last executing test programs:

7.888268419s ago: executing program 4 (id=4051):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x1de)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
timer_create(0xfffffffd, 0x0, &(0x7f0000000040))
clock_gettime(0x0, &(0x7f0000000000)={0x0, <r3=>0x0})
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, r3+10000000}, {0x77359400}}, 0x0)
timer_gettime(0x0, &(0x7f0000000280))
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000004c0)={@ifindex, 0xffffffffffffffff, 0x33, 0x1, 0xffffffffffffffff, @prog_fd=r1}, 0x20)
r4 = openat(0xffffffffffffff9c, 0x0, 0x442, 0x0)
write$binfmt_aout(r4, &(0x7f0000000380)=ANY=[], 0x20)
r5 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x5, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r5, 0xc1105511, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz0\x00', 0x0})
splice(r2, &(0x7f0000000040), r1, 0x0, 0x808, 0x2)
socket$netlink(0x10, 0x3, 0xa)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x220, 0x0, 0xb, 0x148, 0xf8, 0x148, 0x188, 0x242, 0x240, 0x188, 0x215, 0x3, 0x0, {[{{@ip={@broadcast, @empty, 0x0, 0x0, 'geneve1\x00', 'ipvlan0\x00'}, 0x0, 0xd0, 0xf8, 0x0, {0xff0f000000000000}, [@common=@inet=@socket1={{0x28, 'socket\x00', 0x2}}, @common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0xfffffffd}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@uncond, 0xec010000, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x280)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b36"], 0x0)
write$sequencer(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x8)
socket$can_j1939(0x1d, 0x2, 0x7)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="4800000003080500000000000000000000000000050003002100000024000480080005400000000008000440000000000800024c0000000008000740000000000600024000000000"], 0x48}}, 0x0)
fchdir(r0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x275a, 0x0)
splice(0xffffffffffffffff, &(0x7f0000000300)=0x10, 0xffffffffffffffff, &(0x7f0000000380)=0xe310, 0x9, 0x1)

6.560171142s ago: executing program 1 (id=4057):
syz_usb_connect(0x2, 0x24, &(0x7f00000003c0)={{0x12, 0x1, 0x0, 0x6b, 0xb4, 0x59, 0x10, 0x2013, 0x1faa, 0xde4d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x67, 0x0, 0x0, 0xde, 0xdc, 0xde}}]}}]}}, 0x0)
r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_CROP(r0, 0x4014563c, &(0x7f0000000000)={0x9, {0xe7ff, 0x0, 0xfe0f, 0x300}})
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r2, &(0x7f0000000100)="a7", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
shutdown(r2, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x90)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000000)={0x11, @multicast1, 0x0, 0x0, 'lblc\x00'}, 0x2c)

6.287378865s ago: executing program 0 (id=4059):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000000)={0x2, 0xfffc, @loopback}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x915d)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_open_dev$admmidi(0x0, 0x20, 0x0)
ioctl$SNDCTL_SEQ_PANIC(0xffffffffffffffff, 0x5100)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x1})
r4 = dup(r3)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
clock_gettime(0x0, &(0x7f00000019c0)={<r6=>0x0, <r7=>0x0})
unshare(0x22020600)
creat(&(0x7f00000002c0)='./file1\x00', 0x4)
unshare(0x2a020400)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1, 0x0)
r9 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r9, 0x1, &(0x7f0000000180)={0x4000, r8}, 0x0)
landlock_restrict_self(r9, 0x0)
truncate(&(0x7f0000000280)='./file1\x00', 0x1)
recvmmsg$unix(r4, &(0x7f0000003e80)=[{{&(0x7f0000000140), 0x6e, &(0x7f0000000640), 0x0, &(0x7f0000000380)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x28}}, {{0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f00000006c0)=""/234, 0xea}, {&(0x7f00000007c0)=""/137, 0x89}, {&(0x7f0000000880)=""/234, 0xea}, {&(0x7f0000000980)=""/227, 0xe3}, {&(0x7f0000000a80)=""/149, 0x95}, {&(0x7f0000000b40)=""/13, 0xd}, {&(0x7f0000000b80)=""/5, 0x5}, {&(0x7f0000000bc0)=""/104, 0x68}], 0x8, &(0x7f0000000cc0)}}, {{&(0x7f0000000d80), 0x6e, &(0x7f0000000f40)=[{&(0x7f0000000e00)=""/48, 0x30}, {&(0x7f0000000e40)=""/215, 0xd7}], 0x2, &(0x7f0000000f80)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x90}}, {{&(0x7f0000001040), 0x6e, &(0x7f0000001100)=[{&(0x7f00000010c0)=""/4, 0x4}], 0x1}}, {{&(0x7f0000001140)=@abs, 0x6e, &(0x7f0000001280)=[{&(0x7f00000011c0)=""/165, 0xa5}], 0x1, &(0x7f00000012c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xb0}}, {{&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000001440), 0x0, &(0x7f0000001480)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}}, {{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000001580)=""/107, 0x6b}, {&(0x7f0000001e80)=""/4096, 0x1000}, {&(0x7f0000001600)=""/46, 0x2e}], 0x3, &(0x7f0000001700)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x50}}, {{0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000001780)=""/136, 0x88}, {&(0x7f0000001840)=""/48, 0x30}, {&(0x7f0000002e80)=""/4096, 0x1000}, {&(0x7f0000000500)=""/146, 0x92}, {&(0x7f0000000400)=""/216, 0xd8}, {&(0x7f0000001b40)=""/196, 0xc4}], 0x6, &(0x7f0000001c40)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}}], 0x8, 0x22, &(0x7f0000001d40)={r6, r7+60000000})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r5, 0xae9a)

5.18531718s ago: executing program 0 (id=4063):
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000140)={0xc})
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x70bd2b, 0x25dfdbff, {{@in=@local, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x2, 0x0, 0x3, 0x0, 0xa, 0x60, 0x0, 0x2, 0x0, 0xee01}, {0x3, 0x40}, {}, 0x0, 0x40000000}}, 0xb8}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffb000/0x2000)=nil, 0x2000}, 0x2})
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x2000})
ioctl$UFFDIO_COPY(r2, 0xc028aa05, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r4, &(0x7f00000005c0)={&(0x7f0000000180), 0x1, &(0x7f00000001c0)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="01000000000000000800000000220000", @ANYRES64=0x0, @ANYRES64=0xea60, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001000000006e03ff95"], 0x38}, 0x2}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000900)={0x1, &(0x7f00000008c0)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
preadv(r3, &(0x7f0000000100)=[{&(0x7f00000005c0)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/39, 0x27}], 0x2, 0xfffffff8, 0x2)

4.75243751s ago: executing program 4 (id=4064):
getpgrp(0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x80000018})
write$tun(r0, &(0x7f0000000080)=ANY=[], 0xfdef)

4.751584883s ago: executing program 1 (id=4065):
r0 = memfd_create(&(0x7f0000000580)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2>\xa1\x9c\x86x\x1c\x9f\x97\x87\xd9c\xecR\xd6\xe8\xf3Y\x12\"p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x00M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xb0\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8\x19\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO]\xa8}\xec\xb3\xb3\xd4\b`\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fl\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \xe2\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2t\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xeb\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xaf\tC\x1cq\xaa\x92,Li\r\x95Z\x89\"\xaf]\x95\xb9b_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa58\xf5\x18x\xc9\xb9\x03\t\x06\x96g\x8a5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0\x1f\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca\x00'/975, 0x0)
write(r0, &(0x7f0000000140)='/', 0x1)
sendfile(r0, r0, &(0x7f0000001000), 0xfec)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x100000c, 0x11, r0, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)

4.635693782s ago: executing program 4 (id=4066):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYBLOB="00000000000000001c0012800b00010062726964676500000c0002800500160002000000"], 0x3c}}, 0x4010)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000380)={{0x1, 0x1, 0x18, r0, {<r1=>0x0}}, './file0\x00'})
r2 = add_key$keyring(&(0x7f0000000500), 0x0, 0x0, 0x0, 0xfffffffffffffffa)
keyctl$get_persistent(0x16, r1, r2)
prlimit64(0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180), 0x40, 0x0)
unshare(0x400)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = socket(0x1a, 0xa, 0x9)
unshare(0x8040080)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r4, 0x84, 0x65, &(0x7f0000000000)=[@in6={0xa, 0x4e21, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x101}], 0x1c)
setrlimit(0x9, &(0x7f0000000080)={0x0, 0x1000})
r5 = getpid()
sched_setscheduler(r5, 0x0, &(0x7f0000000100))
ioprio_get$pid(0x3, r5)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x10, 0x7a, 0x4, 0xc00, r3, 0x3, '\x00', 0x0, r3, 0x2, 0x5, 0x0, 0xe}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r7)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))

4.369250737s ago: executing program 0 (id=4068):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x8, 0x4, &(0x7f0000000100)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x4, 0xa2, &(0x7f00000002c0)=""/162}, 0x90)
syz_emit_ethernet(0xa6, &(0x7f0000000000)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x70, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x3, 0xa, "bd3e6d4706598080a80300378927fc503b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0302"}, {0x0, 0x1, "000000050000000026000400"}]}}}}}}, 0x0) (async, rerun: 32)
r1 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 32)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8, 0x8, 0xffffa888}, @IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x7}]}}}]}, 0x44}}, 0x0) (async)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
flock(r3, 0x6) (async)
flock(r2, 0x6) (async)
ioctl$F2FS_IOC_DEFRAGMENT(r0, 0xc010f508, &(0x7f0000000000)={0xa1, 0x8200000000000000}) (async)
socket$tipc(0x1e, 0x5, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.controllers\x00', 0x275a, 0x0) (async)
r5 = socket$alg(0x26, 0x5, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000009440)=[{{&(0x7f0000000300)=@l2tp={0x2, 0x0, @multicast2}, 0x80, 0x0}, 0x1}, {{&(0x7f00000007c0)=@un=@abs, 0x80, 0x0, 0x0, &(0x7f0000001f40)=""/208, 0xd0}, 0x2b3c}], 0x2, 0x2, 0x0) (async)
bind$alg(r5, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-generic\x00'}, 0x58) (async)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmmsg$unix(r6, &(0x7f0000005400)=[{{0x0, 0x8, &(0x7f0000000ac0)=[{&(0x7f0000000080)="3b464c3bcd2bd7d2b1a92eca79c286a06dffdfeb623ea9e40a2c95cd702350d944237596556c9479bf1521276d845eb45d2cd8e6380fc6ce9c3451c4c197909a89cc640607df2e7a07", 0x1c62e}, {&(0x7f0000000180)="fa302c5276f60e090ecdcd2ab8152552e0ec74a69db872f09ac999fb27496391dbf3d0bc94611c29a7ddbe0b2b272911544465bb22aa", 0x36}, {&(0x7f00000002c0)="87c3752dd3dafc", 0x7}], 0x3, 0x0, 0x0, 0x10}}], 0x4000000000001ee, 0x0) (async, rerun: 64)
r7 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0) (rerun: 64)
syz_usb_control_io(r7, 0x0, 0x0) (async)
syz_usb_control_io(r7, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ecm(r7, 0x0, &(0x7f0000002080)={0x1c, &(0x7f0000000380)=ANY=[@ANYBLOB="00000000fc00d70aefb786862bf97435fe43e998"], 0x0, 0x0})
close(r4)
ioctl$SNDCTL_DSP_STEREO(r4, 0xc0045003, &(0x7f0000000100)=0x1)

4.092971406s ago: executing program 1 (id=4070):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x280, 0xa, 0xfffbff7f, 0x0, 0x0, 0x180, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})

3.866470025s ago: executing program 1 (id=4071):
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xffffffffffffbf3d}, 0xc)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f00000000c0)=ANY=[], 0x0)
ioctl$BTRFS_IOC_SCRUB(r0, 0x541b, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)

3.865251698s ago: executing program 0 (id=4072):
add_key$user(&(0x7f0000000200), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
keyctl$clear(0x3, 0xfffffffffffffffc)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f00000001c0)={'syz', 0x2}, &(0x7f0000000200)='\x00\xb2\xd1)\xda\xff|\xd1\x85b\xad77\x00\fJ\xfc\xb4\x1e\xae\xe8:`\xe9\x9ew\xf5l\xee\x8dg\xc2\'\x88\xe9\xf3\x05\xe02\xe6\v_\xe9\x89\x86s\x8dh#$\xe4\xb1\xd0\x93\xceh\xfcsP)\xd9\xce\x19+?\xc6\xf7\xc0[G\x15\xde-x\xa9\xe5,\xec\xf6\xfb\xc9~2\xa1\xeb\xb3Pp\x93\x90\x17\xb2\x95\xe7\r\xae^\x92n\xbd\xf3\xb1\xac\xe3sf\xc9X\x05j:\xb6~\xa6#\xbf\x06t\xf2\xb5gd\xd7\xcc\"A_\xecu\xe8<dR}\x8e\b\x16\x8c\xa6\x01\x11\x97S\x99k\x1e\x03\x8e\xea\v}+\".\xda,\xfe\xb7\xbf\x01T\x99\xbdF\xd4\x925[\xd1\xeb\xdf\x98\xfa\xb0\x93\xc3>\x84\xe3\x92J\xaa!\xae\xa2\xd7\xf3\xc6J\xb9i\x9d\xb4{\xee\xf0|\xd9\x05\xaa\xbb\xfe\x12\xa0\xbb\xecY\x0f \xa3\xba?#\x90\x8c,nNQ<pCoa\xf2\xd1\x96\x8f\xf3>\xa1\xed', 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = syz_io_uring_setup(0x239, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(r2, 0x2def, 0x0, 0x0, 0x0, 0x0)
listen(r0, 0x6)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
fcntl$getownex(r1, 0x10, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_emit_vhci(0x0, 0x7)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x4}}}}]}]}, 0x70}}, 0x20040000)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r8], 0x90}}, 0x0)

3.685541582s ago: executing program 3 (id=4073):
syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), r1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x20000, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x2c, r2, 0x1, 0x0, 0x0, {0x28}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}]}]}, 0x2c}}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000340)={{0x0, 0x1}, {0x7, 0x1f}, 0x0, 0x5, 0x2})
r5 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
dup(r5)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
r7 = memfd_secret(0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_KEY(r7, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x38, r8, 0x10, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0xf, 0x1e}}}}, [@NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "a37fb00296"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000}, 0x0)
ioctl$PPPIOCCONNECT(r7, 0x4004743a, &(0x7f0000000200)=0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r7, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast2, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}}, {{@in=@loopback}, 0x0, @in6=@mcast1}}, 0xe8)
socket$igmp6(0xa, 0x3, 0x2)

3.491794271s ago: executing program 0 (id=4075):
socket$kcm(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x9)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x8, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1}}]}}, &(0x7f0000000040)={0x0, 0x0, 0xf, 0x0})
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = syz_open_dev$usbfs(&(0x7f0000000280), 0x8, 0x20000)
ioctl$USBDEVFS_CONTROL(r2, 0xc0105500, &(0x7f0000000040)={0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x84, &(0x7f0000000140)={<r3=>0x0, @in6={{0xa, 0x4e22, 0x0, @empty}}}, &(0x7f0000000200)=0x90)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240), 0x0)
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_CHILD_SUBREAPER(0x24, 0x1)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES64, @ANYRESDEC=r3])
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000400)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4}}, 0x50)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r5 = socket(0x1e, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$bt_hci(r5, 0x84, 0x3, &(0x7f0000000480)=""/4067, &(0x7f0000002f00)=0xfe3)
socket$vsock_stream(0x28, 0x1, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x10ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r7, 0xc04064aa, &(0x7f0000005000)={0x0, 0x0})
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
getsockopt$inet_sctp_SCTP_RECVNXTINFO(r8, 0x84, 0x21, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
ioctl$AUTOFS_IOC_CATATONIC(r7, 0x9362, 0x0)

3.37058374s ago: executing program 4 (id=4076):
socket$l2tp(0x2, 0x2, 0x73)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406d041bc7000000000001090224000100000000090400000103000000092100000001220700090581"], 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$F2FS_IOC_DEFRAGMENT(0xffffffffffffffff, 0xc010f508, &(0x7f0000000040)={0xb5a2, 0xcf30})
r2 = socket$inet(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x10)
sendto$inet(r2, 0x0, 0x0, 0x8004, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$inet(r2, &(0x7f00000023c0)=[{{&(0x7f0000000280)={0x2, 0x4e22, @multicast2}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000180)="41dc6c46ef2e17ee32be", 0xa}], 0x1}}], 0x1, 0x0)
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000000c0), 0x4000, 0x0)
pipe2$watch_queue(&(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x4)
r6 = socket$inet6(0xa, 0x1, 0x0)
r7 = dup2(r6, r6)
r8 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'veth0_vlan\x00', <r9=>0x0})
ioctl$sock_inet6_SIOCDELRT(r7, 0x890c, &(0x7f0000000640)={@remote, @loopback, @remote, 0x0, 0x40, 0x0, 0x0, 0x0, 0x40100042, r9})
r10 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000004c0), 0x4)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000600)={{0xffffffffffffffff, <r11=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)='%pI4   \x00'}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x22, &(0x7f00000002c0)=@raw=[@btf_id={0x18, 0x2, 0x3, 0x0, 0x2}, @jmp={0x5, 0x1, 0x2, 0x5, 0xb, 0x100}, @call={0x85, 0x0, 0x0, 0x14}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @map_fd={0x18, 0xa, 0x1, 0x0, r4}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x1}], &(0x7f0000000400)='GPL\x00', 0x6db, 0x79, &(0x7f0000000440)=""/121, 0x41000, 0x22, '\x00', r9, 0x0, r10, 0x8, &(0x7f0000000500)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000540)={0x5, 0x0, 0x7, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[r11], 0x0, 0x10, 0xb26}, 0x90)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x7d)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r12 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r12, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

3.239540958s ago: executing program 3 (id=4077):
socket$inet_udplite(0x2, 0x2, 0x88)
creat(&(0x7f0000000200)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001900010000e7000000000000e00000020000000000000000000000000000008000000000000000000000000100000000000000000a0000"], 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}, 0x1, 0x3000000}, 0x0)

3.048129895s ago: executing program 3 (id=4079):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
r0 = socket(0x1, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
sendfile(r3, r2, 0x0, 0x1000)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000200)={'wlan0\x00', &(0x7f0000000100)=@ethtool_eee={0x25, 0x0, 0x0, 0x0, 0x0, 0x100}})
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="7f00000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x0)

2.762362793s ago: executing program 2 (id=4081):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1, 0x4, 0x4, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000000)={'syztnl1\x00', &(0x7f0000000140)={'syztnl0\x00', <r2=>0x0, 0x29, 0x4, 0x4, 0x9, 0x56, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x10, 0x8, 0x4, 0x5}})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$vcs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r7, 0x8933, &(0x7f0000000100)={'wg2\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, &(0x7f0000000240))
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000001004d564b00000000af"])
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000880)={'bridge_slave_0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000006c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000001c000702080000000000000007000000", @ANYRES32=r8, @ANYBLOB="4000cc000a000200aaaaaaaaaa0c"], 0x28}}, 0x0)
r10 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000027c0)}, 0x0)
r11 = socket$kcm(0x10, 0x3, 0x10)
r12 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r12, 0xc0d05605, &(0x7f0000000000)={0x2, @pix={0x0, 0x0, 0x59455247}})
ioctl$vim2m_VIDIOC_REQBUFS(r12, 0xc0145608, &(0x7f0000000100)={0x10001, 0x2, 0x2})
ioctl$vim2m_VIDIOC_STREAMOFF(r12, 0x40045612, &(0x7f0000000140)=0x2)
sendmsg$kcm(r11, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030031000b12d25a80648c2594f90324fc601006034002200600053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f00000000c0)={'gretap0\x00', &(0x7f0000000300)={'syztnl0\x00', r2, 0x8000, 0x20, 0x7, 0x5, {{0x10, 0x4, 0x0, 0x5, 0x40, 0x67, 0x0, 0x1, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x16}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x7, 0x25, [@empty]}, @noop, @timestamp_prespec={0x44, 0x24, 0x11, 0x3, 0x8, [{@loopback, 0x5}, {@empty, 0x2}, {@local, 0x3}, {@dev={0xac, 0x14, 0x14, 0x35}, 0x9}]}]}}}}})
bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f00000001c0)={r0, &(0x7f00000003c0)=',', 0x0}, 0x20)

2.597910588s ago: executing program 3 (id=4082):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000001f80), 0x2, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="42000000010000000000000000000000000000000000000021"], 0x42)

2.497019493s ago: executing program 3 (id=4083):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4, @local}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x2d, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000500)={@broadcast, @remote, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "f7d8ff", 0x10, 0x3c, 0x0, @rand_addr=' \x01\x00', @mcast2, {[], {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0)

2.399996755s ago: executing program 2 (id=4084):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @loopback}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005400)=[{{0x0, 0x80101, &(0x7f0000000240)=[{&(0x7f00000037c0)='/', 0x8031e}], 0x1}}, {{0x0, 0x0, &(0x7f0000003d80)=[{&(0x7f0000003ac0)="bb"}], 0x218, 0x0, 0x0, 0x241}}, {{0x0, 0x2c, &(0x7f0000004200)=[{&(0x7f0000003e80)='Z', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000005380)=[{&(0x7f00000001c0)="81", 0x1}], 0x1}}], 0x4, 0x60cd894)

2.224062185s ago: executing program 3 (id=4085):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000500))
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000003c0)=""/75, 0x0})
r2 = dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x0, r2}) (async)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x0, r2})
ioctl$VHOST_NET_SET_BACKEND(r0, 0xaf02, 0x0)
write(r2, &(0x7f0000000200)="20be9bd01c71654f3b6443f9d649e4e8d6976383f6e517c35a80b694c865789925f6e0371ebbbda0628b437ce0cff67ecb17dc7cfde18a1f9e3bff760551e34d369592e52e3b6533d4e65cb355c3f21dd968e833ce5efec66327dd4bb755efe7cb321c3c888b044c73e455301be31719556b75c17f535bde0f02e52801d28d670b0acb5b543f1e968d4cb4fa39e57701827bb438272296d55c4c062bdb12718ca461e3fde8cf66034655b0079649d90e23010e5b8891375569090f58cd8e8c75d7ca43", 0xc3)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x46d, 0xc211, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r3, 0x0, 0x0) (async)
syz_usb_control_io(r3, 0x0, 0x0)
r4 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x83, 0x66, 0x7d, 0x10, 0x2040, 0x264, 0x4ed1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x90, 0xf1, 0x9c, 0x0, [], [{{0x9, 0x5, 0x84}}]}}]}}]}}, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0) (async)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io(r4, 0x0, 0x0) (async)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
add_key$keyring(0x0, &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
syz_usb_control_io$printer(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r4, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ecm(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r4, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ecm(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r4, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x0, "055b10e0"}]}}, 0x0}, 0x0) (async)
syz_usb_control_io$hid(r3, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x0, "055b10e0"}]}}, 0x0}, 0x0)

1.856452911s ago: executing program 1 (id=4086):
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000240)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000600)=ANY=[], 0xd8, 0x4010}], 0x1, 0x0) (async)
r0 = socket$inet_udp(0x2, 0x2, 0x0) (async)
r1 = socket$rds(0x15, 0x5, 0x0)
connect$rds(r1, &(0x7f0000000040)={0x2, 0x4e02, @multicast2}, 0x10) (async)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x40000000, 0x0, 0x0}, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000000180), 0x400000000000077, 0x0)

1.751893837s ago: executing program 1 (id=4087):
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$packet(0x11, 0x2, 0x300)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="04030b00c900ffffff0400000003"], 0xe)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0xfffffffc}}, {{0xa, 0x0, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
r2 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RTC_UIE_ON(r3, 0x7003)
ioctl$RTC_SET_TIME(r3, 0x4024700a, &(0x7f0000000340)={0x0, 0x23, 0xe, 0x14, 0x0, 0x4f6})
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
syz_usb_connect$uac1(0x0, 0xab, &(0x7f0000003180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x99, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{}, [@feature_unit={0x11, 0x24, 0x6, 0x0, 0x0, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @extension_unit={0x9, 0x24, 0x8, 0x0, 0x0, 0x0, "8eb5"}, @mixer_unit={0xb, 0x24, 0x4, 0x0, 0x0, "c4b8f2687011"}, @input_terminal={0xc, 0x24, 0x2, 0x4}, @output_terminal={0x9, 0x24, 0x3, 0x0, 0x0, 0x0, 0x4}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x0, 0x0, 0x0, 0x0, {0x7}}}}}}}]}}, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
connect$inet(r2, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
setresuid(0x0, 0xee00, 0xffffffffffffffff)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f0000000000)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b705000008e80000850000006900000095"], &(0x7f0000000300)='GPL\x00', 0x8}, 0x90)
sendmmsg$inet(r2, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.712329614s ago: executing program 4 (id=4088):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c0000001a00000000000000d273000002000000000000000000000085f8ec3289ca8632cbff5cd3b07d8863bbfcce0b31c1b95ad261d1b161"], 0x1c}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000000))
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000700)='ns/cgroup\x00')
setns(r3, 0x0)
arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x2)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000002c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x4d, 0x0, &(0x7f00000000c0)=0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0x2, 0x4, 0x400, 0x0, 0x108, 0x0, 0x318, 0x108, 0x318, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x108, 0x71000000, {0x15b}}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@arp={@rand_addr, @empty, 0x0, 0x0, 0x0, 0x0, {@mac=@remote}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'lo\x00', 'ip6tnl0\x00'}, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0xc0, 0xe8, 0x0, {0x1d000000}}, {0x28}}}}, 0x450)

1.472090734s ago: executing program 2 (id=4089):
socket$inet6(0xa, 0x80002, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
syz_open_dev$video(&(0x7f00000000c0), 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x200000007fff, 0x2)
syz_open_dev$video4linux(&(0x7f0000000000), 0x71, 0x0)
pselect6(0x40, &(0x7f0000000000)={0xfc}, 0x0, 0x0, 0x0, 0x0)

1.357425816s ago: executing program 2 (id=4090):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3, 0x5}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, 0x0, &(0x7f0000000340)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='kmem_cache_free\x00', r1}, 0x10)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
rseq(&(0x7f0000000500), 0x20, 0x0, 0x0)
pipe2(0x0, 0x0)
r2 = socket(0x29, 0x3, 0x0)
write(r2, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca", 0x25)
recvmmsg(r2, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x20000000, 0x4000000000003, 0x2, @thr={0x0, 0x0}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$cuse(0xffffffffffffff9c, &(0x7f0000001cc0), 0x2, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)

1.263837969s ago: executing program 4 (id=4091):
r0 = io_uring_setup(0x378e, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x7})
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="73c8"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.13908227s ago: executing program 2 (id=4092):
r0 = socket$netlink(0x10, 0x3, 0x14)
bind$netlink(r0, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x22ffffffff}, 0xc)
socket$netlink(0x10, 0x3, 0x4)
socket(0x1e, 0x1, 0x0) (async)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89001) (async)
prlimit64(0x0, 0xd, &(0x7f0000000100)={0x8}, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x8, @dev, 0x3}, 0x1c) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) (async)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$UI_DEV_DESTROY(r1, 0x5502)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000280)=0x6, 0x4)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f00000004c0)={0x0, 0x0, r6, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r5, 0xc06864ce, &(0x7f0000000440)={r7, 0xd, 0x0, 0x0, 0x0, [<r8=>0x0], [], [0x1]}) (async)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0xb, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000080)={r8, 0x0, <r9=>0xffffffffffffffff})
syz_usb_ep_write$ath9k_ep2(0xffffffffffffffff, 0x83, 0x10, &(0x7f0000000180)=@ready={0x0, 0x0, 0x8, "43900482", {0x1, 0x7f, 0xf, 0x2, 0xc0}})
ioctl$DRM_IOCTL_MODE_GETFB2(r5, 0xc06864ce, &(0x7f0000000200)={r7, 0x3, 0x800, 0x0, 0x1, [], [0x8, 0x4000], [0x7, 0xffffffff]})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r9})
close_range(r3, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

159.752742ms ago: executing program 0 (id=4093):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0x68, &(0x7f00000001c0)={@link_local, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x3, 0x0, 0x5a, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x0, [0x0]}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0x3}}}}}}, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x20d6, 0xcb17, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x8, {[@main=@item_4={0x3, 0x0, 0xb}, @main=@item_012={0x2, 0x0, 0x0, "6cb1"}]}}, 0x0}, 0x0)
socket(0x27, 0x2, 0x7b)
shutdown(0xffffffffffffffff, 0x1)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x22002)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3800003, 0x40010, 0xffffffffffffffff, 0x6bbec000)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r2, 0x0, 0x0)

0s ago: executing program 2 (id=4094):
syz_usb_connect(0x2, 0x24, &(0x7f00000003c0)={{0x12, 0x1, 0x0, 0x6b, 0xb4, 0x59, 0x10, 0x2013, 0x1faa, 0xde4d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x67, 0x0, 0x0, 0xde, 0xdc, 0xde}}]}}]}}, 0x0)
r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_CROP(r0, 0x4014563c, &(0x7f0000000000)={0x9, {0xe7ff, 0x0, 0xfe0f, 0x300}})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r1, &(0x7f0000000100)="a7", 0x1, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
shutdown(r1, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}}, &(0x7f0000000180)=0x90)

kernel console output (not intermixed with test programs):

d, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1372.189770][ T5765] usb 5-1: New USB device strings: Mfr=0, Product=162, SerialNumber=123
[ 1372.212177][ T5765] usb 5-1: Product: syz
[ 1372.222915][ T5765] usb 5-1: SerialNumber: syz
[ 1372.275275][ T5765] usb 5-1: config 0 descriptor??
[ 1372.294029][ T5765] pwc: Askey VC010 type 2 USB webcam detected.
[ 1372.502978][ T5765] pwc: send_video_command error -71
[ 1372.509191][ T5765] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 1372.546181][ T5765] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71
[ 1372.561392][ T5765] usb 5-1: USB disconnect, device number 68
[ 1372.957875][ T7951] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1372.980324][ T7951] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1372.994387][ T7951] bond0 (unregistering): Released all slaves
[ 1373.112604][ T5765] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[ 1373.314513][ T5765] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1373.353930][ T5765] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1373.372049][ T5765] usb 5-1: New USB device strings: Mfr=0, Product=162, SerialNumber=123
[ 1373.401937][ T5765] usb 5-1: Product: syz
[ 1373.410473][ T5765] usb 5-1: SerialNumber: syz
[ 1373.443585][ T5765] usb 5-1: config 0 descriptor??
[ 1373.471298][ T5765] pwc: Askey VC010 type 2 USB webcam detected.
[ 1373.680610][ T7951] hsr_slave_0: left promiscuous mode
[ 1373.702772][T21469] Bluetooth: hci4: command tx timeout
[ 1373.764760][ T7951] hsr_slave_1: left promiscuous mode
[ 1373.820280][ T7951] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1373.838378][ T7951] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1373.865282][ T7951] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1373.890101][ T7951] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1373.921963][ T5765] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1373.941647][ T5765] pwc: recv_control_msg error -32 req 02 val 2700
[ 1373.951833][ T5765] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1373.965065][ T5765] pwc: recv_control_msg error -32 req 04 val 1000
[ 1373.985303][ T5765] pwc: recv_control_msg error -32 req 04 val 1300
[ 1374.008356][ T7951] veth1_macvtap: left promiscuous mode
[ 1374.034629][ T7951] veth0_macvtap: left promiscuous mode
[ 1374.099643][ T7951] veth1_vlan: left promiscuous mode
[ 1374.130109][ T5765] pwc: recv_control_msg error -71 req 04 val 1400
[ 1374.145307][ T5765] pwc: recv_control_msg error -71 req 02 val 2000
[ 1374.162769][ T7951] veth0_vlan: left promiscuous mode
[ 1374.181820][ T5765] pwc: recv_control_msg error -71 req 02 val 2100
[ 1374.190556][ T5765] pwc: recv_control_msg error -71 req 04 val 1500
[ 1374.203652][ T5765] pwc: recv_control_msg error -71 req 02 val 2500
[ 1374.221521][ T5765] pwc: recv_control_msg error -71 req 02 val 2400
[ 1374.234266][ T5765] pwc: recv_control_msg error -71 req 02 val 2600
[ 1374.249180][ T5765] pwc: recv_control_msg error -71 req 02 val 2900
[ 1374.277149][ T5765] pwc: recv_control_msg error -71 req 02 val 2800
[ 1374.292203][ T5765] pwc: recv_control_msg error -71 req 04 val 1100
[ 1374.300744][ T5765] pwc: recv_control_msg error -71 req 04 val 1200
[ 1374.318351][ T5765] pwc: Registered as video71.
[ 1374.331211][ T5765] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input218
[ 1374.372211][ T5765] usb 5-1: USB disconnect, device number 69
[ 1375.027078][T23807] misc userio: Buffer overflowed, userio client isn't keeping up
[ 1375.312068][T25022] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3846'.
[ 1375.339489][T25022] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3846'.
[ 1375.362496][T25022] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3846'.
[ 1375.480266][T12183] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[ 1375.697373][T25025] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[ 1375.703943][T25025] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1375.731313][T12183] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1375.752604][T25025] vhci_hcd vhci_hcd.0: Device attached
[ 1375.762137][T12183] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1375.771516][T12183] usb 5-1: New USB device strings: Mfr=0, Product=162, SerialNumber=123
[ 1375.784186][T21469] Bluetooth: hci4: command tx timeout
[ 1375.800925][T12183] usb 5-1: Product: syz
[ 1375.805300][T12183] usb 5-1: SerialNumber: syz
[ 1375.825870][T12183] usb 5-1: config 0 descriptor??
[ 1375.834729][T12183] pwc: Askey VC010 type 2 USB webcam detected.
[ 1375.914621][ T7951] team0 (unregistering): Port device team_slave_1 removed
[ 1375.990386][ T7951] team0 (unregistering): Port device team_slave_0 removed
[ 1376.058174][T12183] pwc: send_video_command error -71
[ 1376.072668][T16203] usb 12-1: SetAddress Request (22) to port 0
[ 1376.075120][T12183] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 1376.079442][T16203] usb 12-1: new SuperSpeed USB device number 22 using vhci_hcd
[ 1376.091021][T12183] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71
[ 1376.122687][T25026] vhci_hcd: connection closed
[ 1376.124265][ T1136] vhci_hcd: stop threads
[ 1376.126766][T23807] input: PS/2 Generic Mouse as /devices/serio15/input/input217
[ 1376.128978][ T1136] vhci_hcd: release socket
[ 1376.136852][T12183] usb 5-1: USB disconnect, device number 70
[ 1376.157807][ T1136] vhci_hcd: disconnect device
[ 1376.362539][T23807] psmouse serio15: Failed to enable mouse on 
[ 1376.642599][T12183] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[ 1376.844441][T12183] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1376.861009][T12183] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1376.871012][T12183] usb 5-1: New USB device strings: Mfr=0, Product=162, SerialNumber=123
[ 1376.880050][T12183] usb 5-1: Product: syz
[ 1376.884784][T12183] usb 5-1: SerialNumber: syz
[ 1376.903446][T12183] usb 5-1: config 0 descriptor??
[ 1376.926360][T12183] pwc: Askey VC010 type 2 USB webcam detected.
[ 1376.999274][T24934] chnl_net:caif_netlink_parms(): no params data found
[ 1377.356888][T12183] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1377.369433][T12183] pwc: recv_control_msg error -32 req 02 val 2700
[ 1377.380015][T12183] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1377.389171][T24934] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1377.393097][T12183] pwc: recv_control_msg error -32 req 04 val 1000
[ 1377.429252][T12183] pwc: recv_control_msg error -32 req 04 val 1300
[ 1377.433292][T24934] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1377.472572][T24934] bridge_slave_0: entered allmulticast mode
[ 1377.503694][T24934] bridge_slave_0: entered promiscuous mode
[ 1377.554343][T24934] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1377.561501][T24934] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1377.604377][   T29] kauditd_printk_skb: 32 callbacks suppressed
[ 1377.604395][   T29] audit: type=1326 audit(1725417722.653:5505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25060 comm="syz.1.3851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1377.640202][ T5283] usb 1-1: new high-speed USB device number 100 using dummy_hcd
[ 1377.652860][T24934] bridge_slave_1: entered allmulticast mode
[ 1377.665766][T24934] bridge_slave_1: entered promiscuous mode
[ 1377.695215][   T29] audit: type=1326 audit(1725417722.653:5506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25060 comm="syz.1.3851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1377.725330][T12183] pwc: recv_control_msg error -71 req 04 val 1400
[ 1377.760082][   T29] audit: type=1326 audit(1725417722.663:5507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25060 comm="syz.1.3851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1377.789810][T12183] pwc: recv_control_msg error -71 req 02 val 2000
[ 1377.795416][T24934] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1377.842367][   T29] audit: type=1326 audit(1725417722.663:5508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25060 comm="syz.1.3851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1377.847440][T12183] pwc: recv_control_msg error -71 req 02 val 2100
[ 1377.882537][T21469] Bluetooth: hci4: command tx timeout
[ 1377.889970][ T5283] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1377.909025][ T7951] IPVS: stop unused estimator thread 0...
[ 1377.917524][T24934] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1377.918500][T12183] pwc: recv_control_msg error -71 req 04 val 1500
[ 1377.927339][ T5283] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1377.947657][ T5283] usb 1-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.10
[ 1377.956926][ T5283] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1377.970176][T25066] FAULT_INJECTION: forcing a failure.
[ 1377.970176][T25066] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1377.970190][T21469] Bluetooth: hci1: ACL packet for unknown connection handle 201
[ 1377.998495][ T5283] usb 1-1: config 0 descriptor??
[ 1378.013658][ T5283] radioshark2 1-1:0.0: Invalid radioSHARK2 device
[ 1378.020145][ T5283] radioshark2 1-1:0.0: probe with driver radioshark2 failed with error -22
[ 1378.029354][ T5283] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1378.057558][   T29] audit: type=1326 audit(1725417722.663:5509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25060 comm="syz.1.3851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1378.096811][T12183] pwc: recv_control_msg error -71 req 02 val 2500
[ 1378.106153][   T29] audit: type=1326 audit(1725417722.663:5510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25060 comm="syz.1.3851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1378.111615][T25066] CPU: 1 UID: 0 PID: 25066 Comm: syz.1.3852 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[ 1378.139442][T25066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1378.147104][   T29] audit: type=1326 audit(1725417722.663:5511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25060 comm="syz.1.3851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1378.149496][T25066] Call Trace:
[ 1378.149508][T25066]  <TASK>
[ 1378.149521][T25066]  dump_stack_lvl+0x241/0x360
[ 1378.172053][   T29] audit: type=1326 audit(1725417722.673:5512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25060 comm="syz.1.3851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1378.175169][T25066]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1378.175197][T25066]  ? __pfx__printk+0x10/0x10
[ 1378.178129][   T29] audit: type=1326 audit(1725417722.673:5513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25060 comm="syz.1.3851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1378.182764][T25066]  ? snprintf+0xda/0x120
[ 1378.182791][T25066]  should_fail_ex+0x3b0/0x4e0
[ 1378.182822][T25066]  _copy_to_user+0x2f/0xb0
[ 1378.182846][T25066]  simple_read_from_buffer+0xca/0x150
[ 1378.182870][T25066]  proc_fail_nth_read+0x1ec/0x260
[ 1378.182893][T25066]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1378.182916][T25066]  ? rw_verify_area+0x52a/0x6b0
[ 1378.182936][T25066]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1378.182958][T25066]  vfs_read+0x204/0xbc0
[ 1378.182977][T25066]  ? __pfx_lock_release+0x10/0x10
[ 1378.183001][T25066]  ? __pfx_vhci_write+0x10/0x10
[ 1378.183022][T25066]  ? __pfx_vfs_read+0x10/0x10
[ 1378.183042][T25066]  ? __fget_files+0x29/0x470
[ 1378.183065][T25066]  ? __fget_files+0x3f6/0x470
[ 1378.183100][T25066]  ksys_read+0x1a0/0x2c0
[ 1378.183127][T25066]  ? __pfx_ksys_read+0x10/0x10
[ 1378.183147][T25066]  ? do_syscall_64+0x100/0x230
[ 1378.183170][T25066]  ? do_syscall_64+0xb6/0x230
[ 1378.183192][T25066]  do_syscall_64+0xf3/0x230
[ 1378.183213][T25066]  ? clear_bhb_loop+0x35/0x90
[ 1378.183237][T25066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1378.183258][T25066] RIP: 0033:0x7f401b37b93c
[ 1378.183276][T25066] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 1378.183292][T25066] RSP: 002b:00007f401c0c0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1378.218285][ T5283] usb 1-1: USB disconnect, device number 100
[ 1378.237752][T25066] RAX: ffffffffffffffda RBX: 00007f401b535f80 RCX: 00007f401b37b93c
[ 1378.237778][T25066] RDX: 000000000000000f RSI: 00007f401c0c00a0 RDI: 0000000000000003
[ 1378.237790][T25066] RBP: 00007f401c0c0090 R08: 0000000000000000 R09: 0000000000000000
[ 1378.237800][T25066] R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000001
[ 1378.237812][T25066] R13: 0000000000000001 R14: 00007f401b535f80 R15: 00007f401b65fa28
[ 1378.237839][T25066]  </TASK>
[ 1378.238000][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1378.272284][   T29] audit: type=1326 audit(1725417722.673:5514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25060 comm="syz.1.3851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1378.277613][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1378.454735][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1378.473796][T12183] pwc: recv_control_msg error -71 req 02 val 2400
[ 1378.480895][T12183] pwc: recv_control_msg error -71 req 02 val 2600
[ 1378.490070][T12183] pwc: recv_control_msg error -71 req 02 val 2900
[ 1378.527948][T12183] pwc: recv_control_msg error -71 req 02 val 2800
[ 1378.548323][T25058] dvmrp0: entered allmulticast mode
[ 1378.562850][T12183] pwc: recv_control_msg error -71 req 04 val 1100
[ 1378.569753][T12183] pwc: recv_control_msg error -71 req 04 val 1200
[ 1378.574395][T24934] team0: Port device team_slave_0 added
[ 1378.583788][T12183] pwc: Registered as video71.
[ 1378.590173][T12183] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input219
[ 1378.605971][T12183] usb 5-1: USB disconnect, device number 71
[ 1378.689798][T25073] dvmrp0: left allmulticast mode
[ 1378.855318][T24934] team0: Port device team_slave_1 added
[ 1379.052962][T24934] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1379.083395][T12183] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[ 1379.089005][T24934] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1379.157015][T24934] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1379.180534][T24934] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1379.194994][T24934] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1379.225123][T24934] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1379.275923][T12183] usb 5-1: Using ep0 maxpacket: 16
[ 1379.289986][T12183] usb 5-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 1379.305058][T12183] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1379.332212][T12183] usb 5-1: Product: syz
[ 1379.338741][T12183] usb 5-1: Manufacturer: syz
[ 1379.353593][T12183] usb 5-1: SerialNumber: syz
[ 1379.383656][T12183] usb 5-1: config 0 descriptor??
[ 1379.395469][T12183] visor 5-1:0.0: Sony Clie 3.5 converter detected
[ 1379.408241][T24934] hsr_slave_0: entered promiscuous mode
[ 1379.422773][T23807] usb 1-1: new high-speed USB device number 101 using dummy_hcd
[ 1379.434630][T24934] hsr_slave_1: entered promiscuous mode
[ 1379.462404][T24934] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1379.471946][T24934] Cannot create hsr debugfs directory
[ 1379.623167][T12183] usb 5-1: clie_3_5_startup: get config number failed: -71
[ 1379.631685][T23807] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1379.665923][T12183] visor 5-1:0.0: probe with driver visor failed with error -71
[ 1379.697659][T23807] usb 1-1: config 0 has no interfaces?
[ 1379.719848][T23807] usb 1-1: New USB device found, idVendor=07da, idProduct=104d, bcdDevice=e5.48
[ 1379.739086][T12183] usb 5-1: USB disconnect, device number 72
[ 1379.750175][T23807] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[ 1379.792612][T23807] usb 1-1: Product: syz
[ 1379.796841][T23807] usb 1-1: SerialNumber: syz
[ 1379.890594][T23807] usb 1-1: config 0 descriptor??
[ 1379.953972][T21469] Bluetooth: hci4: command tx timeout
[ 1380.042424][T25106] ALSA: mixer_oss: invalid OSS volume ''
[ 1380.460004][T25087] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3857'.
[ 1380.488380][T25124] pimreg: left allmulticast mode
[ 1380.652171][T25129] FAULT_INJECTION: forcing a failure.
[ 1380.652171][T25129] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1380.727340][T25129] CPU: 1 UID: 0 PID: 25129 Comm: syz.4.3862 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[ 1380.738147][T25129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1380.748196][T25129] Call Trace:
[ 1380.751483][T25129]  <TASK>
[ 1380.754401][T25129]  dump_stack_lvl+0x241/0x360
[ 1380.759069][T25129]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1380.764257][T25129]  ? __pfx__printk+0x10/0x10
[ 1380.768838][T25129]  ? __pfx_lock_release+0x10/0x10
[ 1380.773880][T25129]  should_fail_ex+0x3b0/0x4e0
[ 1380.778571][T25129]  _copy_from_iter+0x1f6/0x1960
[ 1380.783414][T25129]  ? __virt_addr_valid+0x183/0x530
[ 1380.788512][T25129]  ? __pfx_lock_release+0x10/0x10
[ 1380.793526][T25129]  ? __alloc_skb+0x28f/0x440
[ 1380.798110][T25129]  ? __pfx__copy_from_iter+0x10/0x10
[ 1380.803393][T25129]  ? __virt_addr_valid+0x183/0x530
[ 1380.808491][T25129]  ? __virt_addr_valid+0x183/0x530
[ 1380.813582][T25129]  ? __virt_addr_valid+0x45f/0x530
[ 1380.818676][T25129]  ? __check_object_size+0x49c/0x900
[ 1380.823958][T25129]  netlink_sendmsg+0x73d/0xcb0
[ 1380.828725][T25129]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1380.833997][T25129]  ? __import_iovec+0x536/0x820
[ 1380.838838][T25129]  ? aa_sock_msg_perm+0x91/0x160
[ 1380.843771][T25129]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1380.849143][T25129]  ? security_socket_sendmsg+0x87/0xb0
[ 1380.854589][T25129]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1380.859862][T25129]  __sock_sendmsg+0x221/0x270
[ 1380.864533][T25129]  ____sys_sendmsg+0x525/0x7d0
[ 1380.869292][T25129]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1380.874586][T25129]  __sys_sendmsg+0x2b0/0x3a0
[ 1380.879168][T25129]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1380.884263][T25129]  ? vfs_write+0x7c4/0xc90
[ 1380.888696][T25129]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1380.895010][T25129]  ? do_syscall_64+0x100/0x230
[ 1380.899788][T25129]  ? do_syscall_64+0xb6/0x230
[ 1380.904482][T25129]  do_syscall_64+0xf3/0x230
[ 1380.908974][T25129]  ? clear_bhb_loop+0x35/0x90
[ 1380.913661][T25129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1380.919560][T25129] RIP: 0033:0x7fe0e377cef9
[ 1380.923966][T25129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1380.943646][T25129] RSP: 002b:00007fe0e4607038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1380.952048][T25129] RAX: ffffffffffffffda RBX: 00007fe0e3935f80 RCX: 00007fe0e377cef9
[ 1380.960025][T25129] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003
[ 1380.967984][T25129] RBP: 00007fe0e4607090 R08: 0000000000000000 R09: 0000000000000000
[ 1380.975942][T25129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1380.983906][T25129] R13: 0000000000000000 R14: 00007fe0e3935f80 R15: 00007fe0e3a5fa28
[ 1380.991894][T25129]  </TASK>
[ 1381.022379][ T5765] usb 1-1: USB disconnect, device number 101
[ 1381.231976][T16203] usb 12-1: device descriptor read/8, error -110
[ 1381.302358][T25135] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1381.697817][T16203] usb usb12-port1: attempt power cycle
[ 1381.783882][ T5283] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[ 1381.998907][T24934] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1382.016568][ T5283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1382.029972][T24934] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1382.041467][T24934] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1382.051692][T24934] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1382.113483][ T5283] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1382.149744][ T5283] usb 5-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.10
[ 1382.189121][ T5283] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1382.249137][ T5283] usb 5-1: config 0 descriptor??
[ 1382.274727][ T5283] radioshark2 5-1:0.0: Invalid radioSHARK2 device
[ 1382.293576][ T5283] radioshark2 5-1:0.0: probe with driver radioshark2 failed with error -22
[ 1382.311859][ T5283] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1382.403552][T16203] usb usb12-port1: unable to enumerate USB device
[ 1382.481217][T24934] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1382.496410][ T5765] usb 5-1: USB disconnect, device number 73
[ 1382.614794][T24934] 8021q: adding VLAN 0 to HW filter on device team0
[ 1382.633070][ T5282] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[ 1382.654344][T25041] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1382.661503][T25041] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1382.720199][T25041] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1382.727442][T25041] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1382.862797][ T5282] usb 2-1: Using ep0 maxpacket: 16
[ 1382.869756][ T5282] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1382.893295][ T5282] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1382.904776][ T5282] usb 2-1: New USB device found, idVendor=056e, idProduct=00fc, bcdDevice= 0.00
[ 1382.914346][ T5282] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1382.924462][T24934] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1382.933827][ T5282] usb 2-1: config 0 descriptor??
[ 1383.117387][T24934] veth0_vlan: entered promiscuous mode
[ 1383.148891][T24934] veth1_vlan: entered promiscuous mode
[ 1383.317930][T24934] veth0_macvtap: entered promiscuous mode
[ 1383.347041][ T5282] elecom 0003:056E:00FC.0044: unexpected long global item
[ 1383.369913][T24934] veth1_macvtap: entered promiscuous mode
[ 1383.390080][ T5282] elecom 0003:056E:00FC.0044: probe with driver elecom failed with error -22
[ 1383.409742][T24934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1383.421524][T24934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1383.460475][T24934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1383.486867][T24934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1383.497653][T24934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1383.510979][T24934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1383.525304][T25182] xt_ecn: cannot match TCP bits for non-tcp packets
[ 1383.533680][T24934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1383.550418][T24934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1383.664084][T24934] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1383.676027][   T58] usb 2-1: USB disconnect, device number 35
[ 1383.726140][T25185] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3873'.
[ 1383.760567][T25188] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3873'.
[ 1383.844161][T24934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1383.861710][T25194] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.3874'.
[ 1383.884195][T24934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1383.902471][T24934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1383.959544][T25193] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.3874'.
[ 1383.965320][T24934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1383.990240][T24934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1384.031753][T24934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1384.092886][T24934] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1384.107814][T24934] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1384.172843][T24934] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1384.230156][T24934] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1384.279829][T24934] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1384.324243][T24934] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1384.351750][T24934] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1384.430670][T25205] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3876'.
[ 1384.680918][T25041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1384.701621][T25041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1384.784336][ T7951] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1384.802488][   T58] usb 1-1: new high-speed USB device number 102 using dummy_hcd
[ 1384.828050][T25224] random: crng reseeded on system resumption
[ 1384.838881][ T7951] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1384.942948][ T5283] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[ 1384.992524][   T58] usb 1-1: Using ep0 maxpacket: 16
[ 1385.006630][   T58] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 1385.031174][   T58] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1385.043030][T25233] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3826'.
[ 1385.065139][   T58] usb 1-1: Product: syz
[ 1385.069349][   T58] usb 1-1: Manufacturer: syz
[ 1385.075577][T25233] netlink: 180 bytes leftover after parsing attributes in process `syz.3.3826'.
[ 1385.092897][   T58] usb 1-1: SerialNumber: syz
[ 1385.107042][   T58] usb 1-1: config 0 descriptor??
[ 1385.128393][   T58] visor 1-1:0.0: Sony Clie 3.5 converter detected
[ 1385.154288][ T5283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1385.228631][ T5283] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1385.239438][ T5283] usb 5-1: New USB device strings: Mfr=0, Product=162, SerialNumber=123
[ 1385.259407][ T5283] usb 5-1: Product: syz
[ 1385.273997][ T5283] usb 5-1: SerialNumber: syz
[ 1385.301633][ T5283] usb 5-1: config 0 descriptor??
[ 1385.324070][ T5283] pwc: Askey VC010 type 2 USB webcam detected.
[ 1385.544032][ T5283] pwc: send_video_command error -71
[ 1385.546391][   T58] usb 1-1: clie_3_5_startup: get interface number failed: -71
[ 1385.562471][ T5283] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 1385.577361][ T5283] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71
[ 1385.594983][   T58] visor 1-1:0.0: probe with driver visor failed with error -71
[ 1385.618402][ T5283] usb 5-1: USB disconnect, device number 74
[ 1385.625741][   T58] usb 1-1: USB disconnect, device number 102
[ 1386.092547][   T58] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[ 1386.192732][ T5283] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[ 1386.282475][   T58] usb 3-1: Using ep0 maxpacket: 16
[ 1386.302405][ T5282] usb 4-1: new high-speed USB device number 100 using dummy_hcd
[ 1386.310143][   T58] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 1386.384416][ T5283] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1386.394780][   T58] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1386.396885][ T5283] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1386.438421][   T58] usb 3-1: Product: syz
[ 1386.440469][ T5283] usb 5-1: New USB device strings: Mfr=0, Product=162, SerialNumber=123
[ 1386.456260][   T58] usb 3-1: Manufacturer: syz
[ 1386.472544][   T58] usb 3-1: SerialNumber: syz
[ 1386.485292][ T5283] usb 5-1: Product: syz
[ 1386.492947][   T58] usb 3-1: config 0 descriptor??
[ 1386.511900][ T5283] usb 5-1: SerialNumber: syz
[ 1386.513631][   T58] visor 3-1:0.0: Sony Clie 3.5 converter detected
[ 1386.532437][ T5282] usb 4-1: Using ep0 maxpacket: 8
[ 1386.549987][ T5282] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 0, changing to 7
[ 1386.572046][ T5283] usb 5-1: config 0 descriptor??
[ 1386.589152][ T5283] pwc: Askey VC010 type 2 USB webcam detected.
[ 1386.599850][ T5282] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 1386.624897][ T5282] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1386.665943][ T5282] usb 4-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=53.c8
[ 1386.676191][ T5282] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1386.688758][ T5282] usb 4-1: Product: syz
[ 1386.709347][ T5282] usb 4-1: Manufacturer: syz
[ 1386.713014][   T58] usb 3-1: clie_3_5_startup: get config number failed: -71
[ 1386.731774][ T5282] usb 4-1: SerialNumber: syz
[ 1386.765895][   T58] visor 3-1:0.0: probe with driver visor failed with error -71
[ 1386.797971][   T58] usb 3-1: USB disconnect, device number 66
[ 1386.803133][ T5282] usb 4-1: config 0 descriptor??
[ 1386.863484][ T5282] ati_remote 4-1:0.0: ati_remote_probe: Unexpected endpoint_in
[ 1387.000883][ T5283] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1387.031712][ T5283] pwc: recv_control_msg error -32 req 02 val 2700
[ 1387.058694][ T5283] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1387.092599][ T5283] pwc: recv_control_msg error -32 req 04 val 1000
[ 1387.111546][ T5283] pwc: recv_control_msg error -32 req 04 val 1300
[ 1387.408955][ T5283] pwc: recv_control_msg error -71 req 04 val 1400
[ 1387.457688][ T5283] pwc: recv_control_msg error -71 req 02 val 2000
[ 1387.491405][ T5283] pwc: recv_control_msg error -71 req 02 val 2100
[ 1387.530001][ T5283] pwc: recv_control_msg error -71 req 04 val 1500
[ 1387.546619][ T5283] pwc: recv_control_msg error -71 req 02 val 2500
[ 1387.550934][T25280] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1387.582483][T25280] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1387.588499][ T5283] pwc: recv_control_msg error -71 req 02 val 2400
[ 1387.623959][ T5283] pwc: recv_control_msg error -71 req 02 val 2600
[ 1387.641189][ T5283] pwc: recv_control_msg error -71 req 02 val 2900
[ 1387.657503][ T5283] pwc: recv_control_msg error -71 req 02 val 2800
[ 1387.687799][ T5283] pwc: recv_control_msg error -71 req 04 val 1100
[ 1387.707409][ T5283] pwc: recv_control_msg error -71 req 04 val 1200
[ 1387.712560][   T58] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[ 1387.741986][ T5283] pwc: Registered as video71.
[ 1387.783820][ T5283] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input220
[ 1387.792827][ T5765] usb 1-1: new high-speed USB device number 103 using dummy_hcd
[ 1387.879213][ T5283] usb 5-1: USB disconnect, device number 75
[ 1387.913022][   T58] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[ 1387.926990][   T58] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1387.941175][T25287] FAULT_INJECTION: forcing a failure.
[ 1387.941175][T25287] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1387.968761][T25287] CPU: 0 UID: 0 PID: 25287 Comm: syz.1.3887 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[ 1387.979557][T25287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1387.983367][ T5765] usb 1-1: Using ep0 maxpacket: 16
[ 1387.989603][T25287] Call Trace:
[ 1387.989668][T25287]  <TASK>
[ 1387.989680][T25287]  dump_stack_lvl+0x241/0x360
[ 1388.005714][T25287]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1388.010913][T25287]  ? __pfx__printk+0x10/0x10
[ 1388.015496][T25287]  ? __pfx_lock_release+0x10/0x10
[ 1388.020527][T25287]  ? __lock_acquire+0x137a/0x2040
[ 1388.025568][T25287]  should_fail_ex+0x3b0/0x4e0
[ 1388.030250][T25287]  _copy_from_user+0x2f/0xe0
[ 1388.034835][T25287]  kstrtouint_from_user+0xc6/0x190
[ 1388.039947][T25287]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1388.045665][T25287]  ? __pfx_lock_acquire+0x10/0x10
[ 1388.050687][T25287]  proc_fail_nth_write+0xaa/0x2d0
[ 1388.055722][T25287]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1388.061630][T25287]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1388.067308][T25287]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1388.072983][T25287]  vfs_write+0x2a2/0xc90
[ 1388.077242][T25287]  ? __pfx_vfs_write+0x10/0x10
[ 1388.081999][T25287]  ? __fget_files+0x29/0x470
[ 1388.086586][T25287]  ? __fget_files+0x3f6/0x470
[ 1388.091261][T25287]  ksys_write+0x1a0/0x2c0
[ 1388.095588][T25287]  ? __pfx_ksys_write+0x10/0x10
[ 1388.100443][T25287]  ? do_syscall_64+0x100/0x230
[ 1388.105206][T25287]  ? do_syscall_64+0xb6/0x230
[ 1388.109877][T25287]  do_syscall_64+0xf3/0x230
[ 1388.114372][T25287]  ? clear_bhb_loop+0x35/0x90
[ 1388.119046][T25287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1388.124939][T25287] RIP: 0033:0x7f401b37b9df
[ 1388.129373][T25287] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[ 1388.148994][T25287] RSP: 002b:00007f401c0c0030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1388.157403][T25287] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f401b37b9df
[ 1388.165368][T25287] RDX: 0000000000000001 RSI: 00007f401c0c00a0 RDI: 0000000000000004
[ 1388.173361][T25287] RBP: 00007f401c0c0090 R08: 0000000000000000 R09: 0000000000000000
[ 1388.181327][T25287] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 1388.189299][T25287] R13: 0000000000000000 R14: 00007f401b535f80 R15: 00007f401b65fa28
[ 1388.197278][T25287]  </TASK>
[ 1388.216644][   T58] usb 3-1: Product: syz
[ 1388.226427][   T58] usb 3-1: Manufacturer: syz
[ 1388.231067][   T58] usb 3-1: SerialNumber: syz
[ 1388.249268][ T5765] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 1388.293188][   T58] usb 3-1: config 0 descriptor??
[ 1388.303209][ T5765] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1388.325848][   T58] ch341 3-1:0.0: ch341-uart converter detected
[ 1388.344961][ T5765] usb 1-1: Product: syz
[ 1388.357085][ T5765] usb 1-1: Manufacturer: syz
[ 1388.385119][ T5765] usb 1-1: SerialNumber: syz
[ 1388.397353][ T5765] usb 1-1: config 0 descriptor??
[ 1388.419045][ T5765] visor 1-1:0.0: Sony Clie 3.5 converter detected
[ 1388.481517][T25291] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3888'.
[ 1388.529220][   T58] usb 3-1: failed to receive control message: -121
[ 1388.544702][   T58] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -121
[ 1388.622457][ T5765] usb 1-1: clie_3_5_startup: get config number failed: -71
[ 1388.637685][ T5765] visor 1-1:0.0: probe with driver visor failed with error -71
[ 1388.646147][   T29] kauditd_printk_skb: 46 callbacks suppressed
[ 1388.646163][   T29] audit: type=1326 audit(1725417733.693:5561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25293 comm="syz.1.3889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1388.688938][ T5765] usb 1-1: USB disconnect, device number 103
[ 1388.705416][T21469] Bluetooth: hci1: ACL packet for unknown connection handle 201
[ 1388.737078][   T58] usb 3-1: USB disconnect, device number 67
[ 1388.764794][   T58] ch341 3-1:0.0: device disconnected
[ 1388.797274][   T29] audit: type=1326 audit(1725417733.723:5562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25293 comm="syz.1.3889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f401b37b9df code=0x7ffc0000
[ 1388.899433][   T29] audit: type=1326 audit(1725417733.723:5563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25293 comm="syz.1.3889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1388.936778][   T29] audit: type=1326 audit(1725417733.723:5564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25293 comm="syz.1.3889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1388.963562][   T29] audit: type=1326 audit(1725417733.723:5565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25293 comm="syz.1.3889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1388.988331][   T29] audit: type=1326 audit(1725417733.723:5566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25293 comm="syz.1.3889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1389.016780][   T29] audit: type=1326 audit(1725417733.733:5567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25293 comm="syz.1.3889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1389.042442][   T29] audit: type=1326 audit(1725417733.733:5568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25293 comm="syz.1.3889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1389.085331][   T58] usb 4-1: USB disconnect, device number 100
[ 1389.103644][   T29] audit: type=1326 audit(1725417733.733:5569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25293 comm="syz.1.3889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1389.127173][ T5282] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[ 1389.142430][T12183] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 1389.142727][   T29] audit: type=1326 audit(1725417733.733:5570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25293 comm="syz.1.3889" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1389.323390][T12183] usb 2-1: Using ep0 maxpacket: 8
[ 1389.350371][T12183] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 1389.362426][ T5282] usb 5-1: Using ep0 maxpacket: 16
[ 1389.376312][T12183] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1389.383931][ T5282] usb 5-1: config index 0 descriptor too short (expected 45029, got 27)
[ 1389.406658][T12183] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1389.412524][ T5282] usb 5-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[ 1389.441499][ T5282] usb 5-1: config 2 has 0 interfaces, different from the descriptor's value: 24
[ 1389.450962][T12183] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1389.466146][ T5282] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1389.479107][T12183] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1389.482380][ T5282] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1389.493426][T25311] FAULT_INJECTION: forcing a failure.
[ 1389.493426][T25311] name failslab, interval 1, probability 0, space 0, times 0
[ 1389.520848][ T5282] usb 5-1: Product: syz
[ 1389.520975][T12183] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1389.527113][ T5282] usb 5-1: Manufacturer: syz
[ 1389.539427][T25311] CPU: 1 UID: 0 PID: 25311 Comm: syz.2.3893 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[ 1389.546446][ T5282] usb 5-1: SerialNumber: syz
[ 1389.550192][T25311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1389.550210][T25311] Call Trace:
[ 1389.550221][T25311]  <TASK>
[ 1389.550231][T25311]  dump_stack_lvl+0x241/0x360
[ 1389.550259][T25311]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1389.580997][T25311]  ? __pfx__printk+0x10/0x10
[ 1389.585619][T25311]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[ 1389.591643][T25311]  ? __pfx___might_resched+0x10/0x10
[ 1389.596976][T25311]  should_fail_ex+0x3b0/0x4e0
[ 1389.601700][T25311]  should_failslab+0xac/0x100
[ 1389.606420][T25311]  ? __alloc_skb+0x1c3/0x440
[ 1389.611045][T25311]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 1389.616889][T25311]  __alloc_skb+0x1c3/0x440
[ 1389.621345][T25311]  ? __pfx___alloc_skb+0x10/0x10
[ 1389.626282][T25311]  ? netlink_autobind+0xd6/0x2f0
[ 1389.631303][T25311]  ? netlink_autobind+0x2b0/0x2f0
[ 1389.636328][T25311]  netlink_sendmsg+0x638/0xcb0
[ 1389.641104][T25311]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1389.646392][T25311]  ? __import_iovec+0x536/0x820
[ 1389.651250][T25311]  ? aa_sock_msg_perm+0x91/0x160
[ 1389.656224][T25311]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1389.661524][T25311]  ? security_socket_sendmsg+0x87/0xb0
[ 1389.666992][T25311]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1389.672279][T25311]  __sock_sendmsg+0x221/0x270
[ 1389.676968][T25311]  ____sys_sendmsg+0x525/0x7d0
[ 1389.681729][T25311]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1389.687021][T25311]  __sys_sendmsg+0x2b0/0x3a0
[ 1389.691614][T25311]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1389.696721][T25311]  ? vfs_write+0x7c4/0xc90
[ 1389.701148][T25311]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1389.707492][T25311]  ? do_syscall_64+0x100/0x230
[ 1389.712277][T25311]  ? do_syscall_64+0xb6/0x230
[ 1389.716964][T25311]  do_syscall_64+0xf3/0x230
[ 1389.721464][T25311]  ? clear_bhb_loop+0x35/0x90
[ 1389.726165][T25311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1389.732132][T25311] RIP: 0033:0x7fd0abb7cef9
[ 1389.736534][T25311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1389.756129][T25311] RSP: 002b:00007fd0ac901038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1389.764528][T25311] RAX: ffffffffffffffda RBX: 00007fd0abd35f80 RCX: 00007fd0abb7cef9
[ 1389.772490][T25311] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[ 1389.780444][T25311] RBP: 00007fd0ac901090 R08: 0000000000000000 R09: 0000000000000000
[ 1389.782481][ T5283] usb 1-1: new high-speed USB device number 104 using dummy_hcd
[ 1389.788400][T25311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1389.804091][T25311] R13: 0000000000000000 R14: 00007fd0abd35f80 R15: 00007fd0abe5fa28
[ 1389.812072][T25311]  </TASK>
[ 1389.816636][T12183] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1389.851867][ T5282] usb 5-1: USB disconnect, device number 76
[ 1390.032723][ T5283] usb 1-1: Using ep0 maxpacket: 8
[ 1390.082991][T12183] usb 2-1: usb_control_msg returned -32
[ 1390.087863][ T5283] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1390.088648][T12183] usbtmc 2-1:16.0: can't read capabilities
[ 1390.100644][ T5283] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1390.148713][ T5283] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1390.170736][ T5283] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1390.210395][ T5283] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1390.229346][ T5283] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1390.460783][ T5283] usb 1-1: GET_CAPABILITIES returned 0
[ 1390.474199][ T5283] usbtmc 1-1:16.0: can't read capabilities
[ 1390.690517][T12183] usb 1-1: USB disconnect, device number 104
[ 1390.990859][T25330] vivid-004: =================  START STATUS  =================
[ 1390.998795][T25330] vivid-004: Radio HW Seek Mode: Bounded
[ 1391.007100][T25330] vivid-004: Radio Programmable HW Seek: false
[ 1391.013765][T25330] vivid-004: RDS Rx I/O Mode: Block I/O
[ 1391.019413][T25330] vivid-004: Generate RBDS Instead of RDS: false
[ 1391.026168][T25330] vivid-004: RDS Reception: true
[ 1391.028826][T25332] netlink: 'syz.0.3892': attribute type 11 has an invalid length.
[ 1391.032668][T25330] vivid-004: RDS Program Type: 0 inactive
[ 1391.092677][T25330] vivid-004: RDS PS Name:  inactive
[ 1391.107242][T25330] vivid-004: RDS Radio Text:  inactive
[ 1391.159983][T25330] vivid-004: RDS Traffic Announcement: false inactive
[ 1391.170087][T25330] vivid-004: RDS Traffic Program: false inactive
[ 1391.178693][T25330] vivid-004: RDS Music: false inactive
[ 1391.186884][T25330] vivid-004: ==================  END STATUS  ==================
[ 1391.234527][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1391.264017][T25340] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3901'.
[ 1391.276359][T25340] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3901'.
[ 1391.472443][T12183] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[ 1391.482378][ T5282] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[ 1391.662511][T12183] usb 5-1: Using ep0 maxpacket: 16
[ 1391.689049][T12183] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1391.705769][T12183] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1391.713516][ T5282] usb 3-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config
[ 1391.741483][ T5282] usb 3-1: New USB device found, idVendor=0408, idProduct=4011, bcdDevice=fa.f1
[ 1391.751527][ T5282] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1391.752917][T12183] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1391.761906][ T5282] usb 3-1: Product: syz
[ 1391.776568][ T5282] usb 3-1: Manufacturer: syz
[ 1391.783488][ T5282] usb 3-1: SerialNumber: syz
[ 1391.820274][T12183] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1391.821529][ T5282] usb 3-1: config 0 descriptor??
[ 1391.856087][ T5282] usb 3-1: Found UVC 0.00 device syz (0408:4011)
[ 1391.863284][ T5765] usb 2-1: USB disconnect, device number 36
[ 1391.883091][T12183] usb 5-1: Product: syz
[ 1391.891460][T12183] usb 5-1: Manufacturer: syz
[ 1391.910260][T12183] usb 5-1: SerialNumber: syz
[ 1391.928240][ T5282] usb 3-1: No valid video chain found.
[ 1391.945463][T12183] usb 5-1: config 0 descriptor??
[ 1391.980854][T12183] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1392.011736][T12183] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[ 1392.382680][ T5765] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 1392.617563][ T5765] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[ 1392.632840][T12183] em28xx 5-1:0.0: chip ID is em2874
[ 1392.645048][ T5765] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1392.663375][ T5765] usb 2-1: Product: syz
[ 1392.669425][ T5765] usb 2-1: Manufacturer: syz
[ 1392.677644][ T5765] usb 2-1: SerialNumber: syz
[ 1392.690603][ T5765] usb 2-1: config 0 descriptor??
[ 1392.707394][ T5765] ch341 2-1:0.0: ch341-uart converter detected
[ 1392.908981][ T5765] usb 2-1: failed to receive control message: -121
[ 1392.918210][ T5765] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -121
[ 1393.118601][T12183] usb 2-1: USB disconnect, device number 37
[ 1393.156370][T12183] ch341 2-1:0.0: device disconnected
[ 1393.948912][T12183] usb 5-1: USB disconnect, device number 77
[ 1393.975409][T12183] em28xx 5-1:0.0: Disconnecting em28xx
[ 1394.001363][T25377] netlink: 'syz.3.3908': attribute type 12 has an invalid length.
[ 1394.021912][T12183] em28xx 5-1:0.0: Freeing device
[ 1394.439881][ T5282] usb 3-1: USB disconnect, device number 68
[ 1394.757202][T25392] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3913'.
[ 1394.815482][T25392] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3913'.
[ 1394.857208][T25392] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3913'.
[ 1395.192268][T25392] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[ 1395.198828][T25392] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1395.244507][T25392] vhci_hcd vhci_hcd.0: Device attached
[ 1395.552462][T12183] usb 14-1: SetAddress Request (10) to port 0
[ 1395.558782][T12183] usb 14-1: new SuperSpeed USB device number 10 using vhci_hcd
[ 1395.643305][T25399] vhci_hcd: connection reset by peer
[ 1395.651530][ T7951] vhci_hcd: stop threads
[ 1395.662463][ T7951] vhci_hcd: release socket
[ 1395.667182][ T7951] vhci_hcd: disconnect device
[ 1395.777260][   T62] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1396.139817][   T62] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1396.242107][T25420] delete_channel: no stack
[ 1396.431235][   T62] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1396.633305][T19212] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1396.647772][T19212] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1396.678254][T19212] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1396.690873][T19212] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1396.700993][T19212] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1396.708815][T19212] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1396.712512][T11454] Bluetooth: hci4: ACL packet for unknown connection handle 2151
[ 1396.790258][   T62] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1397.271102][T25434] chnl_net:caif_netlink_parms(): no params data found
[ 1397.284497][   T58] usb 4-1: new high-speed USB device number 101 using dummy_hcd
[ 1397.464643][   T62] bridge_slave_1: left allmulticast mode
[ 1397.470602][   T62] bridge_slave_1: left promiscuous mode
[ 1397.491197][   T62] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1397.502546][   T58] usb 4-1: Using ep0 maxpacket: 16
[ 1397.509498][   T58] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1397.512757][ T5283] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[ 1397.531646][   T58] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1397.548493][   T62] bridge_slave_0: left allmulticast mode
[ 1397.559840][   T62] bridge_slave_0: left promiscuous mode
[ 1397.575861][   T58] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1397.600343][   T62] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1397.642403][   T58] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1397.667543][   T58] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1397.697547][   T58] usb 4-1: config 0 descriptor??
[ 1397.743165][ T5283] usb 5-1: Using ep0 maxpacket: 16
[ 1397.754899][ T5283] usb 5-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 1397.792900][ T5283] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1397.807222][ T5283] usb 5-1: Product: syz
[ 1397.811416][ T5283] usb 5-1: Manufacturer: syz
[ 1397.843883][ T5283] usb 5-1: SerialNumber: syz
[ 1397.860295][ T5283] usb 5-1: config 0 descriptor??
[ 1397.884873][ T5283] visor 5-1:0.0: Sony Clie 3.5 converter detected
[ 1398.024032][T25455] FAULT_INJECTION: forcing a failure.
[ 1398.024032][T25455] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1398.059593][T25455] CPU: 1 UID: 0 PID: 25455 Comm: syz.1.3933 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[ 1398.070401][T25455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1398.080462][T25455] Call Trace:
[ 1398.083769][T25455]  <TASK>
[ 1398.086727][T25455]  dump_stack_lvl+0x241/0x360
[ 1398.091417][T25455]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1398.096612][T25455]  ? __pfx__printk+0x10/0x10
[ 1398.101221][T25455]  ? snprintf+0xda/0x120
[ 1398.105476][T25455]  should_fail_ex+0x3b0/0x4e0
[ 1398.110193][T25455]  _copy_to_user+0x2f/0xb0
[ 1398.114609][T25455]  simple_read_from_buffer+0xca/0x150
[ 1398.119985][T25455]  proc_fail_nth_read+0x1ec/0x260
[ 1398.125011][T25455]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1398.130560][T25455]  ? rw_verify_area+0x52a/0x6b0
[ 1398.135403][T25455]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1398.140956][T25455]  vfs_read+0x204/0xbc0
[ 1398.145125][T25455]  ? __pfx_lock_release+0x10/0x10
[ 1398.150187][T25455]  ? __pfx_vfs_read+0x10/0x10
[ 1398.154886][T25455]  ? __fget_files+0x29/0x470
[ 1398.159477][T25455]  ? __fget_files+0x3f6/0x470
[ 1398.164187][T25455]  ksys_read+0x1a0/0x2c0
[ 1398.168449][T25455]  ? __pfx_ksys_read+0x10/0x10
[ 1398.173210][T25455]  ? arch_syscall_is_vdso_sigreturn+0x125/0x1a0
[ 1398.179473][T25455]  ? syscall_user_dispatch+0x4e/0x90
[ 1398.184770][T25455]  do_syscall_64+0xf3/0x230
[ 1398.189290][T25455]  ? clear_bhb_loop+0x35/0x90
[ 1398.193998][T25455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1398.199972][T25455] RIP: 0033:0x7f401b37b93c
[ 1398.204404][T25455] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 1398.224018][T25455] RSP: 002b:00007f401c0c0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1398.232466][T25455] RAX: ffffffffffffffda RBX: 00007f401b535f80 RCX: 00007f401b37b93c
[ 1398.240464][T25455] RDX: 000000000000000f RSI: 00007f401c0c00a0 RDI: 0000000000000004
[ 1398.248437][T25455] RBP: 00007f401c0c0090 R08: 0000000000000000 R09: 0000000000000000
[ 1398.256420][T25455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1398.264396][T25455] R13: 0000000000000000 R14: 00007f401b535f80 R15: 00007f401b65fa28
[ 1398.272401][T25455]  </TASK>
[ 1398.462876][   T62] erspan0 (unregistering): left promiscuous mode
[ 1398.499282][ T5283] usb 5-1: clie_3_5_startup: get interface number failed: -71
[ 1398.510942][   T58] usbhid 4-1:0.0: can't add hid device: -71
[ 1398.518269][   T58] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1398.548275][   T58] usb 4-1: USB disconnect, device number 101
[ 1398.552470][ T5283] visor 5-1:0.0: probe with driver visor failed with error -71
[ 1398.584341][   T62] gretap0 (unregistering): left promiscuous mode
[ 1398.597506][ T5283] usb 5-1: USB disconnect, device number 78
[ 1398.742729][T19212] Bluetooth: hci0: command tx timeout
[ 1398.771146][T25459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3934'.
[ 1399.293138][   T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1399.314611][   T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1399.347471][   T62] bond0 (unregistering): Released all slaves
[ 1399.425639][ T5283] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[ 1399.592603][ T5283] usb 3-1: device descriptor read/64, error -71
[ 1399.637116][T25434] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1399.687274][T25434] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1399.702113][T25434] bridge_slave_0: entered allmulticast mode
[ 1399.722078][T25434] bridge_slave_0: entered promiscuous mode
[ 1399.767587][T25434] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1399.779352][T25434] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1399.787943][T25434] bridge_slave_1: entered allmulticast mode
[ 1399.818586][T25434] bridge_slave_1: entered promiscuous mode
[ 1399.892748][ T5283] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[ 1399.942455][T14735] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1400.082245][T25434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1400.082409][ T5283] usb 3-1: device descriptor read/64, error -71
[ 1400.160577][T14735] usb 2-1: Using ep0 maxpacket: 8
[ 1400.172346][T14735] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 1400.194262][T25434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1400.211957][ T5283] usb usb3-port1: attempt power cycle
[ 1400.217607][T14735] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1400.241453][T14735] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1400.262813][T14735] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1400.280338][T14735] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1400.302759][T14735] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1400.327401][T14735] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1400.419076][T25497] hsr0: entered promiscuous mode
[ 1400.573157][T14735] usb 2-1: usb_control_msg returned -32
[ 1400.578804][T14735] usbtmc 2-1:16.0: can't read capabilities
[ 1400.627703][T25434] team0: Port device team_slave_0 added
[ 1400.642655][ T5283] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[ 1400.654948][   T62] batadv_slave_1: left promiscuous mode
[ 1400.670868][T12183] usb 14-1: device descriptor read/8, error -110
[ 1400.690954][   T62] hsr_slave_0: left promiscuous mode
[ 1400.703219][ T5283] usb 3-1: device descriptor read/8, error -71
[ 1400.718913][   T62] hsr_slave_1: left promiscuous mode
[ 1400.730805][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1400.744389][   T62] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1400.757912][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1400.776396][   T62] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1400.801874][   T62] veth1_macvtap: left promiscuous mode
[ 1400.832641][T19212] Bluetooth: hci0: command tx timeout
[ 1400.861375][   T62] veth0_macvtap: left promiscuous mode
[ 1400.882479][   T62] veth1_vlan: left promiscuous mode
[ 1400.901769][   T62] veth0_vlan: left promiscuous mode
[ 1400.982456][ T5283] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[ 1401.033127][ T5283] usb 3-1: device descriptor read/8, error -71
[ 1401.104320][T12183] usb usb14-port1: attempt power cycle
[ 1401.162865][ T5283] usb usb3-port1: unable to enumerate USB device
[ 1401.764870][T12183] usb usb14-port1: unable to enumerate USB device
[ 1402.192960][   T62] team0 (unregistering): Port device team_slave_1 removed
[ 1402.309279][   T62] team0 (unregistering): Port device team_slave_0 removed
[ 1402.787120][ T5765] usb 2-1: USB disconnect, device number 38
[ 1402.912520][T19212] Bluetooth: hci0: command tx timeout
[ 1403.338423][T25528] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4)
[ 1403.345010][T25528] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1403.373420][T25528] vhci_hcd vhci_hcd.0: Device attached
[ 1403.573048][ T5765] vhci_hcd: vhci_device speed not set
[ 1403.587699][   T29] kauditd_printk_skb: 5 callbacks suppressed
[ 1403.587716][   T29] audit: type=1326 audit(1725417748.633:5576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25527 comm="syz.2.3951" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd0abb7cef9 code=0x0
[ 1403.655530][ T5765] usb 13-1: new full-speed USB device number 2 using vhci_hcd
[ 1403.675322][T25535] netlink: 180 bytes leftover after parsing attributes in process `syz.2.3951'.
[ 1403.696140][T25434] team0: Port device team_slave_1 added
[ 1403.758090][T25539] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1403.945753][T25434] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1403.990228][T25434] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1404.030805][T25434] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1404.076510][T25434] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1404.107669][T25434] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1404.169124][T25552] random: crng reseeded on system resumption
[ 1404.201645][T25434] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1404.370863][T25434] hsr_slave_0: entered promiscuous mode
[ 1404.389821][T25434] hsr_slave_1: entered promiscuous mode
[ 1404.423742][T25553] netlink: 'syz.4.3956': attribute type 29 has an invalid length.
[ 1404.464709][   T62] IPVS: stop unused estimator thread 0...
[ 1404.506853][T25556] netlink: 'syz.4.3956': attribute type 29 has an invalid length.
[ 1404.651358][T25529] vhci_hcd: connection reset by peer
[ 1404.671347][T25043] vhci_hcd: stop threads
[ 1404.693660][T25043] vhci_hcd: release socket
[ 1404.705927][T25043] vhci_hcd: disconnect device
[ 1404.982473][T19212] Bluetooth: hci0: command tx timeout
[ 1405.302747][ T5283] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[ 1405.310762][T14735] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[ 1405.502723][ T5283] usb 3-1: Using ep0 maxpacket: 32
[ 1405.518534][ T5283] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 1405.531414][ T5283] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1405.544188][T14735] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=69.f5
[ 1405.557888][T25434] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1405.561212][ T5283] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1405.586377][T14735] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1405.586875][T25434] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1405.623397][ T5283] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1405.634747][T14735] usb 5-1: config 0 descriptor??
[ 1405.639850][ T5283] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1405.654303][T14735] dvb-usb: found a 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' in warm state.
[ 1405.664430][ T5283] usb 3-1: Product: syz
[ 1405.672134][T14735] dvb-usb: bulk message failed: -22 (2/0)
[ 1405.680123][ T5283] usb 3-1: Manufacturer: syz
[ 1405.686835][T14735] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1405.697438][ T5283] usb 3-1: SerialNumber: syz
[ 1405.709647][T25434] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1405.715782][T14735] dvbdev: DVB: registering new adapter (TerraTec/qanu USB2.0 Highspeed DVB-T Receiver)
[ 1405.760276][T25434] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1405.776319][T14735] usb 5-1: media controller created
[ 1405.855553][T25550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1405.883547][T14735] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1405.913359][T25550] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1405.949973][T25550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1405.971369][T14735] dvb-usb: bulk message failed: -22 (1/0)
[ 1405.997444][T25564] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1406.007975][T14735] dvb-usb: no frontend was attached by 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver'
[ 1406.027081][T25550] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1406.069173][T14735] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input221
[ 1406.069293][T25564] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1406.158007][T14735] dvb-usb: schedule remote query interval to 50 msecs.
[ 1406.161110][T25434] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1406.205902][T14735] dvb-usb: bulk message failed: -22 (2/0)
[ 1406.275588][T14735] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected.
[ 1406.288967][ T5282] dvb-usb: bulk message failed: -22 (1/0)
[ 1406.298966][ T5283] usb 3-1: 2:1 : sample bitwidth 253 in over sample bytes 2
[ 1406.319613][ T5283] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1406.325854][ T5282] dvb-usb: error while querying for an remote control event.
[ 1406.349004][T14735] usb 5-1: USB disconnect, device number 79
[ 1406.456419][ T5283] usb 3-1: USB disconnect, device number 73
[ 1406.504907][T25434] 8021q: adding VLAN 0 to HW filter on device team0
[ 1406.558885][T14735] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected.
[ 1406.646172][T25037] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1406.653403][T25037] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1406.966084][T25043] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1407.085080][T25037] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1407.092333][T25037] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1407.257308][T25043] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1407.637400][T25043] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1407.663466][T21469] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1407.676988][T21469] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1407.696023][T21469] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1407.704534][T21469] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1407.712459][T21469] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1407.720416][T21469] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1407.875012][T25043] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1407.960654][T25434] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1408.123075][ T5285] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[ 1408.270592][T25633] Cannot find add_set index 0 as target
[ 1408.324613][ T5285] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1408.364526][ T5285] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 178
[ 1408.395666][ T5285] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1408.431760][T25043] bridge_slave_1: left allmulticast mode
[ 1408.452684][T25043] bridge_slave_1: left promiscuous mode
[ 1408.458487][T25043] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1408.475454][ T5285] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=31.c9
[ 1408.522034][T25043] bridge_slave_0: left allmulticast mode
[ 1408.537723][T25043] bridge_slave_0: left promiscuous mode
[ 1408.548103][T25043] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1408.564464][ T5285] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1408.609592][ T5285] usb 5-1: config 0 descriptor??
[ 1408.625634][T25621] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1408.832561][ T5765] vhci_hcd: vhci_device speed not set
[ 1408.854257][T25621] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1408.921715][T25621] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1408.940151][ T5285] ath6kl: Failed to submit usb control message: -71
[ 1408.951758][ T5285] ath6kl: unable to send the bmi data to the device: -71
[ 1408.972710][ T5285] ath6kl: Unable to send get target info: -71
[ 1409.015272][ T5285] ath6kl: Failed to init ath6kl core: -71
[ 1409.023851][ T5285] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1409.079895][ T5285] usb 5-1: USB disconnect, device number 80
[ 1409.771032][T25673] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1409.792716][T21469] Bluetooth: hci4: command tx timeout
[ 1409.819229][T25043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1409.831575][T25043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1409.842239][T25676] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[ 1409.857625][T25043] bond0 (unregistering): Released all slaves
[ 1409.882963][T25638] netdevsim netdevsim2: Direct firmware load for ng failed with error -2
[ 1409.884256][T25676] audit: out of memory in audit_log_start
[ 1409.900872][T25638] netdevsim netdevsim2: Falling back to sysfs fallback for: ng
[ 1409.922810][   T29] audit: type=1326 audit(1725417754.883:5577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25675 comm="syz.4.3975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0e377cef9 code=0x7ffc0000
[ 1409.989340][T25434] veth0_vlan: entered promiscuous mode
[ 1409.998133][T25617] chnl_net:caif_netlink_parms(): no params data found
[ 1410.042792][   T29] audit: type=1326 audit(1725417754.883:5578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25675 comm="syz.4.3975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0e377cef9 code=0x7ffc0000
[ 1410.118828][   T29] audit: type=1326 audit(1725417754.883:5579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25675 comm="syz.4.3975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe0e377b890 code=0x7ffc0000
[ 1410.176512][T25434] veth1_vlan: entered promiscuous mode
[ 1410.195345][   T29] audit: type=1326 audit(1725417754.883:5580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25675 comm="syz.4.3975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe0e377b9df code=0x7ffc0000
[ 1410.259814][   T29] audit: type=1326 audit(1725417755.023:5581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25675 comm="syz.4.3975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fe0e377b93c code=0x7ffc0000
[ 1410.263683][T21469] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1410.284311][   T29] audit: type=1326 audit(1725417755.023:5582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25675 comm="syz.4.3975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe0e377b9df code=0x7ffc0000
[ 1410.312596][   T29] audit: type=1326 audit(1725417755.023:5583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25675 comm="syz.4.3975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe0e377bb8a code=0x7ffc0000
[ 1410.335627][   T29] audit: type=1326 audit(1725417755.023:5584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25675 comm="syz.4.3975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0e377cef9 code=0x7ffc0000
[ 1410.643323][T25617] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1410.650498][T25617] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1410.689923][T25617] bridge_slave_0: entered allmulticast mode
[ 1410.724824][T25617] bridge_slave_0: entered promiscuous mode
[ 1410.880667][T25617] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1410.903290][ T5283] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[ 1410.944439][T25617] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1410.951713][T25617] bridge_slave_1: entered allmulticast mode
[ 1410.981241][T25617] bridge_slave_1: entered promiscuous mode
[ 1411.024336][T23807] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[ 1411.122590][T25617] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1411.136627][ T5283] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1411.164089][ T5283] usb 5-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[ 1411.203734][T25617] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1411.225266][ T5283] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1411.252515][T23807] usb 3-1: Using ep0 maxpacket: 8
[ 1411.253961][ T5283] usb 5-1: config 0 descriptor??
[ 1411.276166][ T5283] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1411.291697][T23807] usb 3-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[ 1411.304947][T25043] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1411.325908][T25043] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1411.352403][T23807] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1411.363284][T25043] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1411.370739][T25043] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1411.383488][T23807] usb 3-1: config 0 descriptor??
[ 1411.422422][T23807] rndis_host 3-1:0.0: skipping garbage
[ 1411.436113][T23807] rndis_host 3-1:0.0: probe with driver rndis_host failed with error -22
[ 1411.455504][T23807] cdc_acm 3-1:0.0: skipping garbage
[ 1411.463540][T23807] cdc_acm 3-1:0.0: Control and data interfaces are not separated!
[ 1411.472893][T23807] cdc_acm 3-1:0.0: This needs exactly 3 endpoints
[ 1411.479474][T23807] cdc_acm 3-1:0.0: probe with driver cdc_acm failed with error -22
[ 1411.556558][T25043] veth1_macvtap: left promiscuous mode
[ 1411.562165][T25043] veth0_macvtap: left promiscuous mode
[ 1411.568401][T25043] veth1_vlan: left promiscuous mode
[ 1411.574140][T25043] veth0_vlan: left promiscuous mode
[ 1411.878447][T21469] Bluetooth: hci4: command tx timeout
[ 1412.730795][T25043] team0 (unregistering): Port device team_slave_1 removed
[ 1412.831364][T25043] team0 (unregistering): Port device team_slave_0 removed
[ 1413.639587][ T5283] usb 3-1: USB disconnect, device number 74
[ 1413.749162][T25434] veth0_macvtap: entered promiscuous mode
[ 1413.891835][T25617] team0: Port device team_slave_0 added
[ 1413.919233][T25721] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3982'.
[ 1413.942929][T21469] Bluetooth: hci4: command tx timeout
[ 1413.950724][T25434] veth1_macvtap: entered promiscuous mode
[ 1413.964895][T16203] usb 5-1: USB disconnect, device number 81
[ 1414.001618][ T5285] psmouse serio16: Failed to reset mouse on : -5
[ 1414.038686][T25617] team0: Port device team_slave_1 added
[ 1414.177243][T25617] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1414.191524][T25617] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1414.246908][T25617] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1414.306962][T25434] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1414.330445][T25434] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1414.363500][T25434] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1414.392742][T25434] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1414.411730][T25434] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1414.424531][T25434] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1414.468842][T25434] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1414.489771][T25617] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1414.498318][T25617] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1414.532618][T25617] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1414.585543][T25434] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1414.602440][T25434] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1414.644846][T25434] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1414.676550][T25434] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1414.707803][T25434] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1414.774312][T25434] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1414.833637][T25434] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1414.880561][T25434] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1414.892682][T25434] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1414.904145][T25434] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1414.970838][T25434] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1415.053186][T21469] Bluetooth: hci1: ACL packet for unknown connection handle 201
[ 1415.148283][T25617] hsr_slave_0: entered promiscuous mode
[ 1415.169979][T25617] hsr_slave_1: entered promiscuous mode
[ 1415.186561][T25617] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1415.202378][T25617] Cannot create hsr debugfs directory
[ 1415.333271][T23807] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[ 1415.451677][T25043] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1415.463557][T25043] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1415.535495][T23807] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1415.556753][T25047] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1415.571073][T23807] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1415.583509][T25047] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1415.598215][T23807] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1415.611986][T25754] fuse: Unknown parameter 'grou;_id'
[ 1415.612227][T23807] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1415.648564][T23807] usb 5-1: SerialNumber: syz
[ 1415.889713][T23807] usb 5-1: 0:2 : does not exist
[ 1416.022902][T21469] Bluetooth: hci4: command tx timeout
[ 1416.112896][T16203] usb 1-1: new high-speed USB device number 105 using dummy_hcd
[ 1416.170457][T23807] usb 5-1: USB disconnect, device number 82
[ 1416.239590][T18382] udevd[18382]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1416.332426][T16203] usb 1-1: Using ep0 maxpacket: 8
[ 1416.350077][T16203] usb 1-1: New USB device found, idVendor=07ca, idProduct=a801, bcdDevice=6a.96
[ 1416.380500][T16203] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1416.418995][T16203] usb 1-1: Product: syz
[ 1416.429274][T16203] usb 1-1: Manufacturer: syz
[ 1416.442427][T16203] usb 1-1: SerialNumber: syz
[ 1416.461448][T16203] usb 1-1: config 0 descriptor??
[ 1416.476139][T16203] dvb-usb: found a 'AVerMedia AverTV DVB-T USB 2.0 (A800)' in warm state.
[ 1416.513495][T16203] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1416.538342][T16203] dvbdev: DVB: registering new adapter (AVerMedia AverTV DVB-T USB 2.0 (A800))
[ 1416.550604][T25617] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1416.560548][T16203] usb 1-1: media controller created
[ 1416.573369][T25617] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1416.594295][T25617] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1416.605061][T16203] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1416.621665][T25617] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1416.643589][T16203] dvb-usb: bulk message failed: -22 (6/0)
[ 1416.650234][T16203] dvb-usb: bulk message failed: -22 (6/0)
[ 1416.657780][T16203] dvb-usb: no frontend was attached by 'AVerMedia AverTV DVB-T USB 2.0 (A800)'
[ 1416.762810][T16203] rc_core: IR keymap rc-avermedia-m135a not found
[ 1416.769285][T16203] Registered IR keymap rc-empty
[ 1416.789978][T16203] rc rc0: AVerMedia AverTV DVB-T USB 2.0 (A800) as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0
[ 1416.814925][T16203] input: AVerMedia AverTV DVB-T USB 2.0 (A800) as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0/input223
[ 1416.847438][T16203] dvb-usb: schedule remote query interval to 150 msecs.
[ 1416.856725][T25617] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1416.878433][T16203] dvb-usb: AVerMedia AverTV DVB-T USB 2.0 (A800) successfully initialized and connected.
[ 1416.918969][T16203] usb 1-1: USB disconnect, device number 105
[ 1416.929619][T25617] 8021q: adding VLAN 0 to HW filter on device team0
[ 1416.970880][T25046] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1416.978138][T25046] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1417.030887][T25046] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1417.038189][T25046] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1417.098464][T16203] dvb-usb: AVerMedia AverTV DVB-T USB 2.0 (A800) successfully deinitialized and disconnected.
[ 1417.292113][T25617] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1417.322557][T12183] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[ 1417.378651][T21469] Bluetooth: hci1: ACL packet for unknown connection handle 4
[ 1417.474514][T25617] veth0_vlan: entered promiscuous mode
[ 1417.522629][T12183] usb 5-1: Using ep0 maxpacket: 8
[ 1417.531538][T12183] usb 5-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[ 1417.544523][T25617] veth1_vlan: entered promiscuous mode
[ 1417.550911][T12183] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1417.609128][T12183] usb 5-1: config 0 descriptor??
[ 1417.628972][T12183] rndis_host 5-1:0.0: skipping garbage
[ 1417.637437][   T29] kauditd_printk_skb: 1 callbacks suppressed
[ 1417.637457][   T29] audit: type=1326 audit(1725417762.673:5586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25793 comm="syz.1.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1417.643436][T12183] rndis_host 5-1:0.0: probe with driver rndis_host failed with error -22
[ 1417.643758][T12183] cdc_acm 5-1:0.0: skipping garbage
[ 1417.643776][T12183] cdc_acm 5-1:0.0: Control and data interfaces are not separated!
[ 1417.643792][T12183] cdc_acm 5-1:0.0: This needs exactly 3 endpoints
[ 1417.643817][T12183] cdc_acm 5-1:0.0: probe with driver cdc_acm failed with error -22
[ 1417.720016][T25617] veth0_macvtap: entered promiscuous mode
[ 1417.737208][T25617] veth1_macvtap: entered promiscuous mode
[ 1417.772410][   T58] usb 1-1: new high-speed USB device number 106 using dummy_hcd
[ 1417.773253][T25617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1417.792143][T25617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1417.803227][T25617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1417.819945][   T29] audit: type=1326 audit(1725417762.723:5587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25793 comm="syz.1.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1417.850964][ T5285] misc userio: Buffer overflowed, userio client isn't keeping up
[ 1417.859956][T25617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1417.873321][T25617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1417.886929][   T29] audit: type=1326 audit(1725417762.753:5588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25793 comm="syz.1.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1417.910450][T25617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1417.922422][T25617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1417.948901][   T29] audit: type=1326 audit(1725417762.763:5589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25793 comm="syz.1.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1417.974025][T25617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1418.002491][   T58] usb 1-1: Using ep0 maxpacket: 16
[ 1418.004487][T25617] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1418.022124][   T29] audit: type=1326 audit(1725417762.763:5590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25793 comm="syz.1.3993" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f401b37cef9 code=0x7ffc0000
[ 1418.045845][   T58] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 1418.065138][T21469] Bluetooth: hci1: unexpected event for opcode 0x0401
[ 1418.072992][   T58] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1418.085871][   T58] usb 1-1: Product: syz
[ 1418.090278][   T58] usb 1-1: Manufacturer: syz
[ 1418.100395][   T58] usb 1-1: SerialNumber: syz
[ 1418.121976][   T58] usb 1-1: config 0 descriptor??
[ 1418.131618][   T58] visor 1-1:0.0: Sony Clie 3.5 converter detected
[ 1418.136213][T25617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1418.165145][T25617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1418.229883][T25617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1418.252912][T25617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1418.263976][T25617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1418.293370][T25617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1418.307641][T25617] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1418.319954][T25617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1418.359374][T25617] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1418.367551][T25790] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1418.385994][T25790] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1418.435570][T25617] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1418.453677][T25617] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1418.477216][T25617] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1418.491863][T25617] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1418.627575][T21469] Bluetooth: hci1: ACL packet for unknown connection handle 201
[ 1418.649578][   T58] usb 1-1: clie_3_5_startup: get interface number bad return length: 0
[ 1418.659301][   T58] visor 1-1:0.0: probe with driver visor failed with error -5
[ 1418.766157][T25046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1418.805475][T25046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1418.855592][   T58] usb 1-1: USB disconnect, device number 106
[ 1418.897050][T25043] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1418.917373][T25043] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1418.933197][ T5285] input: PS/2 Generic Mouse as /devices/serio16/input/input222
[ 1419.182465][ T5285] psmouse serio16: Failed to enable mouse on 
[ 1419.452552][ T5283] usb 4-1: new high-speed USB device number 102 using dummy_hcd
[ 1419.492766][ T5285] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1419.692485][ T5283] usb 4-1: Using ep0 maxpacket: 32
[ 1419.708997][ T5283] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1419.732544][ T5285] usb 2-1: Using ep0 maxpacket: 32
[ 1419.755484][ T5283] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 1419.775757][ T5285] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1419.788253][ T5283] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1419.799148][   T58] usb 1-1: new high-speed USB device number 107 using dummy_hcd
[ 1419.799746][ T5285] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[ 1419.820362][ T5283] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1419.847048][ T5283] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1419.869810][ T5285] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[ 1419.881633][ T5283] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1419.918527][ T5283] usb 4-1: Product: syz
[ 1419.929276][ T5285] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1419.945468][ T5333] usb 5-1: USB disconnect, device number 83
[ 1419.955014][ T5283] usb 4-1: Manufacturer: syz
[ 1419.961868][ T5283] usb 4-1: SerialNumber: syz
[ 1419.979576][ T5285] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xDC, changing to 0x8C
[ 1419.994499][ T5285] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0
[ 1420.011741][ T5285] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 0
[ 1420.060128][ T5285] usb 2-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1420.072473][   T58] usb 1-1: Using ep0 maxpacket: 8
[ 1420.082117][ T5285] usb 2-1: New USB device found, idVendor=10cf, idProduct=8067, bcdDevice=2c.27
[ 1420.093015][ T5285] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1420.094503][   T58] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1420.101124][ T5285] usb 2-1: Product: syz
[ 1420.142424][   T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1420.148071][ T5285] usb 2-1: Manufacturer: syz
[ 1420.163577][ T5285] usb 2-1: SerialNumber: syz
[ 1420.178326][ T5285] usb 2-1: config 0 descriptor??
[ 1420.190240][   T58] usb 1-1: config 0 descriptor??
[ 1420.195583][T25821] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[ 1420.286961][ T5283] usb 4-1: 2:1 : invalid UAC_AS_GENERAL desc
[ 1420.303457][ T5285] vmk80xx 2-1:0.0: driver 'vmk80xx' failed to auto-configure device.
[ 1420.363595][ T5283] usb 4-1: USB disconnect, device number 102
[ 1420.405733][T25829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1420.409548][T18382] udevd[18382]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1420.433036][T25829] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1420.473300][T25829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1420.507268][T25829] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1420.523485][T25829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1420.532739][ T5333] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[ 1420.581938][T25829] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1420.603382][T25829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1420.642671][T25829] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1420.651645][T25829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1420.688439][T21469] Bluetooth: hci2: unexpected event for opcode 0x0000
[ 1420.712378][ T5333] usb 5-1: Using ep0 maxpacket: 32
[ 1420.725431][ T5333] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1420.743617][T25829] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1420.762660][ T5333] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1420.828552][   T58] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1420.834879][ T5333] usb 5-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[ 1420.860698][   T58] asix 1-1:0.0: probe with driver asix failed with error -71
[ 1420.913741][ T5333] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1420.931439][   T58] usb 1-1: USB disconnect, device number 107
[ 1420.959723][ T5333] usb 5-1: Product: syz
[ 1420.987006][ T5333] usb 5-1: Manufacturer: syz
[ 1421.005869][ T5333] usb 5-1: SerialNumber: syz
[ 1421.031117][ T5333] usb 5-1: config 0 descriptor??
[ 1421.061003][ T5333] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 1421.115008][ T5333] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -2
[ 1421.197928][T25864] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4003'.
[ 1421.217444][T18382] udevd[18382]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1421.307914][T25864] trusted_key: encrypted_key: insufficient parameters specified
[ 1421.316337][T25873] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_macvtap, syncid = 0, id = 0
[ 1421.361321][T25872] netlink: 'syz.0.4006': attribute type 1 has an invalid length.
[ 1421.574143][T25870] dvmrp0: entered allmulticast mode
[ 1421.649590][T25870] dvmrp0: left allmulticast mode
[ 1421.652577][ T5765] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[ 1421.842481][ T5765] usb 4-1: device descriptor read/64, error -71
[ 1421.902551][ T5333] usb 1-1: new high-speed USB device number 108 using dummy_hcd
[ 1422.103417][T21469] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[ 1422.109521][ T5333] usb 1-1: Using ep0 maxpacket: 16
[ 1422.112990][T21469] Bluetooth: hci1: Injecting HCI hardware error event
[ 1422.128134][T21469] Bluetooth: hci1: hardware error 0x00
[ 1422.138014][ T5765] usb 4-1: new high-speed USB device number 104 using dummy_hcd
[ 1422.178596][ T5333] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 1422.203032][   T58] usb 2-1: USB disconnect, device number 39
[ 1422.260265][ T5333] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1422.292722][ T5765] usb 4-1: device descriptor read/64, error -71
[ 1422.306783][ T5333] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1422.384392][ T5333] usb 1-1: config 0 descriptor??
[ 1422.438743][ T5765] usb usb4-port1: attempt power cycle
[ 1422.508467][T25898] batadv0: entered promiscuous mode
[ 1422.541491][T25898] batadv_slave_0: entered promiscuous mode
[ 1422.557858][T25898] batadv_slave_0: left promiscuous mode
[ 1422.579852][T25898] batadv0: left promiscuous mode
[ 1422.874217][ T5765] usb 4-1: new high-speed USB device number 105 using dummy_hcd
[ 1422.936569][ T5765] usb 4-1: device descriptor read/8, error -71
[ 1422.959281][T25876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1423.008956][T25876] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1423.052406][T12184] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1423.053676][ T5333] hid (null): invalid report_size 29539
[ 1423.079849][ T5333] hid (null): unknown global tag 0xd
[ 1423.109588][ T5333] hid-generic 0003:0158:0100.0045: unknown main item tag 0x1
[ 1423.142443][ T5333] hid-generic 0003:0158:0100.0045: unexpected long global item
[ 1423.145215][   T58] usb 5-1: USB disconnect, device number 84
[ 1423.219772][ T5333] hid-generic 0003:0158:0100.0045: probe with driver hid-generic failed with error -22
[ 1423.245366][ T5765] usb 4-1: new high-speed USB device number 106 using dummy_hcd
[ 1423.282468][T12184] usb 2-1: Using ep0 maxpacket: 8
[ 1423.289339][T12184] usb 2-1: config 0 has an invalid descriptor of length 116, skipping remainder of the config
[ 1423.305834][ T1265] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.312693][ T5765] usb 4-1: device descriptor read/8, error -71
[ 1423.319002][ T1265] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.332566][T12184] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1423.351205][T12184] usb 2-1: New USB device found, idVendor=1b3d, idProduct=0146, bcdDevice= 1.b8
[ 1423.365046][T12184] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1423.405273][T12184] usb 2-1: config 0 descriptor??
[ 1423.452865][ T5765] usb usb4-port1: unable to enumerate USB device
[ 1423.666087][ T5765] usb 1-1: USB disconnect, device number 108
[ 1423.833930][T12184] usb 2-1: string descriptor 0 read error: -71
[ 1423.858887][T12184] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[ 1423.876210][T12184] usb 2-1: Detected SIO
[ 1423.882236][T12184] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1423.918642][T12184] usb 2-1: USB disconnect, device number 40
[ 1423.927063][T25912] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[ 1423.937454][T12184] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1423.977389][T12184] ftdi_sio 2-1:0.0: device disconnected
[ 1424.020321][T25912] netpci0: tun_chr_ioctl cmd 1074025677
[ 1424.046773][T25912] netpci0: linktype set to 804
[ 1424.162476][   T29] audit: type=1326 audit(1725417769.193:5591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25911 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0abb7cef9 code=0x7ffc0000
[ 1424.182533][T21469] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1424.239302][T25912] can: request_module (can-proto-3) failed.
[ 1424.255422][   T29] audit: type=1326 audit(1725417769.193:5592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25911 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0abb7cef9 code=0x7ffc0000
[ 1424.342774][   T29] audit: type=1326 audit(1725417769.193:5593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25911 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd0abb7b890 code=0x7ffc0000
[ 1424.412396][   T29] audit: type=1326 audit(1725417769.203:5594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25911 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd0abb7cafb code=0x7ffc0000
[ 1424.432450][   T58] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[ 1424.522803][   T29] audit: type=1326 audit(1725417769.213:5595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25911 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd0abb7cafb code=0x7ffc0000
[ 1424.622493][   T58] usb 3-1: device descriptor read/64, error -71
[ 1424.622584][ T5333] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[ 1424.647751][   T29] audit: type=1326 audit(1725417769.213:5596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25911 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd0abb7cafb code=0x7ffc0000
[ 1424.742565][T21469] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1424.753259][T21469] Bluetooth: hci2: Injecting HCI hardware error event
[ 1424.759352][   T29] audit: type=1326 audit(1725417769.213:5597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25911 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd0abb7cafb code=0x7ffc0000
[ 1424.763717][T21469] Bluetooth: hci2: hardware error 0x00
[ 1424.858061][   T29] audit: type=1326 audit(1725417769.333:5598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25911 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd0abb7cafb code=0x7ffc0000
[ 1424.882400][ T5333] usb 5-1: Using ep0 maxpacket: 16
[ 1424.941612][   T29] audit: type=1326 audit(1725417769.413:5599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25911 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd0abb7cafb code=0x7ffc0000
[ 1424.964184][   T58] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[ 1425.031419][   T29] audit: type=1326 audit(1725417769.513:5600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25911 comm="syz.2.4013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd0abb7cafb code=0x7ffc0000
[ 1425.098708][ T5333] usb 5-1: config 0 has an invalid interface number: 161 but max is 0
[ 1425.125628][ T5333] usb 5-1: config 0 has no interface number 0
[ 1425.139888][ T5333] usb 5-1: config 0 interface 161 has no altsetting 0
[ 1425.152552][   T58] usb 3-1: device descriptor read/64, error -71
[ 1425.185971][ T5333] usb 5-1: New USB device found, idVendor=13d3, idProduct=3336, bcdDevice= 5.f5
[ 1425.215811][ T5333] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1425.235763][ T5333] usb 5-1: Product: syz
[ 1425.240921][ T5333] usb 5-1: Manufacturer: syz
[ 1425.271658][ T5333] usb 5-1: SerialNumber: syz
[ 1425.276463][T12183] usb 1-1: new high-speed USB device number 109 using dummy_hcd
[ 1425.282986][   T58] usb usb3-port1: attempt power cycle
[ 1425.307724][ T5333] usb 5-1: config 0 descriptor??
[ 1425.423606][T12183] usb 1-1: device descriptor read/64, error -71
[ 1425.554917][T25921] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4015'.
[ 1425.722496][T12183] usb 1-1: new high-speed USB device number 110 using dummy_hcd
[ 1425.730236][   T58] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[ 1425.764515][   T58] usb 3-1: device descriptor read/8, error -71
[ 1425.882439][T12183] usb 1-1: device descriptor read/64, error -71
[ 1426.014150][T12183] usb usb1-port1: attempt power cycle
[ 1426.042467][   T58] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[ 1426.093566][   T58] usb 3-1: device descriptor read/8, error -71
[ 1426.213273][   T58] usb usb3-port1: unable to enumerate USB device
[ 1426.432404][T12183] usb 1-1: new high-speed USB device number 111 using dummy_hcd
[ 1426.474929][T12183] usb 1-1: device descriptor read/8, error -71
[ 1426.752496][T12183] usb 1-1: new high-speed USB device number 112 using dummy_hcd
[ 1426.803133][T12183] usb 1-1: device descriptor read/8, error -71
[ 1426.902562][T21469] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1426.933962][T12183] usb usb1-port1: unable to enumerate USB device
[ 1427.309859][ T5333] r8712u: register rtl8712_netdev_ops to netdev_ops
[ 1427.321735][T16203] usb 4-1: new high-speed USB device number 107 using dummy_hcd
[ 1427.330786][ T5333] usb 5-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[ 1427.357928][ T5333] usb 5-1: r8712u: Boot from EFUSE: Autoload Failed
[ 1427.380077][ T5333] usb 5-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[ 1427.398935][ T5333] usb 5-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[ 1427.430885][ T5333] usb 5-1: USB disconnect, device number 85
[ 1427.457381][T25967] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4029'.
[ 1427.529681][T16203] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1427.546524][T16203] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1427.559142][T16203] usb 4-1: Product: syz
[ 1427.567410][T16203] usb 4-1: Manufacturer: syz
[ 1427.572092][T16203] usb 4-1: SerialNumber: syz
[ 1427.593408][T16203] usb 4-1: config 0 descriptor??
[ 1427.731331][T25980] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4032'.
[ 1427.742087][T25980] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4032'.
[ 1427.753758][T25980] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4032'.
[ 1427.856126][T25981] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[ 1427.862704][T25981] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1427.913659][T25981] vhci_hcd vhci_hcd.0: Device attached
[ 1428.022539][T16203] usb 4-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (0)
[ 1428.046211][T16203] usb 4-1: Firmware version (0.0) predates our first public release.
[ 1428.082514][T16203] usb 4-1: Please update to version 0.2 or newer
[ 1428.212457][   T58] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[ 1428.228165][T12183] usb 12-1: SetAddress Request (26) to port 0
[ 1428.251249][T12183] usb 12-1: new SuperSpeed USB device number 26 using vhci_hcd
[ 1428.317814][T16203] usb 4-1: USB disconnect, device number 107
[ 1428.445898][   T58] usb 5-1: Using ep0 maxpacket: 8
[ 1428.460901][   T58] usb 5-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[ 1428.488014][   T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1428.520118][   T58] usb 5-1: config 0 descriptor??
[ 1428.555081][   T58] rndis_host 5-1:0.0: skipping garbage
[ 1428.575202][T25982] vhci_hcd: connection reset by peer
[ 1428.581455][   T58] rndis_host 5-1:0.0: probe with driver rndis_host failed with error -22
[ 1428.593529][   T58] cdc_acm 5-1:0.0: skipping garbage
[ 1428.599371][T25047] vhci_hcd: stop threads
[ 1428.607543][T25047] vhci_hcd: release socket
[ 1428.622099][   T58] cdc_acm 5-1:0.0: Control and data interfaces are not separated!
[ 1428.641635][T25047] vhci_hcd: disconnect device
[ 1428.649171][   T58] cdc_acm 5-1:0.0: This needs exactly 3 endpoints
[ 1428.658469][   T58] cdc_acm 5-1:0.0: probe with driver cdc_acm failed with error -22
[ 1428.907538][T26004] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4038'.
[ 1428.938851][T26004] bridge_slave_1: left allmulticast mode
[ 1428.951512][T26004] bridge_slave_1: left promiscuous mode
[ 1428.960623][T26004] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1428.979373][T26004] bridge_slave_0: left allmulticast mode
[ 1428.991603][T26004] bridge_slave_0: left promiscuous mode
[ 1429.009910][T26004] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1429.565094][T16203] usb 3-1: new full-speed USB device number 79 using dummy_hcd
[ 1429.756307][T26020] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4044'.
[ 1429.774163][T16203] usb 3-1: config 0 has an invalid interface number: 103 but max is 0
[ 1429.802590][T16203] usb 3-1: config 0 has no interface number 0
[ 1429.828807][T16203] usb 3-1: New USB device found, idVendor=2013, idProduct=1faa, bcdDevice=de.4d
[ 1429.851237][T16203] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1429.870831][T16203] usb 3-1: Product: syz
[ 1429.875180][T16203] usb 3-1: Manufacturer: syz
[ 1429.881163][T16203] usb 3-1: SerialNumber: syz
[ 1429.907863][T16203] usb 3-1: config 0 descriptor??
[ 1430.160856][T16203] dvb-usb: found a 'DiBcom STK8096-PVR reference design' in cold state, will try to load a firmware
[ 1430.203243][T16203] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1430.225564][T16203] dib0700: firmware download failed at 7 with -22
[ 1430.261578][T16203] usb 3-1: USB disconnect, device number 79
[ 1430.436037][T26024] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[ 1430.442599][T26024] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1430.468806][T26024] vhci_hcd vhci_hcd.0: Device attached
[ 1430.742419][ T5333] usb 15-1: new high-speed USB device number 2 using vhci_hcd
[ 1430.890938][ T5765] usb 5-1: USB disconnect, device number 86
[ 1431.065198][ T5282] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[ 1431.248429][T26044] xt_time: invalid argument - start or stop time greater than 23:59:59
[ 1431.274206][ T5282] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[ 1431.297354][T26025] vhci_hcd: connection reset by peer
[ 1431.325999][ T5282] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1431.330692][T25047] vhci_hcd: stop threads
[ 1431.338461][ T5282] usb 3-1: Product: syz
[ 1431.353590][ T5282] usb 3-1: Manufacturer: syz
[ 1431.358807][ T5282] usb 3-1: SerialNumber: syz
[ 1431.368665][T25047] vhci_hcd: release socket
[ 1431.389635][T25047] vhci_hcd: disconnect device
[ 1431.399620][ T5282] usb 3-1: config 0 descriptor??
[ 1431.418735][ T5282] ch341 3-1:0.0: ch341-uart converter detected
[ 1431.543276][T23807] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[ 1431.629710][T21469] Bluetooth: hci4: Malformed MSFT vendor event: 0x02
[ 1431.687584][   T29] kauditd_printk_skb: 25 callbacks suppressed
[ 1431.687603][   T29] audit: type=1326 audit(1725417776.733:5626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26049 comm="syz.3.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfbf7cef9 code=0x7ffc0000
[ 1431.745805][T23807] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1431.771229][T23807] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 1431.777119][   T29] audit: type=1326 audit(1725417776.763:5627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26049 comm="syz.3.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=301 compat=0 ip=0x7fdbfbf7cef9 code=0x7ffc0000
[ 1431.829876][   T29] audit: type=1326 audit(1725417776.763:5628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26049 comm="syz.3.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfbf7cef9 code=0x7ffc0000
[ 1431.870677][   T29] audit: type=1326 audit(1725417776.773:5629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26049 comm="syz.3.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fdbfbf7cef9 code=0x7ffc0000
[ 1431.899613][T23807] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[ 1431.909597][T23807] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1431.918822][T23807] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1431.976134][T23807] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 1431.981600][   T29] audit: type=1326 audit(1725417776.773:5630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26049 comm="syz.3.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfbf7cef9 code=0x7ffc0000
[ 1432.099307][   T29] audit: type=1326 audit(1725417776.773:5631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26049 comm="syz.3.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfbf7cef9 code=0x7ffc0000
[ 1432.218524][   T29] audit: type=1326 audit(1725417776.773:5632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26049 comm="syz.3.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdbfbf7cef9 code=0x7ffc0000
[ 1432.259425][T17680] udevd[17680]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1432.335621][T23807] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -12
[ 1432.355799][   T29] audit: type=1326 audit(1725417776.773:5633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26049 comm="syz.3.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfbf7cef9 code=0x7ffc0000
[ 1432.449745][   T29] audit: type=1326 audit(1725417776.783:5634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26049 comm="syz.3.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfbf7cef9 code=0x7ffc0000
[ 1432.542363][   T29] audit: type=1326 audit(1725417776.783:5635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26049 comm="syz.3.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdbfbf7cef9 code=0x7ffc0000
[ 1432.908723][ T5282] ch341-uart ttyUSB0: break control not supported, using simulated break
[ 1432.918063][ T5282] usb 3-1: ch341-uart converter now attached to ttyUSB0
[ 1432.945754][T26059] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1432.954268][ T5283] usb 2-1: new full-speed USB device number 41 using dummy_hcd
[ 1432.969138][T26059] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1433.166783][ T5283] usb 2-1: config 0 has an invalid interface number: 103 but max is 0
[ 1433.189817][T23807] usb 3-1: USB disconnect, device number 80
[ 1433.204515][T23807] ch341-uart ttyUSB0: ch341-uart converter now disconnected from ttyUSB0
[ 1433.224895][T23807] ch341 3-1:0.0: device disconnected
[ 1433.248845][ T5283] usb 2-1: config 0 has no interface number 0
[ 1433.276851][ T5283] usb 2-1: New USB device found, idVendor=2013, idProduct=1faa, bcdDevice=de.4d
[ 1433.295794][ T5283] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1433.339525][ T5283] usb 2-1: Product: syz
[ 1433.359560][ T5283] usb 2-1: Manufacturer: syz
[ 1433.367131][ T5283] usb 2-1: SerialNumber: syz
[ 1433.382779][T12183] usb 12-1: device descriptor read/8, error -110
[ 1433.395740][ T5283] usb 2-1: config 0 descriptor??
[ 1433.648212][ T5282] IPVS: starting estimator thread 0...
[ 1433.659113][ T5283] dvb-usb: found a 'DiBcom STK8096-PVR reference design' in cold state, will try to load a firmware
[ 1433.698245][ T5283] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1433.747300][T26076] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.4061'.
[ 1433.763451][ T5283] dib0700: firmware download failed at 7 with -22
[ 1433.769191][T26075] IPVS: using max 19 ests per chain, 45600 per kthread
[ 1433.775283][ T5283] usb 2-1: USB disconnect, device number 41
[ 1433.805996][T26074] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.4061'.
[ 1433.835671][T12183] usb usb12-port1: attempt power cycle
[ 1434.232830][T23807] usb 5-1: USB disconnect, device number 87
[ 1434.512888][T12183] usb usb12-port1: unable to enumerate USB device
[ 1434.862561][T26098] IPv6: addrconf: prefix option has invalid lifetime
[ 1434.883035][T26098] IPv6: addrconf: prefix option has invalid lifetime
[ 1434.896568][T26099] netlink: 'syz.0.4068': attribute type 8 has an invalid length.
[ 1435.012863][T26103] FAULT_INJECTION: forcing a failure.
[ 1435.012863][T26103] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1435.038567][T26103] CPU: 1 UID: 0 PID: 26103 Comm: syz.2.4069 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[ 1435.049378][T26103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1435.059465][T26103] Call Trace:
[ 1435.062759][T26103]  <TASK>
[ 1435.065684][T26103]  dump_stack_lvl+0x241/0x360
[ 1435.070376][T26103]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1435.075594][T26103]  ? __pfx__printk+0x10/0x10
[ 1435.080218][T26103]  ? snprintf+0xda/0x120
[ 1435.084506][T26103]  should_fail_ex+0x3b0/0x4e0
[ 1435.089235][T26103]  _copy_to_user+0x2f/0xb0
[ 1435.093689][T26103]  simple_read_from_buffer+0xca/0x150
[ 1435.099100][T26103]  proc_fail_nth_read+0x1ec/0x260
[ 1435.104170][T26103]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1435.109759][T26103]  ? rw_verify_area+0x520/0x6b0
[ 1435.114647][T26103]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1435.120240][T26103]  vfs_read+0x204/0xbc0
[ 1435.124430][T26103]  ? __pfx_lock_release+0x10/0x10
[ 1435.129500][T26103]  ? __pfx_vfs_read+0x10/0x10
[ 1435.134212][T26103]  ? __fget_files+0x29/0x470
[ 1435.138939][T26103]  ? __fget_files+0x3f6/0x470
[ 1435.143670][T26103]  ksys_read+0x1a0/0x2c0
[ 1435.147951][T26103]  ? __pfx_ksys_read+0x10/0x10
[ 1435.152748][T26103]  ? do_syscall_64+0x100/0x230
[ 1435.157548][T26103]  ? do_syscall_64+0xb6/0x230
[ 1435.160976][T26108] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4072'.
[ 1435.162242][T26103]  do_syscall_64+0xf3/0x230
[ 1435.162273][T26103]  ? clear_bhb_loop+0x35/0x90
[ 1435.162298][T26103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1435.171540][T26108] netlink: 'syz.0.4072': attribute type 7 has an invalid length.
[ 1435.175726][T26103] RIP: 0033:0x7fd0abb7b93c
[ 1435.175754][T26103] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 1435.175770][T26103] RSP: 002b:00007fd0ac901030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1435.175792][T26103] RAX: ffffffffffffffda RBX: 00007fd0abd35f80 RCX: 00007fd0abb7b93c
[ 1435.175807][T26103] RDX: 000000000000000f RSI: 00007fd0ac9010a0 RDI: 0000000000000004
[ 1435.175818][T26103] RBP: 00007fd0ac901090 R08: 0000000000000000 R09: 0000000000000000
[ 1435.175829][T26103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1435.175841][T26103] R13: 0000000000000000 R14: 00007fd0abd35f80 R15: 00007fd0abe5fa28
[ 1435.175869][T26103]  </TASK>
[ 1435.296260][T26108] netlink: 'syz.0.4072': attribute type 8 has an invalid length.
[ 1435.355566][T26108] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4072'.
[ 1435.405931][T26108] syz_tun: entered promiscuous mode
[ 1435.443631][T26108] batadv_slave_1: entered promiscuous mode
[ 1435.466929][T26108] gretap0: entered promiscuous mode
[ 1435.883655][T26123] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4077'.
[ 1435.893909][ T5333] vhci_hcd: vhci_device speed not set
[ 1435.920038][T26109] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1435.932899][ T5285] usb 1-1: new high-speed USB device number 113 using dummy_hcd
[ 1435.942767][T26109] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1435.971535][T26109] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1436.004246][T26109] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1436.012646][T26109] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1436.048222][T26109] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1436.065464][T23807] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[ 1436.139320][T26127] hsr0: entered promiscuous mode
[ 1436.152544][ T5285] usb 1-1: Using ep0 maxpacket: 8
[ 1436.166401][ T5285] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1436.185398][ T5285] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1436.213741][ T5285] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1436.242429][ T5285] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1436.250496][ T5285] usb 1-1: Product: syz
[ 1436.266331][T23807] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1436.276330][ T5285] usb 1-1: Manufacturer: syz
[ 1436.276357][ T5285] usb 1-1: SerialNumber: syz
[ 1436.323356][T23807] usb 5-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[ 1436.348277][T23807] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1436.392898][T23807] usb 5-1: config 0 descriptor??
[ 1436.412025][T26131] netlink: 'syz.2.4081': attribute type 3 has an invalid length.
[ 1436.415124][T23807] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1436.430169][T26131] netlink: 201372 bytes leftover after parsing attributes in process `syz.2.4081'.
[ 1436.795386][T12183] usb 5-1: USB disconnect, device number 88
[ 1437.212457][T23807] usb 4-1: new high-speed USB device number 108 using dummy_hcd
[ 1437.232076][T26149] IPVS: lblc: UDP 224.0.0.1:0 - no destination available
[ 1437.402417][T23807] usb 4-1: Using ep0 maxpacket: 16
[ 1437.419131][T23807] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1437.448943][T23807] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1437.481897][T23807] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1437.503380][T23807] usb 4-1: New USB device found, idVendor=046d, idProduct=c211, bcdDevice= 0.00
[ 1437.512840][T23807] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1437.544482][T23807] usb 4-1: config 0 descriptor??
[ 1437.642598][T12184] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 1437.749419][   T29] kauditd_printk_skb: 48 callbacks suppressed
[ 1437.749436][   T29] audit: type=1326 audit(1725417782.793:5684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26160 comm="syz.2.4090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0abb7cef9 code=0x7ffc0000
[ 1437.789862][   T29] audit: type=1326 audit(1725417782.823:5685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26160 comm="syz.2.4090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fd0abb7cef9 code=0x7ffc0000
[ 1437.843874][T12184] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 1437.878026][T12184] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1437.909964][T12184] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1437.912523][   T29] audit: type=1326 audit(1725417782.823:5686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26160 comm="syz.2.4090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0abb7cef9 code=0x7ffc0000
[ 1437.922927][T12184] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1437.954925][T21469] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1437.962678][T26145] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1437.977805][T26145] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1437.998814][T12184] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1438.010316][T12184] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1438.019534][T12184] usb 2-1: Product: syz
[ 1438.024022][T21469] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1438.031136][T12184] usb 2-1: Manufacturer: syz
[ 1438.036627][T12184] usb 2-1: SerialNumber: syz
[ 1438.057437][   T29] audit: type=1326 audit(1725417782.823:5687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26160 comm="syz.2.4090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0abb7cef9 code=0x7ffc0000
[ 1438.117319][T23807] logitech 0003:046D:C211.0046: hidraw0: USB HID v0.00 Device [HID 046d:c211] on usb-dummy_hcd.3-1/input0
[ 1438.129052][T23807] logitech 0003:046D:C211.0046: no inputs found
[ 1438.152495][   T58] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[ 1438.188061][   T29] audit: type=1326 audit(1725417782.823:5688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26160 comm="syz.2.4090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fd0abb7cef9 code=0x7ffc0000
[ 1438.222883][   T29] audit: type=1326 audit(1725417782.823:5689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26160 comm="syz.2.4090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0abb7cef9 code=0x7ffc0000
[ 1438.287337][   T29] audit: type=1326 audit(1725417782.823:5690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26160 comm="syz.2.4090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0abb7cef9 code=0x7ffc0000
[ 1438.395246][   T58] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1438.440280][   T58] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1438.453418][   T29] audit: type=1326 audit(1725417782.823:5691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26160 comm="syz.2.4090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fd0abb7cef9 code=0x7ffc0000
[ 1438.534778][   T58] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1438.561375][T12184] usb 2-1: USB disconnect, device number 42
[ 1438.566807][   T29] audit: type=1326 audit(1725417782.823:5692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26160 comm="syz.2.4090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd0abb7cef9 code=0x7ffc0000
[ 1438.606921][   T58] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1438.666505][   T58] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1438.688183][   T58] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1438.713977][   T29] audit: type=1326 audit(1725417782.823:5693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26160 comm="syz.2.4090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd0abb7cef9 code=0x7ffc0000
[ 1438.727286][   T58] usb 5-1: Product: syz
[ 1438.758658][   T58] usb 5-1: Manufacturer: syz
[ 1438.792117][   T58] cdc_wdm 5-1:1.0: skipping garbage
[ 1438.806894][T12183] usb 1-1: USB disconnect, device number 113
[ 1438.892429][   T58] cdc_wdm 5-1:1.0: skipping garbage
[ 1438.940616][   T58] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[ 1438.993800][   T58] cdc_wdm 5-1:1.0: Unknown control protocol
[ 1439.026582][   T58] usb 5-1: USB disconnect, device number 89
[ 1439.028253][    C0] ------------[ cut here ]------------
[ 1439.038908][    C0] WARNING: CPU: 0 PID: 26171 at net/hsr/hsr_forward.c:602 hsr_fill_frame_info+0x3da/0x570
[ 1439.048937][    C0] Modules linked in:
[ 1439.052928][    C0] CPU: 0 UID: 0 PID: 26171 Comm: syz.0.4093 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[ 1439.063790][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1439.073943][    C0] RIP: 0010:hsr_fill_frame_info+0x3da/0x570
[ 1439.079891][    C0] Code: 00 31 c0 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 05 1d f9 f5 90 0f 0b 90 e9 09 ff ff ff e8 f7 1c f9 f5 90 <0f> 0b 90 eb 93 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c a3 fc ff ff 48
[ 1439.099621][    C0] RSP: 0018:ffffc90000007278 EFLAGS: 00010246
[ 1439.105790][    C0] RAX: ffffffff8b9a6fb9 RBX: 0000000000000000 RCX: ffff888072d03c00
[ 1439.113844][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 1439.121931][    C0] RBP: ffff888074b2ccc0 R08: ffffffff8b9a6e09 R09: 0000000000000000
[ 1439.129930][    C0] R10: ffffc900000073c8 R11: fffff52000000e7b R12: dffffc0000000000
[ 1439.137938][    C0] R13: 000000000000be88 R14: ffff888067504e20 R15: ffffc900000073c0
[ 1439.145942][    C0] FS:  00007f0e2ef466c0(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000
[ 1439.154893][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1439.161554][    C0] CR2: 00007fd0abcfc178 CR3: 000000002cbb4000 CR4: 00000000003506f0
[ 1439.169579][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000065d1a85f
[ 1439.177574][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1439.185567][    C0] Call Trace:
[ 1439.188835][    C0]  <IRQ>
[ 1439.191687][    C0]  ? __warn+0x163/0x4e0
[ 1439.195885][    C0]  ? hsr_fill_frame_info+0x3da/0x570
[ 1439.201174][    C0]  ? report_bug+0x2b3/0x500
[ 1439.205789][    C0]  ? hsr_fill_frame_info+0x3da/0x570
[ 1439.211070][    C0]  ? handle_bug+0x3e/0x70
[ 1439.215501][    C0]  ? exc_invalid_op+0x1a/0x50
[ 1439.220175][    C0]  ? asm_exc_invalid_op+0x1a/0x20
[ 1439.225214][    C0]  ? hsr_fill_frame_info+0x229/0x570
[ 1439.230488][    C0]  ? hsr_fill_frame_info+0x3d9/0x570
[ 1439.235804][    C0]  ? hsr_fill_frame_info+0x3da/0x570
[ 1439.241087][    C0]  ? hsr_fill_frame_info+0x3d9/0x570
[ 1439.246433][    C0]  hsr_forward_skb+0x847/0x2b60
[ 1439.251299][    C0]  ? validate_chain+0x11e/0x5900
[ 1439.256265][    C0]  ? hsr_forward_skb+0xaf/0x2b60
[ 1439.261200][    C0]  ? __pfx_hsr_forward_skb+0x10/0x10
[ 1439.266535][    C0]  ? skb_push+0x97/0x100
[ 1439.270797][    C0]  hsr_handle_frame+0x51b/0x7d0
[ 1439.275681][    C0]  ? __pfx_packet_rcv+0x10/0x10
[ 1439.280533][    C0]  ? __pfx_hsr_handle_frame+0x10/0x10
[ 1439.285968][    C0]  __netif_receive_skb_core+0x13e8/0x4570
[ 1439.291686][    C0]  ? __pfx_hsr_handle_frame+0x10/0x10
[ 1439.297123][    C0]  ? __pfx___netif_receive_skb_core+0x10/0x10
[ 1439.303229][    C0]  ? validate_chain+0x11e/0x5900
[ 1439.308162][    C0]  ? mark_lock+0x9a/0x350
[ 1439.312511][    C0]  ? __lock_acquire+0x137a/0x2040
[ 1439.317546][    C0]  __netif_receive_skb_list_core+0x2b7/0x980
[ 1439.323552][    C0]  ? mark_lock+0x9a/0x350
[ 1439.327887][    C0]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[ 1439.334412][    C0]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[ 1439.340734][    C0]  netif_receive_skb_list_internal+0xa51/0xe30
[ 1439.346997][    C0]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[ 1439.353339][    C0]  ? dev_gro_receive+0x108f/0x24b0
[ 1439.358439][    C0]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[ 1439.365135][    C0]  ? cpufreq_update_util+0x94/0x250
[ 1439.370367][    C0]  napi_complete_done+0x310/0x8e0
[ 1439.375425][    C0]  ? mark_lock+0x9a/0x350
[ 1439.379756][    C0]  ? __pfx_napi_complete_done+0x10/0x10
[ 1439.385321][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1439.390075][    C0]  ? napi_gro_receive+0x6f3/0xc90
[ 1439.395117][    C0]  gro_cell_poll+0x19a/0x1c0
[ 1439.399704][    C0]  __napi_poll+0xcb/0x490
[ 1439.404052][    C0]  net_rx_action+0x89b/0x1240
[ 1439.408747][    C0]  ? __pfx_net_rx_action+0x10/0x10
[ 1439.414070][    C0]  ? sched_clock+0x4a/0x70
[ 1439.418492][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1439.424841][    C0]  handle_softirqs+0x2c4/0x970
[ 1439.429601][    C0]  ? do_softirq+0x11b/0x1e0
[ 1439.432382][T12183] usb 1-1: new high-speed USB device number 114 using dummy_hcd
[ 1439.434141][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1439.447062][    C0]  do_softirq+0x11b/0x1e0
[ 1439.451444][    C0]  </IRQ>
[ 1439.454418][    C0]  <TASK>
[ 1439.457354][    C0]  ? __pfx_do_softirq+0x10/0x10
[ 1439.462229][    C0]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[ 1439.467935][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1439.472747][    C0]  __local_bh_enable_ip+0x1bb/0x200
[ 1439.477959][    C0]  ? __pfx_netif_receive_skb+0x10/0x10
[ 1439.483467][    C0]  ? tun_rx_batched+0x160/0x8f0
[ 1439.488336][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1439.494102][    C0]  ? tun_rx_batched+0x160/0x8f0
[ 1439.498967][    C0]  tun_rx_batched+0x732/0x8f0
[ 1439.503676][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1439.510024][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 1439.515085][    C0]  ? __pfx_tun_rx_batched+0x10/0x10
[ 1439.520305][    C0]  tun_get_user+0x2f84/0x4720
[ 1439.525009][    C0]  ? tun_get_user+0x2a78/0x4720
[ 1439.529885][    C0]  ? __lock_acquire+0x137a/0x2040
[ 1439.534952][    C0]  ? __pfx_tun_get_user+0x10/0x10
[ 1439.540009][    C0]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1439.545534][    C0]  ? tun_get+0x1e/0x2f0
[ 1439.549703][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1439.554784][    C0]  ? tun_get+0x1e/0x2f0
[ 1439.558953][    C0]  ? tun_get+0x27d/0x2f0
[ 1439.563228][    C0]  tun_chr_write_iter+0x113/0x1f0
[ 1439.568270][    C0]  vfs_write+0xa72/0xc90
[ 1439.572532][    C0]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1439.578097][    C0]  ? __pfx_vfs_write+0x10/0x10
[ 1439.582913][    C0]  ? do_futex+0x33b/0x560
[ 1439.587290][    C0]  ksys_write+0x1a0/0x2c0
[ 1439.591647][    C0]  ? __pfx_ksys_write+0x10/0x10
[ 1439.596756][    C0]  ? do_syscall_64+0x100/0x230
[ 1439.601575][    C0]  ? do_syscall_64+0xb6/0x230
[ 1439.606304][    C0]  do_syscall_64+0xf3/0x230
[ 1439.610907][    C0]  ? clear_bhb_loop+0x35/0x90
[ 1439.615623][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1439.621525][    C0] RIP: 0033:0x7f0e2e17b9df
[ 1439.625996][    C0] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[ 1439.645778][    C0] RSP: 002b:00007f0e2ef46000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1439.654259][    C0] RAX: ffffffffffffffda RBX: 00007f0e2e335f80 RCX: 00007f0e2e17b9df
[ 1439.662243][    C0] RDX: 0000000000000068 RSI: 00000000200001c0 RDI: 00000000000000c8
[ 1439.670385][    C0] RBP: 00007f0e2e1ef01e R08: 0000000000000000 R09: 0000000000000000
[ 1439.678420][    C0] R10: 0000000000000068 R11: 0000000000000293 R12: 0000000000000000
[ 1439.686471][    C0] R13: 0000000000000000 R14: 00007f0e2e335f80 R15: 00007f0e2e45fa28
[ 1439.694630][    C0]  </TASK>
[ 1439.697658][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1439.704977][    C0] CPU: 0 UID: 0 PID: 26171 Comm: syz.0.4093 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[ 1439.715748][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1439.725812][    C0] Call Trace:
[ 1439.729114][    C0]  <IRQ>
[ 1439.731967][    C0]  dump_stack_lvl+0x241/0x360
[ 1439.736756][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1439.741963][    C0]  ? __pfx__printk+0x10/0x10
[ 1439.746552][    C0]  ? _printk+0xd5/0x120
[ 1439.750729][    C0]  ? vscnprintf+0x5d/0x90
[ 1439.755410][    C0]  panic+0x349/0x860
[ 1439.759316][    C0]  ? __warn+0x172/0x4e0
[ 1439.763486][    C0]  ? __pfx_panic+0x10/0x10
[ 1439.767914][    C0]  ? show_trace_log_lvl+0x4e6/0x520
[ 1439.773136][    C0]  __warn+0x346/0x4e0
[ 1439.777137][    C0]  ? hsr_fill_frame_info+0x3da/0x570
[ 1439.782455][    C0]  report_bug+0x2b3/0x500
[ 1439.786798][    C0]  ? hsr_fill_frame_info+0x3da/0x570
[ 1439.792121][    C0]  handle_bug+0x3e/0x70
[ 1439.796301][    C0]  exc_invalid_op+0x1a/0x50
[ 1439.800892][    C0]  asm_exc_invalid_op+0x1a/0x20
[ 1439.805855][    C0] RIP: 0010:hsr_fill_frame_info+0x3da/0x570
[ 1439.811787][    C0] Code: 00 31 c0 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 05 1d f9 f5 90 0f 0b 90 e9 09 ff ff ff e8 f7 1c f9 f5 90 <0f> 0b 90 eb 93 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c a3 fc ff ff 48
[ 1439.831499][    C0] RSP: 0018:ffffc90000007278 EFLAGS: 00010246
[ 1439.837570][    C0] RAX: ffffffff8b9a6fb9 RBX: 0000000000000000 RCX: ffff888072d03c00
[ 1439.845556][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 1439.853548][    C0] RBP: ffff888074b2ccc0 R08: ffffffff8b9a6e09 R09: 0000000000000000
[ 1439.861623][    C0] R10: ffffc900000073c8 R11: fffff52000000e7b R12: dffffc0000000000
[ 1439.869770][    C0] R13: 000000000000be88 R14: ffff888067504e20 R15: ffffc900000073c0
[ 1439.877793][    C0]  ? hsr_fill_frame_info+0x229/0x570
[ 1439.883107][    C0]  ? hsr_fill_frame_info+0x3d9/0x570
[ 1439.888437][    C0]  ? hsr_fill_frame_info+0x3d9/0x570
[ 1439.893731][    C0]  hsr_forward_skb+0x847/0x2b60
[ 1439.898608][    C0]  ? validate_chain+0x11e/0x5900
[ 1439.903567][    C0]  ? hsr_forward_skb+0xaf/0x2b60
[ 1439.908527][    C0]  ? __pfx_hsr_forward_skb+0x10/0x10
[ 1439.913846][    C0]  ? skb_push+0x97/0x100
[ 1439.918084][    C0]  hsr_handle_frame+0x51b/0x7d0
[ 1439.922944][    C0]  ? __pfx_packet_rcv+0x10/0x10
[ 1439.927901][    C0]  ? __pfx_hsr_handle_frame+0x10/0x10
[ 1439.933306][    C0]  __netif_receive_skb_core+0x13e8/0x4570
[ 1439.939143][    C0]  ? __pfx_hsr_handle_frame+0x10/0x10
[ 1439.944565][    C0]  ? __pfx___netif_receive_skb_core+0x10/0x10
[ 1439.950641][    C0]  ? validate_chain+0x11e/0x5900
[ 1439.955611][    C0]  ? mark_lock+0x9a/0x350
[ 1439.959958][    C0]  ? __lock_acquire+0x137a/0x2040
[ 1439.965017][    C0]  __netif_receive_skb_list_core+0x2b7/0x980
[ 1439.970998][    C0]  ? mark_lock+0x9a/0x350
[ 1439.975341][    C0]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[ 1439.981866][    C0]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[ 1439.988227][    C0]  netif_receive_skb_list_internal+0xa51/0xe30
[ 1439.994402][    C0]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[ 1440.000929][    C0]  ? dev_gro_receive+0x108f/0x24b0
[ 1440.006071][    C0]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[ 1440.012759][    C0]  ? cpufreq_update_util+0x94/0x250
[ 1440.018101][    C0]  napi_complete_done+0x310/0x8e0
[ 1440.023145][    C0]  ? mark_lock+0x9a/0x350
[ 1440.027507][    C0]  ? __pfx_napi_complete_done+0x10/0x10
[ 1440.033066][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1440.037837][    C0]  ? napi_gro_receive+0x6f3/0xc90
[ 1440.042888][    C0]  gro_cell_poll+0x19a/0x1c0
[ 1440.047476][    C0]  __napi_poll+0xcb/0x490
[ 1440.051827][    C0]  net_rx_action+0x89b/0x1240
[ 1440.056510][    C0]  ? __pfx_net_rx_action+0x10/0x10
[ 1440.061673][    C0]  ? sched_clock+0x4a/0x70
[ 1440.066132][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1440.072470][    C0]  handle_softirqs+0x2c4/0x970
[ 1440.077257][    C0]  ? do_softirq+0x11b/0x1e0
[ 1440.081789][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1440.087087][    C0]  do_softirq+0x11b/0x1e0
[ 1440.091443][    C0]  </IRQ>
[ 1440.094388][    C0]  <TASK>
[ 1440.097320][    C0]  ? __pfx_do_softirq+0x10/0x10
[ 1440.102171][    C0]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[ 1440.107842][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1440.112628][    C0]  __local_bh_enable_ip+0x1bb/0x200
[ 1440.117840][    C0]  ? __pfx_netif_receive_skb+0x10/0x10
[ 1440.123318][    C0]  ? tun_rx_batched+0x160/0x8f0
[ 1440.128162][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1440.133887][    C0]  ? tun_rx_batched+0x160/0x8f0
[ 1440.138849][    C0]  tun_rx_batched+0x732/0x8f0
[ 1440.143530][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1440.149863][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 1440.154910][    C0]  ? __pfx_tun_rx_batched+0x10/0x10
[ 1440.160128][    C0]  tun_get_user+0x2f84/0x4720
[ 1440.164827][    C0]  ? tun_get_user+0x2a78/0x4720
[ 1440.169715][    C0]  ? __lock_acquire+0x137a/0x2040
[ 1440.174759][    C0]  ? __pfx_tun_get_user+0x10/0x10
[ 1440.179814][    C0]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1440.185288][    C0]  ? tun_get+0x1e/0x2f0
[ 1440.189449][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1440.194520][    C0]  ? tun_get+0x1e/0x2f0
[ 1440.198704][    C0]  ? tun_get+0x27d/0x2f0
[ 1440.202974][    C0]  tun_chr_write_iter+0x113/0x1f0
[ 1440.208018][    C0]  vfs_write+0xa72/0xc90
[ 1440.212278][    C0]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1440.217835][    C0]  ? __pfx_vfs_write+0x10/0x10
[ 1440.222613][    C0]  ? do_futex+0x33b/0x560
[ 1440.226983][    C0]  ksys_write+0x1a0/0x2c0
[ 1440.231952][    C0]  ? __pfx_ksys_write+0x10/0x10
[ 1440.236827][    C0]  ? do_syscall_64+0x100/0x230
[ 1440.241709][    C0]  ? do_syscall_64+0xb6/0x230
[ 1440.246381][    C0]  do_syscall_64+0xf3/0x230
[ 1440.250884][    C0]  ? clear_bhb_loop+0x35/0x90
[ 1440.255596][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1440.261498][    C0] RIP: 0033:0x7f0e2e17b9df
[ 1440.265930][    C0] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[ 1440.285539][    C0] RSP: 002b:00007f0e2ef46000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1440.294053][    C0] RAX: ffffffffffffffda RBX: 00007f0e2e335f80 RCX: 00007f0e2e17b9df
[ 1440.302049][    C0] RDX: 0000000000000068 RSI: 00000000200001c0 RDI: 00000000000000c8
[ 1440.310065][    C0] RBP: 00007f0e2e1ef01e R08: 0000000000000000 R09: 0000000000000000
[ 1440.318064][    C0] R10: 0000000000000068 R11: 0000000000000293 R12: 0000000000000000
[ 1440.326061][    C0] R13: 0000000000000000 R14: 00007f0e2e335f80 R15: 00007f0e2e45fa28
[ 1440.334083][    C0]  </TASK>
[ 1440.337324][    C0] Kernel Offset: disabled
[ 1440.341647][    C0] Rebooting in 86400 seconds..