace:
[ 1142.123784][    C1]  <NMI>
[ 1142.123790][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 1142.123807][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1142.123826][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1142.123849][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1142.123867][    C1]  ? nmi_handle+0x14f/0x5a0
[ 1142.123888][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1142.123909][    C1]  ? kasan_check_range+0x1bf/0x290
[ 1142.123928][    C1]  ? default_do_nmi+0x63/0x160
[ 1142.123945][    C1]  ? exc_nmi+0x123/0x1f0
[ 1142.123961][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1142.123984][    C1]  ? __lock_acquire+0x1265/0x1fd0
[ 1142.124001][    C1]  ? kasan_check_range+0x1bf/0x290
[ 1142.124020][    C1]  ? kasan_check_range+0x1bf/0x290
[ 1142.124040][    C1]  ? kasan_check_range+0x1bf/0x290
[ 1142.124058][    C1]  </NMI>
[ 1142.124065][    C1]  <TASK>
[ 1142.124070][    C1]  __lock_acquire+0x1265/0x1fd0
[ 1142.124094][    C1]  lock_acquire+0x1ed/0x550
[ 1142.124110][    C1]  ? aa_file_perm+0x137/0xf60
[ 1142.124128][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1142.124152][    C1]  ? __unix_dgram_recvmsg+0xcf4/0x12f0
[ 1142.124178][    C1]  ? aa_file_perm+0x137/0xf60
[ 1142.124193][    C1]  aa_file_perm+0x154/0xf60
[ 1142.124207][    C1]  ? aa_file_perm+0x137/0xf60
[ 1142.124223][    C1]  ? __pfx_aa_sk_perm+0x10/0x10
[ 1142.124244][    C1]  ? shmem_file_write_iter+0x107/0x120
[ 1142.124263][    C1]  ? __pfx_aa_file_perm+0x10/0x10
[ 1142.124278][    C1]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[ 1142.124294][    C1]  ? security_socket_recvmsg+0x90/0xb0
[ 1142.124311][    C1]  ? unix_dgram_recvmsg+0xb6/0xe0
[ 1142.124327][    C1]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[ 1142.124344][    C1]  ? sock_read_iter+0x2e1/0x3e0
[ 1142.124365][    C1]  ? __asan_memcpy+0x40/0x70
[ 1142.124381][    C1]  ? sock_read_iter+0x2e1/0x3e0
[ 1142.124401][    C1]  ? __pfx_sock_read_iter+0x10/0x10
[ 1142.124423][    C1]  common_file_perm+0x19c/0x210
[ 1142.124445][    C1]  security_file_permission+0x6d/0xa0
[ 1142.124466][    C1]  rw_verify_area+0xbf/0x6b0
[ 1142.124485][    C1]  vfs_write+0x158/0xc90
[ 1142.124505][    C1]  ? __pfx_vfs_write+0x10/0x10
[ 1142.124526][    C1]  ? __rseq_handle_notify_resume+0x353/0x14e0
[ 1142.124549][    C1]  ksys_write+0x1a0/0x2c0
[ 1142.124568][    C1]  ? __pfx_ksys_write+0x10/0x10
[ 1142.124585][    C1]  ? do_syscall_64+0x100/0x230
[ 1142.124607][    C1]  ? do_syscall_64+0xb6/0x230
[ 1142.124627][    C1]  do_syscall_64+0xf3/0x230
[ 1142.124646][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1142.124661][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1142.124681][    C1] RIP: 0033:0x7ff4b9c95bf2
[ 1142.124695][    C1] Code: 89 c7 48 89 44 24 08 e8 7b 34 fa ff 48 8b 44 24 08 48 83 c4 28 c3 c3 64 8b 04 25 18 00 00 00 85 c0 75 20 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 6f 48 8b 15 07 a2 0d 00 f7 d8 64 89 02 48 83
[ 1142.124708][    C1] RSP: 002b:00007ffda7c89118 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1142.124724][    C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007ff4b9c95bf2
[ 1142.124736][    C1] RDX: 0000000000000058 RSI: 000055b288f43c50 RDI: 0000000000000003
[ 1142.124747][    C1] RBP: 000055b288f43c50 R08: 0000000000000001 R09: 0000000000000000
[ 1142.124758][    C1] R10: 00007ff4b9e343a3 R11: 0000000000000246 R12: 0000000000000058
[ 1142.124769][    C1] R13: 00007ff4b9b41300 R14: 0000000000000004 R15: 000055b288f43a60
[ 1142.124787][    C1]  </TASK>
[ 1142.563854][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[ 1142.570726][   T30] CPU: 0 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc7-syzkaller-00003-g4376e966ecb7 #0
[ 1142.580628][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1142.590692][   T30] Call Trace:
[ 1142.593977][   T30]  <TASK>
[ 1142.596907][   T30]  dump_stack_lvl+0x241/0x360
[ 1142.601583][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1142.606775][   T30]  ? __pfx__printk+0x10/0x10
[ 1142.611357][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1142.617329][   T30]  ? vscnprintf+0x5d/0x90
[ 1142.621655][   T30]  panic+0x349/0x860
[ 1142.625550][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1142.631700][   T30]  ? __pfx_panic+0x10/0x10
[ 1142.636114][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[ 1142.641480][   T30]  ? __irq_work_queue_local+0x137/0x410
[ 1142.647018][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[ 1142.652380][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1142.658521][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[ 1142.664661][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[ 1142.670802][   T30]  watchdog+0x101d/0x1020
[ 1142.675128][   T30]  ? watchdog+0x1ea/0x1020
[ 1142.679534][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1142.684199][   T30]  kthread+0x2f0/0x390
[ 1142.688258][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1142.692922][   T30]  ? __pfx_kthread+0x10/0x10
[ 1142.697501][   T30]  ret_from_fork+0x4b/0x80
[ 1142.701907][   T30]  ? __pfx_kthread+0x10/0x10
[ 1142.706484][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1142.711247][   T30]  </TASK>
[ 1142.714480][   T30] Kernel Offset: disabled
[ 1142.718801][   T30] Rebooting in 86400 seconds..