last executing test programs:

14.228015397s ago: executing program 2 (id=5944):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xa, &(0x7f0000000280)={0x20000000002, 0x100008f}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
mount$cgroup(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x3200000, &(0x7f0000000880)={[{@cpuset_v2_mode}, {@clone_children}, {@release_agent={'release_agent', 0x3d, './file0'}}, {}], [{@subj_type={'subj_type', 0x3d, '\xc0\x80\x97v/D\xea\xd8\xf9\'\xd4\x9a\xac\xb2%\xfb\xbf\n#|\xe1\xf9\x18\x9dih\xe6u\xb8\x96\xces(~\x86\xb9\xf1\x84\xaeBz\x05,\xb8\x16\x95\x16\x98\xebD\xa2,\xdeB\xbd\xf3\xa3\xb7\x92\xd7&\\\a\xfb\xd0\x121V\xbb\v:\xfeN\x8c\x99\xae\xd5\xd4\xa5;\x93\x97\xbaU\xd8\x01\xd4z\x11\xfa\xb5X\x0ff\vp\xff#i}\ve\x12\x15\x81?\xa3\xbb\xe5\x03\xa3Q\xbb\x94\xd6v\xa2\xad\'\xf2\x92\xac?\xba\xa2x\xa2\xcb\x90\x18\xe3\xaf\x86ErdL\xe5\xea8\x9b\ai0\xa3[\f\xd6\xa3\xe7\xb7\xc0\xfdhC\xc8A\xedE \xdaw\x9a\xfd\xd0\xd7T*\xe2)\xecl\xa4\xd2d\"\xa0\x988\xeaOQn\x7f\x9fd\xecI#$\xa6\x03\xc8j\xe7\xb5\x84\x9a\xdd`0\x1d\x1ed\xec|\x15\xf35\x80\x04\xa8\x14\xcc\xda\xca-\x82d\x8cZ\xd6*X\x89y\x97\xba.\x90\xe4\x05U\xe7\xf3\xb4?\xaf\n\xc2\xe6'}}]})
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000003c0)={{0x0, 0x3, 0x100000}})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000000a00)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000100))
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40345410, &(0x7f0000000340)={0x1})
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='io\x00')
pread64(r3, &(0x7f00000002c0)=""/163, 0xa3, 0x0)
shutdown(0xffffffffffffffff, 0x0)
socket(0x2a, 0x800, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6(0xa, 0xa, 0x2003c)
setsockopt$inet6_int(r4, 0x29, 0x48, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x0, 0xe, 0x0, &(0x7f0000000f40)='\x00'/14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x50)
ftruncate(0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000580)=[{&(0x7f0000000400)=""/179, 0xb3}, {&(0x7f0000000500)=""/123, 0x7b}], 0x2, 0x4, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1, 0x80000001, 0xfffffffc, 0x8000, 0x1204, 0xffffffffffffffff, 0xfffffefe}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="0000000000000000b702000003", @ANYRESDEC, @ANYBLOB, @ANYRESHEX, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180))

10.310068526s ago: executing program 2 (id=5951):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x0, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000009000000000001"], 0x0}, 0x90)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000080), 0x1d0)
bind$can_raw(r1, &(0x7f0000000000), 0x10)
dup3(r0, r1, 0x0)

10.061866694s ago: executing program 2 (id=5953):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r1)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$inet6(0xa, 0x2, 0x3)
setsockopt$inet6_int(r4, 0x29, 0x0, 0x0, 0x0)
setsockopt$inet6_buf(r4, 0x29, 0x3e, 0x0, 0x0)
creat(0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TLS_TX(r6, 0x6, 0x1, &(0x7f0000000000)=@ccm_128={{}, "c04d831721b66c43", "7e50992d53face4acb591d981848b3d9", "a7844c4e", "6c25c0284645e18b"}, 0x28)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f0000000080), 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
preadv(r7, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000400)='/proc/partitions\x00', 0x0, 0x0)
r9 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r9, r8, &(0x7f0000002080)=0x3a, 0x23b)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)
r10 = syz_open_dev$swradio(&(0x7f0000000180), 0x1, 0x2)
openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x400400, 0x0)
ioctl$VIDIOC_QBUF(r10, 0xc058560f, &(0x7f0000001540)=@multiplanar_userptr={0x0, 0x3, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "75d386a8"}, 0x0, 0x2, {0x0}})
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000020000000000000000000000009500000000000000cbef9f1e5c74e6e6aeaa53ab998afd26d275dbce879823d05477fe5e84c75ff24bee0100ab43b60670436afa76f409b4bab8fddf376f84515f838232b18f867305115a5e351b457c682060144a5be9e8e211c5bd310c50e73815b12efb384984f122ae4dc1a8870472d445f576e492650519bc4d8b3a50f7ff5f5980bd95f110519cdfedfce4b4983dd7fe968ffa16987cbfd37d536f32912390c6b229fbe080de2a1f10da1cee6d19295fcf7508024e6ec67f"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r11}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x310, 0x0, 0x12, 0x60a, 0x138, 0x202, 0x240, 0x2e8, 0x2e8, 0x240, 0x2c0, 0x4, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @dev}, @mcast2, [], [], 'veth1_to_bond\x00', 'xfrm0\x00'}, 0x0, 0x108, 0x138, 0x0, {}, [@common=@unspec=@statistic={{0x38}}, @common=@inet=@socket2={{0x28}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@private2, @loopback, [], [], 'vxcan1\x00', 'batadv0\x00'}, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@empty}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x370)

8.351441752s ago: executing program 2 (id=5956):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000", 0xe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000003c40)={0x11, 0x0, 0x0, 0x0, 0x8, 0x9d, &(0x7f0000000000)=""/157, 0x0, 0x30}, 0x90)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="4c0003"], 0xd)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
sendmsg$NFC_CMD_START_POLL(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2400003b41796bfac0b5e2bbff00", @ANYRES16=r4, @ANYBLOB="010000000000000000000600000008000100", @ANYRES32=0x0, @ANYBLOB="08000300ffffffff"], 0x24}}, 0x0)
sendmsg$alg(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@assoc={0x18, 0x117, 0x4, 0x7f}], 0x18}, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000600), 0xfec8)
recvmmsg(0xffffffffffffffff, &(0x7f0000003ac0)=[{{0x0, 0x0, &(0x7f0000004240)=[{&(0x7f0000003d00)=""/135, 0x87}, {&(0x7f0000003dc0)=""/171, 0xab}, {&(0x7f0000003e80)=""/246, 0xf6}, {&(0x7f0000000340)}, {&(0x7f0000003f80)=""/2, 0x2}, {&(0x7f0000003fc0)=""/222, 0xde}, {&(0x7f00000040c0)=""/216, 0xd8}, {&(0x7f00000041c0)=""/87, 0x57}], 0x8, 0x0, 0x0, 0x2000000}, 0x2}, {{&(0x7f0000000240)=@x25, 0x80, &(0x7f0000001dc0)=[{&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000001900)=""/87, 0x57}, {&(0x7f0000001980)=""/70, 0x46}, {&(0x7f0000001a00)=""/74, 0x4a}, {&(0x7f0000001a80)=""/65, 0x41}, {&(0x7f0000001b00)=""/239, 0xef}, {&(0x7f0000001c00)=""/187, 0xbb}, {&(0x7f0000001cc0)=""/214, 0xd6}], 0x8, &(0x7f0000001e40)=""/60, 0x3c}, 0x9}, {{&(0x7f0000001e80)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private1}}}, 0x80, &(0x7f0000001fc0)=[{&(0x7f0000001f00)=""/111, 0x6f}, {&(0x7f0000001f80)=""/23, 0x17}], 0x2, &(0x7f0000002000)=""/19, 0x13}, 0xb}, {{0x0, 0x0, &(0x7f00000023c0)=[{&(0x7f0000002040)=""/217, 0xd9}, {&(0x7f0000002140)=""/209, 0xd1}, {&(0x7f0000002240)=""/49, 0x31}, {&(0x7f0000002280)=""/177, 0xb1}, {&(0x7f0000002340)=""/116, 0x74}], 0x5}}, {{&(0x7f0000002440)=@x25, 0x80, &(0x7f0000002600)=[{&(0x7f00000024c0)=""/29, 0x1d}, {&(0x7f0000002500)=""/161, 0xa1}, {&(0x7f00000025c0)=""/45, 0x2d}], 0x3, &(0x7f0000002640)=""/6, 0x6}}, {{&(0x7f0000002680)=@in6={0xa, 0x0, 0x0, @initdev}, 0x80, &(0x7f0000002a40)=[{&(0x7f0000002800)=""/7, 0x7}, {&(0x7f0000002840)=""/91, 0x5b}, {&(0x7f00000028c0)=""/89, 0x59}, {&(0x7f0000002940)=""/176, 0xb0}, {&(0x7f0000002a00)=""/37, 0x25}], 0x5, &(0x7f0000002ac0)=""/4096, 0x1000}, 0xdb5}], 0x6, 0x1, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000600), 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r5, 0x0, 0x0)
r6 = socket(0x10, 0x3, 0x0)
write(r6, &(0x7f0000000000)="240000001a005f0414f9f4070009040081000000000000000000000008000f0001000000", 0x24)
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(0xffffffffffffffff, 0x7ac, &(0x7f0000000200)={0x0, 0x0, 0x1000})
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000480)=@raw={'raw\x00', 0x3c1, 0x3, 0x418, 0x0, 0x168, 0x9, 0x0, 0xa, 0x348, 0x250, 0x250, 0x348, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [], [], 'team_slave_0\x00', 'sit0\x00', {}, {}, 0x6, 0x0, 0x0, 0x41}, 0x6000000, 0x228, 0x248, 0x0, {0x0, 0x28e}, [@common=@inet=@hashlimit3={{0x158}, {'batadv_slave_1\x00', {0x0, 0x7ff, 0x0, 0x0, 0x0, 0x6, 0x1000}}}, @common=@inet=@ecn={{0x28}, {0x30}}]}, @unspec=@NOTRACK={0x20}}, {{@ipv6={@mcast1, @remote, [], [], 'tunl0\x00', 'veth1_to_bond\x00'}, 0x0, 0xd0, 0x100, 0x0, {}, [@common=@icmp6={{0x28}, {0x0, "5c14"}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x478)
pipe(&(0x7f0000000080))

8.236692214s ago: executing program 3 (id=5957):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r0, @ANYRES32=r2], 0x7c}}, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r3 = syz_io_uring_setup(0x4a8, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f00000001c0))
io_uring_enter(r3, 0x2dec, 0x0, 0x0, 0x0, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000180)={0x1f, 0xffffffffffffffff}, 0x6)
r5 = syz_io_uring_setup(0x4072, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
rename(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='./file0\x00')
setsockopt$bt_hci_HCI_DATA_DIR(r4, 0x0, 0x1, &(0x7f0000000040)=0x7, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r5, 0x567, 0x0, 0x0, 0x0, 0x0)

8.151755498s ago: executing program 4 (id=5958):
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
pipe(&(0x7f00000001c0))
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x7, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB], 0x0}, 0x90)
syz_usb_connect$uac1(0x0, 0xa2, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000086b1d01014000010203010902900003010000000904000000210100000a24010000000201020824040000813edd090401000001020000096801010101020000072401000000000d2402010900000081fbac292309050109000000000007250100000000090402000001020000090402010101020000000000000000040e2402010e010000675dfcc5e05f09058209200000000007250100000000"], 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0x134, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0086dd6002000800fe2c00fe8000000000000000000000000000bbff02000000000000000000000000000132"], 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0xe4, @fixed, 0x0, 0x1}, 0xe)
close_range(0xffffffffffffffff, r1, 0x2)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/mdstat\x00', 0x0, 0x0)
ppoll(&(0x7f0000000040)=[{r4, 0xa530}, {r4, 0xa1}], 0x2, &(0x7f0000000000), 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000f000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r6}, 0x10)
mlock2(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000280)={r7, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x19, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r9}, 0x10)

7.894414274s ago: executing program 3 (id=5959):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$tipc(0x1e, 0x0, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0xc0505405, &(0x7f00000000c0))
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
ioctl$SNDCTL_SEQ_RESETSAMPLES(r2, 0x40045109, &(0x7f0000000180)=0x400)
setsockopt$ax25_int(r3, 0x101, 0xa, &(0x7f0000000080)=0xbb1e, 0x4)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x100)
mbind(&(0x7f00006d1000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000000), 0x8, 0x4)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x0, 0x7fe2, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="065e1428ee8d1efbe7716bdf84d273c441d81c137df5d72c3113320f0d748c8bc08d7ed37b68a1abb5456644a6c216074f9be23c370b8ad5d1a172420d6285791532f05c7297221ed0a13547ae959ba66b1aee18b083dd6aaf953b9a269c604e1a260f9417ec01e6066d8e405d3290b2460c57e614c6b2fe79b44183e379e5655146449db24dcfa4103b4cc56c924489cef2ee4f89c67b519b7f6623f94f2f20546d3481350ed1f842be", @ANYRES32, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, &(0x7f0000000000), 0x8, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
r5 = memfd_create(&(0x7f0000000680)='D\xa3\xd5Wj\x00\x00\x8b\x14\xc2\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x9b\x12\x0eW\xcf\t\xb0\xa9 +H/\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2y\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xde\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4\x86\xd4\xc9\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg(\x03\xa7\x92\xe5\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xf8A\xaf\\\xaa\xf5u\xde\xfa\xa1\xc0\xf9&gR\x81.\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\b\x00'/244, 0x2)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000780))
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x11, r5, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

7.543518146s ago: executing program 0 (id=5961):
gettid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='smaps\x00')
r2 = socket$tipc(0x1e, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000000)={0x43}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x43}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f0000000080)={0x43}, 0x10)
socket$can_j1939(0x1d, 0x2, 0x7)
preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000200)=""/4095, 0xfff}], 0x1, 0x1000000, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000180)={&(0x7f0000000080)})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000002740)=[{&(0x7f0000001200)=""/74, 0x4a}, {&(0x7f0000001280)=""/200, 0x11}, {&(0x7f0000001380)=""/205, 0xcd}, {&(0x7f0000001480)=""/4096, 0x1000}, {&(0x7f0000002480)=""/233, 0xe9}, {&(0x7f0000002580)=""/183, 0xb7}, {&(0x7f0000002640)=""/250, 0xfa}], 0x7, 0x0, 0x0)
ioctl$USBDEVFS_CONTROL(r6, 0xc0185500, &(0x7f0000000000)={0x1, 0xb, 0xc, 0x6, 0xf2, 0x9, &(0x7f0000000440)="5d92e7d981fbb62b765509315649f3dbc3fe4aec95b7ad4b9b4292af1dbcf2bbc1f4f7aa5892d29bc2206d0bb2f47496969248a1370f3b55d50fb9cdd63f87083c1e5cbee15b81331a39939efbbc66ba49232368d52d64e110f947b83660bb0279bcfc6ac44e70204ea4aa8c94c9da8177e939da855d6f4592a82f8d4973ee942bc7ef83c28864039b3bc081948765720ec54f9cbac68a55dd0971cb4c9e79aab86de41199039fc3c8fa6699f6038844ad24b3f1c702ec3ade347895031e1af429a9689ceacb90f8355bacb359cfe7f6dbfe4b7863fc7c2948e34a67530f3d605314ff9c37e9d55a52ad368d3351e56de40a"})
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r9 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
close_range(r9, 0xffffffffffffffff, 0x0)

6.917833724s ago: executing program 1 (id=5962):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{}, &(0x7f0000000680), &(0x7f00000006c0)='%+9llu \x00'}, 0x20)
syz_emit_ethernet(0xae, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_dccp(0x2, 0x6, 0x0)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="58000000020605000000000000000020001c00f40b000780080011400000000c5b527c018f245700050001005053f3aa3d02000000080000000000000000000500040000000000090002000000000013000301006173683a6e65742c00000000"], 0x58}}, 0x0)
syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = fsopen(&(0x7f00000000c0)='minix\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, 0x0)
close(r4)

6.773682787s ago: executing program 3 (id=5963):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x0, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000009000000000001"], 0x0}, 0x90)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000080), 0x1d0)
bind$can_raw(r1, &(0x7f0000000000), 0x10)
dup3(r0, r1, 0x0)

5.135253077s ago: executing program 0 (id=5964):
syz_emit_ethernet(0xb4, 0x0, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$packet(0x11, 0x0, 0x300)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000380)={0x8}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, 0x0)
sendto$inet(r0, &(0x7f0000000540)="d597da77c43da15a8f328919383093eefb41b6245c319ad5867a95a25c34eb6ab07249be53b9f677b3932b832f4e3da8c21ad7fe427a215664361c83c3c2bc40fb056a41ac15e0698ac44a978b25a1125ca8dc4d59182c5c4849b5c0881776b3567c846a95e667fa6a419acf055da82cdbf877fedfc5baf1c63774523c81a384102c396e78a1f676098d73a3163db6970e5f4c54", 0x94, 0x80, &(0x7f00000000c0)={0x2, 0x4e23, @remote}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@getnexthop={0x20, 0x76, 0xb0d, 0x0, 0x0, {0x3, 0x2}, [@NHA_ID={0x8, 0x1, 0x2}]}, 0x20}}, 0x0)

5.08620632s ago: executing program 1 (id=5965):
recvmmsg(0xffffffffffffffff, &(0x7f0000000440), 0x0, 0x2000000022, &(0x7f0000000000)={0x77359400})
recvmmsg(0xffffffffffffffff, &(0x7f0000000080), 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = syz_open_dev$dri(0x0, 0x1, 0x0)
r2 = dup2(0xffffffffffffffff, r1)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f00000001c0)={0x14000000})
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000000), 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000340)=[@window, @timestamp, @sack_perm], 0x3)
write$binfmt_elf64(r3, &(0x7f0000000280)=ANY=[], 0x40)
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r3, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b90", 0x17b, 0x805, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000000880)=""/65, 0x41}], 0x1, 0x8, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r4 = syz_open_dev$vbi(&(0x7f00000001c0), 0x3, 0x2)
r5 = fcntl$dupfd(r4, 0x0, r4)
write$binfmt_script(r5, &(0x7f0000000100), 0xfffffd9d)

5.034244187s ago: executing program 3 (id=5966):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), r1)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$inet6(0xa, 0x2, 0x3)
setsockopt$inet6_int(r4, 0x29, 0x0, 0x0, 0x0)
setsockopt$inet6_buf(r4, 0x29, 0x3e, 0x0, 0x0)
creat(0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TLS_TX(r6, 0x6, 0x1, &(0x7f0000000000)=@ccm_128={{}, "c04d831721b66c43", "7e50992d53face4acb591d981848b3d9", "a7844c4e", "6c25c0284645e18b"}, 0x28)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xf, &(0x7f0000000080), 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
preadv(r7, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000400)='/proc/partitions\x00', 0x0, 0x0)
r9 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r9, r8, &(0x7f0000002080)=0x3a, 0x23b)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2], 0x34}}, 0x0)
r10 = syz_open_dev$swradio(&(0x7f0000000180), 0x1, 0x2)
openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x400400, 0x0)
ioctl$VIDIOC_QBUF(r10, 0xc058560f, &(0x7f0000001540)=@multiplanar_userptr={0x0, 0x3, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "75d386a8"}, 0x0, 0x2, {0x0}})
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000020000000000000000000000009500000000000000cbef9f1e5c74e6e6aeaa53ab998afd26d275dbce879823d05477fe5e84c75ff24bee0100ab43b60670436afa76f409b4bab8fddf376f84515f838232b18f867305115a5e351b457c682060144a5be9e8e211c5bd310c50e73815b12efb384984f122ae4dc1a8870472d445f576e492650519bc4d8b3a50f7ff5f5980bd95f110519cdfedfce4b4983dd7fe968ffa16987cbfd37d536f32912390c6b229fbe080de2a1f10da1cee6d19295fcf7508024e6ec67f"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r11}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x310, 0x0, 0x12, 0x60a, 0x138, 0x202, 0x240, 0x2e8, 0x2e8, 0x240, 0x2c0, 0x4, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @dev}, @mcast2, [], [], 'veth1_to_bond\x00', 'xfrm0\x00'}, 0x0, 0x108, 0x138, 0x0, {}, [@common=@unspec=@statistic={{0x38}}, @common=@inet=@socket2={{0x28}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@ipv6={@private2, @loopback, [], [], 'vxcan1\x00', 'batadv0\x00'}, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@empty}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x370)

4.434354453s ago: executing program 2 (id=5967):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_BEGIN_FF_ERASE(r0, 0x4004556b, &(0x7f0000000000))
syz_usbip_server_init(0x5)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r2=>0x0})
r3 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r3, &(0x7f0000005240), 0x4000095, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r3, 0x0, 0x30, 0x0, &(0x7f0000000180))
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r6, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000940)={0x128, r7, 0x101, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@NL80211_ATTR_IE={0x106, 0x2a, [@fast_bss_trans={0x37, 0x100, {0x0, 0x7, "f61627dca75d09bbd0d1a65a6b37889c", "138ce9c3eb8456aa7cf6efd0a20a9c2b77d3f74c6b06772f6f362fa16f13673a", "ea1f2d844af179417bc669be69300b0a10deba6996b25f7495408a0e80296433", [{0x0, 0x28, "d6000004f8a70aa844ef18d19210035bce7af32432ed01b5a561ab5056537da2acf6f23cca575cb0"}, {0x0, 0x5, '2VX<Q'}, {0x0, 0xf, "356a092af38c739b251e363aeff81d"}, {0x0, 0x20, "794ac34dbc7b1f7edabd8a20de823f036709460ebaa9e5dae6287161f3714d9d"}, {0x0, 0x21, "b0918dd158da738d06530e924e17e22d78a764e70329e4da9b40192bc6be50975a"}, {0x0, 0x23, "997538c72a635c34e5ef81ca54ac89b296ced20b972ccfd134912ea61d0709d001f19c"}, {}]}}]}]}, 0x128}}, 0x0)
r8 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r5, 0x4004af07, &(0x7f0000000240)=r8)
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af20, &(0x7f0000000040)={0x0, r8})
r9 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r9, 0xc018aa3f, &(0x7f0000000380))
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000280)={0x0, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x82, &(0x7f00000005c0)=""/130}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000000)=0x1)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000fc0)=ANY=[@ANYBLOB="50000000e00a511741e491b5c2eb267d6e4d081241adba", @ANYRES16=r4, @ANYBLOB="110600000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="2a00330010040000ffffffffffff0802110000015050505050500000000000000100dd06d06c6637ed44000008005700e90b0000"], 0x50}}, 0x0)
sendmsg$NL80211_CMD_JOIN_OCB(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x34, 0x0, 0x103, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xd}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}]}, 0x34}, 0x1, 0x0, 0x0, 0x24008040}, 0x0)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r1, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f00000027c0)=ANY=[@ANYBLOB="e0190000", @ANYRES16=r4, @ANYBLOB="214b275bede8e0cbab02a9af0700000040000000002cbda3d0", @ANYRES32=r2, @ANYBLOB="0c009900040000000f000000e4063300b00cf900ffffffffffff080211000001505050505050f306008003005800dde4161a85648706d28595cef04c3a14f940921b03441989c2eee18fbb5d3b644e08871187e0bb30dc7eca7ab2b2e7d2a95664dc38d2c9041e5345b3c56d6873ec76af5ba6b6e27bfab4457f64ae7b972fa5a2e7d8f4acb9fc367fd909ae5d3da35a75c7d15303f6c72a74452e133c13de0de065870b3556f46418440194061c0021fb982dbeedeb3cf38569e88a7d941d7fe176db5952e32533372a40f3d03ddcb3cc2b7164511f97523c2f9fd7f024c71b1ae1da86bdfac03e54784e67dba6111bc26fd045c8182c1264169af39d06d54bec55eebe513d892e2fd6392fe8020e17b5a64795dde745257510e321e15f783df305937d1632bb1139186b77b526eaa264e6be6b5237577ac7b000b2284001cd25726c3c7b1fefdb97b492e54959a58adaeb4db054ec71d4e1f3330d4518504abf7305ede3cfce9dc5f33bdf19bcad6e167d1df6e8919fc4be4dab9e3c0ad251f0b4852f4130dcf1ea57c0095b2046b9161f92630018c9c566fa59ca3c9b7dc76d5c7fb0d854f1f0b42124915af29f811faaca8410f4b3b7c67ffee78c5c112ae2674835105faf08df79dcb127d58d433d2e3f5f493b8d3fba41db05bd75cd8060f67c0989e20bdebd6fc0fa0c9fe459b55eee006c979f846b4971ac77dd4ceb1d64b56a4d3627df2800dc7b74ce7ed3bd45eb4d2145766a1406c28584250be6fb2c3fc5200c33a22d9ed6fa75f6a5dce781bef796e0adb68c6abffda2851935ce2cc75ff91fda94884342ddbeb13c7e6dad5f20527af4aa830c95efbc3fc67d365af3aed1b5ad50db42010375856d9313d7e47e8607535657056a05ec8f86a8d998cba9028807d667a7ff4920edd7553c8b01c7c5aae23691d5029cb261bc5b381c25eff95980c336be1944238e4e4d17b08d561e6ba26609f73bb0577bbaf273cea2633a677d34e871d4030c6dd19849c330c5a52f6d8ef573e0cd78741b32daf95c7fbb6649699e19a818eb9451b4fa73d1b356510dd0abd3d81a7f49e0c09345f4d1b0e38600508eaddd9589aa0a50f25ed2a00f69a595fafb5645592c102810815870b75de4449f3851517c4b4c4cd6185d3cd27a1ec39d168fd77f63a57b7f35ea58fc1e6811d01864f4ea7a9744f3715d3574882649174959079ffbd0aa378d4f28b42392861aada463875c30e6c339d446c69171bca27941698b0111290aa08fc01fbece0c2c55a7517544142ccf2323c939078890e70017465f4492b7abdd8d5e741bdb2ea8268c4d0a0c8c0997c4db4cb3d07bd6698fe202533bfb7f5cf4e45ede4522b3e81f6df8d7e85c5f4228f8b429d2257ca754fc2156c88bf40db78f872d97519427878f94ad96db1126442161a334dab525df58f1d165d2c7c2a30a72316206c6789c9ff4aa44a339a889766385e8ddeabec3d002d2e01bafa267b21aeb1acd6b873f9373998c5a64ddb5b19362a2b96cb8b148f955d62ee2f61aab92742a62826f45356e6312121eb955a26dcadf04d37450124e3001912a983d5e7565a2bee6c72cc5e5e61ecb7d03ba3dbae6180b3fb88a5eb39cf607d06c767465676c32981f1d510cbf08c0ea4d464c8a7dcbafb16edd20a10b7326eefeb8527c4985fc9ab154c4ccf2f2d7fd6b9607e280b1caebe7ec0a8364ff3adb4d712b27f6d17f4beffc75152b1f7a0664473bb6e4b027a078a516d270b40562cb2fcf1cd0d26fddcf525de2ca52bab799c518029aed468944eacccabccb0b7fc5e598614d1fd8b42ea60981f229e62d46717b299db71ef356926779e707740f06aa4bf6bce0f62b95694c9611e055d1d5400f5ffb9be3fc5ac64e92e9d920040a7c50ac0bbaa5010a65426c2689853303eb57664c45e2cc5005c8b358e4c2014055f2fb7878f26ffefb1d9e236064caa8a6040b5f9d142b2159d60df79f24edbb1721fe85515c9135d6ab00720e640c3ff092280582c26f9e80f6873e3daa434964b49c4ee413a65858b7e6ffe48324724078c660ce56a1ddc377297f27261fba9a689a5e6e4f6e483a6a27390e2114039de4984bc0b47bfe873f35bf09c6840609c21005cff2edea2afe40d8292c043757acb8d286e3f370e5158dbbf517160de1f4314213d3d64ef658d3548fe6cb78b51338b7afbab682e104014e1dca8c24b79edc86d78bec2e7bc3d829306dc42f7d71736434f34dec31d78a1e97e45802d861f323227390085d29a40f1e4165adb02b61319afdf2dbca1534e92c90a6354e5e2dc4e182c0fa4a6ced006d3964c53ed0e5373bc271d0db384ec5dd7094c1d176e7dca89ebae630729460379f4e7ac3b7f2090dd92e2b812f55047fb8d264bd8b87f107a50de4099a5cf700e5b62f94a0225864b9a789b978297dc183e8a51b85469682673636b342a783e164d9a1b373da17f9ad22e43071f7a68596796a0917316add0587bd8fff200c501338003300c0080400ffffffffffff080211000000505050505050850021008c18e406c67dfe7ca2bff5603ce0ff4fe010f86046abcefb2a450a000600ffffffffffff00008f123300e0300300080211000001080211000001505050505050ce00000000260c02020092996ab4effa867e5c26440506090d6ec13ced5d5e3756d8b1a70c9292565fd646ac19dcf4266787f405b99972b7dc3d442d5266943ef985d82704cf6b4ccf5922573ed604e57529a2708bd9a0095e2679404002f582a8544921f747e1abfff4d62a3c378c5714b24646b96127f12c6c984917c4da2fa2d0b604afd808d3533822aab70be3c088ce366b0f05196d956fec67ccbedf08f267f997938db82167f3ecd02bc15cb71f5dec3e8b6537b5620d82b554b5a56d83965a5cdc1147b5faf49c4a85005e0c5ce5a39726a606810460212f5fe5d0b0bc5e95f10ab188efa03055e7e08fcd743fcc16f1df28d4ff17651b5cb7185ae6f03e31cf3c38452f3db96e6676e4f0143c57daae3d5a96c3fc94a897de485504273b0f9472e1f3d8ba29596aec95421072c36db7c2b29e348c744990190edd457bfbdb51ad4355bdb8dae72df77de146174205aa58c4a9490ce35b4af611ea22748e82ee1e0069d732c713cc2841825b0d61f07a33daf51620e86cd526f2057f07393d313eaa67470b03cdd8e145f0e477dce242817c5d6ae30fded3e67a1871370aa6429aad3302aee8ddab7ce5cb1e2354de62ebdd674a49540f84a84ecb64a4cb5da72468f8877e66bec1ebe6a02087b87169796505c0b48850040bb4a3b0023f5746165b8b5abf37e0e23260a6a2a4218cf62bd112e50ba16e0cfbfc266366969de1fee24dfc6fea53ab46529ba584b12f1c043cb0894f104dce7a73b88f5974411981c28d272838087f4bcdaee5c6c5d0cdb1fdbf93774a5b1d522487fac7ed0d225161164ee606364bc0cdf18cea9b4bbfefb4d87ef307b6fc0021be8a67dd88684af9bb3a9bca1226d15f26cc2603040ea7f574dd85870dd7bb9d90d1df44c9da478f3bb96314b467248ca8f0c39dfd45af484bf252ec8c6328f5dec1fa1c36fe7c6cd7e4bf59c29a24f23647f31050c177ab03a24179ec24c6895826d337f8037f51dc74db480634f52dfaecba8e1d285dd14523e4c9a6f04a9b9f415bd169324417411ce711de94cc20bec5dd58072f0fab7f87b7538f38c968d80e6d19618a392c84e2ab08cbcff743ff13d6177188d5829527fce5f3e02171da95e7ee3f44f1d5e0577f31dac1f71f7b2396c65693450c7d13b173a01f5b34b83fe3b1e047f3129093e68b1f4b6688793c5703ce8b60fb468e86bb4e9e79f894ca5569af328c8f85084fac7dbeebe1fab991b962a8ab6b23070951f57ffca563e688287f83b3d0f14f2f32ca6294747877ffd7c2aa205ed24164bbd95eb03070043ab9afe86824d6cde170ecf63b5abcf18d225eb95a89cec75ff234b8b144daa31cf61976db31d94bd8144f138cf6f811160d74294229b9237fdf15de153b1ddf63967160aada2eb006f3a87ad6c4b410786578accdf14a44cbcfef8a10b1ecdde93236691aec12c9d10c6314e018343cb3387608aea2240c6111c78dbadee3209a8f89db013a8755dc8536f7ebd6148a982646855a4d613a16b612bdf458c51ec8b7524cbe161e631e53e2ac1b575b1ca5794fc246d6608c02d0deca92b8241fc10933ea909cabd0de97091c18edb02323c9aac8b44e1dad3188b5fc09b98fe08056892f59a82bb67f54ad12d2202d5dad7535a1d515e7403635681623626504629a23819ad43650346c71d55ed1eefa6c1841173261df1169ac8313c79b8089bdf3bd5819f4dc5d0a40ba4da74e3de914c2646e6b4f0e5fd2e5eb0ab11cc8d756dfe7bcb97de31c383447396bbe2be07c61db20a8f5cd809c9257d06fb586ae2daf64f518a5d6099e8d6a137c47f9e0ee39f3ad151d8e5443bd312a9d383e0873ab3cf5598b1600546746bdbab5ca9daeb8b7e6ac475d6b1e837580938a18705c02598a9c9c6a494bf54bdeddb31ea376cfe761f73e9ed6b7ad8bac15f366c935060388eecbb90c95ce9fd60d91cbfb373292086c25c4a8b6d1772a8ef3829811620e9b9e94a59ddf0b49ad1c84dd25a6d6eacf3cd7bbdc2a1f7308478a60100f8ebd29b465a8cdcb5580ce9f9c9ebd083025837ce163bd0c820aebcdf29b44641c4acea6b8692fbde76a6ff4c2551142209c68c33cfce5af00bfb6f30a34c5129345183f5d9f3e919d487f7f2994c7af188a071a8bbf47d81293f76adbc3669a2b4943457ec2aef18989932a2ca714d18c69be7ee76c35fbd2451c5856ea15d607afcfdfef69676892d1bd2095495415e8d57f1f13ae96df6a465cf8d7942e341f1861c1daf7645fc6fd4b45479b91d5d5ae267ce6e035183b7f5b90ca9107d5ad39014d09076fe31bc26cc4492f1a02ac0fb22b12d71a1e5c5c5ab5f1b1668ac00e9342f37aa12dedc86301a37d1bbf57e769e900cfbc53f1c83e05e2a3a5ddf922a8e65b3bda300ccc8e60a3a6068a5e50040015f2ab9daa201287c3bc5fc73b1bb62028b14155159f23d87e16bf0e0ee5ff1cc3659ab873e4742984a3d568cc4ff610eef37b3a5d1391d72068e23b48351a2d269dd673fab36be2e52ef662d29924dc51dcf3b34ae7f1c959d62f7edb437ca5258f2c5b759d512eabb565088fe482b35b447775b51fed6a9540ffd83b751b1fee4e3b4d549d82d9e86da034fda48ffd022fe7ca26a3b21a23b8118f0f40c0578e5b94f7b6976c01ccf6c8413acac7cc53ef7ec2834ffba389ab7f41c95b4f1fdc5e4a2c14455fa40252a3c53ea2683d42122b826419160f7f8f601e41a6badba05f9924a26e5cee1913da1d18e2840553491ab29ecfa6f124861974c55a19e68431f288bcb8e182c76cdc0d8ee73fcfb921877a3d812da452bef392594388dbe5d06812cd402d165b1627211caa8493c26044a5022000f906aa4aac529b8bcecccb1d9bad665a1c38317770f972ea80d5f3692bf4c9520881a33627875616053f0fe876be35b5e4659e3a4bc9a9e9340e554d13c6e4911383bdf785a4f7a7bfaf40f478356c13f79e5b53931d53b579be2ce0d995d41cac6eaf1cb8be04bf1abc4a07f95d1e0e8dde89523dd953863f1a3d4c1e804ac198a8e0c854aaf849ae3889ea51089fa7528e9f8286f0983a3e8843c7ddfdd165f4ee57678b9bbdc17becd8f295c8c011eea4aec38036a36895d305bf6021eeb3a489aae9afcb3f5e6ae689625631fa6071822b5cc6adc6a823eef4140e4a287c2bb2e16e891c401251a7d33fe4d697361e56b848b3a0ed867b5686fe55db3041d09476d57f09859384627fb4356e4026e39cab8843cefb81e609a6fc2a683cc7fdc33ebbd6c1fd72ff738191134b075015c4e16a71423e763fb78064fe15e10e34fb24ac4830c8c6ad99a90dc0f73a0d15b65925c3d49a0896b22b7b518bc743345f80969bc83881db1694a0db8c01b601da6411ee52e2e011f6affd52e04fe767630d082d8055f8acce4698c2bbd1786d4e0de857382daba4f3b0ffa071f60a3c938d78bdfc0cb8298dc4911b7a80ab4d628e8b652f2abac4abd3a319397adb35a6b63ed2c1f7fbf7f168fc76f78ef07f9a52eb2379930bb25a654be5a52d9eea1c016c2522fce6858239202953a9cc7f7d55a7ad2b857e5564d255a3feeca7b6adb7d68a5a5bc927dbf0aba1c3371e5be46f94ee618d8be7cd7d31530514314a69b61f4d9ee8e20618fc2eb8e24abe8e6a9f4c49bd00cd2c20fafbce9479aba3d4b773c3b5ca195c0f1f93313f42f8694a2246c9f3b45c880ede4f0fe1f73314c00005785f6068d461d0c629b8e6e37c65d7f1900eb2b956cf7fc094a5df0937a4118c994569e82020df26bc8796344d069e58d1d76a8a07011b595fa74ce5fc2a45928c4fe0ed5be5e728340c84eda898e6209611b18576556e9d26f0972c19fd7e474a6aef45770eb3cd00374808b9bff8f41726483615343e867dc0b927986063a6961cc242443b44b654854c802c8a9f885dbe5c3b6ec949161efab89ebbd6e5e0436bed016b2d57681e640fdb4b6470380d2ec2f19c2c9a50cc9077dca806cd1e602dc0f8717030d4634e6686b476c57dcd14460cd0fa2d0a79e05f757070d829688ad05274ff5fdfd166cb97025c1d6b14b13c466fe30e756f6281138ce020a1504f8638be07c314bd5008dbd0bf4844d374e146727b5dfa2f657fe3a7ba20adb28d80b22cd760930c9bf5f4ce190f83ced7bca89fa185de3b9e96ca2f71b2e789999e1824b00edc5099b5629c555009672758769f866039b3fb4fb84d292f82e9ce928d9c0bf5492927a698077e0f6d9a2d4b003c270c05ad501fb06cc7c726756d1ff4045bcd00414f382675a648bbdfc3c86735f43ae4274a8f8913ba025d85697686c8325a65919fa506004a624a106d25b1ac3ed070a29940458102a343fa0429b9e2042910475b80f777faf1f198f3387252d6bc157991ec50a2b6e2eb9fc9facc8e091b565d22addef3c6178554ee0825b7475503ddbe0d8145b932a8c5707a6321608eaf39a781dcf7fc740e03ddda6e063c391619d282534486df96e2bc56e75f6ea915dc79240e4d46076a6bb35aacd227d32f27854799c9858dd33899f118b8bf35b71d7e96ff1552b87cda3ef5262602ff1ebe48cdc9239d5ac968c78f2cd86f4d89f199dfcc1e251bbf909c88e95c1ccc8aef0931de3d190aa9b203156b211b4dc88d44856cb60a2099fee0f827f520b42ca78e343451ba39d50ac0b1234c1d1d6ff0ac383822fadb986e36eeeddc37cf805528ccbe047f91acb400b39dc0600bd1a7eaa2fa0479f7ba6a423a3eee208aa6d000821957daa1870e5b357dad968d119bc61118db423e40a9fc046995d8203a5016c168b5d8a65af041ef73530eaf7468ed9959e6b6f240d68761178fbcb05b40b08329e2c51bd53bc3d64cde36109c65805836c90904acaa29c827e28d7922f63cee957e266f70f43c05ceac3206a495f21d49f5e7f0a18474df61fbc634a4199e9223e035f408cb6176b42eea17bd6ec6239d886be12e3d4a0e02a7366a7cef717d86863ed3ce4c114eb4c1bdafd825e4fefff84c9cd9816eabb40da6fa8966230eb5dd68f1a9329cf81cd804fd05c65cf0d08aa2c4a0fc633750aaac56d16b40658661517dc46701c38af8d280f9a8fcc1d43d13ec2cd9ff00efc4cd65b922c69a0ec1cca06c288a363f9abc20ccf50927f7c0a095814bd7c26b72e87bb55b2a5025d3dd9fc3a92082cd9bef3eb1d9f61dc1b31823b7c816f39cb2237e520ea9321a5b89faec440041431bb8ccf8b6c0a8fa24d4b7b3c8743528239b4c8a2d51d1fbecacf4a375a5f55731fde3d645a31be25b96acc45efd61bc150236e363a2746303288fb611ffd801c189766e4b9a7b8a1f5544f7e6a6cf7df16701308ff01a67246701c3eb94316e70514c47f5137fcbcd8ea93e81a7be21dc94ecd75d6d7ec7858520d57272876474425d1707fd23240796e5cce728c31f1fd722bb4d9325136de56b2d688c8f0fc0f735486b4a0c83ab7d100d61efea20a7c45c6f02dadbffed47bd9f2fef6b210b1196f2fea7335019e1659e4c20b12c5f4fe8c85a2a3e78b2f975a041fcfa0e888f576c6194637220ae760efa980d5e046b7094daa6b4214045c5d8b77bb3b4fcbef4263cb0a337945244652e7f3f2f63a65f9cf839da00d5c55cc60ffef2e3bfb0ace8503f6aac3d2bec9e9f7a0e8a30513834ed060cd0ba02f19d064d71b4cbc5779fd0fdfc5a1af568663d721667bd72e5b61ecfc45e503a2a80babcf2aeb4020466b1e826e3712813acecb4bb14fbe9744283e4a9fef23dfe9e7a86756a54e23982ca7bb773ae7626a44a51d4822aa9e677b69a200359fc9eb02d5eddf109369590827131ae7f4e14a977768e37462a7325b9e9d193c27e4b5d1fb0a4acdd569d825400d9d34c8a203e0ddba478c8059afc160d5d10b90b8b983a443c89305d54af244bfac81a77997103784da4bbde61c2adc61ac4c49d73dd0fbe230630856519919b7af2352d719fd8b86b7881627817edd7bf650434bf6def65bedaeb847255a620319aa06b47a89dd26964cb3a650812a1653d89ddef96be2247a97a6e03122a0ac8bfe9deb9bab3faea23d849178548031757e414e2ad677fb63220896a9c77c7cae83207eef3f4efe41549018c31b782e3139066cc8951e10bec11dfc0bae59ec705959e025c9bdc438b6d8ac59c253edebb9b3d2c38a32252960ca117321232243f599df38456fddccf590a6724809cd956158112ff3da9e4fe899271693939b49e226bbdcc04ddd18040ca2dfaefd3c85f586c5f92b1943f18ba261da2fa393164a69ed773c1fd645c615219a2424a5f68ad86a401fd93880e9cf126cc0dba49c641d4abd4cdfadecacb8df568f36c9b6839f2cca08e43d97689175576be2028d94769d20b8da1911e29d44ccd7fe499e493150c88a598e1f1f422a7c79c761485ecffece92ecc814c15ea03deb8df2b0905aeb6713667aee6e2cd705436ec3aacaa2979102ca6ae1ad8802663d551c79fae8fcefdf1e7d2a3c5f6e9dd71222e213e7d056c035f6c3b3e4913adc0f26f8108863b08aa0c900e51e42996992199f8b104a46aabb98a0f08f1573602d690747a841dad4148ac90d15d70180ca7804b7f292dfeb3f8bde0e8fed4f54ee238a6dc200937537a482662794cf776a74676d57f10aae486176ac1a19ed33c1a3d8a60454f05d19fee6d9200"], 0x19e0}, 0x1, 0x0, 0x0, 0x1}, 0x20000054)

3.962226103s ago: executing program 4 (id=5968):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000800000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='mem_disconnect\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f00000020c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404005400ff0f1704000001130a00b7050000010000006a0af2fe0000000085000000a3000000b70000000000000095000000000000003f0c54cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac627c87881c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752688300000000dbc2777df150b7cdd77b85b941092314fd085f1b1b2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c830fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804d4a69bf9bc5fa77ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28179f09943b1b0452d1b72183aacf4a84f9130b701b81675dd4e9e3070756f97ad791fa99dac06c37479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fd80f553876acb45821d0c48fb657c29b309c73f0977e7cde65a89d9458aac2795b2b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d2665016ac59dd20fde0745db06753a7ac7fe13cab6692422a47e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2084bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a3894696082417304fff0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bdb539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572ac45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af00200f900cd1d0000002000000001c800000000000000000048cea769470424d28804c024ab81921f01280b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee78ebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408816eae08cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb7819441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005391577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cdfba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e710d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd129db069364c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d4ac534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f0300000000000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4100000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321e10b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247fde46ad265983eb1b1c6adb1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f617396c18cc7130000fc000000210000006e00002000000000000027c9a46157a3ffff6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4472b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd000000000072f6df342f3e7071e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2b3a113e47edf76f7d116d2b0976cf2ec447c0309316d1dd315003b7a6a543340715f99e99ec4b227eda2e63a1c31a2c2bd48a80500e92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949c68b7a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273061fc5c0e0a33db7f2d43ea8086cf059f40fa2645944cd9e7f2e6ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec50f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858e13e8f0ba9d1dec469dc71e998d99ebf7cfda638d7ce859acfec3f14ec2aa98b53cd68a0d99d62a5620b7c0f61dc386c449664a94bca09859a35760b7b818087347697c239990daec8384a12d973d5470efe5dae887be689c6b1551f4c5a649d9dc563d7049c91453facecbee789a1d5a4896b2b7bec3ec5e60c4916e5561888502a12f4985f9c7dab41cbf31c26cd12d5116de95b521a57408adbbac278be82fef3f9d8a51385b376b57810be83e7b27460729a626250ccd8d82eba588f86195e15119eca569bebba8514e5bfcbe51f1a628793b4ed4424c95a731628fa38e167b79affcd50b561d3a9cb4bea872d9e5a06a4201fd09eecfe283854837a65ecf8cd6cdaad4bf223db323de9d4854d66d324a0d125e3ebe2ed3c78e47392962860de6bb86759406e74335443407d9ee7d4a4430b60b6ef369604e127391dcd8b6fe95d882b0c1aa8d4b18e8db32a0eeaaabc7f7b5c49bd88cfe860f69f5510179d867970f975169591908282cd4367f82e62e3fa37876f30934c23dc2d02a0c25839f008ec099503c8d1b3169aa9c5a7db7f0116d203ac6503596c3a5b063c28f84c9eb42"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x8, &(0x7f0000005c00)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff91, 0x10, &(0x7f0000000000)={0x0, 0xf}, 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000200)='mem_disconnect\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000300)={'gre0\x00', &(0x7f00000003c0)={'sit0\x00', <r3=>0x0, 0x8, 0x8000, 0x5, 0x9, {{0x25, 0x4, 0x3, 0x9, 0x94, 0x64, 0x0, 0x92, 0x2f, 0x0, @local, @multicast2, {[@timestamp_prespec={0x44, 0xc, 0xc3, 0x3, 0x4, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8b}]}, @generic={0x89, 0x4, "59a8"}, @timestamp={0x44, 0x20, 0x84, 0x0, 0x1, [0x9, 0x8, 0xd48, 0x6, 0x800, 0x0, 0x7]}, @ssrr={0x89, 0x27, 0xd, [@local, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, @loopback, @broadcast, @multicast1, @local, @rand_addr=0x64010101, @broadcast]}, @timestamp={0x44, 0x28, 0x5c, 0x0, 0x9, [0x0, 0x6, 0x4, 0x10001, 0x6, 0x38e1, 0xbde, 0x4, 0x5]}]}}}}})
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000480)={{{@in=@local, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@private0}, 0x0, @in=@broadcast}}, &(0x7f0000000340)=0xe8)
sendmsg$nl_xfrm(r2, &(0x7f00000005c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000580)={&(0x7f0000000880)=ANY=[@ANYBLOB="ac0100001600200026bd7000fddbdf25fe800000000000000000000000000000000000000000000000004e2400074e2386080a000020880000000000000000003b4cce0e070d9c0398f3c745df31c7c9efd58a4a9dcb953782144cb33d795ccc0cfa0430f4172408840c364cad6a368cbceac5a307cd288e146e48c7f72655a26b1b", @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="ff020000000000000000000000000001000004d62b00000020010000000000000000000000000000f10000000000000005000000000000000600000000000000f7ffffffffffffffa800000000000000030000000000000002000000000000000b00000000000000000000000000000000010000000000000002000000000000510000000000000008000000a70400000700000027bd70000635000002000402400000000000000007000000090000000800180007000000ac0007000a010102000000000000000000000000640101020000000000000000000000004e2000004e2293fd0200a02089000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff0700000000000000000000000000800100000000000000ff7f000000000000080000000000000002000000000000000300000000000000fbffffffffffffff08000000000000000001000000000000f8ffffffffffffff008000000000000005000000be6b6e000100010200000000"], 0x1ac}}, 0x40000)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='sessionid\x00')
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r5}})
r7 = syz_io_uring_setup(0x18b0, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000340)=<r8=>0x0)
syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040)=<r9=>0x0, &(0x7f0000000240))
syz_io_uring_submit(r9, r8, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r7, 0x184c, 0x0, 0x0, 0x0, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
memfd_create(&(0x7f0000000200)='-Bu\r\x00\x00j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xff\x00\x00\x00\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xac \xe8\xb6\xdf\x16J\xab\xecC\xe2{\xfd\x8a\xb4\x8e\x9c\xfb\xf6\xe9\xd8]B6)\x9f\x9cR\xae\x12G\xd8\xa4y\xef\x02?\xf2\xe7}\ra\x97\xf1H?\x80BK\xe0\xee\xfeT\xd8\xf0z\xaf\xedF', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r10 = getpid()
sched_setscheduler(r10, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
connect$unix(r11, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r12, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r11, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x12, &(0x7f0000000000)={0x0, &(0x7f0000000200)})

3.931679553s ago: executing program 1 (id=5969):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r0, @ANYBLOB, @ANYRES32=r2], 0x7c}}, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
r3 = syz_io_uring_setup(0x4a8, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f00000001c0))
io_uring_enter(r3, 0x2dec, 0x0, 0x0, 0x0, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000180)={0x1f, 0xffffffffffffffff}, 0x6)
r5 = syz_io_uring_setup(0x4072, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
rename(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='./file0\x00')
setsockopt$bt_hci_HCI_DATA_DIR(r4, 0x0, 0x1, &(0x7f0000000040)=0x7, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r5, 0x567, 0x0, 0x0, 0x0, 0x0)

3.532198305s ago: executing program 3 (id=5970):
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000001080)={0x0, 0x0, 0x0, {0x0, 0x1}, {0x55, 0x2}, @cond})
syz_usb_connect$cdc_ecm(0x6, 0xc3, &(0x7f0000000100)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xb1, 0x1, 0x1, 0x5, 0x40, 0x9, [{{0x9, 0x4, 0x0, 0x4, 0x2, 0x2, 0x6, 0x0, 0x0, {{0x8, 0x24, 0x6, 0x0, 0x0, "d539f9"}, {0x5, 0x24, 0x0, 0x75}, {0xd, 0x24, 0xf, 0x1, 0x1, 0x20, 0x2, 0x1}, [@obex={0x5, 0x24, 0x15, 0x324}, @mdlm_detail={0x64, 0x24, 0x13, 0xe5, "1ae77e0e41af5b7a7f7a7f71539be4e2d56116cc3ddb2fd2e9c6a9adc34a80ec86335dd01193a298efe4f7472ff1d71ce58e3112d9a3f0790e88c88789337d9cc0008bbf23d15491ffbde40bfcdc594ca926dc7cc6eb3030035e6a73527d4fda"}, @country_functional={0xa, 0x24, 0x7, 0x5, 0x80, [0xdc0e, 0x3]}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x10, 0x4, 0x4, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x3f, 0x20, 0x3f}}}}}]}}]}}, &(0x7f0000000580)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x201, 0x80, 0x2, 0x7, 0x8, 0x8}, 0x5, &(0x7f0000000080)={0x5, 0xf, 0x5}, 0x6, [{0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0xf8ff}}, {0xea, &(0x7f0000000240)=@string={0xea, 0x3, "3696bd100fd3673594b08412d4b6c0ffd45932d06170fdba4506b107a7e3ffd037ce4d02e3d3061d0cdeef681ab39de6c4652729951f47707d16abb6dd2d43037c4cbaef1a8d9ede4d90a9a43f05ce5a961ed0faae3f0ccb363f0a28eb0789b773218a08fd6643b9296a3044c5ebc0422a9227dfb53908fae4d958a1232f7fc943939f0aa1bb004d730611615797bbfa7a6105238b0ab24e101db228375f2d8d292d2016036c1a5dc9a734a8f8c2b7540d8066328fc4de008f9fdc35c36d2adaba5f1cf2eb87aa4e6d23117d7f5a768bc5f644929bd6d3f3f8a4fad90729dc1ab52e18f0062900a6"}}, {0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x860}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x140a}}, {0x84, &(0x7f00000003c0)=@string={0x84, 0x3, "1d0924e8a6e693ad3c8ea0878523143302b052405eb0fe78b9ea3cf15a9ac2dc3bf189516c21f57bc251088609b328a039da448d9de0060fef044d1a70545a13c7f7667e818b4c1dfdd8db261f8317925419250698b358c321373e08b532f84792592fa6a62368156c58c95692a62034549cbe820a0755ac4ea1e3ae6396765cd2c0"}}, {0xed, &(0x7f0000000480)=@string={0xed, 0x3, "086fe66a555a76c96c486bce33b9143ee32b11ad4c50177acded8582b5f37c9dd0dc78d16066398437d6c75feb82e019145d8af127970fb24cad9f7cd7ea9ad4399cb1780b33b4570e176764bef6eac79abbeadc16bcdc3c4e2a081c7a5cb3c235ecd3c159860604f6560e6e2c8578b612e074ac46d5164b9db776191397ecb0026e2d34bb4b9ee29f76ed7b742ceabc9acde6243c7b8337026fe47033c80a459f386c537d5e8a68c18277916f3cc61b838d48e922a86f602970a31dcfaad1b3cb307c71b685934eb701913b9c71fae048b7c98a51008826763807c69507c3e9ee803146126feac7a8cca5"}}]})
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)
syz_usb_connect(0x3, 0x7c6, &(0x7f0000000600)={{0x12, 0x1, 0x300, 0x9, 0xbe, 0x8e, 0x40, 0x19d2, 0xfff9, 0x216a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7b4, 0x4, 0x7, 0x3, 0x80, 0xf8, [{{0x9, 0x4, 0xf3, 0x6, 0x8, 0xff, 0xff, 0xff, 0xdd, [@uac_control={{0xa, 0x24, 0x1, 0x8}, [@input_terminal={0xc, 0x24, 0x2, 0x5, 0x0, 0x6, 0x20, 0x1, 0x80, 0x20}, @input_terminal={0xc, 0x24, 0x2, 0x1, 0x200, 0x3, 0x9, 0x3, 0x1, 0x6c}]}], [{{0x9, 0x5, 0xf, 0x4, 0x400, 0x4, 0x6, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x7, 0x8}]}}, {{0x9, 0x5, 0x4, 0x18, 0x3ff, 0x4, 0x4, 0xdc}}, {{0x9, 0x5, 0xb209a0259b6f559b, 0x3, 0x8, 0x0, 0x6f, 0x40, [@uac_iso={0x7, 0x25, 0x1, 0x182, 0x88, 0x9}, @uac_iso={0x7, 0x25, 0x1, 0x81, 0xff, 0x9}]}}, {{0x9, 0x5, 0x4, 0x3, 0x20, 0x7e, 0xff, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x0, 0x9}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x81, 0x5c10}]}}, {{0x9, 0x5, 0xd, 0xc, 0x400, 0x5, 0x0, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x3, 0xff}]}}, {{0x9, 0x5, 0xc, 0x10, 0x3ff, 0x1, 0x15, 0x1, [@generic={0x45, 0x5, "daa859cbc2886fb9bc629b5e593c9aa6cc3f9f7403fb94cd93ac172b0e97be10308ca5750f2c3a812b14f3497a2cc5336123e1ae02fc726b334da65dc91ffa94b33553"}]}}, {{0x9, 0x5, 0x6, 0x10, 0x10, 0xc3, 0x2, 0xc4, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x8, 0x7}, @uac_iso={0x7, 0x25, 0x1, 0x83, 0x1, 0x401}]}}, {{0x9, 0x5, 0x9, 0x0, 0x8, 0x6, 0x3f, 0x80, [@generic={0x2b, 0x31, "a14291c7e1c31ddef776534eec9c6fe00200adc665f67c8a606231fd7ff7b5ce863a0586114994c01d"}, @uac_iso={0x7, 0x25, 0x1, 0x42, 0x4, 0x4}]}}]}}, {{0x9, 0x4, 0xa1, 0x2, 0xd, 0xff, 0x4, 0x65, 0x1, [@generic={0x45, 0x1, "0862bf924b7bfb1dd5d9c16c7f810905e9e4170a0b2538ad705a5734d5a67b9684082b1873626865ffc8894016568bd2ae21afa4fae71189dd6d7d2b510e94bbaeb32d"}], [{{0x9, 0x5, 0x6, 0x4, 0x40, 0x3, 0x3}}, {{0x9, 0x5, 0x3, 0x6, 0x10, 0x1, 0xff, 0x77, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x8, 0xb0}]}}, {{0x9, 0x5, 0x6, 0x0, 0x189d7f82c56567f9, 0x1, 0xa6, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x3, 0x3f}]}}, {{0x9, 0x5, 0x2, 0x0, 0x10, 0x0, 0x7, 0x1f, [@generic={0xb6, 0xb, "eb1614723fb82dd03c3277bf6f3460f9c429a6533fd654c173458c38d696f40dc8a4f29b426bbca318702efa5f2fcdf875b3f99e4fd061eb0a632e9faea16c5c8034e1d5eebbd72e64a486e11a883cda2cff1c14f33a2bc6ef753703a8e190cdaa93e89a45db8c2f3fd273df87d11fc5561d3611d17212dd7446737eed0a6ceadfa715a6b8564bc4f987d4b1b7dcb3525fc78fb8dfe15fbc6de9c5dda75093d6729e3957df9e84b0254de19ca298fa0afa2e6adb"}]}}, {{0x9, 0x5, 0x80, 0x10, 0x8, 0x47, 0x4, 0x6, [@generic={0xc6, 0x7, "d390817a22ac5b59f070f28a99c893ec80444ffda205b5c72688111a7c223d1aa75097d95c6a07a3294fb9572d4ecec7e6337df119bfe4bcc2b1b856030799f0ed1a2aed13be20fc68a42ba701053b4b3efda5ee69d415ecc2972a2ca1c97d0637d88e741c202d416e1e1bfa5f2bf5f417f7fc0506254a30401d4c8e67b28745a09407cc580be19dd30d16f2fa908e612915cc40656773dc48a6b0be7306470bb048d75dc39fdc2aea8fcba76c28a7e784f0ddf8871923e04c470c156e4296621a855a82"}]}}, {{0x9, 0x5, 0xc, 0x3, 0x40, 0x4, 0x81, 0xf9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x1, 0x2}]}}, {{0x9, 0x5, 0xd, 0x0, 0x20, 0x8, 0x89, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xff, 0x2ad5}, @generic={0x68, 0x22, "843c42f66e6542761201fd1bb4edb6d764bd17a938a76dc3878928c70d8e56464f13498b4db62da969b25d78235f167906e69cf31b5f11f576469bdb1719f98c4427548dee2c65f3756d1a347e3546558f8b469482c37817537701b904a6c6796155c94f5101"}]}}, {{0x9, 0x5, 0x3, 0x18, 0x200, 0xaf, 0x5, 0x81}}, {{0x9, 0x5, 0xe, 0x10, 0x400, 0x9, 0x20, 0x81, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x0, 0x7ff}, @uac_iso={0x7, 0x25, 0x1, 0x2, 0x8, 0x1}]}}, {{0x9, 0x5, 0x2, 0x3, 0x400, 0x0, 0xfc, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x3b, 0x5}, @generic={0x32, 0x3, "2fabe646eb960ec3f2631b03a0c001f1891fe1d48577c110c87e8e893c7dc8a7af3697c28ec56d941e0b38ee3da93684"}]}}, {{0x9, 0x5, 0xe, 0x3, 0x3ff, 0x0, 0x8, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x4, 0xf49e}]}}, {{0x9, 0x5, 0xd, 0x10, 0xf4c779de65aed62e, 0xfc, 0x1, 0x7, [@generic={0xba, 0x0, "d3ab68e2bca736e2370a546058bad10671f9de8d466dc22ba948b896b2e423b6c161bd84ae588c118f0f6ebf7fecac15bbc34980d536b34d11f2436bb4c8feea1a398c72d56cb966f64739456002abda3a5a514a5a81e451888670a62c9241d7c6ff86f2013a6469c3b7d1310b375e1e3157bef5e42b26a71a8842d20c8ecd95fb8d638c618288c9b97879c2ec3f66a47845add6863225f60341679560a13be4fde7213c0204e6432b7b633a0e29e5724d3f00a4e5188e26"}]}}, {{0x9, 0x5, 0x1, 0x0, 0x200, 0x9, 0xd0, 0x17}}]}}, {{0x9, 0x4, 0xb7, 0x5, 0x5, 0x5e, 0xa3, 0x33, 0x7f, [@cdc_ncm={{0x6, 0x24, 0x6, 0x0, 0x1, "e3"}, {0x5, 0x24, 0x0, 0x9000}, {0xd, 0x24, 0xf, 0x1, 0x6, 0x7, 0xfffa, 0x71}, {0x6, 0x24, 0x1a, 0x4}, [@call_mgmt={0x5, 0x24, 0x1, 0x2, 0x8}, @mbim_extended={0x8, 0x24, 0x1c, 0x454, 0x2, 0xffc0}, @call_mgmt={0x5, 0x24, 0x1, 0x0, 0x1}, @acm={0x4, 0x24, 0x2, 0x1}]}], [{{0x9, 0x5, 0x6, 0x0, 0x40, 0x3, 0x1f, 0x17}}, {{0x9, 0x5, 0x4, 0x0, 0x10, 0x9, 0x2, 0x1f, [@generic={0xae, 0x23, "3a172ff7a53b399f43dbeaf64e567788d353cace6e2254d7f6eb202e5581a7c43e5142439289201aebf2eaebc31dc61f19c13171f4b100285a33f2ee1a7ad7d121f9e30be1f3dcba975f14b062460803334400c18e6ce32cfe6e2b73bdd165b0373162172088f0ac8a5918836aa61129575bd7bfe1710f62b25041ae548583e2466677b645e074b81471e63386445c9adde499b7f1a6800294bab03c7d76279756700afa0a04ade3d2bc7201"}]}}, {{0x9, 0x5, 0x9, 0x0, 0x400, 0x4, 0x2, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x20, 0x40}, @generic={0x10, 0xb, "bc37db99de78bdafc5efbd59f7b7"}]}}, {{0x9, 0x5, 0xb, 0x3, 0x400, 0x2, 0x9, 0x5}}, {{0x9, 0x5, 0x9, 0x3, 0x40, 0x3, 0x1f, 0xf8, [@generic={0x12, 0x23, "4a111b438213aa4b3f694bf936830db7"}]}}]}}, {{0x9, 0x4, 0x4, 0x7, 0x5, 0xfb, 0xa5, 0x3, 0x9c, [], [{{0x9, 0x5, 0x5, 0x8, 0x10, 0x27, 0x1, 0x7}}, {{0x9, 0x5, 0xa, 0x10, 0x8, 0x3, 0x7, 0x3f, [@generic={0x61, 0x22, "02b9fd2f907af609276548a4c782dacbc9ada801e7622e595ff1bfe8d10898d4565899d40750b26572bd7bbda50fb3c229c360bea55792f779748dc66ab9403ee8a96c67ea62249f8fc8cb2833ad1b340ec52f253ffa7a385586d2e0e85bb2"}, @generic={0x91, 0x3, "ba7e2ce8d907405084a268d7bdfbf9a3e4f552e36e98f0e20026aa2756cef82fed67a9ab02a24cb8f7600717b39eaff1c05c8f84888a64b8735777f8896d4ec6b08b6bcb81e4de16921e04fdacd01a043690f088ad7ee7f33844ffd2bd48b1d43a9960cd8f1ed3c1def627df5d9b72b1de41ce316050d37b222b72466f370dca41ee9029fb4f5ed6958879cf1462bd"}]}}, {{0x9, 0x5, 0xd, 0x0, 0x200, 0x4, 0x5, 0x80, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x7, 0x8}]}}, {{0x9, 0x5, 0x5, 0x0, 0x8, 0x1, 0x6e, 0x20, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xfc, 0x3}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x81, 0x7}]}}, {{0x9, 0x5, 0xf, 0xc, 0x200, 0xdb, 0x40, 0x40, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x4, 0x5d}, @generic={0x3a, 0x2, "f5d40215eb2863f43edbf6d3f0366c89aba35c71e27d4503397c5792b9fe69b3b83a02f5aa1b9398a2e517fe71f89f598f51b8849d47d129"}]}}]}}]}}]}}, &(0x7f0000000fc0)={0xa, &(0x7f0000000e00)={0xa, 0x6, 0x310, 0x0, 0x40, 0x8, 0x10, 0xea}, 0x6d, &(0x7f0000000e40)=ANY=[@ANYBLOB="050f6d00044210040b4f79f9e6d1db7b712139a2e294747297931990f69723e247e3deeb53b6acad3c4da15aac60479e07470b93dd1054ccc065bf0b100108790009030500170710020001060014100481a6f699951eb466d9649dc4cd310353d1"], 0x4, [{0x4, &(0x7f0000000ec0)=@lang_id={0x4, 0x3, 0x405}}, {0x4, &(0x7f0000000f00)=@lang_id={0x4, 0x3, 0x1c09}}, {0x13, &(0x7f0000000f40)=@string={0x13, 0x3, "c4e00f061175613c2588c8a535865f1a87"}}, {0x4, &(0x7f0000000f80)=@lang_id={0x4, 0x3, 0x2009}}]})
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100006a0ff5206d0423083a4b0102030109021200010000000009040000000e"], 0x0)

2.863592616s ago: executing program 1 (id=5971):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x2c02)
syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x2c02)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f0000000040))
sendmsg$inet(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x7fff0000}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
socket$inet6(0xa, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xf800)
syz_genetlink_get_family_id$gtp(&(0x7f0000000100), 0xffffffffffffffff)
r5 = add_key(&(0x7f0000000000)='rxrpc\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$read(0xb, r5, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000340)={{{@in=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@dev, 0x0, 0x33}, 0x0, @in6=@dev, 0x0, 0x0, 0x0, 0xfd, 0x7}}, 0xe8)
sendmmsg(r6, &(0x7f0000000480), 0x21, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
dup(r9)

1.848725504s ago: executing program 2 (id=5972):
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)={0x73, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7f, 0x7, 0x45, 0x0, 0x9, 0x7, 0x0, 0x5, 0x4, 0xba, 0x0, 0x0, 0x1})
socket$caif_stream(0x25, 0x1, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
write$FUSE_INIT(r0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fcntl$dupfd(r2, 0x0, 0xffffffffffffffff)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, 0x0, 0x0)
openat$cgroup_ro(r0, 0x0, 0x275a, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x2c, 0x2c, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x4, 0xffffffff}, @const={0x0, 0x0, 0x0, 0x2}, @var={0x2, 0x0, 0x0, 0xe, 0x3}]}, {0x0, [0x0, 0x61]}}, 0x0, 0x48}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0xf, &(0x7f00000001c0)=@ringbuf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r5, 0x8, 0x0, 0x0, 0x3, &(0x7f0000000380), 0x10}, 0x90)
r6 = memfd_create(&(0x7f0000000ac0)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d  \x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5l\x94\v\xb6\a\x17\\\xfb\x04!\xe4\xc4\xb1\xa2\x1c\a\x00;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\xb7/\xa5\xa7\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84,\xd3\x06\xaeO \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x00\x04\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2Cw\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93', 0xe)
socket$nl_route(0x10, 0x3, 0x0)
r7 = syz_usb_connect(0x1, 0x36, &(0x7f0000000680)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a86200000904000002ca744d070905"], &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000380))
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r7)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xf, 0x80010, r4, 0x0)
fallocate(r6, 0x0, 0x0, 0x400)

1.513308034s ago: executing program 1 (id=5973):
r0 = semget$private(0x0, 0x4, 0x0)
semop(r0, &(0x7f0000000040)=[{}, {0x0, 0xfffe}], 0x2)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000000))

1.232035939s ago: executing program 4 (id=5974):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000780)=@newlink={0x48, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_HSR_MULTICAST_SPEC={0x5}, @IFLA_HSR_SLAVE2={0x8, 0x2, r1}, @IFLA_HSR_SLAVE1={0x8, 0x1, r3}]}}}]}, 0x48}}, 0x0)

1.174692507s ago: executing program 0 (id=5975):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b03d25a806f8c6394f92024fc60030f030047000000053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

918.905218ms ago: executing program 0 (id=5976):
r0 = socket(0x1e, 0x4, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
sendmmsg$unix(r0, &(0x7f0000004400), 0x400000000000203, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
connect$tipc(r0, &(0x7f0000000080)=@nameseq={0x2, 0x7}, 0x10)

831.795286ms ago: executing program 4 (id=5977):
openat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0\x00', 0x103a42, 0x0)
mount$afs(&(0x7f0000000540)=ANY=[@ANYBLOB='\\'], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)

486.809766ms ago: executing program 4 (id=5978):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="180000006800010000000000001a00000a00000010"], 0x18}}, 0x0)

476.836632ms ago: executing program 0 (id=5979):
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_MPU={0x8}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x1}]}}]}, 0x44}}, 0x0)

335.364397ms ago: executing program 1 (id=5980):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='coredump_filter\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x0, 0x70bd27, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_LINKMODE={0x5}]}, 0x30}}, 0x0)
writev(r0, &(0x7f0000000100)=[{&(0x7f00000004c0)='4', 0x1}], 0x9)

239.795801ms ago: executing program 3 (id=5981):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x3, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_emit_ethernet(0x3e, &(0x7f0000000b00)={@link_local, @random="50a245d5cde0", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x6c, 0x0, @empty, @broadcast}, @parameter_prob={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @multicast1}}}}}}, 0x0)

225.355637ms ago: executing program 4 (id=5982):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
timer_create(0x0, &(0x7f0000000140)={0x0, 0x21}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
readv(r0, &(0x7f00000000c0)=[{&(0x7f00000001c0)=""/172, 0xac}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

0s ago: executing program 0 (id=5983):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {}, [@NFULA_CFG_FLAGS={0x6}]}, 0x1c}}, 0x0)

kernel console output (not intermixed with test programs):

 mac addresses unique to avoid problems!
[ 2629.596202][T26984] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2629.611725][T14333] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2629.619000][T14333] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2629.727171][T26984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2629.765918][T26984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2629.784531][T26984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2629.823954][T26984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2629.857948][T26984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2629.885582][T26984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2629.911363][T26984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2629.941263][T26984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2630.004036][T26984] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2630.106938][T26984] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2630.136983][T26984] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2630.148084][T26984] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2630.160177][T26984] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2631.964648][T24218] usb 14-1: device descriptor read/8, error -110
[ 2632.355096][T26978] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2632.493682][   T30] audit: type=1400 audit(1720302851.454:690): avc:  denied  { accept } for  pid=27238 comm="syz.2.5572" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 2632.763878][T24218] usb usb14-port1: attempt power cycle
[ 2633.657433][   T30] audit: type=1800 audit(1720302852.544:691): pid=27250 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.5575" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 2633.702381][T23092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2633.710617][T23092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2633.987693][T17854] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2634.041426][T17854] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2634.177683][T24218] usb usb14-port1: unable to enumerate USB device
[ 2634.242621][T27261] 9pnet_fd: Insufficient options for proto=fd
[ 2634.596382][T26978] veth0_vlan: entered promiscuous mode
[ 2634.646170][T26978] veth1_vlan: entered promiscuous mode
[ 2634.747996][T26977] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2635.025320][T27267] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2635.109612][T26977] veth0_vlan: entered promiscuous mode
[ 2635.141201][T26978] veth0_macvtap: entered promiscuous mode
[ 2635.193395][T26978] veth1_macvtap: entered promiscuous mode
[ 2635.249237][T26977] veth1_vlan: entered promiscuous mode
[ 2635.329734][T26978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2635.345084][T26978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2635.369788][T26978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2635.404587][T26978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2635.429750][T26978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2635.450249][T26978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2635.488141][T26978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2635.505060][T26978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2635.534719][T26978] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2635.555467][T26978] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2635.627276][T26978] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2637.347862][T26982] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2637.367740][T26982] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2637.433412][T18604] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2637.463772][T18604] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2637.474997][T18604] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2637.485199][T18604] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2637.495070][T26980] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2637.503328][T26980] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 2637.511039][T26980] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2637.566421][T26980] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2637.575684][T26980] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 2637.584597][T26980] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2639.713466][T26982] Bluetooth: hci0: command tx timeout
[ 2639.726706][T26982] Bluetooth: hci1: command tx timeout
[ 2641.892153][T26980] Bluetooth: hci1: command tx timeout
[ 2641.897789][T26980] Bluetooth: hci0: command tx timeout
[ 2642.276066][T27290] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[ 2642.282665][T27290] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 2642.318237][T27290] vhci_hcd vhci_hcd.0: Device attached
[ 2642.483225][T27297] FAULT_INJECTION: forcing a failure.
[ 2642.483225][T27297] name failslab, interval 1, probability 0, space 0, times 0
[ 2642.511843][T27297] CPU: 0 PID: 27297 Comm: syz.3.5583 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[ 2642.522194][T27297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2642.532306][T27297] Call Trace:
[ 2642.535629][T27297]  <TASK>
[ 2642.538610][T27297]  dump_stack_lvl+0x16c/0x1f0
[ 2642.543363][T27297]  should_fail_ex+0x497/0x5b0
[ 2642.548110][T27297]  should_failslab+0x9/0x20
[ 2642.552697][T27297]  __kmalloc_node_noprof+0xd5/0x440
[ 2642.557966][T27297]  ? kvmalloc_node_noprof+0x9d/0x1a0
[ 2642.563328][T27297]  kvmalloc_node_noprof+0x9d/0x1a0
[ 2642.568536][T27297]  file_tty_write.constprop.0+0x6ef/0x9b0
[ 2642.574334][T27297]  vfs_write+0x6b6/0x1140
[ 2642.578742][T27297]  ? __pfx_tty_write+0x10/0x10
[ 2642.583578][T27297]  ? __pfx_vfs_write+0x10/0x10
[ 2642.588429][T27297]  ? __fget_files+0x256/0x400
[ 2642.593187][T27297]  ? __fget_light+0x173/0x210
[ 2642.597944][T27297]  ksys_write+0x12f/0x260
[ 2642.602360][T27297]  ? __pfx_ksys_write+0x10/0x10
[ 2642.607291][T27297]  do_syscall_64+0xcd/0x250
[ 2642.611872][T27297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2642.617848][T27297] RIP: 0033:0x7fd066375bd9
[ 2642.622319][T27297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2642.642082][T27297] RSP: 002b:00007fd067131048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2642.650650][T27297] RAX: ffffffffffffffda RBX: 00007fd066503f60 RCX: 00007fd066375bd9
[ 2642.658687][T27297] RDX: 000000000000ff2e RSI: 0000000020000380 RDI: 0000000000000003
[ 2642.666715][T27297] RBP: 00007fd0671310a0 R08: 0000000000000000 R09: 0000000000000000
[ 2642.674833][T27297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2642.682862][T27297] R13: 000000000000000b R14: 00007fd066503f60 R15: 00007ffe9fe80a58
[ 2642.690909][T27297]  </TASK>
[ 2642.801719][ T5166] usb 12-1: SetAddress Request (98) to port 0
[ 2642.811391][ T5166] usb 12-1: new SuperSpeed USB device number 98 using vhci_hcd
[ 2643.096893][T27291] vhci_hcd: connection reset by peer
[ 2643.113936][T17859] vhci_hcd: stop threads
[ 2643.118272][T17859] vhci_hcd: release socket
[ 2643.128306][T17859] vhci_hcd: disconnect device
[ 2643.243733][T27307] FAULT_INJECTION: forcing a failure.
[ 2643.243733][T27307] name failslab, interval 1, probability 0, space 0, times 0
[ 2643.285070][T27307] CPU: 1 PID: 27307 Comm: syz.2.5585 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[ 2643.295322][T27307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2643.305450][T27307] Call Trace:
[ 2643.308781][T27307]  <TASK>
[ 2643.311737][T27307]  dump_stack_lvl+0x16c/0x1f0
[ 2643.316468][T27307]  should_fail_ex+0x497/0x5b0
[ 2643.321208][T27307]  should_failslab+0x9/0x20
[ 2643.325763][T27307]  __kmalloc_noprof+0xcf/0x410
[ 2643.330563][T27307]  drm_atomic_state_init+0x17e/0x320
[ 2643.335889][T27307]  ? __kasan_kmalloc+0xaa/0xb0
[ 2643.340695][T27307]  drm_atomic_state_alloc+0xd3/0x120
[ 2643.346033][T27307]  drm_mode_atomic_ioctl+0x3a3/0x2640
[ 2643.351455][T27307]  ? __pfx___lock_acquire+0x10/0x10
[ 2643.356705][T27307]  ? __pfx___lock_acquire+0x10/0x10
[ 2643.361950][T27307]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[ 2643.367805][T27307]  ? lock_acquire+0x1b1/0x560
[ 2643.372527][T27307]  ? find_held_lock+0x2d/0x110
[ 2643.377418][T27307]  ? do_raw_spin_unlock+0x172/0x230
[ 2643.382910][T27307]  drm_ioctl_kernel+0x1ec/0x3e0
[ 2643.387793][T27307]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[ 2643.393642][T27307]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[ 2643.399050][T27307]  drm_ioctl+0x5dc/0xc00
[ 2643.403329][T27307]  ? __pfx_drm_mode_atomic_ioctl+0x10/0x10
[ 2643.409176][T27307]  ? __pfx_drm_ioctl+0x10/0x10
[ 2643.413976][T27307]  ? selinux_file_ioctl+0xb4/0x270
[ 2643.419129][T27307]  ? __pfx_drm_ioctl+0x10/0x10
[ 2643.423927][T27307]  __x64_sys_ioctl+0x193/0x220
[ 2643.428723][T27307]  do_syscall_64+0xcd/0x250
[ 2643.433278][T27307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2643.439222][T27307] RIP: 0033:0x7f611fb75bd9
[ 2643.443685][T27307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2643.463345][T27307] RSP: 002b:00007f61208c0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2643.471889][T27307] RAX: ffffffffffffffda RBX: 00007f611fd03f60 RCX: 00007f611fb75bd9
[ 2643.479904][T27307] RDX: 00000000200001c0 RSI: 00000000c03864bc RDI: 0000000000000003
[ 2643.488523][T27307] RBP: 00007f61208c00a0 R08: 0000000000000000 R09: 0000000000000000
[ 2643.496866][T27307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2643.504863][T27307] R13: 000000000000000b R14: 00007f611fd03f60 R15: 00007ffed73ec708
[ 2643.512888][T27307]  </TASK>
[ 2643.972439][T26982] Bluetooth: hci0: command tx timeout
[ 2643.977934][T26982] Bluetooth: hci1: command tx timeout
[ 2644.412016][T26851] bridge_slave_1: left allmulticast mode
[ 2644.423629][T26851] bridge_slave_1: left promiscuous mode
[ 2644.429558][T26851] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2644.784399][T26851] bridge_slave_0: left allmulticast mode
[ 2644.823313][T26851] bridge_slave_0: left promiscuous mode
[ 2644.829301][T26851] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2646.041581][T26980] Bluetooth: hci0: command tx timeout
[ 2646.047419][T26982] Bluetooth: hci1: command tx timeout
[ 2647.626502][T26851] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2647.668674][T26851] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2647.694276][T26851] bond0 (unregistering): Released all slaves
[ 2647.808475][T27279] chnl_net:caif_netlink_parms(): no params data found
[ 2647.881615][ T5166] usb 12-1: device descriptor read/8, error -110
[ 2647.918190][T27282] chnl_net:caif_netlink_parms(): no params data found
[ 2648.147549][T26851] hsr_slave_0: left promiscuous mode
[ 2648.197506][T26851] hsr_slave_1: left promiscuous mode
[ 2648.234049][T26851] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2648.303703][T26851] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2648.323437][ T5166] usb usb12-port1: attempt power cycle
[ 2648.450967][T26851] veth1_vlan: left promiscuous mode
[ 2648.471578][T26851] veth0_vlan: left promiscuous mode
[ 2648.615647][T27353] overlayfs: failed to resolve './bus': -2
[ 2649.043288][ T5166] usb usb12-port1: unable to enumerate USB device
[ 2650.346139][T26851] team0 (unregistering): Port device team_slave_1 removed
[ 2650.477907][T26851] team0 (unregistering): Port device team_slave_0 removed
[ 2651.861711][T27374] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5601'.
[ 2652.447806][T27393] netlink: 48 bytes leftover after parsing attributes in process `syz.3.5604'.
[ 2652.494555][T27393] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5604'.
[ 2652.498450][T27282] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2652.552155][T27282] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2652.559610][T27282] bridge_slave_0: entered allmulticast mode
[ 2652.604955][T27282] bridge_slave_0: entered promiscuous mode
[ 2652.625530][T27282] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2652.649135][T27282] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2652.671890][T27282] bridge_slave_1: entered allmulticast mode
[ 2652.700101][T27282] bridge_slave_1: entered promiscuous mode
[ 2652.718999][T27279] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2652.738179][T27279] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2652.757028][T27279] bridge_slave_0: entered allmulticast mode
[ 2652.797721][T27279] bridge_slave_0: entered promiscuous mode
[ 2653.326076][T27282] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2653.497940][T27279] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2653.602429][T27279] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2653.615261][T27279] bridge_slave_1: entered allmulticast mode
[ 2653.627382][T27279] bridge_slave_1: entered promiscuous mode
[ 2653.868603][T27279] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2653.946798][T27279] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2654.312699][T27279] team0: Port device team_slave_0 added
[ 2654.366951][T27279] team0: Port device team_slave_1 added
[ 2654.523985][T27282] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2654.816389][T27279] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2654.853949][T27279] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2654.904834][T27279] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2654.908033][T27406] overlayfs: failed to resolve './bus': -2
[ 2655.093337][T27282] team0: Port device team_slave_0 added
[ 2655.114361][T27279] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2655.131687][T27279] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2655.214444][T27279] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2655.303206][T27282] team0: Port device team_slave_1 added
[ 2655.656739][T27282] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2655.681544][T27282] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2655.742823][T27282] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2655.785912][T27282] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2655.807287][T27282] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2655.889393][T27282] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2656.098690][T27279] hsr_slave_0: entered promiscuous mode
[ 2656.144299][T27279] hsr_slave_1: entered promiscuous mode
[ 2656.176140][T27279] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2656.205003][T27279] Cannot create hsr debugfs directory
[ 2656.847545][T27282] hsr_slave_0: entered promiscuous mode
[ 2656.886881][T27282] hsr_slave_1: entered promiscuous mode
[ 2656.901700][T27282] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2656.918343][T27282] Cannot create hsr debugfs directory
[ 2656.952929][T27422] fuse: Unknown parameter '18446744073709551615'
[ 2657.635952][T27431] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5613'.
[ 2657.681669][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[ 2657.688689][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[ 2658.292433][T27436] FAULT_INJECTION: forcing a failure.
[ 2658.292433][T27436] name failslab, interval 1, probability 0, space 0, times 0
[ 2658.331594][T27436] CPU: 1 PID: 27436 Comm: syz.3.5614 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[ 2658.341860][T27436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2658.351935][T27436] Call Trace:
[ 2658.355236][T27436]  <TASK>
[ 2658.358207][T27436]  dump_stack_lvl+0x16c/0x1f0
[ 2658.362917][T27436]  should_fail_ex+0x497/0x5b0
[ 2658.367639][T27436]  should_failslab+0x9/0x20
[ 2658.372192][T27436]  kmalloc_trace_noprof+0x6b/0x300
[ 2658.377355][T27436]  ? nf_ct_tmpl_alloc+0x90/0x270
[ 2658.382362][T27436]  nf_ct_tmpl_alloc+0x90/0x270
[ 2658.387190][T27436]  xt_ct_tg_check+0x280/0xe00
[ 2658.391918][T27436]  ? find_held_lock+0x2d/0x110
[ 2658.396714][T27436]  ? __pfx_xt_ct_tg_check+0x10/0x10
[ 2658.402061][T27436]  ? xt_find_target+0x1e9/0x290
[ 2658.406961][T27436]  xt_ct_tg_check_v0+0x1a6/0x280
[ 2658.411933][T27436]  ? __pfx_xt_ct_tg_check_v0+0x10/0x10
[ 2658.417437][T27436]  ? __mutex_lock+0x1a6/0x9c0
[ 2658.422186][T27436]  ? __pfx___mutex_lock+0x10/0x10
[ 2658.427273][T27436]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2658.433377][T27436]  ? __pfx_xt_ct_tg_check_v0+0x10/0x10
[ 2658.438887][T27436]  xt_check_target+0x272/0xa30
[ 2658.443700][T27436]  ? __pfx_xt_check_target+0x10/0x10
[ 2658.449032][T27436]  ? xt_find_target+0x1ee/0x290
[ 2658.453925][T27436]  ? xt_find_target+0x1ee/0x290
[ 2658.458818][T27436]  find_check_entry.constprop.0+0x82f/0xa20
[ 2658.464854][T27436]  ? __pfx_find_check_entry.constprop.0+0x10/0x10
[ 2658.471302][T27436]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2658.476550][T27436]  ? kfree+0x12a/0x3b0
[ 2658.480673][T27436]  ? kvfree+0x47/0x50
[ 2658.484697][T27436]  translate_table+0xd06/0x17b0
[ 2658.489591][T27436]  ? __pfx_translate_table+0x10/0x10
[ 2658.494928][T27436]  do_ip6t_set_ctl+0x605/0xc40
[ 2658.499827][T27436]  ? rcu_is_watching+0x12/0xc0
[ 2658.504637][T27436]  ? trace_contention_end+0xea/0x140
[ 2658.509968][T27436]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[ 2658.515328][T27436]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2658.521494][T27436]  ? nf_sockopt_find.constprop.0+0x221/0x290
[ 2658.528251][T27436]  nf_setsockopt+0x8a/0xf0
[ 2658.532893][T27436]  ipv6_setsockopt+0x133/0x1a0
[ 2658.537779][T27436]  tcp_setsockopt+0xa4/0x100
[ 2658.542590][T27436]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 2658.548531][T27436]  do_sock_setsockopt+0x222/0x480
[ 2658.553953][T27436]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 2658.559559][T27436]  ? __fget_light+0x173/0x210
[ 2658.564455][T27436]  __sys_setsockopt+0x1a4/0x270
[ 2658.569431][T27436]  ? __pfx___sys_setsockopt+0x10/0x10
[ 2658.574930][T27436]  ? fput+0x32/0x390
[ 2658.578850][T27436]  ? ksys_write+0x1ab/0x260
[ 2658.583395][T27436]  ? __pfx_ksys_write+0x10/0x10
[ 2658.588285][T27436]  __x64_sys_setsockopt+0xbd/0x160
[ 2658.593436][T27436]  ? do_syscall_64+0x91/0x250
[ 2658.598148][T27436]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2658.603384][T27436]  do_syscall_64+0xcd/0x250
[ 2658.608012][T27436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2658.613951][T27436] RIP: 0033:0x7fd066375bd9
[ 2658.618398][T27436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2658.638129][T27436] RSP: 002b:00007fd067131048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 2658.646573][T27436] RAX: ffffffffffffffda RBX: 00007fd066503f60 RCX: 00007fd066375bd9
[ 2658.654586][T27436] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[ 2658.662593][T27436] RBP: 00007fd0671310a0 R08: 0000000000000380 R09: 0000000000000000
[ 2658.670610][T27436] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[ 2658.678615][T27436] R13: 000000000000000b R14: 00007fd066503f60 R15: 00007ffe9fe80a58
[ 2658.686649][T27436]  </TASK>
[ 2658.771050][   T30] audit: type=1326 audit(1720302877.724:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27433 comm="syz.1.5615" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe811f75bd9 code=0x0
[ 2658.880050][   T30] audit: type=1400 audit(1720302877.804:693): avc:  granted  { setsecparam } for  pid=27433 comm="syz.1.5615" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 2659.083351][T26851] bridge_slave_1: left allmulticast mode
[ 2659.090147][T26851] bridge_slave_1: left promiscuous mode
[ 2659.350005][T26851] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2662.516515][T26851] bridge_slave_0: left allmulticast mode
[ 2662.531200][T26851] bridge_slave_0: left promiscuous mode
[ 2662.537163][T26851] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2663.932109][T27454] overlayfs: failed to resolve './bus': -2
[ 2665.305242][T26851] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2665.399668][T26851] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2665.470286][T26851] bond0 (unregistering): Released all slaves
[ 2665.614669][T27477] fuse: Unknown parameter '18446744073709551615'
[ 2665.764775][T27478] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5624'.
[ 2666.048396][T26851] hsr_slave_0: left promiscuous mode
[ 2666.102266][T26851] hsr_slave_1: left promiscuous mode
[ 2666.124356][T26851] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2666.136561][T26851] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2666.164678][T26851] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2666.371629][T26851] veth1_macvtap: left promiscuous mode
[ 2666.394201][T26851] veth0_macvtap: left promiscuous mode
[ 2666.424698][T26851] veth1_vlan: left promiscuous mode
[ 2666.452303][T26851] veth0_vlan: left promiscuous mode
[ 2667.247119][T27491] FAULT_INJECTION: forcing a failure.
[ 2667.247119][T27491] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2667.260614][T27491] CPU: 0 PID: 27491 Comm: syz.3.5625 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[ 2667.270936][T27491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2667.281411][T27491] Call Trace:
[ 2667.284729][T27491]  <TASK>
[ 2667.287693][T27491]  dump_stack_lvl+0x16c/0x1f0
[ 2667.292425][T27491]  should_fail_ex+0x497/0x5b0
[ 2667.297180][T27491]  _copy_to_iter+0x44f/0x1140
[ 2667.302006][T27491]  ? __pfx__copy_to_iter+0x10/0x10
[ 2667.307170][T27491]  ? __up_read+0x1fb/0x760
[ 2667.311742][T27491]  ? __pfx_pin_user_pages_remote+0x10/0x10
[ 2667.317618][T27491]  ? down_read+0xc9/0x330
[ 2667.322202][T27491]  ? __pfx___up_read+0x10/0x10
[ 2667.327138][T27491]  copy_page_to_iter+0xf1/0x180
[ 2667.333016][T27491]  process_vm_rw_core.constprop.0+0x5c9/0xa10
[ 2667.339166][T27491]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[ 2667.345827][T27491]  ? rcu_is_watching+0x12/0xc0
[ 2667.350651][T27491]  process_vm_rw+0x301/0x360
[ 2667.355312][T27491]  ? __pfx_process_vm_rw+0x10/0x10
[ 2667.360486][T27491]  ? ksys_write+0x21c/0x260
[ 2667.365053][T27491]  ? __pfx_lock_release+0x10/0x10
[ 2667.370157][T27491]  ? ksys_write+0x1ab/0x260
[ 2667.374724][T27491]  ? __pfx_ksys_write+0x10/0x10
[ 2667.379652][T27491]  __x64_sys_process_vm_readv+0xe2/0x1c0
[ 2667.385442][T27491]  ? do_syscall_64+0x91/0x250
[ 2667.390181][T27491]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2667.395434][T27491]  do_syscall_64+0xcd/0x250
[ 2667.400005][T27491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2667.405970][T27491] RIP: 0033:0x7fd066375bd9
[ 2667.410431][T27491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2667.430272][T27491] RSP: 002b:00007fd0670ef048 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[ 2667.438752][T27491] RAX: ffffffffffffffda RBX: 00007fd066504110 RCX: 00007fd066375bd9
[ 2667.446784][T27491] RDX: 0000000000000002 RSI: 0000000020008400 RDI: 00000000000002ce
[ 2667.454893][T27491] RBP: 00007fd0670ef0a0 R08: 0000000000000286 R09: 0000000000000000
[ 2667.462916][T27491] R10: 0000000020008640 R11: 0000000000000246 R12: 0000000000000001
[ 2667.470939][T27491] R13: 000000000000006e R14: 00007fd066504110 R15: 00007ffe9fe80a58
[ 2667.478967][T27491]  </TASK>
[ 2667.482129][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2669.173390][   T30] audit: type=1326 audit(1720302888.134:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27498 comm="syz.2.5628" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f611fb75bd9 code=0x0
[ 2669.301334][   T30] audit: type=1400 audit(1720302888.244:695): avc:  granted  { setsecparam } for  pid=27498 comm="syz.2.5628" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 2670.198592][T26851] team0 (unregistering): Port device team_slave_1 removed
[ 2670.349286][T26851] team0 (unregistering): Port device team_slave_0 removed
[ 2670.921655][T27220] usb 3-1: new low-speed USB device number 96 using dummy_hcd
[ 2671.153535][T27220] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2671.203959][T27220] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 2671.219265][T27220] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2671.253909][T27220] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2671.278319][T27220] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2671.308724][T27220] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 2671.321934][T27220] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2671.332830][T27220] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2671.366474][T27220] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2671.387489][T27220] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 2671.400968][T27220] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2671.463472][T27220] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2673.239132][T27515] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5633'.
[ 2673.521097][T27220] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 2673.536116][T27220] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2673.558411][T27220] usb 3-1: can't set config #168, error -71
[ 2673.575238][T27220] usb 3-1: USB disconnect, device number 96
[ 2674.082543][T27279] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 2674.138094][T27279] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 2674.191044][T27279] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 2674.260968][T27279] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 2674.916705][T27282] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2674.941062][T27282] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2674.963128][T27282] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2675.043878][T27530] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5637'.
[ 2675.056621][T27530] netlink: 'syz.2.5637': attribute type 25 has an invalid length.
[ 2675.097925][T27530] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 2675.108143][T27530] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 2675.118428][T27530] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 2675.128230][T27530] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 2675.200989][T27282] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2675.447976][   T30] audit: type=1326 audit(1720302894.404:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27534 comm="syz.3.5639" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd066375bd9 code=0x0
[ 2675.512594][T27279] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2675.538883][   T30] audit: type=1400 audit(1720302894.464:697): avc:  granted  { setsecparam } for  pid=27534 comm="syz.3.5639" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 2675.598119][T27279] 8021q: adding VLAN 0 to HW filter on device team0
[ 2675.697605][T24218] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2675.704983][T24218] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2675.793381][T27220] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2675.800753][T27220] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2676.090651][T27540] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5640'.
[ 2676.177041][T27282] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2676.364220][T27282] 8021q: adding VLAN 0 to HW filter on device team0
[ 2676.486612][ T5166] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2676.493956][ T5166] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2676.578992][ T5166] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2676.586359][ T5166] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2677.013193][T27282] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 2677.047903][T27282] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 2677.314311][T27561] overlayfs: failed to resolve './bus': -2
[ 2677.359659][T27567] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5643'.
[ 2677.541288][T27279] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2679.122710][T27279] veth0_vlan: entered promiscuous mode
[ 2679.213565][T27279] veth1_vlan: entered promiscuous mode
[ 2679.249210][T27578] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2679.276783][T27282] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2679.739107][T27279] veth0_macvtap: entered promiscuous mode
[ 2679.806383][T27279] veth1_macvtap: entered promiscuous mode
[ 2679.908592][T27279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2679.950479][T27279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2679.961861][T27279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2680.001342][T27279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2680.021559][T27279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2680.053928][T27279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2680.081436][T27279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2680.109869][T27279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2680.141440][T27279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2680.154240][T27279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2680.178337][T27279] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2680.216497][T27279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2680.260900][T27279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2680.290965][T27279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2680.328442][T27279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2680.351374][T27279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2680.377780][T27279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2680.419567][T27279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2680.446079][T27279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2680.457344][T27279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2680.503173][T27279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2680.556081][T27279] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2680.666896][T27279] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2680.702131][T27279] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2680.738158][T27279] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2680.755500][T27591] fuse: Unknown parameter '18446744073709551615'
[ 2680.784882][T27279] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2681.643312][T17859] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2681.674903][T17859] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2681.684998][T27282] veth0_vlan: entered promiscuous mode
[ 2681.864054][T27282] veth1_vlan: entered promiscuous mode
[ 2681.912964][T27600] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5648'.
[ 2681.957718][T27600] netlink: 'syz.2.5648': attribute type 25 has an invalid length.
[ 2682.042938][T17859] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2682.086893][T17859] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2682.219202][T27282] veth0_macvtap: entered promiscuous mode
[ 2682.256214][T27282] veth1_macvtap: entered promiscuous mode
[ 2682.348463][T27282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2682.370323][T27282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2682.408398][T27282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2682.460573][T27282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2682.484524][T27282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2682.507793][T27282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2682.537470][T27282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2682.588782][T27282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2682.626240][T27282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2682.661384][T27282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2682.705115][T27282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2682.731398][T27282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2682.783248][T27282] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2682.872954][T27282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2682.941037][T27282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2683.023941][T27282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2683.057523][T27282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2683.097124][T27282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2683.144477][ T5136] IPVS: starting estimator thread 0...
[ 2683.150217][   T30] audit: type=1400 audit(1720302902.094:698): avc:  denied  { bind } for  pid=27615 comm="syz.3.5651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 2683.154746][T27282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2683.227373][   T30] audit: type=1400 audit(1720302902.094:699): avc:  denied  { name_bind } for  pid=27615 comm="syz.3.5651" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[ 2683.254727][T27282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2683.265978][T27617] IPVS: using max 14 ests per chain, 33600 per kthread
[ 2683.364496][T27282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2683.429342][   T30] audit: type=1400 audit(1720302902.094:700): avc:  denied  { node_bind } for  pid=27615 comm="syz.3.5651" saddr=255.255.255.255 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[ 2683.473674][T27282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2683.564428][T27282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2683.646146][T27282] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2683.727039][T27282] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2683.794822][T27282] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2683.894770][T27616] netlink: 'syz.3.5651': attribute type 4 has an invalid length.
[ 2683.924309][T27618] netlink: 'syz.3.5651': attribute type 4 has an invalid length.
[ 2683.967016][T27282] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2684.016654][T27282] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2684.039500][T27282] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2684.062579][T27282] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2685.641703][T26854] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2685.649597][T26854] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2685.881994][T26854] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2685.902895][T26854] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2686.079686][T27638] binder: BINDER_SET_CONTEXT_MGR already set
[ 2686.112973][T27638] binder: 27633:27638 ioctl 4018620d 20000040 returned -16
[ 2686.262282][T27643] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2688.403121][   T30] audit: type=1400 audit(1720302907.364:701): avc:  denied  { listen } for  pid=27650 comm="syz.2.5657" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 2688.511373][   T30] audit: type=1400 audit(1720302907.394:702): avc:  denied  { connect } for  pid=27650 comm="syz.2.5657" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 2688.573772][   T30] audit: type=1400 audit(1720302907.394:703): avc:  denied  { name_connect } for  pid=27650 comm="syz.2.5657" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[ 2688.637409][   T30] audit: type=1326 audit(1720302907.574:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27650 comm="syz.2.5657" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f611fb75bd9 code=0x0
[ 2689.260355][T27658] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5659'.
[ 2689.300304][T27658] netlink: 'syz.1.5659': attribute type 25 has an invalid length.
[ 2689.411925][T27658] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 2689.420845][T27658] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 2689.429891][T27658] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 2689.438897][T27658] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 2692.217055][   T30] audit: type=1326 audit(1720302911.174:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27683 comm="syz.2.5667" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f611fb75bd9 code=0x0
[ 2693.246437][T27694] FAULT_INJECTION: forcing a failure.
[ 2693.246437][T27694] name failslab, interval 1, probability 0, space 0, times 0
[ 2693.268410][T27694] CPU: 0 PID: 27694 Comm: syz.4.5668 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[ 2693.278635][T27694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2693.288803][T27694] Call Trace:
[ 2693.292097][T27694]  <TASK>
[ 2693.295040][T27694]  dump_stack_lvl+0x16c/0x1f0
[ 2693.299831][T27694]  should_fail_ex+0x497/0x5b0
[ 2693.304559][T27694]  should_failslab+0x9/0x20
[ 2693.309104][T27694]  __kmalloc_noprof+0xcf/0x410
[ 2693.313904][T27694]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[ 2693.321159][T27694]  genl_family_rcv_msg_doit+0xbf/0x2f0
[ 2693.326675][T27694]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 2693.332782][T27694]  ? ns_capable+0xd7/0x110
[ 2693.337266][T27694]  genl_rcv_msg+0x565/0x800
[ 2693.341852][T27694]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2693.346930][T27694]  ? __pfx___lock_acquire+0x10/0x10
[ 2693.352279][T27694]  ? __pfx_ovs_dp_cmd_del+0x10/0x10
[ 2693.357530][T27694]  netlink_rcv_skb+0x16b/0x440
[ 2693.362320][T27694]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2693.367400][T27694]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2693.372813][T27694]  ? down_read+0xc9/0x330
[ 2693.377168][T27694]  ? __pfx_down_read+0x10/0x10
[ 2693.382048][T27694]  ? netlink_deliver_tap+0x1ae/0xd90
[ 2693.387359][T27694]  genl_rcv+0x28/0x40
[ 2693.391399][T27694]  netlink_unicast+0x542/0x820
[ 2693.396215][T27694]  ? __pfx_netlink_unicast+0x10/0x10
[ 2693.401546][T27694]  netlink_sendmsg+0x8b8/0xd70
[ 2693.406389][T27694]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2693.411715][T27694]  ? __import_iovec+0x1fd/0x6e0
[ 2693.416686][T27694]  ____sys_sendmsg+0xab5/0xc90
[ 2693.421561][T27694]  ? copy_msghdr_from_user+0x10b/0x160
[ 2693.427055][T27694]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2693.432363][T27694]  ? find_held_lock+0x2d/0x110
[ 2693.437154][T27694]  ? __pfx___lock_acquire+0x10/0x10
[ 2693.442492][T27694]  ___sys_sendmsg+0x135/0x1e0
[ 2693.447229][T27694]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2693.452462][T27694]  ? ksys_write+0x21c/0x260
[ 2693.457172][T27694]  ? __fget_light+0x173/0x210
[ 2693.461882][T27694]  __sys_sendmsg+0x117/0x1f0
[ 2693.466509][T27694]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2693.471676][T27694]  do_syscall_64+0xcd/0x250
[ 2693.476208][T27694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2693.482148][T27694] RIP: 0033:0x7f9348375bd9
[ 2693.486698][T27694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2693.506515][T27694] RSP: 002b:00007f934913f048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2693.515332][T27694] RAX: ffffffffffffffda RBX: 00007f9348503f60 RCX: 00007f9348375bd9
[ 2693.523385][T27694] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000005
[ 2693.531398][T27694] RBP: 00007f934913f0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2693.539393][T27694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2693.547485][T27694] R13: 000000000000000b R14: 00007f9348503f60 R15: 00007ffc74010708
[ 2693.555493][T27694]  </TASK>
[ 2693.986432][T27697] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2695.244329][T26980] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2695.268058][T26980] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2695.280683][T26980] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2695.304054][T26980] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2695.314585][T26980] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 2695.322490][T26980] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2695.596280][T27710] ALSA: seq fatal error: cannot create timer (-22)
[ 2697.072207][T27707] chnl_net:caif_netlink_parms(): no params data found
[ 2697.401504][T26982] Bluetooth: hci2: command tx timeout
[ 2698.026447][T27707] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2698.039758][T27707] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2698.081580][T27707] bridge_slave_0: entered allmulticast mode
[ 2698.108295][T27707] bridge_slave_0: entered promiscuous mode
[ 2698.129156][T27707] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2698.145061][T27733] netlink: 'syz.1.5679': attribute type 2 has an invalid length.
[ 2698.152514][T27707] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2698.177248][T27707] bridge_slave_1: entered allmulticast mode
[ 2698.231832][T27707] bridge_slave_1: entered promiscuous mode
[ 2698.451049][T27707] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2698.523832][T27707] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2698.805397][T27707] team0: Port device team_slave_0 added
[ 2698.856998][T27707] team0: Port device team_slave_1 added
[ 2698.961398][   T30] audit: type=1400 audit(1720302917.904:706): avc:  denied  { create } for  pid=27737 comm="syz.2.5681" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2699.130052][T27707] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2699.188013][ T5166] libceph: connect (1)[c::]:6789 error -101
[ 2699.191382][T27707] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2699.274183][   T30] audit: type=1326 audit(1720302918.214:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27741 comm="syz.1.5682" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe811f75bd9 code=0x0
[ 2699.300823][ T5166] libceph: mon0 (1)[c::]:6789 connect error
[ 2699.396010][T27707] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2699.425951][T27743] ceph: No mds server is up or the cluster is laggy
[ 2699.444608][ T5166] libceph: connect (1)[c::]:6789 error -101
[ 2699.470150][ T5166] libceph: mon0 (1)[c::]:6789 connect error
[ 2699.481958][T26982] Bluetooth: hci2: command tx timeout
[ 2699.490059][T27707] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2699.506929][T27707] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2699.536628][T27707] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2700.086315][T27707] hsr_slave_0: entered promiscuous mode
[ 2700.122506][T27707] hsr_slave_1: entered promiscuous mode
[ 2700.147798][T27753] FAULT_INJECTION: forcing a failure.
[ 2700.147798][T27753] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2700.171291][T27707] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2700.188065][T27707] Cannot create hsr debugfs directory
[ 2700.203849][T27753] CPU: 0 PID: 27753 Comm: syz.0.5683 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[ 2700.214113][T27753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2700.224294][T27753] Call Trace:
[ 2700.227619][T27753]  <TASK>
[ 2700.230590][T27753]  dump_stack_lvl+0x16c/0x1f0
[ 2700.235381][T27753]  should_fail_ex+0x497/0x5b0
[ 2700.240122][T27753]  _copy_from_user+0x30/0xf0
[ 2700.244850][T27753]  snd_seq_write+0x3f6/0x6d0
[ 2700.249490][T27753]  ? __pfx_snd_seq_write+0x10/0x10
[ 2700.254646][T27753]  ? security_file_permission+0x98/0xc0
[ 2700.260275][T27753]  ? __pfx_snd_seq_write+0x10/0x10
[ 2700.265626][T27753]  vfs_write+0x29a/0x1140
[ 2700.270106][T27753]  ? __pfx_vfs_write+0x10/0x10
[ 2700.274906][T27753]  ? __fget_files+0x256/0x400
[ 2700.279613][T27753]  ? __fget_light+0x173/0x210
[ 2700.284336][T27753]  ksys_write+0x1f8/0x260
[ 2700.288829][T27753]  ? __pfx_ksys_write+0x10/0x10
[ 2700.293927][T27753]  do_syscall_64+0xcd/0x250
[ 2700.298502][T27753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2700.304558][T27753] RIP: 0033:0x7f749b975bd9
[ 2700.309031][T27753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2700.328886][T27753] RSP: 002b:00007f749c82d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2700.337340][T27753] RAX: ffffffffffffffda RBX: 00007f749bb03f60 RCX: 00007f749b975bd9
[ 2700.345357][T27753] RDX: 000000000000ffc8 RSI: 0000000020000000 RDI: 0000000000000004
[ 2700.353363][T27753] RBP: 00007f749c82d0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2700.361479][T27753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2700.369501][T27753] R13: 000000000000000b R14: 00007f749bb03f60 R15: 00007ffdae40bd88
[ 2700.377533][T27753]  </TASK>
[ 2700.832565][T27756] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2701.300363][T27707] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 2701.319896][T27707] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2701.561351][T26982] Bluetooth: hci2: command tx timeout
[ 2701.627456][T27707] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 2701.681910][T27707] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2701.906168][T27707] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 2701.975904][T27707] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2702.058376][   T30] audit: type=1400 audit(1720302921.014:708): avc:  denied  { unlink } for  pid=23909 comm="syz-executor" name="file2" dev="tmpfs" ino=1346 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2702.223600][T27763] FAULT_INJECTION: forcing a failure.
[ 2702.223600][T27763] name failslab, interval 1, probability 0, space 0, times 0
[ 2702.242523][T27763] CPU: 1 PID: 27763 Comm: syz.2.5687 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[ 2702.252863][T27763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2702.263216][T27763] Call Trace:
[ 2702.266505][T27763]  <TASK>
[ 2702.269441][T27763]  dump_stack_lvl+0x16c/0x1f0
[ 2702.274145][T27763]  should_fail_ex+0x497/0x5b0
[ 2702.278851][T27763]  should_failslab+0x9/0x20
[ 2702.283384][T27763]  kmalloc_trace_noprof+0x6b/0x300
[ 2702.288521][T27763]  ? dev_ethtool+0x197/0x56c0
[ 2702.293228][T27763]  dev_ethtool+0x197/0x56c0
[ 2702.297849][T27763]  ? unwind_get_return_address+0x45/0xe0
[ 2702.303512][T27763]  ? arch_stack_walk+0x118/0x170
[ 2702.308469][T27763]  ? __pfx_dev_ethtool+0x10/0x10
[ 2702.313452][T27763]  ? hlock_class+0x4e/0x130
[ 2702.317975][T27763]  ? hlock_class+0x4e/0x130
[ 2702.322495][T27763]  ? mark_lock+0xb5/0xc60
[ 2702.326852][T27763]  ? __pfx_mark_lock+0x10/0x10
[ 2702.331643][T27763]  ? __pfx_mark_lock+0x10/0x10
[ 2702.336436][T27763]  ? __pfx___lock_acquire+0x10/0x10
[ 2702.341749][T27763]  ? kasan_save_stack+0x42/0x60
[ 2702.346653][T27763]  ? kasan_save_stack+0x33/0x60
[ 2702.351837][T27763]  ? kasan_save_track+0x14/0x30
[ 2702.356830][T27763]  ? kasan_save_free_info+0x3b/0x60
[ 2702.362055][T27763]  ? poison_slab_object+0xf7/0x160
[ 2702.367192][T27763]  ? __kasan_slab_free+0x32/0x50
[ 2702.372156][T27763]  ? kfree+0x12a/0x3b0
[ 2702.376276][T27763]  ? tomoyo_path_number_perm+0x467/0x590
[ 2702.381955][T27763]  ? hlock_class+0x4e/0x130
[ 2702.386514][T27763]  ? __lock_acquire+0xc5d/0x3b30
[ 2702.391499][T27763]  ? __pfx___lock_acquire+0x10/0x10
[ 2702.396731][T27763]  ? __pfx___lock_acquire+0x10/0x10
[ 2702.401963][T27763]  ? avc_has_extended_perms+0x927/0xf90
[ 2702.407627][T27763]  ? find_held_lock+0x2d/0x110
[ 2702.412414][T27763]  ? dev_load+0x8e/0x240
[ 2702.416692][T27763]  ? __pfx_lock_release+0x10/0x10
[ 2702.421763][T27763]  ? full_name_hash+0xbc/0x110
[ 2702.426639][T27763]  dev_ioctl+0x2a2/0x10a0
[ 2702.430986][T27763]  sock_do_ioctl+0x19e/0x280
[ 2702.435610][T27763]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 2702.440748][T27763]  ? ioctl_has_perm.constprop.0.isra.0+0x2f9/0x470
[ 2702.447331][T27763]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 2702.454485][T27763]  sock_ioctl+0x22e/0x6c0
[ 2702.458844][T27763]  ? __pfx_sock_ioctl+0x10/0x10
[ 2702.463746][T27763]  ? selinux_file_ioctl+0x180/0x270
[ 2702.468991][T27763]  ? selinux_file_ioctl+0xb4/0x270
[ 2702.474297][T27763]  ? __pfx_sock_ioctl+0x10/0x10
[ 2702.479340][T27763]  __x64_sys_ioctl+0x193/0x220
[ 2702.484303][T27763]  do_syscall_64+0xcd/0x250
[ 2702.488832][T27763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2702.494789][T27763] RIP: 0033:0x7f611fb75bd9
[ 2702.499216][T27763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2702.520507][T27763] RSP: 002b:00007f61208c0048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2702.529916][T27763] RAX: ffffffffffffffda RBX: 00007f611fd03f60 RCX: 00007f611fb75bd9
[ 2702.538690][T27763] RDX: 0000000020005e40 RSI: 0000000000008946 RDI: 0000000000000003
[ 2702.546773][T27763] RBP: 00007f61208c00a0 R08: 0000000000000000 R09: 0000000000000000
[ 2702.555121][T27763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2702.563562][T27763] R13: 000000000000000b R14: 00007f611fd03f60 R15: 00007ffed73ec708
[ 2702.571993][T27763]  </TASK>
[ 2702.690849][T27707] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 2702.716115][T27707] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2703.641534][T26982] Bluetooth: hci2: command tx timeout
[ 2703.769738][T27707] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2703.803663][T27707] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2703.844266][T27707] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2703.863679][T27707] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2704.060800][T27783] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15 sclass=netlink_route_socket pid=27783 comm=syz.1.5692
[ 2704.253592][T27783] netlink: 'syz.1.5692': attribute type 4 has an invalid length.
[ 2704.390648][T27785] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2704.496141][T27707] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2705.352340][T27707] 8021q: adding VLAN 0 to HW filter on device team0
[ 2705.385185][ T5166] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2705.392596][ T5166] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2705.677361][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2705.684851][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2705.806308][T26980] Bluetooth: hci5: command 0x0406 tx timeout
[ 2706.024994][ T5136] libceph: connect (1)[c::]:6789 error -101
[ 2706.045108][ T5136] libceph: mon0 (1)[c::]:6789 connect error
[ 2706.093552][T27805] ceph: No mds server is up or the cluster is laggy
[ 2706.132238][ T5166] libceph: connect (1)[c::]:6789 error -101
[ 2706.144313][ T5166] libceph: mon0 (1)[c::]:6789 connect error
[ 2706.450584][ T5136] libceph: connect (1)[c::]:6789 error -101
[ 2706.571724][ T5136] libceph: mon0 (1)[c::]:6789 connect error
[ 2708.200710][T27822] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2708.253523][T27707] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2708.439277][T27707] veth0_vlan: entered promiscuous mode
[ 2708.548906][T27707] veth1_vlan: entered promiscuous mode
[ 2708.816089][T27707] veth0_macvtap: entered promiscuous mode
[ 2708.985614][T27707] veth1_macvtap: entered promiscuous mode
[ 2709.132719][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2709.166151][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2709.194351][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2709.247037][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2709.287965][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2709.363243][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2709.439098][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2709.450590][T27845] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15 sclass=netlink_route_socket pid=27845 comm=syz.1.5704
[ 2709.465216][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2709.543325][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2709.615693][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2709.648423][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2709.665993][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2709.677738][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2709.690766][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2709.747500][T27707] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2709.875476][T27846] netlink: 'syz.1.5704': attribute type 4 has an invalid length.
[ 2709.988421][T27829] overlayfs: failed to resolve './bus': -2
[ 2710.002769][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2710.013959][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2710.051907][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2710.137545][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2710.191863][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2710.241054][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2710.264372][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2710.286466][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2710.397769][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2710.425935][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2710.457056][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2710.478471][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2710.496279][T27707] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2710.520181][T27707] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2710.560941][T27707] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2710.654342][T27707] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2710.711757][T21812] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[ 2710.721993][T27707] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2710.815877][T27862] Bluetooth: hci6: Frame reassembly failed (-84)
[ 2711.007090][T20926] Bluetooth: hci6: Frame reassembly failed (-84)
[ 2711.043354][T27707] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2711.101526][T21812] usb 1-1: Using ep0 maxpacket: 8
[ 2711.164929][T27707] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2711.215924][T21812] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2711.348294][T21812] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 2711.416613][T21812] usb 1-1: config 1 has no interface number 1
[ 2711.425169][T21812] usb 1-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[ 2711.437778][T21812] usb 1-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2711.475941][T21812] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2711.489229][T21812] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2711.500503][T21812] usb 1-1: Product: syz
[ 2711.505084][T21812] usb 1-1: Manufacturer: syz
[ 2711.509740][T21812] usb 1-1: SerialNumber: syz
[ 2711.727645][T26851] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2711.756843][T26851] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2712.086541][T27867] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2712.099472][T17859] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2712.157055][T17859] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2712.229856][   T25] usb 1-1: USB disconnect, device number 82
[ 2712.952455][T26982] Bluetooth: hci6: Entering manufacturer mode failed (-110)
[ 2713.357793][T27875] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2714.821965][T27220] usb 1-1: new low-speed USB device number 83 using dummy_hcd
[ 2715.115936][T27220] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2715.164006][T27220] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 2715.201593][T27220] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 is Bulk; changing to Interrupt
[ 2715.230545][T27220] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 2715.271522][   T30] audit: type=1326 audit(1720302934.214:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27899 comm="syz.2.5715" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f611fb75bd9 code=0x0
[ 2715.319497][T27220] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2715.486269][T27895] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 2715.547030][T27220] hub 1-1:1.0: bad descriptor, ignoring hub
[ 2715.610980][T27220] hub 1-1:1.0: probe with driver hub failed with error -5
[ 2715.674244][T27220] cdc_wdm 1-1:1.0: skipping garbage
[ 2715.694749][T27220] cdc_wdm 1-1:1.0: skipping garbage
[ 2715.738466][T27220] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[ 2715.783063][T27220] cdc_wdm 1-1:1.0: Unknown control protocol
[ 2715.794475][ T5166] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[ 2716.064093][ T5166] usb 5-1: descriptor type invalid, skip
[ 2716.085693][ T5166] usb 5-1: config 7 has an invalid interface number: 243 but max is 3
[ 2716.111256][ T5166] usb 5-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[ 2716.166449][ T5166] usb 5-1: config 7 has an invalid descriptor of length 214, skipping remainder of the config
[ 2716.199630][ T5166] usb 5-1: config 7 has 1 interface, different from the descriptor's value: 4
[ 2716.222811][ T5166] usb 5-1: config 7 has no interface number 0
[ 2716.237935][ T5166] usb 5-1: config 7 interface 243 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[ 2716.280710][ T5166] usb 5-1: config 7 interface 243 has no altsetting 0
[ 2716.307705][ T5166] usb 5-1: New USB device found, idVendor=19d2, idProduct=fff9, bcdDevice=21.6a
[ 2716.318495][ T5166] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2716.335674][ T5166] usb 5-1: Product: ؏甑㱡蠥ꗈ蘵᩟
[ 2716.351253][ T5166] usb 5-1: Manufacturer: ᰉ
[ 2716.359524][ T5166] usb 5-1: SerialNumber:  
[ 2716.612812][T27903] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2716.704206][T27903] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2716.758299][ T5166] hub 5-1:7.243: bad descriptor, ignoring hub
[ 2716.809411][ T5166] hub 5-1:7.243: probe with driver hub failed with error -5
[ 2716.883111][ T5166] option 5-1:7.243: GSM modem (1-port) converter detected
[ 2717.007189][ T5166] usb 5-1: USB disconnect, device number 72
[ 2717.037842][ T5166] option 5-1:7.243: device disconnected
[ 2717.064714][T27913] ALSA: seq fatal error: cannot create timer (-22)
[ 2717.189815][T27915] FAULT_INJECTION: forcing a failure.
[ 2717.189815][T27915] name failslab, interval 1, probability 0, space 0, times 0
[ 2717.228192][T27915] CPU: 1 PID: 27915 Comm: syz.3.5719 Not tainted 6.10.0-rc6-syzkaller-00212-g1dd28064d416 #0
[ 2717.238584][T27915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2717.248684][T27915] Call Trace:
[ 2717.251983][T27915]  <TASK>
[ 2717.254947][T27915]  dump_stack_lvl+0x16c/0x1f0
[ 2717.259688][T27915]  should_fail_ex+0x497/0x5b0
[ 2717.264409][T27915]  should_failslab+0x9/0x20
[ 2717.269052][T27915]  __kmalloc_node_noprof+0xd5/0x440
[ 2717.274284][T27915]  ? kvmalloc_node_noprof+0x9d/0x1a0
[ 2717.279621][T27915]  kvmalloc_node_noprof+0x9d/0x1a0
[ 2717.284772][T27915]  file_tty_write.constprop.0+0x6ef/0x9b0
[ 2717.290541][T27915]  vfs_write+0x6b6/0x1140
[ 2717.294914][T27915]  ? __pfx_tty_write+0x10/0x10
[ 2717.299730][T27915]  ? __pfx_vfs_write+0x10/0x10
[ 2717.304557][T27915]  ? __fget_files+0x256/0x400
[ 2717.309271][T27915]  ? __fget_light+0x173/0x210
[ 2717.313982][T27915]  ksys_write+0x12f/0x260
[ 2717.318368][T27915]  ? __pfx_ksys_write+0x10/0x10
[ 2717.323256][T27915]  do_syscall_64+0xcd/0x250
[ 2717.327805][T27915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2717.333764][T27915] RIP: 0033:0x7f6bf5575bd9
[ 2717.338300][T27915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2717.357956][T27915] RSP: 002b:00007f6bf63a8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2717.366410][T27915] RAX: ffffffffffffffda RBX: 00007f6bf5703f60 RCX: 00007f6bf5575bd9
[ 2717.374423][T27915] RDX: 000000000000ff2e RSI: 0000000020000380 RDI: 0000000000000004
[ 2717.382419][T27915] RBP: 00007f6bf63a80a0 R08: 0000000000000000 R09: 0000000000000000
[ 2717.390424][T27915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2717.398436][T27915] R13: 000000000000000b R14: 00007f6bf5703f60 R15: 00007ffe5a770cd8
[ 2717.406451][T27915]  </TASK>
[ 2717.746600][T27220] usb 1-1: USB disconnect, device number 83
[ 2719.092235][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[ 2719.098658][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[ 2719.166258][   T30] audit: type=1400 audit(1720302938.124:710): avc:  denied  { getopt } for  pid=27919 comm="syz.4.5721" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 2719.221825][T27924] mkiss: ax0: crc mode is auto.
[ 2719.489253][T27941] syz.3.5725 (27941): attempted to duplicate a private mapping with mremap.  This is not supported.
[ 2719.529024][T27935] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2720.117026][T27948] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2721.244438][T27949] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5727'.
[ 2724.167817][   T25] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[ 2724.500328][   T25] usb 3-1: descriptor type invalid, skip
[ 2724.518190][   T25] usb 3-1: config 7 has an invalid interface number: 243 but max is 3
[ 2725.303030][   T25] usb 3-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[ 2725.346909][   T25] usb 3-1: config 7 has an invalid descriptor of length 214, skipping remainder of the config
[ 2725.399087][   T25] usb 3-1: config 7 has 1 interface, different from the descriptor's value: 4
[ 2725.415648][   T25] usb 3-1: config 7 has no interface number 0
[ 2725.422577][   T25] usb 3-1: config 7 interface 243 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[ 2725.505584][   T25] usb 3-1: config 7 interface 243 has no altsetting 0
[ 2725.554948][   T25] usb 3-1: New USB device found, idVendor=19d2, idProduct=fff9, bcdDevice=21.6a
[ 2725.583255][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2725.631651][   T25] usb 3-1: Product: ؏甑㱡蠥ꗈ蘵᩟
[ 2725.651263][   T25] usb 3-1: Manufacturer: ᰉ
[ 2725.671352][   T25] usb 3-1: SerialNumber:  
[ 2725.944163][T27967] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2725.956949][T27967] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2725.978517][   T25] hub 3-1:7.243: bad descriptor, ignoring hub
[ 2725.986507][   T25] hub 3-1:7.243: probe with driver hub failed with error -5
[ 2725.997546][   T25] option 3-1:7.243: GSM modem (1-port) converter detected
[ 2726.059779][T27990] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[ 2726.059779][T27990]    program syz.4.5737 not setting count and/or reply_len properly
[ 2726.075304][   T25] usb 3-1: USB disconnect, device number 97
[ 2726.101536][T27220] usb 1-1: new low-speed USB device number 84 using dummy_hcd
[ 2726.126849][   T25] option 3-1:7.243: device disconnected
[ 2726.323810][T27220] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2726.372366][T27220] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 2726.392480][T27220] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 is Bulk; changing to Interrupt
[ 2726.402842][T27220] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 2726.431712][T27220] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2726.459741][T27970] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 2726.469661][T27220] hub 1-1:1.0: bad descriptor, ignoring hub
[ 2726.483635][T27220] hub 1-1:1.0: probe with driver hub failed with error -5
[ 2726.496731][T27220] cdc_wdm 1-1:1.0: skipping garbage
[ 2726.504070][T27220] cdc_wdm 1-1:1.0: skipping garbage
[ 2726.543461][T27220] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[ 2726.557744][T27220] cdc_wdm 1-1:1.0: Unknown control protocol
[ 2726.716223][T27993] netlink: 212916 bytes leftover after parsing attributes in process `syz.1.5735'.
[ 2727.008458][T27999] ALSA: seq fatal error: cannot create timer (-22)
[ 2727.161751][T12629] usb 1-1: USB disconnect, device number 84
[ 2728.634879][T28007] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2728.787591][T28014] overlayfs: missing 'lowerdir'
[ 2728.879027][T28015] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 2728.900308][T28015] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 2731.733896][T28037] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2731.874743][T28043] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[ 2731.874743][T28043]    program syz.2.5749 not setting count and/or reply_len properly
[ 2733.236909][T28058] ALSA: seq fatal error: cannot create timer (-22)
[ 2734.101328][ T5136] usb 3-1: new low-speed USB device number 98 using dummy_hcd
[ 2734.327878][ T5136] usb 3-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[ 2734.372528][ T5136] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 2734.415857][ T5136] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 is Bulk; changing to Interrupt
[ 2734.446940][ T5136] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 2734.497298][ T5136] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2734.552925][T28057] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 2734.580287][ T5136] hub 3-1:1.0: bad descriptor, ignoring hub
[ 2734.599943][ T5136] hub 3-1:1.0: probe with driver hub failed with error -5
[ 2734.633543][ T5136] cdc_wdm 3-1:1.0: skipping garbage
[ 2734.638796][ T5136] cdc_wdm 3-1:1.0: skipping garbage
[ 2734.677987][ T5136] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 2734.721284][ T5136] cdc_wdm 3-1:1.0: Unknown control protocol
[ 2735.339901][T28062] netlink: 212916 bytes leftover after parsing attributes in process `syz.1.5753'.
[ 2737.333693][T28083] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2737.483994][T24218] usb 3-1: USB disconnect, device number 98
[ 2737.773004][T26980] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 2737.802276][T26980] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 2737.822694][T26980] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 2737.833763][T26980] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 2737.842101][T26980] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 2737.850107][T26980] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 2739.209700][T28098] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[ 2739.209700][T28098]    program syz.0.5761 not setting count and/or reply_len properly
[ 2739.757096][T28107] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[ 2739.757096][T28107]    program syz.4.5763 not setting count and/or reply_len properly
[ 2739.834303][T28109] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5765'.
[ 2739.962024][T26980] Bluetooth: hci6: command tx timeout
[ 2739.985608][T28089] chnl_net:caif_netlink_parms(): no params data found
[ 2740.685935][T28089] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2740.730841][T28089] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2740.760573][T28089] bridge_slave_0: entered allmulticast mode
[ 2740.790969][T28089] bridge_slave_0: entered promiscuous mode
[ 2740.863739][T28089] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2741.314729][T28089] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2741.715809][T28089] bridge_slave_1: entered allmulticast mode
[ 2741.741544][   T30] audit: type=1400 audit(1720302960.694:711): avc:  denied  { execmod } for  pid=28113 comm="syz.0.5766" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=717 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 2741.769820][T28089] bridge_slave_1: entered promiscuous mode
[ 2741.831372][   T30] audit: type=1400 audit(1720302960.694:712): avc:  denied  { execute } for  pid=28113 comm="syz.0.5766" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=717 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 2742.002353][T28089] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2742.041876][T26980] Bluetooth: hci6: command tx timeout
[ 2742.093627][T28089] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2742.407884][T28089] team0: Port device team_slave_0 added
[ 2742.447165][T28089] team0: Port device team_slave_1 added
[ 2742.691638][T28089] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2742.729497][T28089] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2742.868799][T28089] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2742.922087][T28089] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2742.947411][T28089] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2743.101374][T28089] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2743.279825][T28138] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[ 2743.286406][T28138] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 2743.319501][T28138] vhci_hcd vhci_hcd.0: Device attached
[ 2743.641534][T21812] usb 18-1: SetAddress Request (88) to port 0
[ 2743.678243][T21812] usb 18-1: new SuperSpeed USB device number 88 using vhci_hcd
[ 2743.937488][T28149] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2743.984247][T28089] hsr_slave_0: entered promiscuous mode
[ 2744.054007][T28089] hsr_slave_1: entered promiscuous mode
[ 2744.122129][T26980] Bluetooth: hci6: command tx timeout
[ 2744.202191][T28089] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2744.209831][T28089] Cannot create hsr debugfs directory
[ 2744.393277][T28139] vhci_hcd: connection reset by peer
[ 2744.457338][T14295] vhci_hcd: stop threads
[ 2744.521451][T14295] vhci_hcd: release socket
[ 2744.551736][T14295] vhci_hcd: disconnect device
[ 2744.563843][T28148] overlayfs: failed to resolve './bus': -2
[ 2745.828477][T28161] netlink: 212916 bytes leftover after parsing attributes in process `syz.4.5773'.
[ 2746.261264][T26980] Bluetooth: hci6: command tx timeout
[ 2746.884878][T28089] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2746.971407][T28166] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[ 2746.971407][T28166]    program syz.4.5774 not setting count and/or reply_len properly
[ 2747.345294][T28089] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2747.782943][T28089] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2748.030083][T28089] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2748.207367][T28180] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[ 2748.207367][T28180]    program syz.1.5776 not setting count and/or reply_len properly
[ 2748.922872][T21812] usb 18-1: device descriptor read/8, error -110
[ 2749.478329][T21812] usb usb18-port1: attempt power cycle
[ 2749.558427][T28089] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2749.607110][T28089] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2749.643694][T28089] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2749.686439][T28089] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2750.133573][T21812] usb usb18-port1: unable to enumerate USB device
[ 2750.307512][T28200] ALSA: mixer_oss: invalid index 80000
[ 2750.394627][T28089] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2750.527027][T28089] 8021q: adding VLAN 0 to HW filter on device team0
[ 2750.626433][T21812] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2750.633930][T21812] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2751.369564][ T5136] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2751.376940][ T5136] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2752.128472][T28214] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5784'.
[ 2752.196624][T28214] netlink: 'syz.0.5784': attribute type 25 has an invalid length.
[ 2752.463901][T28214] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 2752.473465][T28214] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 2752.482550][T28214] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 2752.491520][T28214] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 2752.845233][T28225] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[ 2752.845233][T28225]    program syz.4.5786 not setting count and/or reply_len properly
[ 2753.127552][T28223] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2753.373892][T28089] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2753.835121][T28089] veth0_vlan: entered promiscuous mode
[ 2753.845559][T28235] overlayfs: failed to resolve './bus': -2
[ 2753.979756][T28089] veth1_vlan: entered promiscuous mode
[ 2754.308635][T28089] veth0_macvtap: entered promiscuous mode
[ 2754.309325][T28243] ALSA: seq fatal error: cannot create timer (-22)
[ 2754.413533][T28089] veth1_macvtap: entered promiscuous mode
[ 2754.530288][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2754.588613][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2754.599781][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2754.614573][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2754.661774][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2754.708130][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2754.752436][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2754.811378][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2754.831677][   T25] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[ 2754.863850][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2754.895146][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2754.919649][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2754.989188][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2755.030921][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2755.044977][   T25] usb 1-1: descriptor type invalid, skip
[ 2755.063558][   T25] usb 1-1: config 7 has an invalid interface number: 243 but max is 3
[ 2755.098776][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2755.120808][   T25] usb 1-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[ 2755.131587][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2755.207996][   T25] usb 1-1: config 7 has an invalid descriptor of length 214, skipping remainder of the config
[ 2755.218564][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2755.241501][   T25] usb 1-1: config 7 has 1 interface, different from the descriptor's value: 4
[ 2755.250257][T28089] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2755.306200][   T25] usb 1-1: config 7 has no interface number 0
[ 2755.321577][   T25] usb 1-1: config 7 interface 243 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[ 2755.337605][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2755.345323][   T25] usb 1-1: config 7 interface 243 has no altsetting 0
[ 2755.400763][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2755.414850][   T25] usb 1-1: New USB device found, idVendor=19d2, idProduct=fff9, bcdDevice=21.6a
[ 2755.421176][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2755.441195][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2755.441455][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2755.453756][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2755.779686][   T25] usb 1-1: Product: ؏甑㱡蠥ꗈ蘵᩟
[ 2755.786516][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2755.804564][   T25] usb 1-1: Manufacturer: ᰉ
[ 2755.809573][   T25] usb 1-1: SerialNumber:  
[ 2755.864967][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2755.927516][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2755.963993][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2755.989956][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2756.020013][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2756.072024][T28247] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2756.075545][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2756.116696][T28247] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2756.153206][   T25] hub 1-1:7.243: bad descriptor, ignoring hub
[ 2756.161163][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2756.191388][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2756.213399][T28089] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2756.237356][T28089] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2756.265245][T28089] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2756.336119][T28089] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2756.366188][   T25] hub 1-1:7.243: probe with driver hub failed with error -5
[ 2756.384485][   T25] option 1-1:7.243: GSM modem (1-port) converter detected
[ 2756.423320][T28089] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2756.442641][T28089] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2756.453328][   T25] usb 1-1: USB disconnect, device number 85
[ 2756.456130][T28089] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2756.461799][   T25] option 1-1:7.243: device disconnected
[ 2756.608908][T28255] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[ 2756.615515][T28255] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 2756.658320][T28255] vhci_hcd vhci_hcd.0: Device attached
[ 2756.720688][T28256] vhci_hcd: cannot find a urb of seqnum 3 max seqnum 3
[ 2756.797296][T13536] vhci_hcd: stop threads
[ 2756.809015][T13536] vhci_hcd: release socket
[ 2756.931255][T24218] usb 11-1: new high-speed USB device number 5 using vhci_hcd
[ 2757.111624][T13536] vhci_hcd: disconnect device
[ 2757.823865][T28255] overlayfs: missing 'lowerdir'
[ 2757.870543][   T30] audit: type=1400 audit(1720302976.784:713): avc:  denied  { mounton } for  pid=28254 comm="syz.1.5792" path="/51/file1/file0" dev="configfs" ino=1178 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 2757.922719][T26851] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2757.976663][T26851] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2758.151030][T17859] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2758.156836][T28277] ALSA: seq fatal error: cannot create timer (-22)
[ 2758.209606][T17859] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2758.223306][T28276] ALSA: seq fatal error: cannot create timer (-22)
[ 2758.244890][T28278] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5796'.
[ 2758.273440][T28278] netlink: 'syz.2.5796': attribute type 25 has an invalid length.
[ 2759.528099][T28289] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[ 2759.528099][T28289]    program syz.1.5797 not setting count and/or reply_len properly
[ 2760.539633][T28296] overlayfs: failed to resolve './bus': -2
[ 2760.946996][T28304] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2761.613173][T28307] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5801'.
[ 2762.130905][T18604] Bluetooth: hci0: command 0x0406 tx timeout
[ 2762.139436][T18604] Bluetooth: hci1: command 0x0406 tx timeout
[ 2762.145601][T24218] vhci_hcd: vhci_device speed not set
[ 2762.271910][T28315] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[ 2762.271910][T28315]    program syz.0.5802 not setting count and/or reply_len properly
[ 2762.806506][T28320] sg_write: data in/out 155/14 bytes for SCSI command 0x0-- guessing data in;
[ 2762.806506][T28320]    program syz.2.5803 not setting count and/or reply_len properly
[ 2763.570856][T21812] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[ 2764.263873][T21812] usb 5-1: descriptor type invalid, skip
[ 2764.285958][T21812] usb 5-1: config 7 has an invalid interface number: 243 but max is 3
[ 2764.329346][T21812] usb 5-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[ 2764.374494][T21812] usb 5-1: config 7 has an invalid descriptor of length 214, skipping remainder of the config
[ 2764.405391][T21812] usb 5-1: config 7 has 1 interface, different from the descriptor's value: 4
[ 2764.442841][T21812] usb 5-1: config 7 has no interface number 0
[ 2764.452126][T28335] overlayfs: missing 'lowerdir'
[ 2764.471232][T21812] usb 5-1: config 7 interface 243 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[ 2764.537197][T21812] usb 5-1: config 7 interface 243 has no altsetting 0
[ 2764.584424][T28341] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 2764.591842][T21812] usb 5-1: New USB device found, idVendor=19d2, idProduct=fff9, bcdDevice=21.6a
[ 2764.617611][T28341] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 2764.655216][T28343] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5808'.
[ 2764.665454][T28343] netlink: 'syz.2.5808': attribute type 25 has an invalid length.
[ 2764.687605][T21812] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2764.726332][T21812] usb 5-1: Product: ؏甑㱡蠥ꗈ蘵᩟
[ 2764.758034][T21812] usb 5-1: Manufacturer: ᰉ
[ 2764.784471][T21812] usb 5-1: SerialNumber:  
[ 2765.046049][T28323] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2765.061861][T28323] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2765.230002][T21812] hub 5-1:7.243: bad descriptor, ignoring hub
[ 2765.250193][T21812] hub 5-1:7.243: probe with driver hub failed with error -5
[ 2765.288563][T21812] option 5-1:7.243: GSM modem (1-port) converter detected
[ 2765.306436][T28351] ALSA: seq fatal error: cannot create timer (-22)
[ 2765.380706][T21812] usb 5-1: USB disconnect, device number 73
[ 2765.436901][T21812] option 5-1:7.243: device disconnected
[ 2767.838361][T28367] overlayfs: failed to resolve './bus': -2
[ 2768.405590][T28374] syz.1.5814 (28374): drop_caches: 1
[ 2768.842568][T28391] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2768.959792][T28374] syz.1.5814 (28374): drop_caches: 1
[ 2771.452176][T28407] overlayfs: missing 'lowerdir'
[ 2771.618473][T28410] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 2771.632105][T28410] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 2771.929804][   T30] audit: type=1326 audit(1720302990.884:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28415 comm="syz.3.5826" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1fce175bd9 code=0x0
[ 2771.981421][T21812] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[ 2772.008923][T14333] usb 2-1: new low-speed USB device number 70 using dummy_hcd
[ 2772.029972][   T30] audit: type=1400 audit(1720302990.984:715): avc:  granted  { setsecparam } for  pid=28415 comm="syz.3.5826" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 2772.304727][T14333] usb 2-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2772.328804][T21812] usb 5-1: descriptor type invalid, skip
[ 2772.381533][T14333] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 2772.400063][T21812] usb 5-1: config 7 has an invalid interface number: 243 but max is 3
[ 2772.431320][T21812] usb 5-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[ 2772.441254][T14333] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2772.465153][T21812] usb 5-1: config 7 has an invalid descriptor of length 214, skipping remainder of the config
[ 2772.475698][T14333] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2772.490241][T21812] usb 5-1: config 7 has 1 interface, different from the descriptor's value: 4
[ 2772.514589][T14333] usb 2-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2772.537234][T21812] usb 5-1: config 7 has no interface number 0
[ 2772.583234][T14333] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 2772.610260][T21812] usb 5-1: config 7 interface 243 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[ 2772.662556][T14333] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2772.679068][T21812] usb 5-1: config 7 interface 243 has no altsetting 0
[ 2772.715112][T14333] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2772.785032][T21812] usb 5-1: New USB device found, idVendor=19d2, idProduct=fff9, bcdDevice=21.6a
[ 2772.821928][T21812] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2772.842490][T14333] usb 2-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2772.868092][T21812] usb 5-1: Product: ؏甑㱡蠥ꗈ蘵᩟
[ 2772.881242][T14333] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 2772.894474][T21812] usb 5-1: Manufacturer: ᰉ
[ 2772.928802][T21812] usb 5-1: SerialNumber:  
[ 2772.966100][T14333] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2773.038632][T14333] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2773.187794][T14333] usb 2-1: string descriptor 0 read error: -22
[ 2773.205732][T14333] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 2773.206681][T28412] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2773.280909][T14333] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2773.354508][T14333] adutux 2-1:168.0: interrupt endpoints not found
[ 2773.388678][T28412] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2773.459264][T21812] hub 5-1:7.243: bad descriptor, ignoring hub
[ 2773.523262][T21812] hub 5-1:7.243: probe with driver hub failed with error -5
[ 2773.585485][T21812] option 5-1:7.243: GSM modem (1-port) converter detected
[ 2773.689234][T12629] usb 2-1: USB disconnect, device number 70
[ 2773.691224][T21812] usb 5-1: USB disconnect, device number 74
[ 2773.739292][T21812] option 5-1:7.243: device disconnected
[ 2775.312902][T28442] netlink: 212916 bytes leftover after parsing attributes in process `syz.4.5832'.
[ 2776.154989][T28435] syz.0.5830 (28435): drop_caches: 1
[ 2776.408658][T28446] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5833'.
[ 2777.313854][   T30] audit: type=1400 audit(1720302996.254:716): avc:  denied  { listen } for  pid=28445 comm="syz.4.5833" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[ 2777.804376][T28435] syz.0.5830 (28435): drop_caches: 1
[ 2778.426986][T28465] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2778.655975][   T30] audit: type=1326 audit(1720302997.614:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28472 comm="syz.0.5839" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f749b975bd9 code=0x0
[ 2778.721920][   T30] audit: type=1400 audit(1720302997.674:718): avc:  granted  { setsecparam } for  pid=28472 comm="syz.0.5839" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 2779.401400][T12629] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[ 2779.631347][T12629] usb 5-1: Using ep0 maxpacket: 8
[ 2779.643136][T12629] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2779.679651][T12629] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 2779.709780][T12629] usb 5-1: config 1 has no interface number 1
[ 2779.738227][T12629] usb 5-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[ 2779.776770][T12629] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2779.845313][T12629] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2779.873403][T12629] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2779.878381][T28486] ALSA: seq fatal error: cannot create timer (-22)
[ 2779.948690][T12629] usb 5-1: Product: syz
[ 2779.981446][T12629] usb 5-1: Manufacturer: syz
[ 2780.010348][T12629] usb 5-1: SerialNumber: syz
[ 2780.526533][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[ 2780.527876][T24218] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[ 2780.533035][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[ 2780.636970][T12629] usb 5-1: USB disconnect, device number 75
[ 2780.719320][T28492] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5843'.
[ 2780.793694][T24218] usb 2-1: descriptor type invalid, skip
[ 2780.801952][T24218] usb 2-1: config 7 has an invalid interface number: 243 but max is 3
[ 2780.820088][T24218] usb 2-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[ 2780.831781][T24218] usb 2-1: config 7 has an invalid descriptor of length 214, skipping remainder of the config
[ 2780.852617][T24218] usb 2-1: config 7 has 1 interface, different from the descriptor's value: 4
[ 2780.874233][T24218] usb 2-1: config 7 has no interface number 0
[ 2780.903376][T24218] usb 2-1: config 7 interface 243 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[ 2780.967939][T24218] usb 2-1: config 7 interface 243 has no altsetting 0
[ 2781.044619][T24218] usb 2-1: New USB device found, idVendor=19d2, idProduct=fff9, bcdDevice=21.6a
[ 2781.055745][T24218] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2781.071022][T24218] usb 2-1: Product: ؏甑㱡蠥ꗈ蘵᩟
[ 2781.087033][T24218] usb 2-1: Manufacturer: ᰉ
[ 2781.142546][T24218] usb 2-1: SerialNumber:  
[ 2781.409867][T28488] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2782.950314][T28499] netlink: 212916 bytes leftover after parsing attributes in process `syz.4.5844'.
[ 2783.372945][T28488] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2784.244045][T24218] hub 2-1:7.243: bad descriptor, ignoring hub
[ 2784.265786][T24218] hub 2-1:7.243: probe with driver hub failed with error -5
[ 2784.347906][T24218] option 2-1:7.243: GSM modem (1-port) converter detected
[ 2784.447635][T24218] usb 2-1: USB disconnect, device number 71
[ 2784.492046][T24218] option 2-1:7.243: device disconnected
[ 2784.498437][T28506] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5848'.
[ 2784.658606][T28508] ALSA: seq fatal error: cannot create timer (-22)
[ 2784.832602][T26982] Bluetooth: hci6: link tx timeout
[ 2784.838503][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2784.855604][T26982] Bluetooth: hci6: link tx timeout
[ 2784.860794][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2784.917476][T26982] Bluetooth: hci6: link tx timeout
[ 2784.923211][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2784.934902][T26982] Bluetooth: hci6: link tx timeout
[ 2784.940237][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2784.949053][T26982] Bluetooth: hci6: link tx timeout
[ 2784.957048][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2784.982825][T26982] Bluetooth: hci6: link tx timeout
[ 2784.992821][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.002837][T26982] Bluetooth: hci6: link tx timeout
[ 2785.008092][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.034479][T26982] Bluetooth: hci6: link tx timeout
[ 2785.039884][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.049969][T26982] Bluetooth: hci6: link tx timeout
[ 2785.055395][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.082904][T26982] Bluetooth: hci6: link tx timeout
[ 2785.093218][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.102255][T26982] Bluetooth: hci6: link tx timeout
[ 2785.107519][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.116350][T26982] Bluetooth: hci6: link tx timeout
[ 2785.122431][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.132105][T26982] Bluetooth: hci6: link tx timeout
[ 2785.137503][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.165165][T26982] Bluetooth: hci6: link tx timeout
[ 2785.170378][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.186883][T26982] Bluetooth: hci6: link tx timeout
[ 2785.197679][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.205857][T26982] Bluetooth: hci6: link tx timeout
[ 2785.212199][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.283687][T26982] Bluetooth: hci6: link tx timeout
[ 2785.289564][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.423774][T26982] Bluetooth: hci6: link tx timeout
[ 2785.429214][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.457632][T26982] Bluetooth: hci6: link tx timeout
[ 2785.463793][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.475715][T26982] Bluetooth: hci6: link tx timeout
[ 2785.480874][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.490415][T26982] Bluetooth: hci6: link tx timeout
[ 2785.503419][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.514810][T26982] Bluetooth: hci6: link tx timeout
[ 2785.529440][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.656343][T26982] Bluetooth: hci6: link tx timeout
[ 2785.661841][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.706017][T26982] Bluetooth: hci6: link tx timeout
[ 2785.711310][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2785.833906][T26982] Bluetooth: hci6: link tx timeout
[ 2785.839699][T26982] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa
[ 2786.176819][   T30] audit: type=1326 audit(1720303005.124:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28522 comm="syz.1.5851" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe811f75bd9 code=0x0
[ 2786.281988][   T30] audit: type=1400 audit(1720303005.234:720): avc:  granted  { setsecparam } for  pid=28522 comm="syz.1.5851" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 2786.440422][T28533] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5850'.
[ 2786.924124][T26982] Bluetooth: hci6: command 0x0406 tx timeout
[ 2786.997636][T28534] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2787.082434][T28514] overlayfs: failed to resolve './bus': -2
[ 2787.751797][T26980] Bluetooth: hci0: SCO packet for unknown connection handle 0
[ 2787.845450][T21812] usb 4-1: new high-speed USB device number 94 using dummy_hcd
[ 2788.511378][T26980] Bluetooth: hci0: SCO packet for unknown connection handle 2096
[ 2788.601461][   T30] audit: type=1326 audit(1720303007.474:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28540 comm="syz.1.5854" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe811f75bd9 code=0x0
[ 2788.781203][T21812] usb 4-1: Using ep0 maxpacket: 8
[ 2788.789293][T21812] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2788.800890][T21812] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 2788.819084][T21812] usb 4-1: config 1 has no interface number 1
[ 2788.830837][T21812] usb 4-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[ 2788.871707][T21812] usb 4-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2788.900540][T21812] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2788.909781][T21812] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2788.918488][T21812] usb 4-1: Product: syz
[ 2788.925348][T21812] usb 4-1: Manufacturer: syz
[ 2788.931549][T21812] usb 4-1: SerialNumber: syz
[ 2789.927159][T17398] usb 4-1: USB disconnect, device number 94
[ 2791.215407][T28578] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5862'.
[ 2792.027000][T26982] Bluetooth: hci6: unexpected event for opcode 0x0c14
[ 2792.296252][   T30] audit: type=1326 audit(1720303011.254:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28583 comm="syz.4.5864" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9348375bd9 code=0x0
[ 2792.430653][T28587] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5865'.
[ 2792.453265][   T30] audit: type=1400 audit(1720303011.304:723): avc:  granted  { setsecparam } for  pid=28583 comm="syz.4.5864" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 2794.490075][T28606] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2794.700833][   T30] audit: type=1326 audit(1720303013.644:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28598 comm="syz.4.5867" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9348375bd9 code=0x0
[ 2794.723839][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2794.741904][T28610] netlink: 96 bytes leftover after parsing attributes in process `syz.1.5870'.
[ 2794.850104][   T25] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[ 2795.064041][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[ 2795.094241][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0
[ 2795.413942][   T25] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 2795.484568][T28618] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5873'.
[ 2795.783333][   T25] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 2795.818478][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2795.854027][   T25] usb 1-1: config 0 descriptor??
[ 2796.491870][   T25] plantronics 0003:047F:FFFF.0016: No inputs registered, leaving
[ 2796.619985][   T25] plantronics 0003:047F:FFFF.0016: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[ 2796.855149][   T25] usb 1-1: USB disconnect, device number 86
[ 2797.758524][   T30] audit: type=1326 audit(1720303016.704:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28632 comm="syz.2.5877" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f611fb75bd9 code=0x0
[ 2798.254234][   T30] audit: type=1400 audit(1720303017.214:726): avc:  granted  { setsecparam } for  pid=28632 comm="syz.2.5877" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 2799.185298][T28637] overlayfs: failed to resolve './bus': -2
[ 2799.334685][T28661] netlink: 96 bytes leftover after parsing attributes in process `syz.1.5883'.
[ 2800.452060][T28675] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5884'.
[ 2801.008276][T28649] overlayfs: failed to resolve './bus': -2
[ 2801.725480][T28679] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2802.988086][T28693] netlink: 212916 bytes leftover after parsing attributes in process `syz.3.5889'.
[ 2803.771673][ T5166] usb 3-1: new high-speed USB device number 99 using dummy_hcd
[ 2803.945355][   T30] audit: type=1326 audit(1720303022.894:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28697 comm="syz.3.5891" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1fce175bd9 code=0x0
[ 2804.013275][ T5166] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[ 2804.037722][ T5166] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0
[ 2804.073349][   T30] audit: type=1400 audit(1720303023.014:728): avc:  granted  { setsecparam } for  pid=28697 comm="syz.3.5891" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 2804.101150][T28702] fuse: Unknown parameter '�_i'
[ 2804.111300][ T5166] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 2804.137017][ T5166] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 2804.150286][ T5166] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2804.165268][ T5166] usb 3-1: config 0 descriptor??
[ 2804.698928][ T5166] plantronics 0003:047F:FFFF.0017: No inputs registered, leaving
[ 2804.757367][ T5166] plantronics 0003:047F:FFFF.0017: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 2805.221729][T28707] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5894'.
[ 2806.226251][   T25] usb 3-1: USB disconnect, device number 99
[ 2806.905576][T28718] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5896'.
[ 2809.697939][T28744] netlink: 212916 bytes leftover after parsing attributes in process `syz.3.5901'.
[ 2810.588230][   T30] audit: type=1326 audit(1720303029.544:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28739 comm="syz.4.5903" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9348375bd9 code=0x0
[ 2810.663887][   T30] audit: type=1400 audit(1720303029.604:730): avc:  granted  { setsecparam } for  pid=28739 comm="syz.4.5903" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 2812.275513][T28761] netlink: 96 bytes leftover after parsing attributes in process `syz.3.5906'.
[ 2812.880150][T28771] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5909'.
[ 2814.874780][T28775] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2815.823960][T28783] overlayfs: failed to resolve './bus': -2
[ 2815.832961][   T30] audit: type=1326 audit(1720303034.784:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28785 comm="syz.1.5914" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe811f75bd9 code=0x0
[ 2817.175498][   T30] audit: type=1326 audit(1720303036.124:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28808 comm="syz.2.5917" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f611fb75bd9 code=0x0
[ 2817.286564][   T30] audit: type=1400 audit(1720303036.204:733): avc:  granted  { setsecparam } for  pid=28808 comm="syz.2.5917" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 2818.179214][T28815] netlink: 96 bytes leftover after parsing attributes in process `syz.2.5919'.
[ 2818.516397][T26980] Bluetooth: hci2: command 0x0406 tx timeout
[ 2818.722432][T28822] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5921'.
[ 2818.762215][T28819] ALSA: seq fatal error: cannot create timer (-22)
[ 2818.896913][T28824] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[ 2818.903520][T28824] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 2818.916331][T28824] vhci_hcd vhci_hcd.0: Device attached
[ 2819.231486][T17398] usb 10-1: SetAddress Request (106) to port 0
[ 2819.240719][T17398] usb 10-1: new SuperSpeed USB device number 106 using vhci_hcd
[ 2819.872964][T28825] vhci_hcd: connection reset by peer
[ 2819.890122][T17859] vhci_hcd: stop threads
[ 2819.904979][T17859] vhci_hcd: release socket
[ 2819.961479][T17859] vhci_hcd: disconnect device
[ 2820.784979][T28837] syz.1.5922 (28837): drop_caches: 1
[ 2820.794691][T28845] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2821.120565][T28850] ALSA: seq fatal error: cannot create timer (-22)
[ 2821.651238][T12629] usb 2-1: new low-speed USB device number 72 using dummy_hcd
[ 2822.060745][T12629] usb 2-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2822.090214][T12629] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 2822.114201][T12629] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2822.146054][T12629] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2822.692619][T12629] usb 2-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2822.816603][T12629] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 2823.016397][T12629] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2823.048470][T12629] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2823.154239][T12629] usb 2-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2823.241252][T12629] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 2823.305754][T12629] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2823.347669][T12629] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2823.434800][T12629] usb 2-1: string descriptor 0 read error: -22
[ 2823.476582][T12629] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 2823.539756][T12629] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2823.624889][T12629] adutux 2-1:168.0: interrupt endpoints not found
[ 2823.980577][T12629] usb 2-1: USB disconnect, device number 72
[ 2824.285613][T17398] usb 10-1: device descriptor read/8, error -110
[ 2824.783349][T17398] usb usb10-port1: attempt power cycle
[ 2825.130600][T28891] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5935'.
[ 2825.161985][T28875] overlayfs: failed to resolve './bus': -2
[ 2825.584239][T28893] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[ 2825.590925][T28893] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 2825.639821][T28893] vhci_hcd vhci_hcd.0: Device attached
[ 2825.692656][T17398] usb usb10-port1: unable to enumerate USB device
[ 2825.981450][ T5166] usb 14-1: SetAddress Request (91) to port 0
[ 2826.003968][ T5166] usb 14-1: new SuperSpeed USB device number 91 using vhci_hcd
[ 2826.435453][T28894] vhci_hcd: connection reset by peer
[ 2826.488371][T13536] vhci_hcd: stop threads
[ 2826.524658][T13536] vhci_hcd: release socket
[ 2826.591406][T13536] vhci_hcd: disconnect device
[ 2826.832818][T28908] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2827.220196][T28913] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5940'.
[ 2827.389162][T28907] syz.0.5938 (28907): drop_caches: 1
[ 2829.254594][T28934] ALSA: seq fatal error: cannot create timer (-22)
[ 2830.710807][T28942] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5947'.
[ 2831.161624][ T5166] usb 14-1: device descriptor read/8, error -110
[ 2831.876517][ T5166] usb usb14-port1: attempt power cycle
[ 2831.941241][T28953] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5948'.
[ 2832.593133][ T5166] usb usb14-port1: unable to enumerate USB device
[ 2832.641712][T17398] usb 2-1: new low-speed USB device number 73 using dummy_hcd
[ 2832.731305][   T25] usb 1-1: new high-speed USB device number 87 using dummy_hcd
[ 2832.765486][T28962] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[ 2832.772263][T28962] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 2832.828176][T17398] usb 2-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2832.840723][T28962] vhci_hcd vhci_hcd.0: Device attached
[ 2832.922204][T17398] usb 2-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2832.954139][   T25] usb 1-1: descriptor type invalid, skip
[ 2832.989618][   T25] usb 1-1: config 7 has an invalid interface number: 243 but max is 3
[ 2833.043928][   T25] usb 1-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[ 2833.050966][T17398] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2833.118277][   T25] usb 1-1: config 7 contains an unexpected descriptor of type 0x1, skipping
[ 2833.156474][   T25] usb 1-1: config 7 has an invalid descriptor of length 54, skipping remainder of the config
[ 2833.179765][T17398] usb 2-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2833.230453][   T25] usb 1-1: config 7 has 1 interface, different from the descriptor's value: 4
[ 2833.262824][   T25] usb 1-1: config 7 has no interface number 0
[ 2833.280585][T17398] usb 2-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2833.289982][   T25] usb 1-1: config 7 interface 243 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[ 2833.291966][ T5166] usb 16-1: SetAddress Request (118) to port 0
[ 2833.362455][T17398] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2833.376460][ T5166] usb 16-1: new SuperSpeed USB device number 118 using vhci_hcd
[ 2833.398769][T17398] usb 2-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2833.434625][T17398] usb 2-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2833.448278][   T25] usb 1-1: config 7 interface 243 has no altsetting 0
[ 2833.492397][T17398] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2833.503965][   T25] usb 1-1: New USB device found, idVendor=19d2, idProduct=fff9, bcdDevice=21.6a
[ 2833.540904][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2833.594360][T17398] usb 2-1: string descriptor 0 read error: -22
[ 2833.605438][   T25] usb 1-1: Product: ؏甑㱡蠥ꗈ蘵᩟
[ 2833.638025][T28963] vhci_hcd: connection reset by peer
[ 2833.644603][T17398] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 2833.692324][   T25] usb 1-1: Manufacturer: ᰉ
[ 2833.697050][   T25] usb 1-1: SerialNumber:  
[ 2833.697639][T17854] vhci_hcd: stop threads
[ 2833.706827][T17854] vhci_hcd: release socket
[ 2833.715091][T17398] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2833.730313][T17854] vhci_hcd: disconnect device
[ 2833.849786][T17398] adutux 2-1:168.0: interrupt endpoints not found
[ 2834.056906][T28957] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2834.088121][T28957] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2834.175517][T28975] syz.2.5953 (28975): drop_caches: 1
[ 2834.203359][   T25] hub 1-1:7.243: bad descriptor, ignoring hub
[ 2834.209489][   T25] hub 1-1:7.243: probe with driver hub failed with error -5
[ 2834.236168][T12629] usb 2-1: USB disconnect, device number 73
[ 2834.289557][   T25] option 1-1:7.243: GSM modem (1-port) converter detected
[ 2834.423862][   T25] usb 1-1: USB disconnect, device number 87
[ 2834.436001][   T25] option 1-1:7.243: device disconnected
[ 2834.893829][T28989] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2835.101295][T12629] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[ 2835.301601][T12629] usb 5-1: Using ep0 maxpacket: 8
[ 2835.316027][T12629] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2835.340803][T12629] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 2835.351971][T12629] usb 5-1: config 1 has no interface number 1
[ 2835.373410][T12629] usb 5-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[ 2835.387979][T12629] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2835.490021][T12629] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2835.501927][T12629] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2835.528937][T12629] usb 5-1: Product: syz
[ 2835.541317][T12629] usb 5-1: Manufacturer: syz
[ 2835.554636][T12629] usb 5-1: SerialNumber: syz
[ 2836.256819][T29003] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5962'.
[ 2837.812052][T12629] usb 5-1: USB disconnect, device number 76
[ 2838.451952][ T5166] usb 16-1: device descriptor read/8, error -110
[ 2838.560693][T29021] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[ 2838.567257][T29021] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 2838.655388][T29021] vhci_hcd vhci_hcd.0: Device attached
[ 2838.918017][ T5166] usb usb16-port1: attempt power cycle
[ 2838.954298][T29018] syz.3.5966 (29018): drop_caches: 1
[ 2838.980639][   T25] usb 14-1: SetAddress Request (95) to port 0
[ 2839.010615][   T25] usb 14-1: new SuperSpeed USB device number 95 using vhci_hcd
[ 2839.172608][T29030] 9pnet_fd: Insufficient options for proto=fd
[ 2839.341755][T29022] vhci_hcd: connection reset by peer
[ 2839.400314][T26854] vhci_hcd: stop threads
[ 2839.414982][T26854] vhci_hcd: release socket
[ 2839.432477][T26854] vhci_hcd: disconnect device
[ 2839.693913][ T5166] usb usb16-port1: unable to enumerate USB device
[ 2840.486625][T17398] usb 4-1: new high-speed USB device number 95 using dummy_hcd
[ 2840.734519][T17398] usb 4-1: descriptor type invalid, skip
[ 2840.771560][T17398] usb 4-1: config 7 has an invalid interface number: 243 but max is 3
[ 2840.826769][T17398] usb 4-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[ 2840.907880][T17398] usb 4-1: config 7 contains an unexpected descriptor of type 0x1, skipping
[ 2841.135424][T17398] usb 4-1: config 7 has an invalid descriptor of length 54, skipping remainder of the config
[ 2841.166356][T17398] usb 4-1: config 7 has 1 interface, different from the descriptor's value: 4
[ 2841.207793][T17398] usb 4-1: config 7 has no interface number 0
[ 2841.236719][T17398] usb 4-1: config 7 interface 243 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[ 2841.311432][T17398] usb 4-1: config 7 interface 243 has no altsetting 0
[ 2841.341977][T17398] usb 4-1: New USB device found, idVendor=19d2, idProduct=fff9, bcdDevice=21.6a
[ 2841.374997][T17398] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2841.432836][T17398] usb 4-1: Product: ؏甑㱡蠥ꗈ蘵᩟
[ 2841.457614][T17398] usb 4-1: Manufacturer: ᰉ
[ 2841.481539][T17398] usb 4-1: SerialNumber:  
[ 2841.604557][T29052] syz_tun: entered promiscuous mode
[ 2841.645049][T29054] netlink: 'syz.0.5975': attribute type 3 has an invalid length.
[ 2841.655509][T29054] netlink: 130984 bytes leftover after parsing attributes in process `syz.0.5975'.
[ 2841.656968][T29052] batadv_slave_0: entered promiscuous mode
[ 2841.728530][T29036] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2841.741828][T29036] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2841.761210][T27220] usb 3-1: new low-speed USB device number 100 using dummy_hcd
[ 2841.786553][T17398] hub 4-1:7.243: bad descriptor, ignoring hub
[ 2841.811899][T17398] hub 4-1:7.243: probe with driver hub failed with error -5
[ 2841.847564][T17398] option 4-1:7.243: GSM modem (1-port) converter detected
[ 2841.905984][T17398] usb 4-1: USB disconnect, device number 95
[ 2841.929073][T17398] option 4-1:7.243: device disconnected
[ 2841.979642][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[ 2841.986322][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[ 2841.990966][T27220] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2842.030531][T27220] usb 3-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2842.062847][T27220] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2842.078530][T29058] kAFS: unparsable volume name
[ 2842.083172][T27220] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2842.095289][T27220] usb 3-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2842.130539][T27220] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2842.169795][T27220] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[ 2842.211032][T27220] usb 3-1: config 168 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2842.268013][T27220] usb 3-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2842.313946][T27220] usb 3-1: string descriptor 0 read error: -22
[ 2842.322029][T27220] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 2842.373965][T27220] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2842.464795][T27220] adutux 3-1:168.0: interrupt endpoints not found
[ 2947.651034][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 2947.658160][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P14295/1:b..l
[ 2947.666950][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=283585, q=251 ncpus=2)
[ 2947.674803][    C0] task:kworker/u8:16   state:R  running task     stack:23200 pid:14295 tgid:14295 ppid:2      flags:0x00004000
[ 2947.688486][    C0] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
[ 2947.696537][    C0] Call Trace:
[ 2947.699920][    C0]  <TASK>
[ 2947.702906][    C0]  __schedule+0xf15/0x5d00
[ 2947.707381][    C0]  ? hlock_class+0x4e/0x130
[ 2947.711909][    C0]  ? __pfx_mark_lock+0x10/0x10
[ 2947.716717][    C0]  ? __pfx___schedule+0x10/0x10
[ 2947.721583][    C0]  ? __pfx___lock_acquire+0x10/0x10
[ 2947.727003][    C0]  ? mark_held_locks+0x9f/0xe0
[ 2947.731802][    C0]  preempt_schedule_irq+0x51/0x90
[ 2947.736890][    C0]  irqentry_exit+0x36/0x90
[ 2947.741428][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2947.747497][    C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60
[ 2947.753607][    C0] Code: be b0 01 00 00 e8 a0 ff ff ff 31 c0 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 65 48 8b 15 64 f4 75 7e 65 8b 05 65 f4 75 7e a9 00 01
[ 2947.773336][    C0] RSP: 0018:ffffc90003617b58 EFLAGS: 00000202
[ 2947.779418][    C0] RAX: 0000000000000000 RBX: ffff88804a711d28 RCX: ffffffff8aa72d1c
[ 2947.787574][    C0] RDX: ffff888079dbda00 RSI: ffffffff8aa72d06 RDI: 0000000000000005
[ 2947.795554][    C0] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000
[ 2947.803637][    C0] R10: 0000000000000001 R11: 0000000000000003 R12: dffffc0000000000
[ 2947.811725][    C0] R13: ffff888066714ca0 R14: 00000000000003a5 R15: ffff88807ca18ac0
[ 2947.819749][    C0]  ? batadv_iv_ogm_schedule_buff+0x5bc/0x1500
[ 2947.825849][    C0]  ? batadv_iv_ogm_schedule_buff+0x5a6/0x1500
[ 2947.831951][    C0]  ? batadv_iv_ogm_schedule_buff+0x5bc/0x1500
[ 2947.838046][    C0]  batadv_iv_ogm_schedule_buff+0xadb/0x1500
[ 2947.843969][    C0]  ? __pfx_batadv_iv_ogm_schedule_buff+0x10/0x10
[ 2947.850668][    C0]  ? batadv_send_skb_packet+0x56c/0x6b0
[ 2947.856272][    C0]  batadv_iv_send_outstanding_bat_ogm_packet+0x31e/0x8d0
[ 2947.863322][    C0]  process_one_work+0x9c5/0x1b40
[ 2947.868298][    C0]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 2947.873681][    C0]  ? __pfx_process_one_work+0x10/0x10
[ 2947.879066][    C0]  ? assign_work+0x1a0/0x250
[ 2947.883683][    C0]  worker_thread+0x6c8/0xf30
[ 2947.888286][    C0]  ? __kthread_parkme+0x148/0x220
[ 2947.893329][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 2947.898473][    C0]  kthread+0x2c1/0x3a0
[ 2947.902571][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2947.907814][    C0]  ? __pfx_kthread+0x10/0x10
[ 2947.912425][    C0]  ret_from_fork+0x45/0x80
[ 2947.917000][    C0]  ? __pfx_kthread+0x10/0x10
[ 2947.921627][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2947.926425][    C0]  </TASK>
[ 2947.929461][    C0] rcu: rcu_preempt kthread starved for 10313 jiffies! g283585 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 2947.940773][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 2947.950749][    C0] rcu: RCU grace-period kthread stack dump:
[ 2947.956657][    C0] task:rcu_preempt     state:R  running task     stack:27200 pid:17    tgid:17    ppid:2      flags:0x00004000
[ 2947.968403][    C0] Call Trace:
[ 2947.971687][    C0]  <TASK>
[ 2947.974621][    C0]  __schedule+0xf15/0x5d00
[ 2947.979067][    C0]  ? __pfx___lock_acquire+0x10/0x10
[ 2947.984293][    C0]  ? __pfx___schedule+0x10/0x10
[ 2947.989173][    C0]  ? schedule+0x298/0x350
[ 2947.993532][    C0]  ? __pfx_lock_release+0x10/0x10
[ 2947.998575][    C0]  ? __pfx___mod_timer+0x10/0x10
[ 2948.003544][    C0]  ? lock_acquire+0x1b1/0x560
[ 2948.008262][    C0]  ? lockdep_init_map_type+0x16d/0x7d0
[ 2948.013781][    C0]  schedule+0xe7/0x350
[ 2948.017865][    C0]  schedule_timeout+0x136/0x2a0
[ 2948.022737][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 2948.028150][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 2948.033471][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 2948.039288][    C0]  ? prepare_to_swait_event+0xf0/0x470
[ 2948.044772][    C0]  rcu_gp_fqs_loop+0x1eb/0xb00
[ 2948.049553][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 2948.054859][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 2948.060092][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 2948.065912][    C0]  rcu_gp_kthread+0x271/0x380
[ 2948.070609][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 2948.075829][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2948.081054][    C0]  ? __kthread_parkme+0x148/0x220
[ 2948.086127][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 2948.091348][    C0]  kthread+0x2c1/0x3a0
[ 2948.096046][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2948.101260][    C0]  ? __pfx_kthread+0x10/0x10
[ 2948.105883][    C0]  ret_from_fork+0x45/0x80
[ 2948.110339][    C0]  ? __pfx_kthread+0x10/0x10
[ 2948.114973][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2948.119835][    C0]  </TASK>
[ 2948.122882][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 2948.129270][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 2948.134524][    C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x1a/0x20
[ 2956.690463][T26980] Bluetooth: hci6: command 0x0406 tx timeout