last executing test programs:

10.318767207s ago: executing program 2 (id=1056):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f00000000c0)=0x3)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0x6000000, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0xa, 0x0, 0x0, @loopback={0x0, 0xc4b75cfffedc41e9}}}}, 0x48)
write$RDMA_USER_CM_CMD_BIND_IP(r4, &(0x7f0000000140)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @local}}}, 0x30)
mknod(&(0x7f00000002c0)='./file0\x00', 0x8001420, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x24, &(0x7f0000000280)=0x1, 0x4)
recvmmsg(r5, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r6, 0x107, 0x9, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x17, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
connect$ax25(r7, &(0x7f0000002740)={{0x2, @bcast, 0x5}, [@default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
open$dir(&(0x7f0000000300)='./file0\x00', 0x149800, 0x0)
epoll_create1(0x0)
socket$qrtr(0x2a, 0x2, 0x0)
lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000027c0))

9.045496293s ago: executing program 3 (id=1061):
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x5, 0x2, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='mmap_lock_acquire_returned\x00', r0}, 0x10)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)

8.334072318s ago: executing program 3 (id=1065):
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000400)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f0000000440)='asymmetric\x00', 0x0, &(0x7f00000008c0)="3080", 0x2, r3)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x141f029329606bb5, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f0000000000)={'ip6gre0\x00', 0x0})
socket$packet(0x11, 0x2, 0x300)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000180), 0xffffffffffffffff)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

8.072870202s ago: executing program 2 (id=1066):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000940)={{}, 'syz0\x00'})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x12)
ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x1)
ioctl$UI_DEV_CREATE(r0, 0x5501)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r2 = dup(r1)
write$uinput_user_dev(r2, &(0x7f0000000080)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x45c)

7.331376959s ago: executing program 2 (id=1067):
r0 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x84, 0xffffffff})
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)

7.303008702s ago: executing program 2 (id=1068):
socket$key(0xf, 0x3, 0x2)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000400)={{{@in6=@private1, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@remote, 0x0, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xff, 0xfffffffc, 0xfffffffc}}, 0xe8)
sendmmsg$inet6(r0, &(0x7f00000090c0)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @local}, 0x1c, 0x0}}], 0x1, 0x0)

7.224995529s ago: executing program 2 (id=1069):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0x0, &(0x7f0000000240))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
setrlimit(0x0, &(0x7f0000000280)={0x89c})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000840)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x270, 0x0, &(0x7f0000000140)={0x0, 0x10}}, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r4, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0}})

7.123357708s ago: executing program 3 (id=1071):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0xfffffd6e}, {&(0x7f0000019740)=""/242}], 0x2, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000019840)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x1c, 0x4, 0x0, 0x0, 0x70, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x4, 0xee, 0x0, 0x2}, @timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@remote}, {@multicast2}, {@private}, {}, {@multicast2}]}, @noop, @cipso={0x86, 0x6}, @lsrr={0x83, 0xb, 0x0, [@rand_addr, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x1911, &(0x7f0000000080)={0x0, 0x570b, 0x200, 0x0, 0x1, 0x0, r0}, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
r1 = epoll_create1(0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x20002)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, 0x0)
epoll_pwait2(r1, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6(0xa, 0x1, 0x8010000000000084)
shutdown(r4, 0x1)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @random="2f996b239c53"}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}]]}, 0x44}}, 0x0)
syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000500)=ANY=[@ANYBLOB="5000000008021100000108021100000008021100000000000000000000000000640001000006020202020202010882848b960c121824d3a86d33d649ba393dc2987eff03845eadc51457e4445c"], 0x36)
syz_80211_inject_frame(&(0x7f00000004c0), &(0x7f0000019c40)=@mgmt_frame=@reassoc_resp={{{0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x7}, @device_a, @device_b, @from_mac=@broadcast, {0xc, 0x4c}}, 0x8, 0x65, @random=0xfffb, @void, @val={0x2d, 0x1a, {0x300, 0x2, 0x6, 0x0, {0x8001, 0x5a, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xde9, 0x6}}, [{0xdd, 0x30, "ddff9bf38d79866557f7a9004bbaa831f06b7900df77288eaef2442a08d386eb4864a987f0202c9f5512b7de08ed484d"}, {0xdd, 0x6, "fe3c74bfe334"}, {0xdd, 0x6, "61bfb88bd076"}, {0xdd, 0x60, "b71a42dd4fde05eeacd6587e4020b558ce511ea364e70969ed81e11e8d7e5d32f4e233312e0bfd7ddd5d6f98eead0d4c4bbbe2b00afd25bde02d50fcd8e78abecb84527f59b47a6df1c71faaac08a364547a0930340172eb8bac0c469a72a534"}, {0xdd, 0x7d, "a64a105856cead9631b7d544bce02715ac7b02a990d0a93ad34ab6578d866f5027c0069262c6ec1391abf9eeac093e71425bc41e55f1f21093c33af04f6074f1cbd4c7b35e3b85a0ac3ffdd602c6e3395c613e2fb80dd80c001bfdfc840a66366100337bec0973aa5876ba5eaa47d55a89bd9bf9641dfdaa744ba25ba2"}]}, 0x15d)

5.880781472s ago: executing program 3 (id=1077):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x4, 0x0, 0x3fc, 0x0, 0x32, 0x0, 0x2}, 0x9c)
syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x1}, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
syz_open_dev$dri(&(0x7f0000000040), 0xb, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, 0x0)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c)
close_range(r0, 0xffffffffffffffff, 0x0)

4.891396292s ago: executing program 3 (id=1081):
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000400)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(&(0x7f0000000440)='asymmetric\x00', 0x0, &(0x7f00000008c0)="3080", 0x2, r2)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x141f029329606bb5, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000000)={'ip6gre0\x00', 0x0})
socket$packet(0x11, 0x2, 0x300)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000180), 0xffffffffffffffff)
socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

4.668223103s ago: executing program 1 (id=1084):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = dup(r3)
r5 = memfd_create(&(0x7f0000001d00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81\x01\x00\x00\x00\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;|\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea%\xc0\xe9\x9d,K\x97\xe1m|g', 0xd)
r6 = fcntl$dupfd(r5, 0x0, r5)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xffffff1f, 0x12, r6, 0x0)
read$FUSE(r6, &(0x7f0000005180)={0x2020}, 0x2020)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000bc0)=ANY=[@ANYBLOB="01"])
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="a392a44919290afe610860a6fd07cf33607fb95ab078f5e88fba18f3088bef3a110b50d558bc1f54c9491d5863371797c136d03b533154c42235d79d6a30cafcdd7f3e99caf149dd5f94e8"])
r7 = dup(r0)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x40000239, 0x0, &(0x7f0000000080)=<r8=>0x0, &(0x7f00000001c0)=<r9=>0x0)
r10 = syz_create_resource$binfmt(&(0x7f0000000080)='./file0\x00')
openat$binfmt(0xffffff9c, r10, 0x41, 0x1ff)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff)
syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x71, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x2a4}, 0x1})
pipe2(&(0x7f0000000200)={0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x84080)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
write$P9_RLOCK(r11, &(0x7f00000000c0)={0x8, 0x35, 0x1}, 0x8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x4)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r12 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
getresgid(&(0x7f0000000040), &(0x7f0000000180)=<r13=>0x0, &(0x7f0000000240))
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r12, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=r13])
openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x0)
openat(r7, &(0x7f0000000080)='./file0\x00', 0x30000, 0x0)

3.559439554s ago: executing program 4 (id=1087):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "00010000000000000300062000"})
r1 = syz_open_pts(r0, 0x100)
ioctl$TCSETA(r1, 0x402c542d, 0x0)

3.444066885s ago: executing program 4 (id=1089):
r0 = openat$ocfs2_control(0xffffff9c, &(0x7f0000000000), 0x80, 0x0)
read$char_usb(r0, &(0x7f0000000440)=""/1, 0x1)

3.315298977s ago: executing program 4 (id=1091):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f00000000c0)=0x3)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0x6000000, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0xa, 0x0, 0x0, @loopback={0x0, 0xc4b75cfffedc41e9}}, r4}}, 0x48)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @local}, r4}}, 0x30)
mknod(&(0x7f00000002c0)='./file0\x00', 0x8001420, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x24, &(0x7f0000000280)=0x1, 0x4)
recvmmsg(r5, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r6, 0x107, 0x9, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x17, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
connect$ax25(r7, &(0x7f0000002740)={{0x2, @bcast, 0x5}, [@default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
open$dir(&(0x7f0000000300)='./file0\x00', 0x149800, 0x0)
epoll_create1(0x0)
socket$qrtr(0x2a, 0x2, 0x0)
lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000027c0))

3.315148557s ago: executing program 1 (id=1092):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="020100090e00000000000000000000000200130000000000000000000000000005000500000000000a0000000000000000000000000000000000f7ff00000000000000000000000005000600000000000a"], 0x70}}, 0x0)

3.190361368s ago: executing program 0 (id=1093):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r2)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r3 = inotify_init1(0x0)
fcntl$setown(r3, 0x8, 0xffffffffffffffff)
fcntl$getownex(r3, 0x10, &(0x7f0000000140)={0x0, <r4=>0x0})
r5 = syz_open_procfs(r4, &(0x7f0000000600)='fd/4\x00')
ioctl$EXT4_IOC_GROUP_EXTEND(r5, 0x40305829, &(0x7f0000000240))

2.682981475s ago: executing program 1 (id=1094):
r0 = openat$binfmt_format(0xffffff9c, &(0x7f00000000c0)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
write$binfmt_format(r0, 0x0, 0x300)

2.591992023s ago: executing program 2 (id=1095):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
pipe2(0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000100), 0x0, 0x8)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(0xffffffffffffffff, 0x7a9, &(0x7f00000000c0)={{@my=0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff8})
r4 = socket$inet6_dccp(0xa, 0x6, 0x0)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c)
unshare(0x20000400)
shutdown(r4, 0x0)
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

2.392095671s ago: executing program 4 (id=1096):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_open_dev$usbfs(0x0, 0x400000c1, 0x50d502)
ioctl$USBDEVFS_DROP_PRIVILEGES(r0, 0x4004551e, &(0x7f0000000500)=0x6)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect={0x5})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
readlink(&(0x7f0000000280)='./file0\x00', &(0x7f00000003c0)=""/127, 0x7f)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000)='sysfs\x00', 0x0, 0x0)
r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000980), 0x8)
openat$cgroup_ro(r4, &(0x7f00000004c0)='cpuacct.usage_user\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000080)='./bus\x00')
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x15c)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0500000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00002200000000000080007b3dbebeea7f43ce24aa75e24cfc6d009c00000400"/43], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
getdents64(r5, &(0x7f0000002ec0)=""/4096, 0x1000)

2.339486726s ago: executing program 1 (id=1097):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
pipe(&(0x7f0000000240))
r0 = syz_io_uring_setup(0x6563, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)

2.18406792s ago: executing program 1 (id=1098):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="41810000000000001c00128009000100766c616e000000000c000280060001000000000008000a00", @ANYRES32=r2, @ANYBLOB="08000500", @ANYRES32=r2], 0x4c}, 0x1, 0xba01}, 0x0)

1.705615464s ago: executing program 0 (id=1099):
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0xa0000, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r0, @ANYRESHEX=r0], 0x20)

1.406003391s ago: executing program 4 (id=1100):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0xa, &(0x7f0000000180)=0x4, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [], 0x0, 0x0, 0x0}, 0x198)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000240)={0x1, 'macvtap0\x00'}, 0x18)
r1 = openat(0xffffffffffffff9c, 0x0, 0x20842, 0x0)
fcntl$setstatus(r1, 0x4, 0x42000)

1.343509827s ago: executing program 0 (id=1101):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$inet_sctp(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="14000000840000000500000000000000f7ffffff0f0000008400000005"], 0x24}, 0x80)

1.30862766s ago: executing program 1 (id=1102):
socket(0x0, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = dup(0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000b0000040c00057c0800010075647000"], 0x20}}, 0x0)
ioctl$TCSBRKP(r0, 0x5425, 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000500)=0x20000000005)
r3 = gettid()
sched_getattr(r3, &(0x7f0000000180)={0x38}, 0x38, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000100)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
r5 = syz_io_uring_setup(0x110, &(0x7f0000000480), &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r8 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil)
shmat(r8, &(0x7f0000ffc000/0x3000)=nil, 0x4000)
shmctl$IPC_RMID(r8, 0x0)
remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)
add_key$keyring(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r9 = socket$packet(0x11, 0x3, 0x300)
syz_open_dev$sndmidi(&(0x7f0000000080), 0xc, 0x0)
syz_open_dev$amidi(&(0x7f0000000040), 0x2, 0x2)
r10 = fsopen(&(0x7f0000000040)='ntfs3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r10, 0x1, 0x0, &(0x7f0000000140)='iocharset\xe4\x95\xd5O[\xe5H\xcf\xe3=\xf2\xc2&\xa3\x80[fg\xf1\xd0\x05\xf7\xc7\x83\xa4\xdb\xe7\xcf\xcb70B\x0e\xc2o\xa8\xe9\xbd\xa3\xf4\x1c\x10j\xe2\xcb\xb3\xf4\xcd\t:9E\xe9Js=\x97\x9dT\x84t\x8b\xac\x9c\xdc\x8dJ\xd9\xef}\xb0b\xf7\x1aeW\xa2\xeb\xb8;\xb8\xdb\x99D\xc4R', 0x0)
close_range(r10, 0xffffffffffffffff, 0x0)
syz_open_dev$amidi(&(0x7f0000000140), 0x2, 0x181)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'veth0_to_hsr\x00'})
syz_io_uring_submit(r6, r7, 0x0)
io_uring_enter(r5, 0x47f6, 0x0, 0x0, 0x0, 0x0)

1.264202244s ago: executing program 4 (id=1103):
r0 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000080), 0x2000011a)
sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x14}}, 0x0)

1.191386451s ago: executing program 0 (id=1104):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000b00)={&(0x7f0000001340)=@hci={0x1f, 0x0, 0x2}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000180)="6203a105d755af176510122f1eafbcf72be12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e24732faf215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69df82de6456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29bd7145bb6e7dfd652684d6a710292ea0c3f97b7cbff701684b13c5593262534a7af9eab48f2ca2d74d9a4de33", 0xda}, {&(0x7f00000014c0)="294f28dfe56d898ba23606bc7ecd1f634665cb5bed07bac5684da6eb21da1d6926910c5a0c653b0105869a804dd2a44cb2e32e2bf367e9d01a5e7380cc4fc8e7c9044cc4750b978ca7427d749beaefdf2e48b369cb169ad7b1ced26bb161297c7e56a36a8b449955e83e91b379c179017f8f4657d1b22eca6bca33036d33e1a684059c53cea91c8f637ac780ab2bcf85f774b0d4e5876fe9aee4724b7cb59731c97e70ebd706003994eb07de2f3c6a9448c3206cff6d290b433f331c2399", 0xbe}, {&(0x7f0000000040)="0a985d7879f1bbff16c7d66e33657e452299fd0ef8c2afda588eb05891b7da030e01452a7986bea19b59c98dc2996c0ea09604d00ea48336d0c813d83025aca8623a5915ddddce2c11c5e374f2e0f387d2398fe0b899ff60dc7a73addcf253cf32aafbe2b9f90799e7fc583bdd9b564697ba988080270bdceb48bbd3b52d4c229fffb0d86fb286e3553a8b3ac02badc66ada5fceabe5f63c79da96e641a45901128063d6e1e31b11bcfbc3e70bd3c8c6c0be9f653f977f16", 0xb8}, {&(0x7f0000000440)="6f4720baeb5434a1c17a4b697e4611c434c1947fafd44daee2d61fadd23c3505eee0cc5b6c76cf081390ae92516d567c4b49af0f4b3df75ae92efbfb0fbe60ac8c4e546500f4f8f3885d5622072fb9e9b948a5edc65602c644bee9ad04b655279f383ce068ad0c202a57f9a8804b73d1241fb306b2acd9d5e26a71b19a0b9859ff0f0d7cdbd80fdfacdf9f1d02a37ae44bb6ddd978d4a0e6d61b68f629915748d6d3d184ca2b4164192c60a3a383821d0e85f04d09b712814d4b0664799b7ae6657b7452214608d01d31bd7d9e03107c638353d89515692c24b11490b9e75cfcb489e80b9334f4660204b2a17409993ddc4b0d004709cd46cb2488cf3cecd965e978182dd42cfbbfa4ebda17cce9cfc970959fd29e1a802809aa4a65c8f1c6dd14fca85d83fc995f097a62c6f04fb0d1f0dec0faa41fe09b1eae67606123d908dd74c62e66ee2635ec9da7bc74103debf3e31f0794ca5fc2268bcb8a03aeb3bf860d164e0a6cba7c8dc469147cc7e1bb94731ec450525cf19275d4af40b115f2420ff7ab4eeb41c5ddc19aae1b2e535b796c0e7aa6e71b4e13c8023806a08638d13a8595e310321860c8d7670cf167c67b3b5217a66329505cdcdc3afb3233dbaec65ff45b0bfc3cfbd309a7ffd26507a8ffe782f3b84ad9dfc2b4f44d6716e8ad892ffc3acf6e7e09018041a27fcad1ee957d6fddccc3d41f9b04127dee7c471acf9fdc32f204afffc52b22b73844154285ce5ec58ec57b40ccf7b70215a4a27f9de2c2719dcb5897bc302ebb027c019e40aa6fc85d5b670aef709e40cbe597139537c10d2483b67c02ca781c5ce6c014b13c8dee248e8b75831cbee8f29cad33139e0b5bc86c203c71f54ad11573e8801b8cc623571b9c53ac723b51b2cdd09b60cf8a3a205a70814107251d962d603bf21f42e946462bf3d8bca96d7bdbdfa9ced20f6e9edba4ac6aea0a68c08a3f8076274bece6d676d64975dc1e611806feb81cbac4b38453a756845c866f0458fb61cd12a135e1dfa76d85a3b2972b6517b57bc35a0398f7b87ee0b697c84c629e8a62a7d1dab6459a71f7aad2fac7a1a4c019479b1f31dc017f3fa896000b8bcc0b1ca993447351fa0529a5be311faa90b6d8f0a5ce5fe2adfd4995ba13920826d27677d8dac9ef0aac4cea1517ff318a864b3ea3bcc45d6cbd91e4a8da09c2e320957fcada6a4e", 0x358}, {&(0x7f0000000280)="b8d35a42b724f5117efd3ff06558a16b478b", 0x12}, {&(0x7f000001f4c0)="550c6d32758c9c16ffa4f109b112c63389068bee461d1744b4bf458233d3294ababe6c28c97e2640f849c401a026827bfb3d48b3b006ca", 0x37}, {&(0x7f0000000340)="87", 0x1}, {&(0x7f0000001580)="c422d8a3f3ebcd077dcc687260684117bdca74d83fc6b47c8aeecce253607026b759a6812756f0704a921606fd33215775c726d80a0d1c8b6bcc65d4feb78c13f91b1b94e22e0a382b7087b42bf3e56d0fe6e2ed520f25aae2de4f947291f837cc01a0b6abb52cec2bd2e1c094ac818e4462464abcfe07c1bc92fbd5b327cc198d45907839aa865a9b2f60af25ac0a133bdcdeaadecff2fc2ea9a3467a5a7342979f25f611a78e908c22565679c48cbb44816f04aba483a105afade85b3fd6365da03aa80e12e7bbe703b46d820e8bc5083539970a34bd42b0370abd2489fbb9e0f5e2d1f454895d55df1f500caa44f83f7796d81f12e59ded1f7399ed2b48ea4d156a00163bc1d73fd57ade147479d5a6ce01a8169f75e15ae87b428a8b933414bca39555481ec175bf06bd3bc3972f5113f0350b2a6056647ba271a5bea93569bceef5be597218f541c4a131e7f4377a1964c42323eda5104811ef07cb64bbb5a49d6768c4bd1b3a901859f67e091ddad304768bdd2c5a499a46569d55683372249ae2bcbae601b85e01cbb22ebcf3c0039ee61fce0fe45d4fe41f3688211f78d3e2aa5f29469ee57c124f6f390167e19ac3479cd20b363c51fd16604492996a4c7302fee80a6f4ff992a0bde835991a26f405d3dfae1361519ba88c8a4ab84b9f749f12e0398aefc3009a43941b66bfd91a462f01d9b671d645404233e79eeef6b061688840064cd93aef6af5c4c15711801aa3bb0535519837ec30bc9c09f08daf49ef55f2584c52a81bd185e204faf325b9ca4c6570dd42ff4c0ac34144c6b44c171a335fcc41a79da089f4b01a60c066f29a23bf775edbc77dcf4107b85a53bc57b0f02a6a7279ba725848e22186297cdd2e1d40480a07726bb966a5c17781542bcd7c4e77ec60a04489bfacdefb98fca4efd84552ce1e33ff823e42b60fdc9880152a073b55e50410121cf530065ac134b985d4297c341184e06871ce6882506ffdc8be37081e1192c2e1d3d7fcb197300005a9c7014bcf45c88a02c2dfaa9e2eaf5a394a42c101c154979e85942a49536e05dc683392097bf5b6d7b306e5d02cedbd9165d9c72dbf04ceee2b205efa5c06ec2945b6fac1962f412c226291b98f2c8a77ed390606b9fabb82a53f2925b97eac97a2905710cca4cc3ec2f9ddc41a0e54aaba50fc920cf74ebc80bb5c8d6b2a00d04decb5418bccd2dffe30cac17d2e5cfbff4cd9b9dcf14916ad865bfbd2f725d28552eebc45fdec7df6de29bfd1254ddeb60810c4ae2f5095f7d567b660552dd2b2f28fd2450233f4159aea8ebafd62f13b9392bf64e77676bdcf73a0bba302cf188367d50bdc77d8aad4a3c129f876a10eba958e0703ea854ca26df8dc4c292208d14e74afe72a1545fc969353eae707612603168274847dc2c67d91befdbe3e979927e1374a75b7165976d4a97cb4a3c2e545e179b5f61eb94dca2d6cfef9f4ceb7d7de8d03966859789360f944115b793f489a7f7e64db464856978d6edb9ed93fd5ae93444574cd44b4c8379ab836876591f15361c033fe9c1423f41be70a1b91963dd53fdeedaa776cbef6f46a061d2726a5ac809093370fb0e4643933914c9884c6ea998e53073b35a5eb27e97d1ed8fb098dcae0f078ea03e3891d8bbdbbf8075dce7270955bab217fd194b5f9145a902f5b3ab34d55d601dc28debdd950165b108fa5ee2ed0108bcb50acce6d42913ed92d53be985ed45180f04639bfac152c01476da9abfccdf698c5599aa00e697292fe6f940910def83a832c3039d67f590299c0b63b8d9f5efea6e804f9947c9d38f45440a6bd711aab8d2e50de20f7f6cac2e126c5873b9e392a35bd30fcecc969a06fd76e640a0fc461ffedd85dc50e8d62098027bbf1e78546e7a725e19b4096022ae2cb08f78e07363c76206a1a6f0ce60a39733ae36c4011b1ad4de4e3be5541a42e0a0d0972c8c4e21db0bc17e8bdd4eeadb2f5c9c93f11efb121cb529e3ec0a51b33923161ef2398bf8c0e75e8c8ae5909a2e955ae1df1ddc8450eb88b14541d2ef150b8398da9d26403e6c99b1bfb2d19b17e20977f0a85d9bc2629d03702d8bc9cb52c0c5ec3757e53bf304d83d719d1b577879322a63d25efc7bcdadb309803a080638457edf32b4d939e3bb8953163aaa4fb6cb337e51d6bcc693fbeea0f37730b003f19a2a8b81d7dfc51a9146b2cea7b613244a404d05f98b585feceac667267f4347a865457c6024b617851cb851c6afa9e63af48074eff61dc9002e78743ed3883a58205263fbf097d78e078e2f9247ecc3784ebe03905b0fce9c1dd29f2c10511d83f0ba67b04bbc24c59d80c8883a1696c0cd53e97ef04b2673b39c9f3fb4c6057aeed8e8b60a0013182061ae97846f99889dccf46f29f663c2a6f8d073ffe79a339d8e8e3d7a5f56154330bd968bd762f8113d8822a0d6f489c8cc150c02f04fbb83e172654abefbad0902cc4d8ebd1f886adf39c2bbb3ada4db709499f7a6b1d4031fbe0e8cf1aa94da02d5f4ca2e356eba3ec40a824cd97f2487fb980a5d79592f5bf6d822779cf64d93e078497cc8fc57015faaebbd57ffdd3038abfcce2238addc37c74c5b6cd6b785863405e8cfad321f5662f75de60e7e5d496fa6334228fe082ddce59637551b82214e24c36298e87ffbbbb5c4171cc201fa06a3f2a5965d5c90030fc7abecae7a2b02e5f3e3c0dfd3ca268cd2563bc304670939266cb6cf9ae9c5dfe921471bc6084e5e3d1a63e55126f26a136045c65d122e1064e30d500fc396162ab4d4763e3c7ebab3f8b55e625cdc796fa3705823e19e2da853b129fc4959912ca44364a3eb6198a6f16eb6a60e278f3e9b060ecc4bef53adbf590463901121484e934575af39f4e985cfb08770a9974e36fc77c917e17852f8c2850a6d3094440c9c40cf9fed91825e21a6cb1e697525e7ca82176f43391f58f0544c4d52bfc3ead98ce887a1253ee8860afcd8b394fa0e7656f18d9c7c5b57aedff6f89056b2d73914b8f789167176c07ad4b4e470d174d85882c2e152266d9d246a47cb70d0556dcf80b9a019d83ce5d363462b6b6fa496a315a0aa462dac59065c43fedca46762e414cb06a31f615147348adfd398e94fcf8004ebd688953ac6595d179a319177c3f5ff6a1ad3dd31cb53902e95d4b6d2a7056a4ccfd837f96fb622a8889e25410110bc1bb4c4791105137b39a4b7a067d003d3a037ae11d0379f5c1827a256bb77ad53d05eed265d15f8d2ca17951ae58c15f99f218f1d135e4ec4eaf8fd538a3d355fa3b8eb5b0a001d2d0e0798cdd55865dba2dde13dd2132920691870d2f0dd4e54ee005897c3cf8e1f09166d68c65a21828f57d712fb95b90b65b54f8ed8793ce647baa1ba11dda3f17add20220bc1105101e69fca961c71ace76", 0x978}], 0x8}, 0x0)

1.09343946s ago: executing program 0 (id=1105):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0x0, &(0x7f0000000240))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
setrlimit(0x0, &(0x7f0000000280)={0x89c})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000840)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x270, 0x0, &(0x7f0000000140)={0x0, 0x10}}, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r4, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x2}, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0}})

913.350876ms ago: executing program 3 (id=1106):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f00000000c0)=0x3)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0x6000000, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0xa, 0x0, 0x0, @loopback={0x0, 0xc4b75cfffedc41e9}}, r4}}, 0x48)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @local}, r4}}, 0x30)
mknod(&(0x7f00000002c0)='./file0\x00', 0x8001420, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x24, &(0x7f0000000280)=0x1, 0x4)
recvmmsg(r5, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r6, 0x107, 0x9, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x17, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
connect$ax25(r7, &(0x7f0000002740)={{0x2, @bcast, 0x5}, [@default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
open$dir(&(0x7f0000000300)='./file0\x00', 0x149800, 0x0)
epoll_create1(0x0)
socket$qrtr(0x2a, 0x2, 0x0)
lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000027c0))

0s ago: executing program 0 (id=1107):
r0 = getpgrp(0x0)
r1 = syz_pidfd_open(r0, 0x0)
r2 = syz_clone(0x20002000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b70800000000000003010902"], 0x0)
kcmp$KCMP_EPOLL_TFD(r0, r2, 0x7, r1, &(0x7f0000000040))

kernel console output (not intermixed with test programs):

b 2-1: SerialNumber: syz
[   88.429239][ T3616] usb 2-1: config 0 descriptor??
[   88.480458][ T4242] chnl_net:caif_netlink_parms(): no params data found
[   88.498493][ T3616] ssu100 2-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[   88.546123][ T4242] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.591241][ T4242] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.725042][ T4242] device bridge_slave_0 entered promiscuous mode
[   88.740769][ T4252] netlink: 8 bytes leftover after parsing attributes in process `syz.3.139'.
[   88.753826][ T3903] syz-executor (3903) used greatest stack depth: 19872 bytes left
[   88.782770][ T4015] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.805531][ T4242] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.817893][ T4242] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.836229][ T4242] device bridge_slave_1 entered promiscuous mode
[   88.893400][ T4015] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   88.971397][ T4242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.996239][ T4242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.009958][ T3616] ssu100: probe of 2-1:0.0 failed with error -71
[   89.018873][ T3616] usb 2-1: USB disconnect, device number 5
[   89.043685][ T3579] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[   89.053573][ T3579] CPU: 0 PID: 3579 Comm: kworker/u5:5 Not tainted 5.15.167-syzkaller #0
[   89.061902][ T3579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   89.071954][ T3579] Workqueue: hci2 hci_rx_work
[   89.076661][ T3579] Call Trace:
[   89.079941][ T3579]  <TASK>
[   89.082867][ T3579]  dump_stack_lvl+0x1e3/0x2d0
[   89.088805][ T3579]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   89.094453][ T3579]  ? panic+0x860/0x860
[   89.098531][ T3579]  ? sysfs_create_dir_ns+0x282/0x390
[   89.103823][ T3579]  sysfs_create_dir_ns+0x2c6/0x390
[   89.108939][ T3579]  ? sysfs_warn_dup+0xa0/0xa0
[   89.113623][ T3579]  ? do_raw_spin_unlock+0x137/0x8b0
[   89.118834][ T3579]  kobject_add_internal+0x6e0/0xe00
[   89.124044][ T3579]  kobject_add+0x14e/0x210
[   89.128469][ T3579]  ? device_add+0x3c2/0xfd0
[   89.132971][ T3579]  ? kobject_init+0x1d0/0x1d0
[   89.137643][ T3579]  ? __raw_spin_lock_init+0x41/0x100
[   89.142924][ T3579]  ? get_device_parent+0x128/0x400
[   89.148023][ T3579]  device_add+0x476/0xfd0
[   89.152342][ T3579]  hci_conn_add_sysfs+0xe4/0x1f0
[   89.157264][ T3579]  le_conn_complete_evt+0xc15/0x1500
[   89.162541][ T3579]  ? cs_le_create_conn+0x5f0/0x5f0
[   89.167650][ T3579]  hci_le_meta_evt+0xd86/0x3f50
[   89.172490][ T3579]  ? __lock_acquire+0x1ff0/0x1ff0
[   89.177499][ T3579]  ? __mutex_lock_common+0x444/0x25a0
[   89.182859][ T3579]  ? hci_remote_host_features_evt+0x280/0x280
[   89.188907][ T3579]  ? __mutex_unlock_slowpath+0x218/0x750
[   89.194519][ T3579]  ? hci_event_packet+0x3b4/0x1550
[   89.199614][ T3579]  ? mutex_unlock+0x10/0x10
[   89.204106][ T3579]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   89.210069][ T3579]  ? print_irqtrace_events+0x210/0x210
[   89.215513][ T3579]  hci_event_packet+0xc41/0x1550
[   89.220446][ T3579]  ? rcu_lock_release+0x20/0x20
[   89.225297][ T3579]  ? hci_send_to_monitor+0x99/0x4d0
[   89.230480][ T3579]  hci_rx_work+0x232/0x990
[   89.234888][ T3579]  process_one_work+0x8a1/0x10c0
[   89.239819][ T3579]  ? worker_detach_from_pool+0x260/0x260
[   89.245434][ T3579]  ? _raw_spin_lock_irqsave+0x120/0x120
[   89.250961][ T3579]  ? kthread_data+0x4e/0xc0
[   89.255445][ T3579]  ? wq_worker_running+0x97/0x170
[   89.260450][ T3579]  worker_thread+0xaca/0x1280
[   89.265126][ T3579]  kthread+0x3f6/0x4f0
[   89.269174][ T3579]  ? rcu_lock_release+0x20/0x20
[   89.274005][ T3579]  ? kthread_blkcg+0xd0/0xd0
[   89.278574][ T3579]  ret_from_fork+0x1f/0x30
[   89.282981][ T3579]  </TASK>
[   89.290339][ T3579] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   89.303744][ T3579] Bluetooth: hci2: failed to register connection device
[   89.318287][ T4015] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.932395][ T4015] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.969144][ T4242] team0: Port device team_slave_0 added
[   89.993449][ T4242] team0: Port device team_slave_1 added
[   90.069125][ T4242] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.077520][ T4242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.108696][ T4242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.156260][ T4242] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.165186][ T4242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.194133][ T4242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.267918][ T3616] Bluetooth: hci5: command 0x0409 tx timeout
[   90.280439][ T1075] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   90.323675][ T4242] device hsr_slave_0 entered promiscuous mode
[   90.336626][ T4242] device hsr_slave_1 entered promiscuous mode
[   90.343492][ T4242] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   90.354633][ T4242] Cannot create hsr debugfs directory
[   90.440553][ T3616] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[   90.520499][ T1075] usb 1-1: Using ep0 maxpacket: 32
[   90.640516][ T1075] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[   90.648881][ T1075] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[   90.666857][ T1075] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   90.677290][ T1075] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[   90.695379][ T1075] usb 1-1: config 1 has no interface number 0
[   90.705072][ T1075] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[   90.717656][ T1075] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.783702][ T1075] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[   90.860874][ T3616] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   90.872594][ T3616] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[   90.884652][ T3616] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[   90.898779][ T3616] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[   91.025432][ T1075] snd_usb_pod 1-1:1.1: endpoint not available, using fallback values
[   91.049741][ T1075] snd_usb_pod 1-1:1.1: invalid control EP
[   91.070310][ T1075] snd_usb_pod 1-1:1.1: cannot start listening: -22
[   91.076886][ T1075] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[   91.090507][ T3616] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=d7.17
[   91.106851][ T3616] usb 2-1: New USB device strings: Mfr=5, Product=56, SerialNumber=1
[   91.133108][ T3616] usb 2-1: Product: syz
[   91.148796][ T1075] snd_usb_pod: probe of 1-1:1.1 failed with error -22
[   91.155759][ T3616] usb 2-1: Manufacturer: syz
[   91.155778][ T3616] usb 2-1: SerialNumber: syz
[   91.180823][ T4278] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   91.198132][ T4278] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   91.221380][ T3616] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[   91.308458][ T4242] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   91.332679][ T3614] usb 1-1: USB disconnect, device number 7
[   91.344423][ T4242] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   91.381176][ T4242] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   91.428272][    T7] Bluetooth: hci2: command 0x2016 tx timeout
[   91.490040][ T4242] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   91.743811][ T4278] binder: BC_ATTEMPT_ACQUIRE not supported
[   91.786051][ T4278] binder: 4277:4278 ioctl c0306201 20000380 returned -22
[   92.240598][ T3616] cdc_acm 2-1:1.0: ttyACM0: USB ACM device
[   92.272669][ T3616] usb 2-1: USB disconnect, device number 6
[   92.349477][ T1313] Bluetooth: hci5: command 0x041b tx timeout
[   92.470619][ T4015] device hsr_slave_0 left promiscuous mode
[   92.486938][ T4015] device hsr_slave_1 left promiscuous mode
[   92.501568][ T4015] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   92.523475][ T4015] batman_adv: batadv0: Removing interface: batadv_slave_0
[   92.538216][ T4015] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   92.556031][ T4015] batman_adv: batadv0: Removing interface: batadv_slave_1
[   92.588747][ T4015] device bridge_slave_1 left promiscuous mode
[   92.599261][ T4015] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.623024][ T4015] device bridge_slave_0 left promiscuous mode
[   92.637717][ T4015] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.673638][ T4015] device veth1_macvtap left promiscuous mode
[   92.718830][ T4015] device veth0_macvtap left promiscuous mode
[   92.739998][ T4015] device veth1_vlan left promiscuous mode
[   92.750132][ T4015] device veth0_vlan left promiscuous mode
[   93.628691][ T4375] program syz.2.160 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   94.519250][    T7] Bluetooth: hci5: command 0x040f tx timeout
[   94.527121][ T4015] team0 (unregistering): Port device team_slave_1 removed
[   94.544924][ T4015] team0 (unregistering): Port device team_slave_0 removed
[   94.558720][ T4015] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   94.574749][ T4015] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   94.739975][ T4015] bond0 (unregistering): Released all slaves
[   94.750522][ T3655] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[   94.867778][ T4242] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.931319][ T4242] 8021q: adding VLAN 0 to HW filter on device team0
[   94.938747][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   94.949465][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   94.973504][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   94.992046][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.000526][ T3655] usb 1-1: Using ep0 maxpacket: 32
[   95.017241][ T3658] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.024363][ T3658] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.080933][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   95.098621][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.116525][ T3658] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.123673][ T3658] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.126288][ T3655] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[   95.133572][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   95.157447][ T3655] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[   95.176945][ T3655] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   95.219405][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   95.227641][ T3655] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[   95.254892][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   95.267175][ T3655] usb 1-1: config 1 has no interface number 0
[   95.284649][ T3655] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[   95.306361][ T4242] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   95.317313][ T4242] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   95.333810][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   95.347357][ T3655] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.365110][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   95.689682][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   95.784593][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   95.869535][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   96.098235][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   96.125815][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   96.193967][ T3655] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[   96.232459][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   96.253954][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   96.263576][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   96.450394][ T3655] snd_usb_pod 1-1:1.1: endpoint not available, using fallback values
[   96.458663][ T3655] snd_usb_pod 1-1:1.1: invalid control EP
[   96.487485][ T3655] snd_usb_pod 1-1:1.1: cannot start listening: -22
[   96.517594][ T3655] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[   96.685621][ T3655] snd_usb_pod: probe of 1-1:1.1 failed with error -22
[   96.816776][ T3655] usb 1-1: USB disconnect, device number 8
[   96.970214][ T1291] Bluetooth: hci5: command 0x0419 tx timeout
[   97.507404][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   97.546057][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   97.694478][ T4242] 8021q: adding VLAN 0 to HW filter on device batadv0
[   98.184242][ T4434] Invalid ELF header magic: != ELF
[   98.202208][   T26] audit: type=1804 audit(1727609133.200:6): pid=4434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.174" name="/newroot/44/bus/bus" dev="overlay" ino=262 res=1 errno=0
[   98.971649][ T4242] device veth0_vlan entered promiscuous mode
[   98.998885][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   99.028528][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   99.064599][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   99.085222][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   99.093730][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   99.102029][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   99.111898][ T4242] device veth1_vlan entered promiscuous mode
[   99.219811][ T4448] xt_HMARK: spi-set and port-set can't be combined
[   99.486918][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   99.549242][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   99.772898][ T4242] device veth0_macvtap entered promiscuous mode
[   99.820719][ T4242] device veth1_macvtap entered promiscuous mode
[   99.906989][ T4242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.939334][ T4242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.960515][ T4242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.971715][ T4242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   99.987479][ T4242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   99.999415][ T4242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.009642][ T4242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.020595][ T4242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.032143][ T4242] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.039653][ T4013] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  100.048685][ T4013] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  100.057106][ T4013] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  100.067411][ T4013] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  100.084604][ T4242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  100.113608][ T4242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.126932][ T4242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  100.139801][ T4242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.153258][ T4242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  100.167011][ T4242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.180507][ T4242] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  100.204016][ T4242] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.215938][ T4242] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.230502][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  100.245653][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  100.258830][ T4242] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.273977][ T4242] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.285570][ T4242] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.298054][ T4242] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.391343][ T4023] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.399461][ T4023] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.436059][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  100.445853][ T4013] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.454035][ T4013] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.463741][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  100.548049][ T4456] syz.4.136 uses obsolete (PF_INET,SOCK_PACKET)
[  102.162648][ T4473] (syz.3.180,4473,1):ocfs2_fill_super:991 ERROR: superblock probe failed!
[  102.324218][ T4473] (syz.3.180,4473,1):ocfs2_fill_super:1177 ERROR: status = -22
[  102.782442][ T4229] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  103.030640][ T4229] usb 5-1: Using ep0 maxpacket: 32
[  103.190473][ T4229] usb 5-1: config index 0 descriptor too short (expected 35577, got 27)
[  103.200711][ T4229] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  103.209491][ T4229] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  103.220484][ T4229] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92
[  103.229601][ T4229] usb 5-1: config 1 has no interface number 0
[  103.236370][ T4229] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  103.246262][ T4229] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.345456][ T4229] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found
[  104.300643][ T4229] snd_usb_pod 5-1:1.1: endpoint not available, using fallback values
[  104.311612][ T4229] snd_usb_pod 5-1:1.1: invalid control EP
[  104.317430][ T4229] snd_usb_pod 5-1:1.1: cannot start listening: -22
[  104.332288][ T4229] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected
[  104.609747][ T4229] snd_usb_pod: probe of 5-1:1.1 failed with error -22
[  105.109895][ T4229] usb 5-1: USB disconnect, device number 3
[  106.621972][ T4539] Invalid ELF header magic: != ELF
[  106.692132][   T26] audit: type=1804 audit(1727609141.650:7): pid=4539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.198" name="/newroot/37/bus/bus" dev="overlay" ino=219 res=1 errno=0
[  106.924652][ T4545] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  107.033484][ T4547] device batadv0 entered promiscuous mode
[  107.048385][ T4546] device batadv0 left promiscuous mode
[  108.904796][   T21] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  109.110462][ T4229] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  110.301846][ T4584] hugetlbfs: syz.4.212 (4584): Using mlock ulimits for SHM_HUGETLB is deprecated
[  110.420306][   T21] usb 2-1: device not accepting address 7, error -71
[  110.872983][ T4605] Invalid ELF header magic: != ELF
[  110.879414][   T26] audit: type=1804 audit(1727609145.910:8): pid=4605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.214" name="/newroot/49/bus/bus" dev="overlay" ino=294 res=1 errno=0
[  113.550377][ T4229] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  113.836772][ T4229] usb 2-1: Using ep0 maxpacket: 32
[  115.459831][ T4229] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  115.509082][ T4229] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  115.563581][ T4229] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  115.604506][ T4229] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  115.831700][ T4229] usb 2-1: config 1 has no interface number 0
[  115.838357][ T4229] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  115.851149][ T4229] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.829579][ T4229] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  116.860322][ T4229] snd_usb_pod 2-1:1.1: set_interface failed
[  116.866289][ T4229] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  116.890426][ T4229] snd_usb_pod: probe of 2-1:1.1 failed with error -71
[  116.932368][ T4229] usb 2-1: USB disconnect, device number 9
[  118.570594][ T4690] xt_HMARK: spi-set and port-set can't be combined
[  120.132688][ T4698] netlink: 12 bytes leftover after parsing attributes in process `syz.3.246'.
[  120.450425][ T4649] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  120.750317][ T4649] usb 5-1: Using ep0 maxpacket: 32
[  120.890417][ T4649] usb 5-1: config index 0 descriptor too short (expected 35577, got 27)
[  121.083992][ T4649] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  121.101200][ T4649] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  121.116794][ T4649] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92
[  121.127256][ T4649] usb 5-1: config 1 has no interface number 0
[  122.245515][ T4649] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  122.254639][ T4649] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.334649][ T4649] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found
[  122.382531][ T4715] netlink: 184 bytes leftover after parsing attributes in process `syz.2.253'.
[  123.153314][   T26] audit: type=1326 audit(1727609158.190:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4716 comm="syz.1.254" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdd6ce7cff9 code=0x0
[  123.686712][ T4649] snd_usb_pod 5-1:1.1: set_interface failed
[  123.692713][ T4649] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected
[  123.700011][ T4649] snd_usb_pod: probe of 5-1:1.1 failed with error -71
[  123.708957][ T4649] usb 5-1: USB disconnect, device number 4
[  125.082204][ T4756] netlink: 24 bytes leftover after parsing attributes in process `syz.3.262'.
[  127.060322][   T21] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  127.189671][ T4775] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  127.389812][   T21] usb 3-1: Using ep0 maxpacket: 32
[  128.230387][   T21] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  128.238757][   T21] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  128.358029][   T21] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  128.413322][   T21] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  128.463003][   T21] usb 3-1: config 1 has no interface number 0
[  128.497615][   T21] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  128.883085][   T21] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.023145][   T21] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  129.251189][ T4818] netlink: 24 bytes leftover after parsing attributes in process `syz.3.281'.
[  130.150412][   T21] snd_usb_pod 3-1:1.1: set_interface failed
[  130.159807][   T21] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  130.189678][   T21] snd_usb_pod: probe of 3-1:1.1 failed with error -71
[  130.308645][ T4818] syz.3.281 (4818) used greatest stack depth: 19608 bytes left
[  131.261521][   T21] usb 3-1: USB disconnect, device number 3
[  132.732309][ T1389] ieee802154 phy0 wpan0: encryption failed: -22
[  132.738698][ T1389] ieee802154 phy1 wpan1: encryption failed: -22
[  133.059158][ T4863] netlink: 8 bytes leftover after parsing attributes in process `syz.0.292'.
[  134.226790][ T3612] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  134.550507][ T3612] usb 2-1: Using ep0 maxpacket: 32
[  134.670782][ T3612] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  134.765473][ T3612] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  134.812735][ T4883] bridge0: port 3(team0) entered blocking state
[  134.814827][ T3612] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  134.856261][ T3612] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  134.870353][ T4883] bridge0: port 3(team0) entered disabled state
[  134.879303][ T4883] device team0 entered promiscuous mode
[  134.900284][ T3612] usb 2-1: config 1 has no interface number 0
[  134.936904][ T3612] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  134.946513][ T4883] device team_slave_0 entered promiscuous mode
[  134.966084][ T4883] device team_slave_1 entered promiscuous mode
[  134.968095][ T3612] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.986925][ T4883] bridge0: port 3(team0) entered blocking state
[  134.993547][ T4883] bridge0: port 3(team0) entered forwarding state
[  135.062884][ T3612] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  135.357945][ T3612] snd_usb_pod 2-1:1.1: endpoint not available, using fallback values
[  135.376491][ T3612] snd_usb_pod 2-1:1.1: invalid control EP
[  135.384714][ T3612] snd_usb_pod 2-1:1.1: cannot start listening: -22
[  135.392525][ T3612] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  135.399982][ T3612] snd_usb_pod: probe of 2-1:1.1 failed with error -22
[  135.570975][ T3815] usb 2-1: USB disconnect, device number 10
[  138.621467][ T4926] tipc: Failed to remove unknown binding: 66,1,1/0:210950286/210950288
[  138.848747][ T4926] tipc: Failed to remove unknown binding: 66,1,1/0:210950286/210950288
[  140.550380][   T21] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  140.840431][   T21] usb 4-1: Using ep0 maxpacket: 32
[  141.020578][   T21] usb 4-1: config 1 interface 0 has no altsetting 0
[  141.280205][    C0] sched: RT throttling activated
[  142.530458][   T21] usb 4-1: New USB device found, idVendor=05ac, idProduct=0246, bcdDevice= 0.40
[  142.539523][   T21] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.564838][   T21] usb 4-1: Product: syz
[  143.940393][   T21] usb 4-1: can't set config #1, error -71
[  144.732618][   T21] usb 4-1: USB disconnect, device number 5
[  144.775810][   T26] audit: type=1107 audit(1727609179.810:10): pid=4987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='ºC'
[  148.981343][ T4229] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  150.447091][ T5053] loop2: detected capacity change from 0 to 7
[  150.506039][ T5053] Dev loop2: unable to read RDB block 7
[  150.552567][ T5053]  loop2: unable to read partition table
[  150.601242][ T5053] loop2: partition table beyond EOD, truncated
[  150.607433][ T5053] loop_reread_partitions: partition scan of loop2 (þ被) failed (rc=-5)
[  150.650465][ T4229] usb 1-1: device not accepting address 10, error -71
[  151.136060][ T5064] xt_HMARK: spi-set and port-set can't be combined
[  151.909373][ T5073] netlink: 8 bytes leftover after parsing attributes in process `syz.0.354'.
[  155.011984][ T5114] xt_HMARK: spi-set and port-set can't be combined
[  158.653354][ T5163] binder: BINDER_SET_CONTEXT_MGR already set
[  158.660720][ T5163] binder: 5157:5163 ioctl 4018620d 200002c0 returned -16
[  158.788152][ T5164] xt_HMARK: spi-set and port-set can't be combined
[  162.790317][ T1075] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  162.950357][ T3611] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  163.040393][ T1075] usb 5-1: Using ep0 maxpacket: 16
[  163.160565][ T1075] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  163.190387][ T1075] usb 5-1: config 1 has no interface number 1
[  163.216697][ T1075] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  163.326249][ T1075] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  163.340750][ T3611] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[  163.369057][ T3611] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.712495][ T3611] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  163.751160][ T1075] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  163.810171][ T1075] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.825965][ T3611] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  163.853302][ T1075] usb 5-1: Product: syz
[  163.857664][ T3611] usb 1-1: Manufacturer: syz
[  163.945042][ T1075] usb 5-1: Manufacturer: syz
[  163.966918][ T3611] usb 1-1: config 0 descriptor??
[  163.973107][ T1075] usb 5-1: SerialNumber: syz
[  164.089210][ T5237] xt_HMARK: spi-set and port-set can't be combined
[  164.110372][ T3611] rc_core: IR keymap rc-hauppauge not found
[  164.120342][ T3611] Registered IR keymap rc-empty
[  164.132761][ T3611] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  164.144313][ T3611] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input8
[  165.399221][ T1075] usb 5-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  165.571411][ T3611] usb 1-1: USB disconnect, device number 12
[  165.612512][ T1075] usb 5-1: USB disconnect, device number 5
[  166.313808][ T3562] udevd[3562]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  166.847517][ T5267] sp0: Synchronizing with TNC
[  167.962446][ T5289] xt_HMARK: spi-set and port-set can't be combined
[  169.452473][ T3579] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  169.463957][ T3579] CPU: 1 PID: 3579 Comm: kworker/u5:5 Not tainted 5.15.167-syzkaller #0
[  169.472292][ T3579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  169.482340][ T3579] Workqueue: hci2 hci_rx_work
[  169.487014][ T3579] Call Trace:
[  169.490273][ T3579]  <TASK>
[  169.493195][ T3579]  dump_stack_lvl+0x1e3/0x2d0
[  169.497880][ T3579]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  169.503491][ T3579]  ? panic+0x860/0x860
[  169.507540][ T3579]  ? sysfs_create_dir_ns+0x282/0x390
[  169.512803][ T3579]  sysfs_create_dir_ns+0x2c6/0x390
[  169.517917][ T3579]  ? sysfs_warn_dup+0xa0/0xa0
[  169.522575][ T3579]  kobject_add_internal+0x6e0/0xe00
[  169.527761][ T3579]  kobject_add+0x14e/0x210
[  169.532152][ T3579]  ? lockdep_hardirqs_on+0x94/0x130
[  169.537326][ T3579]  ? device_add+0x3c2/0xfd0
[  169.541808][ T3579]  ? kobject_init+0x1d0/0x1d0
[  169.546465][ T3579]  ? __raw_spin_lock_init+0x41/0x100
[  169.551728][ T3579]  ? get_device_parent+0x128/0x400
[  169.556819][ T3579]  device_add+0x476/0xfd0
[  169.561151][ T3579]  hci_conn_add_sysfs+0xe4/0x1f0
[  169.566068][ T3579]  le_conn_complete_evt+0xc15/0x1500
[  169.571336][ T3579]  ? cs_le_create_conn+0x5f0/0x5f0
[  169.576430][ T3579]  hci_le_meta_evt+0xd86/0x3f50
[  169.581258][ T3579]  ? __lock_acquire+0x1ff0/0x1ff0
[  169.586259][ T3579]  ? __mutex_lock_common+0x444/0x25a0
[  169.591610][ T3579]  ? hci_remote_host_features_evt+0x280/0x280
[  169.597651][ T3579]  ? __mutex_unlock_slowpath+0x218/0x750
[  169.603273][ T3579]  ? hci_event_packet+0x3b4/0x1550
[  169.608362][ T3579]  ? mutex_unlock+0x10/0x10
[  169.612845][ T3579]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  169.618799][ T3579]  ? print_irqtrace_events+0x210/0x210
[  169.624239][ T3579]  hci_event_packet+0xc41/0x1550
[  169.629157][ T3579]  ? rcu_lock_release+0x20/0x20
[  169.633989][ T3579]  ? hci_send_to_monitor+0x99/0x4d0
[  169.639163][ T3579]  hci_rx_work+0x232/0x990
[  169.643564][ T3579]  process_one_work+0x8a1/0x10c0
[  169.648489][ T3579]  ? worker_detach_from_pool+0x260/0x260
[  169.654100][ T3579]  ? _raw_spin_lock_irqsave+0x120/0x120
[  169.659620][ T3579]  ? kthread_data+0x4e/0xc0
[  169.664100][ T3579]  ? wq_worker_running+0x97/0x170
[  169.669100][ T3579]  worker_thread+0xaca/0x1280
[  169.673767][ T3579]  kthread+0x3f6/0x4f0
[  169.677826][ T3579]  ? rcu_lock_release+0x20/0x20
[  169.682654][ T3579]  ? kthread_blkcg+0xd0/0xd0
[  169.687231][ T3579]  ret_from_fork+0x1f/0x30
[  169.691634][ T3579]  </TASK>
[  169.726296][ T3579] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  169.741525][ T3579] Bluetooth: hci2: failed to register connection device
[  171.109715][ T4229] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  172.140289][ T4229] usb 5-1: device descriptor read/all, error -71
[  172.174122][ T3612] Bluetooth: hci2: command 0x2016 tx timeout
[  172.207465][ T5339] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  172.446726][ T3616] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  172.476649][ T3616] Bluetooth: hci2: Injecting HCI hardware error event
[  172.551824][ T3576] Bluetooth: hci2: hardware error 0x00
[  172.855067][ T5353] xt_HMARK: spi-set and port-set can't be combined
[  175.770323][ T3616] Bluetooth: hci3: command 0x0406 tx timeout
[  176.200406][   T21] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  176.580699][   T21] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[  176.750598][   T21] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.841203][   T21] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  176.931721][ T5396] netlink: 32 bytes leftover after parsing attributes in process `syz.2.446'.
[  176.943563][   T21] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  177.087319][ T5396] (unnamed net_device) (uninitialized): option ad_select: invalid value (36)
[  177.163636][   T21] usb 2-1: Manufacturer: syz
[  177.449937][   T21] usb 2-1: config 0 descriptor??
[  177.658173][ T3612] Bluetooth: hci0: command 0x0406 tx timeout
[  177.669233][ T5400] xt_HMARK: spi-set and port-set can't be combined
[  177.678288][ T3612] Bluetooth: hci1: command 0x0406 tx timeout
[  178.380414][   T21] rc_core: IR keymap rc-hauppauge not found
[  178.386366][   T21] Registered IR keymap rc-empty
[  178.412780][   T21] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  178.580323][   T21] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input9
[  178.596832][   T21] usb 2-1: USB disconnect, device number 11
[  178.700798][ T5420] xt_HMARK: spi-set and port-set can't be combined
[  178.815795][    C1] Illegal XDP return value 2701944742, expect packet loss!
[  180.544311][    T7] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  182.224607][    T7] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  182.390474][    T7] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  182.429751][    T7] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  182.550302][    T7] usb 3-1: config 0 interface 0 has no altsetting 0
[  184.020278][ T3611] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  184.642335][    T7] usb 3-1: unable to read config index 1 descriptor/start: -71
[  184.652833][    T7] usb 3-1: can't read configurations, error -71
[  184.820142][ T5466] xt_HMARK: spi-set and port-set can't be combined
[  185.130476][ T3611] usb 2-1: unable to get BOS descriptor or descriptor too short
[  185.180431][ T3611] usb 2-1: not running at top speed; connect to a high speed hub
[  185.270406][ T3611] usb 2-1: config 1 interface 0 altsetting 1 endpoint 0x82 has invalid maxpacket 1023, setting to 64
[  185.403848][ T3611] usb 2-1: config 1 interface 0 altsetting 1 endpoint 0x3 has invalid maxpacket 959, setting to 64
[  185.415787][ T3611] usb 2-1: config 1 interface 0 has no altsetting 0
[  185.614044][ T3611] usb 2-1: string descriptor 0 read error: -71
[  185.936338][ T3611] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  185.999258][ T3611] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.090423][ T3611] usb 2-1: can't set config #1, error -71
[  186.268576][ T3611] usb 2-1: USB disconnect, device number 12
[  187.654787][ T5500] mmap: syz.0.476 (5500): VmData 54235136 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  187.731526][ T5500] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  187.764973][   T26] audit: type=1326 audit(1727609222.800:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5498 comm="syz.0.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa99ef69ff9 code=0x7ffc0000
[  187.787060][    C1] vkms_vblank_simulate: vblank timer overrun
[  187.847161][   T26] audit: type=1326 audit(1727609222.800:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5498 comm="syz.0.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa99ef69ff9 code=0x7ffc0000
[  187.879186][   T26] audit: type=1326 audit(1727609222.800:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5498 comm="syz.0.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa99ef69ff9 code=0x7ffc0000
[  187.903188][   T26] audit: type=1326 audit(1727609222.800:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5498 comm="syz.0.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa99ef69ff9 code=0x7ffc0000
[  187.931247][   T26] audit: type=1326 audit(1727609222.800:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5498 comm="syz.0.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa99ef69ff9 code=0x7ffc0000
[  187.954061][   T26] audit: type=1326 audit(1727609222.800:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5498 comm="syz.0.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fa99ef69ff9 code=0x7ffc0000
[  188.046644][   T26] audit: type=1326 audit(1727609222.800:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5498 comm="syz.0.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa99ef69ff9 code=0x7ffc0000
[  188.082822][   T26] audit: type=1326 audit(1727609222.800:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5498 comm="syz.0.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fa99ef69ff9 code=0x7ffc0000
[  188.104939][    C1] vkms_vblank_simulate: vblank timer overrun
[  188.118691][   T26] audit: type=1326 audit(1727609222.800:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5498 comm="syz.0.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa99ef69ff9 code=0x7ffc0000
[  188.140824][    C1] vkms_vblank_simulate: vblank timer overrun
[  188.148927][ T5514] xt_HMARK: spi-set and port-set can't be combined
[  188.164691][   T26] audit: type=1326 audit(1727609222.800:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5498 comm="syz.0.476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fa99ef69ff9 code=0x7ffc0000
[  189.283981][ T5542] netlink: 8 bytes leftover after parsing attributes in process `syz.4.494'.
[  189.331468][ T5542] netlink: 4 bytes leftover after parsing attributes in process `syz.4.494'.
[  189.404280][ T5542] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.447208][ T5542] device bridge_slave_0 left promiscuous mode
[  189.455066][ T5542] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.327977][ T5551] xt_HMARK: spi-set and port-set can't be combined
[  190.466064][    T7] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  192.221808][    T7] usb 1-1: Using ep0 maxpacket: 16
[  193.510932][    T7] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.528020][    T7] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  193.541497][    T7] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  193.550784][    T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.596502][    T7] usb 1-1: config 0 descriptor??
[  193.641817][    T7] usb 1-1: can't set config #0, error -71
[  193.658420][    T7] usb 1-1: USB disconnect, device number 13
[  194.173196][ T1389] ieee802154 phy0 wpan0: encryption failed: -22
[  194.179535][ T1389] ieee802154 phy1 wpan1: encryption failed: -22
[  195.862470][ T5615] capability: warning: `syz.4.515' uses deprecated v2 capabilities in a way that may be insecure
[  196.709168][ T5623] xt_CT: No such helper "netbios-ns"
[  198.280460][ T3611] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  198.686264][ T3611] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  198.714667][ T3611] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  198.745821][ T3611] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[  198.784398][ T3611] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  198.950793][ T3611] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=d7.17
[  198.978433][ T3611] usb 5-1: New USB device strings: Mfr=5, Product=56, SerialNumber=1
[  199.000034][ T3611] usb 5-1: Product: syz
[  199.005000][ T3611] usb 5-1: Manufacturer: syz
[  199.009909][ T3611] usb 5-1: SerialNumber: syz
[  199.670778][ T5649] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  199.688613][ T5649] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  199.751205][ T3611] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[  200.017881][ T5679] binder: BC_ATTEMPT_ACQUIRE not supported
[  200.050605][ T5679] binder: 5644:5679 ioctl c0306201 20000380 returned -22
[  200.801200][ T3611] cdc_acm 5-1:1.0: ttyACM0: USB ACM device
[  200.832605][ T3611] usb 5-1: USB disconnect, device number 8
[  202.829022][ T5706] xt_CT: No such helper "netbios-ns"
[  204.255250][ T3815] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  204.621032][ T3815] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  204.685394][ T3815] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  204.849999][ T3815] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  204.983314][ T3815] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.022284][ T3815] usb 3-1: config 0 descriptor??
[  205.104697][ T3815] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  205.226381][ T5741] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  205.681955][ T5743] chnl_net:caif_netlink_parms(): no params data found
[  205.779936][ T5743] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.787180][ T5743] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.803061][ T5743] device bridge_slave_0 entered promiscuous mode
[  205.816887][ T5743] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.828623][ T5743] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.844303][ T5743] device bridge_slave_1 entered promiscuous mode
[  205.885856][ T5743] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  205.898598][ T3815] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[  205.913587][ T5743] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  205.985858][ T5743] team0: Port device team_slave_0 added
[  205.997970][ T5743] team0: Port device team_slave_1 added
[  206.053681][ T5743] batman_adv: batadv0: Adding interface: batadv_slave_0
[  206.081458][ T5743] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.619577][ T5743] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  206.641965][ T5743] batman_adv: batadv0: Adding interface: batadv_slave_1
[  206.649014][ T5743] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.675849][ T5743] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  206.726381][ T5743] device hsr_slave_0 entered promiscuous mode
[  206.738436][ T5743] device hsr_slave_1 entered promiscuous mode
[  206.749208][ T5743] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  206.837173][ T3815] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  206.857127][ T5743] Cannot create hsr debugfs directory
[  206.864427][ T3815] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  206.882702][ T3815] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[  206.903689][ T3815] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  206.925646][ T5764] xt_CT: No such helper "netbios-ns"
[  207.080920][ T3815] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=d7.17
[  207.097540][ T3815] usb 1-1: New USB device strings: Mfr=5, Product=56, SerialNumber=1
[  207.132960][ T3815] usb 1-1: Product: syz
[  207.169987][ T3815] usb 1-1: Manufacturer: syz
[  207.185104][ T3815] usb 1-1: SerialNumber: syz
[  207.230831][ T5736] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  207.239603][ T5736] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  207.274191][ T5743] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.287307][ T5771] netlink: 20 bytes leftover after parsing attributes in process `syz.2.562'.
[  207.298007][ T3815] cdc_acm 1-1:1.0: Control and data interfaces are not separated!
[  207.309920][    T7] usb 3-1: USB disconnect, device number 6
[  207.370512][ T1313] Bluetooth: hci4: command 0x0409 tx timeout
[  207.412833][ T5743] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.592187][ T5743] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.642620][ T5736] binder: BC_ATTEMPT_ACQUIRE not supported
[  207.648597][ T5736] binder: 5735:5736 ioctl c0306201 20000380 returned -22
[  207.912948][ T5743] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.461236][ T3815] cdc_acm 1-1:1.0: ttyACM0: USB ACM device
[  208.497246][ T3815] usb 1-1: USB disconnect, device number 14
[  208.901656][ T5789] xt_HMARK: spi-set and port-set can't be combined
[  209.557982][ T5743] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  209.580431][ T1313] Bluetooth: hci4: command 0x041b tx timeout
[  209.678019][ T5743] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  209.933345][ T5743] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  210.228466][ T5743] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  211.362086][ T5743] 8021q: adding VLAN 0 to HW filter on device bond0
[  211.610402][ T3613] Bluetooth: hci4: command 0x040f tx timeout
[  211.623819][ T1313] Bluetooth: hci5: command 0x0406 tx timeout
[  211.746719][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  211.834704][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  211.887032][ T5743] 8021q: adding VLAN 0 to HW filter on device team0
[  211.982292][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  212.095051][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  212.105710][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.112816][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  212.252398][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  212.298245][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  212.316738][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  212.367919][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  212.375035][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  212.458478][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  212.595156][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  213.527861][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  213.553144][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  213.578497][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  213.607301][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  213.654138][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  213.669032][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  213.686408][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  213.693890][ T3613] Bluetooth: hci4: command 0x0419 tx timeout
[  213.715171][ T5839] netlink: 'syz.2.582': attribute type 10 has an invalid length.
[  213.800430][ T3611] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  213.810102][ T5839] bond0: (slave bond_slave_0): Releasing backup interface
[  213.837068][ T5743] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  213.872558][ T5743] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  213.908431][ T4667] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  213.940952][ T4667] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  214.210525][ T3611] usb 2-1: Using ep0 maxpacket: 16
[  214.529045][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  214.557275][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  214.586877][ T5743] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.630638][ T3611] usb 2-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  214.659388][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  214.679425][ T3611] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.695384][ T3611] usb 2-1: Product: syz
[  214.699561][ T3611] usb 2-1: Manufacturer: syz
[  214.717954][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  214.726461][ T3611] usb 2-1: SerialNumber: syz
[  214.803034][ T3611] usb 2-1: config 0 descriptor??
[  216.979931][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  216.988896][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  217.118861][ T3611] usb 2-1: can't set config #0, error -71
[  217.486208][ T5743] device veth0_vlan entered promiscuous mode
[  217.492558][ T3611] usb 2-1: USB disconnect, device number 13
[  217.520981][ T5743] device veth1_vlan entered promiscuous mode
[  217.549654][ T5743] device veth0_macvtap entered promiscuous mode
[  217.560386][ T5743] device veth1_macvtap entered promiscuous mode
[  217.577605][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.641836][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.655522][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.666407][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.080571][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  220.115965][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.126365][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  220.169822][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.333358][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  220.344612][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.356894][ T5743] batman_adv: batadv0: Interface activated: batadv_slave_0
[  220.432566][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  220.485506][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  220.601276][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  220.610032][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  220.650983][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  220.700955][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  220.748866][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  220.803038][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  220.881514][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.894412][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.904590][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.915086][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.943246][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  220.960024][ T5901] binder: 5900:5901 ioctl c0306201 0 returned -14
[  220.969867][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  220.994427][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.025452][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.035825][ T5743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  221.053808][ T5743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  221.078240][ T5743] batman_adv: batadv0: Interface activated: batadv_slave_1
[  221.090005][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  221.103104][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  221.123126][ T5743] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  221.134583][ T5743] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  221.150130][ T5743] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  221.168986][ T5743] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.102526][ T5913] loop7: detected capacity change from 0 to 16384
[  222.143059][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.160389][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.197497][ T4017] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  222.386503][ T4778] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.423949][ T4778] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  223.150958][ T5919] loop_set_status: loop7 () has still dirty pages (nrpages=32)
[  223.222362][ T4667] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  225.131547][   T26] kauditd_printk_skb: 17 callbacks suppressed
[  225.131562][   T26] audit: type=1326 audit(1727609260.170:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5946 comm="syz.1.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6ce7cff9 code=0x7ffc0000
[  225.222766][   T26] audit: type=1326 audit(1727609260.230:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5946 comm="syz.1.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7fdd6ce7cff9 code=0x7ffc0000
[  225.245802][   T26] audit: type=1326 audit(1727609260.260:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5946 comm="syz.1.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6ce7cff9 code=0x7ffc0000
[  225.299726][   T26] audit: type=1326 audit(1727609260.260:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5946 comm="syz.1.609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6ce7cff9 code=0x7ffc0000
[  234.787054][ T6037] netlink: 12 bytes leftover after parsing attributes in process `syz.2.635'.
[  234.820295][ T6037] netlink: 'syz.2.635': attribute type 18 has an invalid length.
[  234.859039][ T6037] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  234.868213][ T6037] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  234.876988][ T6037] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  234.885710][ T6037] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  234.960590][ T1313] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  235.000930][ T6037] device vxlan0 entered promiscuous mode
[  235.342487][ T6040] chnl_net:caif_netlink_parms(): no params data found
[  235.615137][ T6040] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.637121][ T6040] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.760475][ T1313] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  235.791953][ T6058] netlink: 60 bytes leftover after parsing attributes in process `syz.1.641'.
[  235.807778][ T1313] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  235.818192][ T6040] device bridge_slave_0 entered promiscuous mode
[  235.830177][ T6040] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.843050][ T6058] netlink: 172 bytes leftover after parsing attributes in process `syz.1.641'.
[  235.858647][ T6040] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.874743][ T6040] device bridge_slave_1 entered promiscuous mode
[  236.002482][ T1313] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  236.011989][ T1313] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.022372][ T1313] usb 4-1: config 0 descriptor??
[  236.062747][ T1313] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  236.406305][ T6040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  236.630576][ T6063] netlink: 40 bytes leftover after parsing attributes in process `syz.1.642'.
[  236.734311][ T6040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.839925][ T4229] Bluetooth: hci6: command 0x0409 tx timeout
[  238.649169][ T6040] team0: Port device team_slave_0 added
[  238.702563][ T6040] team0: Port device team_slave_1 added
[  238.819274][ T4229] usb 4-1: USB disconnect, device number 6
[  239.046140][ T6094] cannot load conntrack support for proto=3
[  239.857757][ T1313] Bluetooth: hci6: command 0x041b tx timeout
[  239.903198][ T6040] batman_adv: batadv0: Adding interface: batadv_slave_0
[  239.928232][ T6040] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  239.954179][    C1] vkms_vblank_simulate: vblank timer overrun
[  240.128394][ T6040] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  240.172904][ T6107] netlink: 12 bytes leftover after parsing attributes in process `syz.1.651'.
[  240.182761][ T6107] netlink: 'syz.1.651': attribute type 18 has an invalid length.
[  240.194664][ T6107] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  240.203432][ T6107] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  240.212225][ T6107] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  240.220985][ T6107] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  240.747423][ T6107] device vxlan0 entered promiscuous mode
[  240.927246][ T6040] batman_adv: batadv0: Adding interface: batadv_slave_1
[  240.934315][ T6040] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.960861][ T6040] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  242.990386][ T6126] binder: 6122:6126 ioctl c0306201 0 returned -14
[  243.266647][ T4229] Bluetooth: hci6: command 0x040f tx timeout
[  243.472749][ T6040] device hsr_slave_0 entered promiscuous mode
[  243.491735][ T6040] device hsr_slave_1 entered promiscuous mode
[  244.854360][ T6040] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  244.890590][ T6040] Cannot create hsr debugfs directory
[  244.910558][   T26] audit: type=1326 audit(1727609279.920:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6129 comm="syz.4.661" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca80fc7ff9 code=0x7fc00000
[  244.932620][    C1] vkms_vblank_simulate: vblank timer overrun
[  245.658219][    T7] Bluetooth: hci6: command 0x0419 tx timeout
[  246.280070][ T6040] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.937208][ T6040] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.638102][ T6040] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.678593][ T6167] netlink: 12 bytes leftover after parsing attributes in process `syz.3.668'.
[  248.862265][ T6171] cannot load conntrack support for proto=3
[  249.164824][ T6173] binder: 6169:6173 ioctl c0306201 0 returned -14
[  249.201773][ T6167] netlink: 'syz.3.668': attribute type 18 has an invalid length.
[  249.482543][ T6167] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  249.491410][ T6167] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  249.500122][ T6167] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  249.508869][ T6167] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  249.706109][ T6167] device vxlan0 entered promiscuous mode
[  250.000097][ T6040] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.156827][ T6178] netlink: 4 bytes leftover after parsing attributes in process `syz.3.672'.
[  251.020689][ T6040] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  251.029445][ T6040] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  251.052561][ T6040] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  251.071301][ T6040] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  251.149864][ T6040] 8021q: adding VLAN 0 to HW filter on device bond0
[  251.264031][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  251.713039][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  251.864230][ T6040] 8021q: adding VLAN 0 to HW filter on device team0
[  252.401176][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  252.472744][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  252.487406][ T4023] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.494521][ T4023] bridge0: port 1(bridge_slave_0) entered forwarding state
[  252.829705][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  253.012523][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  253.159285][ T4023] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.166448][ T4023] bridge0: port 2(bridge_slave_1) entered forwarding state
[  253.227932][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  253.236802][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  253.245661][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  253.255154][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  253.264910][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  253.273598][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  253.282155][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  253.293873][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  253.297955][ T1313] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  253.302251][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  253.523796][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  253.532525][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  253.541403][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  253.669406][ T6224] binder: 6218:6224 ioctl c0306201 0 returned -14
[  253.949486][ T1313] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  253.962256][ T1313] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  254.083931][ T1313] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  254.094191][ T1313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.371003][ T6229] device batadv0 entered promiscuous mode
[  254.393510][ T1313] usb 5-1: config 0 descriptor??
[  254.409682][ T6229] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  254.419405][ T6229] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  254.433498][ T1313] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  254.473817][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  254.489576][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  254.603898][ T6040] 8021q: adding VLAN 0 to HW filter on device batadv0
[  254.820845][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  254.847155][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  255.160956][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  255.203880][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  255.310042][ T6040] device veth0_vlan entered promiscuous mode
[  255.378174][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  255.386655][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  255.432485][ T6040] device veth1_vlan entered promiscuous mode
[  255.540730][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  255.559915][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  255.603092][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  255.614919][ T1389] ieee802154 phy0 wpan0: encryption failed: -22
[  255.621234][ T1389] ieee802154 phy1 wpan1: encryption failed: -22
[  255.629793][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  255.641867][ T6040] device veth0_macvtap entered promiscuous mode
[  255.716493][ T6040] device veth1_macvtap entered promiscuous mode
[  255.953554][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  256.073895][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  256.117617][ T6040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  256.151872][ T6040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.170035][ T6040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  256.199240][ T6040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.220110][ T6040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  256.261372][ T6040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.278933][ T6040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  256.289772][ T6040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.315144][ T6040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  256.370099][ T6040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.441915][ T6040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  256.506540][ T6040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.546244][ T6040] batman_adv: batadv0: Interface activated: batadv_slave_0
[  256.568283][   T23] usb 5-1: USB disconnect, device number 9
[  256.625163][ T3992] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  256.646567][ T3992] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  256.723731][ T6040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.857159][ T6040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  256.878695][ T6040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  256.992137][ T6040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.003683][ T6040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.018176][ T6040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.586518][ T6040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.597555][ T6040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.607741][ T6040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.618836][ T6040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.629466][ T6040] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  257.639997][ T6040] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.663903][ T6040] batman_adv: batadv0: Interface activated: batadv_slave_1
[  257.841698][ T6261] netlink: 4 bytes leftover after parsing attributes in process `syz.1.692'.
[  257.888223][ T4667] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  257.922874][ T4667] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  258.026520][ T6040] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  258.041800][ T6040] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  258.051731][ T6040] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  258.064280][ T6040] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  258.812205][ T3992] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  258.861195][ T3992] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  258.903471][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  258.911840][ T4667] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  258.962320][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  259.011969][ T3992] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  262.782983][ T6317] netlink: 4 bytes leftover after parsing attributes in process `syz.0.708'.
[  262.822145][ T6321] device veth0_vlan left promiscuous mode
[  263.123251][ T6329] device batadv0 entered promiscuous mode
[  263.140856][ T6329] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  263.150955][ T6329] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  275.204326][   T26] audit: type=1326 audit(1727609310.240:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6461 comm="syz.1.750" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdd6ce7cff9 code=0x0
[  280.112290][ T6531] netlink: 20 bytes leftover after parsing attributes in process `syz.4.770'.
[  280.188856][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  283.108991][ T6558] netlink: 'syz.4.778': attribute type 1 has an invalid length.
[  283.155557][ T6558] device bond1 entered promiscuous mode
[  283.419305][ T6558] device team_slave_1 entered promiscuous mode
[  283.492401][ T6558] team0: Port device team_slave_1 removed
[  283.502903][ T6558] bond1: (slave team_slave_1): making interface the new active one
[  283.513791][ T6558] bond1: (slave team_slave_1): Enslaving as an active interface with an up link
[  283.566690][ T6558] syz.4.778 (6558) used greatest stack depth: 18616 bytes left
[  283.754118][ T6573] bridge0: port 2(bridge_slave_1) entered listening state
[  283.783615][ T6573] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.919280][   T26] audit: type=1326 audit(1727609324.950:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6620 comm="syz.3.796" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbe52430ff9 code=0x0
[  290.856092][ T6605] chnl_net:caif_netlink_parms(): no params data found
[  291.081258][ T6605] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.092791][ T6605] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.149649][ T6605] device bridge_slave_0 entered promiscuous mode
[  291.189809][ T6605] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.270179][ T6605] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.278401][ T6605] device bridge_slave_1 entered promiscuous mode
[  291.305708][ T6605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  291.317219][ T6605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  292.938324][ T1313] Bluetooth: hci7: command 0x0409 tx timeout
[  293.021433][ T6605] team0: Port device team_slave_0 added
[  293.046269][ T6605] team0: Port device team_slave_1 added
[  293.614282][ T6605] batman_adv: batadv0: Adding interface: batadv_slave_0
[  293.640286][ T6605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  293.676723][ T6605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  293.736616][ T6605] batman_adv: batadv0: Adding interface: batadv_slave_1
[  293.747466][ T6605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  293.780843][ T6605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  294.772778][ T6605] device hsr_slave_0 entered promiscuous mode
[  294.779896][ T6605] device hsr_slave_1 entered promiscuous mode
[  294.787206][ T6605] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  294.817974][ T6605] Cannot create hsr debugfs directory
[  294.980773][ T4229] Bluetooth: hci7: command 0x041b tx timeout
[  295.169422][ T6605] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  295.180008][ T6605] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.261909][ T6605] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  295.282286][ T6605] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.429949][ T6605] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  295.448192][ T6605] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.522672][ T6605] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  295.542761][ T6605] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.679162][ T6605] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  295.688916][ T6605] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  295.708273][ T6605] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  295.718636][ T6605] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  295.796878][ T6605] 8021q: adding VLAN 0 to HW filter on device bond0
[  295.815801][ T6605] 8021q: adding VLAN 0 to HW filter on device team0
[  295.834526][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  295.871778][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  296.014497][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  296.030886][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  296.051971][  T155] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.059103][  T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.069412][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  296.083115][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  296.093440][  T155] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.100552][  T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.521199][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  296.719653][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  296.772513][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  296.783812][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  296.843772][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  296.881162][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  296.910003][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  296.953374][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  296.981392][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  297.011118][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  297.027955][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  297.038334][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  297.050400][   T13] Bluetooth: hci7: command 0x040f tx timeout
[  297.065528][ T6605] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  297.288484][    T7] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  298.052883][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  298.079566][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  298.137649][ T6605] 8021q: adding VLAN 0 to HW filter on device batadv0
[  298.222732][ T6605] device veth0_vlan entered promiscuous mode
[  298.256248][ T6605] device veth1_vlan entered promiscuous mode
[  298.300949][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  298.311395][    T7] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  298.333426][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  298.396613][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  298.456818][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  298.614746][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  298.748944][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  298.875732][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  298.971273][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  299.004133][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  299.013205][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  299.024032][ T6605] device veth0_macvtap entered promiscuous mode
[  299.035332][ T6605] device veth1_macvtap entered promiscuous mode
[  299.109712][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  299.130800][ T3815] Bluetooth: hci7: command 0x0419 tx timeout
[  299.160485][    T7] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  299.169549][    T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.177818][    T7] usb 5-1: Product: syz
[  299.182085][    T7] usb 5-1: Manufacturer: syz
[  299.186675][    T7] usb 5-1: SerialNumber: syz
[  299.191500][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.234820][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  299.247791][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.257765][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  299.268406][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.278297][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  299.288975][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.299046][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  299.309602][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.330304][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  299.353039][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.369508][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  299.391772][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.412826][ T6605] batman_adv: batadv0: Interface activated: batadv_slave_0
[  299.437904][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  299.469824][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  299.487136][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  299.506794][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  299.527671][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.550421][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.570343][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.591193][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.609705][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.630332][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.650654][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.669559][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.689985][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.710695][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.728908][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.750011][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.768271][ T6605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  299.779724][ T6605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  299.829841][ T6605] batman_adv: batadv0: Interface activated: batadv_slave_1
[  299.843726][ T6605] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  299.854545][ T6605] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  299.863868][ T6605] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  299.878662][ T6605] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  299.891177][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  299.904960][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  302.523817][    T7] cdc_ncm 5-1:1.0: bind() failure
[  302.533935][    T7] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  302.541071][    T7] cdc_ncm 5-1:1.1: bind() failure
[  302.554239][    T7] usb 5-1: USB disconnect, device number 10
[  303.842024][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  303.959781][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.888205][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  305.065487][ T4017] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  305.428976][ T4017] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.487146][ T4017] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  305.748896][ T6786] x_tables: unsorted underflow at hook 1
[  305.866408][ T6786] hub 1-0:1.0: USB hub found
[  305.874970][ T6786] hub 1-0:1.0: 1 port detected
[  309.472238][ T6823] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  310.504956][ T6839] x_tables: unsorted underflow at hook 1
[  310.564096][ T6839] hub 1-0:1.0: USB hub found
[  310.569873][ T6839] hub 1-0:1.0: 1 port detected
[  313.810438][ T3613] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  315.935524][ T3613] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  315.947051][ T3613] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  315.957955][ T3613] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[  315.968673][ T3613] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  316.147205][   T21] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  316.919798][ T6882] x_tables: unsorted underflow at hook 1
[  316.958857][ T6882] hub 1-0:1.0: USB hub found
[  316.965738][ T6882] hub 1-0:1.0: 1 port detected
[  317.057283][ T1389] ieee802154 phy0 wpan0: encryption failed: -22
[  317.064082][ T1389] ieee802154 phy1 wpan1: encryption failed: -22
[  317.406761][   T21] usb 4-1: Using ep0 maxpacket: 16
[  317.657674][ T3613] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=d7.17
[  317.678303][ T3613] usb 5-1: New USB device strings: Mfr=5, Product=56, SerialNumber=1
[  317.692565][ T3613] usb 5-1: Product: syz
[  317.770448][ T3613] usb 5-1: can't set config #1, error -71
[  317.839495][ T6897] xt_CT: You must specify a L4 protocol and not use inversions on it
[  318.520715][ T3613] usb 5-1: USB disconnect, device number 11
[  318.590476][   T21] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  318.789950][ T6909] Invalid ELF header magic: != ELF
[  318.892231][ T6910] xt_HMARK: spi-set and port-set can't be combined
[  319.673741][   T26] audit: type=1804 audit(1727609353.820:45): pid=6909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.877" name="/newroot/141/bus/bus" dev="overlay" ino=760 res=1 errno=0
[  319.699169][   T21] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  319.712055][   T21] usb 4-1: Product: syz
[  319.718073][   T21] usb 4-1: config 0 descriptor??
[  319.741467][   T21] usb 4-1: can't set config #0, error -71
[  319.856517][   T21] usb 4-1: USB disconnect, device number 7
[  321.017968][ T6931] netlink: 8 bytes leftover after parsing attributes in process `syz.0.885'.
[  321.070355][ T6931] netlink: 8 bytes leftover after parsing attributes in process `syz.0.885'.
[  321.120304][    T7] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  323.884471][    T7] usb 5-1: unable to read config index 0 descriptor/all
[  324.163695][    T7] usb 5-1: can't read configurations, error -71
[  324.591267][ T6947] xt_HMARK: spi-set and port-set can't be combined
[  327.460431][ T4229] usb 2-1: new full-speed USB device number 14 using dummy_hcd
[  327.592608][   T23] libceph: connect (1)[c::]:6789 error -101
[  327.690574][   T23] libceph: mon0 (1)[c::]:6789 connect error
[  327.709476][ T6997] ceph: No mds server is up or the cluster is laggy
[  327.726763][   T23] libceph: connect (1)[c::]:6789 error -101
[  327.785173][ T7004] xt_HMARK: spi-set and port-set can't be combined
[  327.971014][ T4229] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  328.052222][ T4229] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  328.198137][ T4229] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[  328.276636][ T4229] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  328.364769][   T23] libceph: mon0 (1)[c::]:6789 connect error
[  328.540478][ T4229] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=d7.17
[  328.567286][ T4229] usb 2-1: New USB device strings: Mfr=5, Product=56, SerialNumber=1
[  328.606192][ T4229] usb 2-1: Product: syz
[  328.621168][ T4229] usb 2-1: Manufacturer: syz
[  328.625776][ T4229] usb 2-1: SerialNumber: syz
[  328.701794][ T6990] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  328.708805][ T6990] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  328.726617][ T7009] xt_CT: No such helper "netbios-ns"
[  328.761255][ T4229] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[  329.370490][    T7] Bluetooth: hci4: command 0x0406 tx timeout
[  329.584382][ T4229] cdc_acm 2-1:1.0: ttyACM0: USB ACM device
[  329.592639][ T4229] usb 2-1: USB disconnect, device number 14
[  329.714332][ T7030] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  330.518137][ T7048] xt_HMARK: spi-set and port-set can't be combined
[  331.316083][ T4015] device hsr_slave_0 left promiscuous mode
[  331.331114][ T4015] device hsr_slave_1 left promiscuous mode
[  331.444446][ T4015] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  331.520497][ T3612] usb 1-1: new full-speed USB device number 15 using dummy_hcd
[  331.558780][ T4015] batman_adv: batadv0: Removing interface: batadv_slave_0
[  331.728032][ T4015] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  331.822846][ T4015] batman_adv: batadv0: Removing interface: batadv_slave_1
[  331.971069][ T3612] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  332.040026][ T3612] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  332.094996][ T3612] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[  332.109483][ T4229] Bluetooth: hci1: command 0x0409 tx timeout
[  332.109686][ T3612] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  332.133106][ T4015] device bridge_slave_1 left promiscuous mode
[  332.139576][ T4015] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.148584][ T4015] device bridge_slave_0 left promiscuous mode
[  332.155077][ T4015] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.213732][ T4015] device batadv0 left promiscuous mode
[  332.221449][ T4015] device veth1_macvtap left promiscuous mode
[  332.227477][ T4015] device veth0_macvtap left promiscuous mode
[  332.270658][ T4015] device veth1_vlan left promiscuous mode
[  332.276608][ T4015] device veth0_vlan left promiscuous mode
[  332.405519][ T4015] bond0 (unregistering): (slave macvlan2): Releasing backup interface
[  332.432634][ T3612] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=d7.17
[  332.442009][ T3612] usb 1-1: New USB device strings: Mfr=5, Product=56, SerialNumber=1
[  332.450158][ T3612] usb 1-1: Product: syz
[  332.455021][ T3612] usb 1-1: Manufacturer: syz
[  332.459631][ T3612] usb 1-1: SerialNumber: syz
[  332.491365][ T7057] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  332.498361][ T7057] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  332.627055][ T3612] cdc_acm 1-1:1.0: Control and data interfaces are not separated!
[  333.159469][ T7075] binder: BC_ATTEMPT_ACQUIRE not supported
[  333.231841][ T7075] binder: 7056:7075 ioctl c0306201 20000380 returned -22
[  333.362136][ T3612] cdc_acm 1-1:1.0: ttyACM0: USB ACM device
[  333.412796][ T3612] usb 1-1: USB disconnect, device number 15
[  333.504810][ T4015] team0 (unregistering): Port device team_slave_0 removed
[  333.517580][ T4015] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  333.533652][ T4015] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  333.602046][ T4015] bond0 (unregistering): Released all slaves
[  333.667096][ T7062] netlink: 4 bytes leftover after parsing attributes in process `syz.4.923'.
[  333.682870][ T7062] device bond_slave_0 entered promiscuous mode
[  333.689480][ T7062] device bond_slave_1 entered promiscuous mode
[  333.697935][ T7062] device macvtap1 entered promiscuous mode
[  333.705541][ T7062] device bond0 entered promiscuous mode
[  333.712521][ T7062] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  333.719878][ T7064] netlink: 4 bytes leftover after parsing attributes in process `syz.4.923'.
[  333.728835][   T13] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  333.736644][ T7064] device bond0 left promiscuous mode
[  333.744602][ T7064] device bond_slave_0 left promiscuous mode
[  333.750579][ T7064] device bond_slave_1 left promiscuous mode
[  333.863939][ T7025] chnl_net:caif_netlink_parms(): no params data found
[  333.970697][   T13] usb 2-1: Using ep0 maxpacket: 32
[  333.996313][ T7025] bridge0: port 1(bridge_slave_0) entered blocking state
[  334.004422][ T7025] bridge0: port 1(bridge_slave_0) entered disabled state
[  334.012554][ T7025] device bridge_slave_0 entered promiscuous mode
[  334.021814][ T7025] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.029025][ T7025] bridge0: port 2(bridge_slave_1) entered disabled state
[  334.039645][ T7025] device bridge_slave_1 entered promiscuous mode
[  334.090786][   T13] usb 2-1: config 0 has no interfaces?
[  334.121737][   T13] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  334.142288][ T7025] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  334.160856][   T13] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.182044][ T7025] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  334.183303][ T4229] Bluetooth: hci1: command 0x041b tx timeout
[  334.207759][   T13] usb 2-1: config 0 descriptor??
[  334.294279][ T7025] team0: Port device team_slave_0 added
[  334.311384][ T7025] team0: Port device team_slave_1 added
[  334.428217][ T7025] batman_adv: batadv0: Adding interface: batadv_slave_0
[  334.572306][ T7025] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.063898][ T7025] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  335.077502][ T7025] batman_adv: batadv0: Adding interface: batadv_slave_1
[  335.084495][ T7025] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.110416][ T7025] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  335.594672][ T7025] device hsr_slave_0 entered promiscuous mode
[  335.614420][ T7025] device hsr_slave_1 entered promiscuous mode
[  335.740375][ T1075] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  336.250934][    T7] Bluetooth: hci1: command 0x040f tx timeout
[  336.489793][   T23] usb 2-1: USB disconnect, device number 15
[  336.585394][ T7025] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  337.032593][ T1075] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  337.058047][ T7025] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.075100][ T1075] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  337.110468][ T1075] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[  337.146268][ T1075] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  337.750085][ T1075] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=d7.17
[  337.762177][ T1075] usb 5-1: New USB device strings: Mfr=5, Product=56, SerialNumber=1
[  337.770678][ T1075] usb 5-1: Product: syz
[  337.774837][ T1075] usb 5-1: Manufacturer: syz
[  337.781169][ T7158] xt_HMARK: spi-set and port-set can't be combined
[  337.788494][ T1075] usb 5-1: SerialNumber: syz
[  337.918662][ T7025] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  338.349377][   T13] Bluetooth: hci1: command 0x0419 tx timeout
[  338.430271][ T7025] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.510389][ T1075] usb 5-1: can't set config #1, error -71
[  338.526549][ T1075] usb 5-1: USB disconnect, device number 14
[  338.534262][ T7153] netlink: 8 bytes leftover after parsing attributes in process `syz.3.945'.
[  338.708852][ T7025] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  338.919392][ T7025] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.568313][ T7025] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  339.663548][ T7025] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.823110][ T1075] libceph: connect (1)[c::]:6789 error -101
[  339.855738][ T1075] libceph: mon0 (1)[c::]:6789 connect error
[  340.022985][ T7178] ceph: No mds server is up or the cluster is laggy
[  340.249301][ T1075] libceph: connect (1)[c::]:6789 error -101
[  340.331191][ T1075] libceph: mon0 (1)[c::]:6789 connect error
[  340.616429][ T3612] libceph: connect (1)[c::]:6789 error -101
[  340.623662][ T3612] libceph: mon0 (1)[c::]:6789 connect error
[  341.047309][ T7025] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  341.147174][ T7025] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  341.194529][ T7025] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  341.210769][   T13] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  341.230665][ T7025] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  341.330758][   T23] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  341.421216][ T7025] 8021q: adding VLAN 0 to HW filter on device bond0
[  341.435889][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  341.464429][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  341.502324][ T7214] xt_HMARK: spi-set and port-set can't be combined
[  341.548829][ T7025] 8021q: adding VLAN 0 to HW filter on device team0
[  341.580434][   T13] usb 5-1: Using ep0 maxpacket: 32
[  341.701334][   T13] usb 5-1: config 0 has no interfaces?
[  341.735458][   T13] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  341.809039][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  341.891944][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  341.951699][   T13] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.052299][ T6841] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.059415][ T6841] bridge0: port 1(bridge_slave_0) entered forwarding state
[  342.096768][   T13] usb 5-1: config 0 descriptor??
[  342.106430][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  342.125269][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  342.150651][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  342.202033][ T6841] bridge0: port 2(bridge_slave_1) entered blocking state
[  342.209105][ T6841] bridge0: port 2(bridge_slave_1) entered forwarding state
[  342.257356][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  342.271404][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  342.301750][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  342.327467][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  342.355595][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  342.370977][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  342.390112][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  342.409210][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  342.451020][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  342.493894][ T7025] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  342.520435][   T23] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  342.540303][   T23] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  342.553953][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  342.569752][   T23] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[  342.571875][ T3658] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  342.601447][   T23] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  342.771213][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  342.778889][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  342.799826][ T7025] 8021q: adding VLAN 0 to HW filter on device batadv0
[  342.810693][   T23] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=d7.17
[  342.823914][   T23] usb 4-1: New USB device strings: Mfr=5, Product=56, SerialNumber=1
[  342.828984][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  342.832710][   T23] usb 4-1: Product: syz
[  342.845036][   T23] usb 4-1: Manufacturer: syz
[  342.849767][   T23] usb 4-1: SerialNumber: syz
[  342.851394][ T4778] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  342.900689][ T7201] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  342.905672][ T7025] device veth0_vlan entered promiscuous mode
[  342.915387][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  342.918332][ T7201] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  342.924235][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  342.944145][ T7025] device veth1_vlan entered promiscuous mode
[  342.953769][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  342.963880][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  342.971859][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  342.972059][   T23] cdc_acm 4-1:1.0: Control and data interfaces are not separated!
[  342.995194][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  343.004695][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  343.014889][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  343.036737][ T7025] device veth0_macvtap entered promiscuous mode
[  343.055825][ T7025] device veth1_macvtap entered promiscuous mode
[  343.076123][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  343.087142][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.097101][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  343.107568][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.117418][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  343.127926][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.160279][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  343.173366][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.189870][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  343.209694][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.259957][ T7201] binder: BC_ATTEMPT_ACQUIRE not supported
[  343.266601][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  343.290269][ T7201] binder: 7200:7201 ioctl c0306201 20000380 returned -22
[  343.293646][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.317379][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  343.329854][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.357127][ T7025] batman_adv: batadv0: Interface activated: batadv_slave_0
[  343.455829][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  343.647710][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.762117][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  343.818252][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.992725][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  344.027458][   T23] cdc_acm 4-1:1.0: ttyACM0: USB ACM device
[  344.040245][   T23] usb 4-1: USB disconnect, device number 8
[  344.048683][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  344.063139][ T3655] usb 5-1: USB disconnect, device number 15
[  344.070692][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  344.196031][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  344.206127][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  344.216719][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  344.226675][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  344.237140][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  344.433460][ T7025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  344.839397][ T7025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  345.127587][ T7025] batman_adv: batadv0: Interface activated: batadv_slave_1
[  345.240563][   T23] libceph: connect (1)[c::]:6789 error -101
[  345.249140][ T7251] ceph: No mds server is up or the cluster is laggy
[  345.258839][   T23] libceph: mon0 (1)[c::]:6789 connect error
[  345.541709][ T3655] libceph: connect (1)[c::]:6789 error -101
[  345.554035][ T3655] libceph: mon0 (1)[c::]:6789 connect error
[  346.077176][ T3655] libceph: connect (1)[c::]:6789 error -101
[  346.096224][ T3655] libceph: mon0 (1)[c::]:6789 connect error
[  346.406477][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  346.681108][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  346.730978][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  346.816946][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  346.826480][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  346.837189][ T6841] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  347.933067][ T7025] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  348.034013][ T7025] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  348.043052][ T7025] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  348.051878][ T7025] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  348.099140][ T7263] 8021q: adding VLAN 0 to HW filter on device bond0
[  348.181819][ T7263] bond0: (slave rose0): Enslaving as an active interface with an up link
[  348.330759][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  348.412822][ T7295] netlink: 64 bytes leftover after parsing attributes in process `syz.3.977'.
[  348.454431][ T4023] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  348.474235][ T4023] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  348.509547][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  348.565550][ T6841] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  348.595123][ T6841] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  348.629599][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  348.741741][   T13] usb 2-1: new full-speed USB device number 16 using dummy_hcd
[  348.860158][ T7312] xt_HMARK: spi-set and port-set can't be combined
[  349.110428][   T13] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  349.298807][   T13] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  349.510497][   T13] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[  349.747219][   T13] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  351.030409][   T13] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=d7.17
[  351.062204][   T13] usb 2-1: New USB device strings: Mfr=5, Product=56, SerialNumber=1
[  351.251291][   T13] usb 2-1: Product: syz
[  351.265857][   T13] usb 2-1: Manufacturer: syz
[  352.330309][   T13] usb 2-1: SerialNumber: syz
[  352.388983][   T13] usb 2-1: can't set config #1, error -71
[  352.497210][   T13] usb 2-1: USB disconnect, device number 16
[  353.527064][ T3616] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  354.186629][ T4015] device hsr_slave_0 left promiscuous mode
[  354.216685][ T4015] device hsr_slave_1 left promiscuous mode
[  354.231570][ T4015] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  354.239006][ T4015] batman_adv: batadv0: Removing interface: batadv_slave_0
[  354.254950][   T26] audit: type=1326 audit(1727609389.290:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.0.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbccad95ff9 code=0x7ffc0000
[  354.280911][ T4015] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  354.308062][ T4015] batman_adv: batadv0: Removing interface: batadv_slave_1
[  354.470941][ T3616] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  354.499642][ T3616] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  354.546612][ T3616] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[  354.605930][   T26] audit: type=1326 audit(1727609389.310:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.0.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbccad95ff9 code=0x7ffc0000
[  355.027024][ T3616] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  355.030649][ T4015] device bridge_slave_1 left promiscuous mode
[  355.074505][   T26] audit: type=1326 audit(1727609389.310:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.0.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fbccad95ff9 code=0x7ffc0000
[  355.192879][   T26] audit: type=1326 audit(1727609389.310:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.0.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbccad95ff9 code=0x7ffc0000
[  355.220037][   T26] audit: type=1326 audit(1727609389.310:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.0.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbccad95ff9 code=0x7ffc0000
[  356.123636][   T21] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  356.156386][   T26] audit: type=1326 audit(1727609389.330:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.0.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbccad94990 code=0x7ffc0000
[  356.178586][    C1] vkms_vblank_simulate: vblank timer overrun
[  356.201804][ T4015] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.273695][   T26] audit: type=1326 audit(1727609389.330:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.0.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbccad95bfb code=0x7ffc0000
[  356.295799][    C1] vkms_vblank_simulate: vblank timer overrun
[  356.310739][   T26] audit: type=1326 audit(1727609389.330:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.0.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbccad95bfb code=0x7ffc0000
[  356.332824][    C1] vkms_vblank_simulate: vblank timer overrun
[  356.347041][   T26] audit: type=1326 audit(1727609389.330:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.0.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbccad95bfb code=0x7ffc0000
[  356.383206][ T3616] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=d7.17
[  356.392816][ T3616] usb 5-1: New USB device strings: Mfr=5, Product=56, SerialNumber=1
[  356.401091][ T3616] usb 5-1: Product: syz
[  356.420699][ T4015] device bridge_slave_0 left promiscuous mode
[  356.424071][   T26] audit: type=1326 audit(1727609389.330:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.0.1010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbccad95bfb code=0x7ffc0000
[  356.426892][ T4015] bridge0: port 1(bridge_slave_0) entered disabled state
[  356.448821][    C1] vkms_vblank_simulate: vblank timer overrun
[  356.571128][   T21] usb 1-1: config 0 has no interfaces?
[  356.593859][   T21] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  356.711853][   T21] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.865653][   T21] usb 1-1: config 0 descriptor??
[  357.118959][ T4015] device veth1_macvtap left promiscuous mode
[  357.140825][ T4015] device veth0_macvtap left promiscuous mode
[  357.146938][ T4015] device veth1_vlan left promiscuous mode
[  357.167664][ T3616] usb 5-1: can't set config #1, error -71
[  357.173975][ T4015] device veth0_vlan left promiscuous mode
[  357.182483][ T3616] usb 5-1: USB disconnect, device number 16
[  357.248244][   T21] usb 1-1: USB disconnect, device number 16
[  357.525265][ T4015] team0 (unregistering): Port device team_slave_1 removed
[  357.538781][ T4015] team0 (unregistering): Port device team_slave_0 removed
[  357.553585][ T4015] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  357.621817][ T4015] bond0 (unregistering): Released all slaves
[  358.299194][ T7441] overlayfs: overlapping lowerdir path
[  358.336711][   T21] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  359.036011][   T21] usb 2-1: Using ep0 maxpacket: 16
[  359.170607][   T21] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  359.366372][   T21] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  359.381155][   T21] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  359.390199][   T21] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.400291][   T21] usb 2-1: config 0 descriptor??
[  360.167510][ T3613] Bluetooth: hci6: command 0x0406 tx timeout
[  360.311988][   T26] kauditd_printk_skb: 34 callbacks suppressed
[  360.312001][   T26] audit: type=1326 audit(1727609395.350:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe52430ff9 code=0x7ffc0000
[  360.413860][   T26] audit: type=1326 audit(1727609395.350:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe52430ff9 code=0x7ffc0000
[  360.580441][   T26] audit: type=1326 audit(1727609395.380:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fbe52430ff9 code=0x7ffc0000
[  360.613673][   T21] microsoft 0003:045E:07DA.0001: No inputs registered, leaving
[  360.626415][   T21] microsoft 0003:045E:07DA.0001: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  360.638079][   T21] microsoft 0003:045E:07DA.0001: no inputs found
[  360.644501][   T21] microsoft 0003:045E:07DA.0001: could not initialize ff, continuing anyway
[  360.665089][   T26] audit: type=1326 audit(1727609395.380:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe52430ff9 code=0x7ffc0000
[  360.704350][   T26] audit: type=1326 audit(1727609395.380:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe52430ff9 code=0x7ffc0000
[  360.726580][    C1] vkms_vblank_simulate: vblank timer overrun
[  360.748474][ T7481] overlayfs: overlapping lowerdir path
[  360.830594][ T3613] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  361.241112][ T3613] usb 4-1: config 0 has no interfaces?
[  361.247092][ T3613] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  361.255450][   T26] audit: type=1326 audit(1727609395.380:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbe5242f990 code=0x7ffc0000
[  361.298121][ T3613] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.326172][ T3613] usb 4-1: config 0 descriptor??
[  361.331489][   T26] audit: type=1326 audit(1727609395.380:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbe52430bfb code=0x7ffc0000
[  361.510483][   T26] audit: type=1326 audit(1727609395.380:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbe52430bfb code=0x7ffc0000
[  361.572214][   T21] usb 2-1: USB disconnect, device number 17
[  361.655742][ T1313] usb 4-1: USB disconnect, device number 9
[  361.688831][   T26] audit: type=1326 audit(1727609395.390:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbe52430bfb code=0x7ffc0000
[  361.762845][   T26] audit: type=1326 audit(1727609395.390:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7467 comm="syz.3.1021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbe52430bfb code=0x7ffc0000
[  362.185834][ T7491] netlink: 'syz.1.1029': attribute type 6 has an invalid length.
[  364.720758][ T7526] overlayfs: overlapping lowerdir path
[  366.110303][   T13] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  366.480821][   T13] usb 3-1: config 0 has no interfaces?
[  366.497549][   T13] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  366.655214][   T13] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.900388][   T13] usb 3-1: config 0 descriptor??
[  367.213793][   T13] usb 3-1: USB disconnect, device number 7
[  368.719770][ T7578] netlink: 'syz.2.1054': attribute type 6 has an invalid length.
[  370.240603][ T4229] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  370.481294][ T4229] usb 1-1: Using ep0 maxpacket: 16
[  370.602189][ T4229] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  370.842937][ T4229] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  370.924786][ T4229] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  371.104101][ T4229] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  371.114773][ T4229] usb 1-1: config 0 descriptor??
[  371.400793][   T13] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  371.727612][ T4229] microsoft 0003:045E:07DA.0002: No inputs registered, leaving
[  371.820898][   T13] usb 5-1: config 0 has no interfaces?
[  371.863883][ T4229] microsoft 0003:045E:07DA.0002: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  371.876048][ T4229] microsoft 0003:045E:07DA.0002: no inputs found
[  371.882634][ T4229] microsoft 0003:045E:07DA.0002: could not initialize ff, continuing anyway
[  371.902710][   T13] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  371.922472][   T13] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  371.940284][   T13] usb 5-1: SerialNumber: syz
[  371.952965][   T13] usb 5-1: config 0 descriptor??
[  372.180718][ T3655] usb 1-1: USB disconnect, device number 17
[  372.194353][ T4229] usb 5-1: USB disconnect, device number 17
[  374.441840][ T7674] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  374.488099][ T7678] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1082'.
[  377.050794][ T7721] device vlan2 entered promiscuous mode
[  377.057387][ T7721] device bridge0 entered promiscuous mode
[  377.066917][ T7721] bridge0: port 3(vlan2) entered blocking state
[  377.073787][ T7721] bridge0: port 3(vlan2) entered disabled state
[  377.103819][ T7721] device bridge0 left promiscuous mode
[  377.921470][ T7729] IPVS: sync thread started: state = MASTER, mcast_ifn = macvtap0, syncid = 0, id = 0
[  378.249847][ T7731] mmap: syz.1.1102 (7731) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  379.217270][ T1389] ieee802154 phy0 wpan0: encryption failed: -22
[  379.223617][   T27] INFO: task syz.0.605:5929 blocked for more than 144 seconds.
[  379.232056][ T1389] ieee802154 phy1 wpan1: encryption failed: -22
[  379.240973][   T27]       Not tainted 5.15.167-syzkaller #0
[  379.266426][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  379.281285][   T27] task:syz.0.605       state:D stack:27384 pid: 5929 ppid:  3570 flags:0x00004004
[  379.318579][   T27] Call Trace:
[  379.326545][   T27]  <TASK>
[  379.339167][   T27]  __schedule+0x12c4/0x45b0
[  379.359817][   T27]  ? release_firmware_map_entry+0x190/0x190
[  379.370281][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  379.471516][   T27]  ? print_irqtrace_events+0x210/0x210
[  379.477088][   T27]  ? _raw_spin_lock_irq+0xdb/0x110
[  379.482634][   T27]  ? do_raw_spin_unlock+0x137/0x8b0
[  379.500546][   T27]  schedule+0x11b/0x1f0
[  379.504724][   T27]  schedule_preempt_disabled+0xf/0x20
[  379.510162][   T27]  rwsem_down_read_slowpath+0x605/0xb40
[  379.602898][   T27]  ? down_write_killable_nested+0x90/0x90
[  379.608789][   T27]  ? __lock_acquire+0x1ff0/0x1ff0
[  379.617807][   T27]  ? do_raw_spin_lock+0x14a/0x370
[  379.624703][   T27]  down_read+0x9a/0x2e0
[  379.629006][   T27]  iterate_supers+0xac/0x1e0
[  379.636221][   T27]  ? ksys_sync+0x1c0/0x1c0
[  379.641984][   T27]  ksys_sync+0xb9/0x1c0
[  379.646542][   T27]  ? sync_filesystem+0x220/0x220
[  379.678360][   T23] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  380.127689][   T27]  ? syscall_enter_from_user_mode+0x2e/0x240
[  380.145485][   T27]  ? syscall_enter_from_user_mode+0x2e/0x240
[  380.166081][   T27]  __do_sys_sync+0xa/0x10
[  380.170888][   T27]  do_syscall_64+0x3b/0xb0
[  380.175430][   T27]  ? clear_bhb_loop+0x15/0x70
[  380.180284][   T27]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  380.193660][   T27] RIP: 0033:0x7fa99ef69ff9
[  380.205978][   T27] RSP: 002b:00007fa99d3c1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[  380.224557][   T27] RAX: ffffffffffffffda RBX: 00007fa99f122058 RCX: 00007fa99ef69ff9
[  380.242649][   T27] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  380.261219][   T27] RBP: 00007fa99efdc296 R08: 0000000000000000 R09: 0000000000000000
[  380.278185][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  380.305592][   T27] R13: 0000000000000001 R14: 00007fa99f122058 R15: 00007ffd02b79178
[  380.326808][   T27]  </TASK>
[  380.330104][   T27] 
[  380.330104][   T27] Showing all locks held in the system:
[  380.372332][   T27] 3 locks held by kworker/1:1/23:
[  380.383272][   T27]  #0: ffff888144ccd538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  380.394916][   T27]  #1: ffffc90000ddfd20 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  380.407221][   T23] usb 1-1: config 0 has no interfaces?
[  380.417833][   T27]  #2: ffff888022c57220 (&dev->mutex){....}-{3:3}, at: hub_event+0x208/0x54c0
[  380.427196][   T27] 1 lock held by khungtaskd/27:
[  380.432588][   T27]  #0: ffffffff8c91fc60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[  380.446134][   T27] 2 locks held by getty/3337:
[  380.455764][   T27]  #0: ffff88814b707098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  380.465908][   T27]  #1: ffffc9000208e2e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6af/0x1db0
[  380.477798][   T27] 1 lock held by syz-executor/3737:
[  380.483319][   T27]  #0: ffff88807b92a0e0 (&type->s_umount_key#67){++++}-{3:3}, at: deactivate_super+0xa9/0xe0
[  380.493958][   T23] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  380.503172][   T27] 2 locks held by kworker/u4:11/4017:
[  380.508611][   T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  380.517001][   T27]  #0: ffff888017079138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x78a/0x10c0
[  380.528390][   T23] usb 1-1: SerialNumber: syz
[  380.534024][   T27]  #1: ffffc90003157d20 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x7d0/0x10c0
[  380.547708][   T23] usb 1-1: config 0 descriptor??
[  380.552791][   T27] 1 lock held by syz.0.605/5929:
[  380.557790][   T27]  #0: ffff88807b92a0e0 (&type->s_umount_key#67){++++}-{3:3}, at: iterate_supers+0xac/0x1e0
[  380.568428][   T27] 4 locks held by udevd/7205:
[  380.573797][   T27]  #0: ffff8880791482f0 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xae/0xd10
[  380.584943][   T27]  #1: ffff888020968c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_seq_start+0x50/0x3b0
[  380.596732][   T27]  #2: ffffffff8c91fc60 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x5/0x30
[  380.606435][   T27]  #3: ffff88807c8240a8 (&ep->wq){....}-{2:2}, at: __wake_up+0xf5/0x1c0
[  380.615034][   T27] 2 locks held by kworker/u4:21/7384:
[  380.620795][   T27] 
[  380.623115][   T27] =============================================
[  380.623115][   T27] 
[  380.634505][   T27] NMI backtrace for cpu 1
[  380.638832][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 5.15.167-syzkaller #0
[  380.646802][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  380.656851][   T27] Call Trace:
[  380.660127][   T27]  <TASK>
[  380.663051][   T27]  dump_stack_lvl+0x1e3/0x2d0
[  380.667728][   T27]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  380.673355][   T27]  ? panic+0x860/0x860
[  380.677425][   T27]  ? nmi_cpu_backtrace+0x23b/0x4a0
[  380.682536][   T27]  nmi_cpu_backtrace+0x46a/0x4a0
[  380.687467][   T27]  ? __wake_up_klogd+0xd5/0x100
[  380.692318][   T27]  ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0
[  380.698464][   T27]  ? _printk+0xd1/0x120
[  380.702615][   T27]  ? panic+0x860/0x860
[  380.706677][   T27]  ? __wake_up_klogd+0xcc/0x100
[  380.711522][   T27]  ? panic+0x860/0x860
[  380.715588][   T27]  ? __rcu_read_unlock+0x92/0x100
[  380.720605][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  380.726668][   T27]  nmi_trigger_cpumask_backtrace+0x181/0x2a0
[  380.732651][   T27]  watchdog+0xe72/0xeb0
[  380.736815][   T27]  kthread+0x3f6/0x4f0
[  380.740876][   T27]  ? hungtask_pm_notify+0x50/0x50
[  380.745901][   T27]  ? kthread_blkcg+0xd0/0xd0
[  380.750487][   T27]  ret_from_fork+0x1f/0x30
[  380.754916][   T27]  </TASK>
[  380.757979][    C1] vkms_vblank_simulate: vblank timer overrun
[  380.764800][   T27] Sending NMI from CPU 1 to CPUs 0:
[  380.770288][    C0] NMI backtrace for cpu 0
[  380.770297][    C0] CPU: 0 PID: 7384 Comm: kworker/u4:21 Not tainted 5.15.167-syzkaller #0
[  380.770313][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  380.770322][    C0] Workqueue: phy12 ieee80211_iface_work
[  380.770341][    C0] RIP: 0010:mark_lock+0x10b/0x340
[  380.770358][    C0] Code: 42 80 3c 28 00 74 08 48 89 df e8 50 09 67 00 41 bc 01 00 00 00 44 85 33 74 53 44 89 e0 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f <5d> c3 e8 fe 17 a3 02 85 c0 74 be 48 c7 c0 48 94 e9 8d 48 c1 e8 03
[  380.770369][    C0] RSP: 0018:ffffc900000078b0 EFLAGS: 00000086
[  380.770381][    C0] RAX: 0000000000000001 RBX: ffff888027a864f8 RCX: ffffffff81631ae8
[  380.770391][    C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff907120c0
[  380.770400][    C0] RBP: 0000000000000008 R08: dffffc0000000000 R09: fffffbfff20e2419
[  380.770409][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000005
[  380.770418][    C0] R13: ffff888027a86428 R14: 0000000000000005 R15: ffff888027a86518
[  380.770428][    C0] FS:  0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  380.770440][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  380.770450][    C0] CR2: 00007f53d45f73f8 CR3: 00000000753c8000 CR4: 00000000003506f0
[  380.770462][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  380.770470][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  380.770479][    C0] Call Trace:
[  380.770483][    C0]  <NMI>
[  380.770488][    C0]  ? nmi_cpu_backtrace+0x39f/0x4a0
[  380.770503][    C0]  ? read_lock_is_recursive+0x10/0x10
[  380.770517][    C0]  ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0
[  380.770537][    C0]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  380.770552][    C0]  ? nmi_handle+0xf7/0x370
[  380.770567][    C0]  ? mark_lock+0x10b/0x340
[  380.770579][    C0]  ? default_do_nmi+0x62/0x150
[  380.770595][    C0]  ? exc_nmi+0xa8/0x100
[  380.770608][    C0]  ? end_repeat_nmi+0x16/0x31
[  380.770622][    C0]  ? mark_lock+0x98/0x340
[  380.770635][    C0]  ? mark_lock+0x10b/0x340
[  380.770647][    C0]  ? mark_lock+0x10b/0x340
[  380.770659][    C0]  ? mark_lock+0x10b/0x340
[  380.770671][    C0]  </NMI>
[  380.770675][    C0]  <IRQ>
[  380.770679][    C0]  __lock_acquire+0xc97/0x1ff0
[  380.770697][    C0]  lock_acquire+0x1db/0x4f0
[  380.770709][    C0]  ? __queue_work+0x56d/0xd00
[  380.770724][    C0]  ? read_lock_is_recursive+0x10/0x10
[  380.770744][    C0]  _raw_spin_lock+0x2a/0x40
[  380.770758][    C0]  ? __queue_work+0x56d/0xd00
[  380.770770][    C0]  __queue_work+0x56d/0xd00
[  380.770786][    C0]  call_timer_fn+0x16d/0x560
[  380.770798][    C0]  ? __lock_acquire+0x1ff0/0x1ff0
[  380.770810][    C0]  ? queue_work_node+0x420/0x420
[  380.770823][    C0]  ? __run_timers+0x890/0x890
[  380.770836][    C0]  ? do_raw_spin_unlock+0x137/0x8b0
[  380.770849][    C0]  ? rcu_is_watching+0x11/0xa0
[  380.770865][    C0]  ? queue_work_node+0x420/0x420
[  380.770877][    C0]  __run_timers+0x6a8/0x890
[  380.770892][    C0]  ? detach_timer+0x2f0/0x2f0
[  380.770903][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  380.770918][    C0]  ? ktime_get_real_ts64+0x460/0x460
[  380.770933][    C0]  run_timer_softirq+0x63/0xf0
[  380.770949][    C0]  handle_softirqs+0x3a7/0x930
[  380.770963][    C0]  ? __irq_exit_rcu+0x157/0x240
[  380.770977][    C0]  ? do_softirq+0x240/0x240
[  380.770989][    C0]  ? hrtimer_interrupt+0x76b/0x980
[  380.771002][    C0]  ? irqtime_account_irq+0xd0/0x1e0
[  380.771019][    C0]  __irq_exit_rcu+0x157/0x240
[  380.771031][    C0]  ? irq_exit_rcu+0x20/0x20
[  380.771047][    C0]  irq_exit_rcu+0x5/0x20
[  380.771058][    C0]  sysvec_apic_timer_interrupt+0x91/0xb0
[  380.771073][    C0]  </IRQ>
[  380.771077][    C0]  <TASK>
[  380.771081][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  380.771096][    C0] RIP: 0010:lock_acquire+0x252/0x4f0
[  380.771108][    C0] Code: 2b 00 74 08 4c 89 f7 e8 0c 75 67 00 f6 44 24 61 02 0f 85 84 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[  380.771119][    C0] RSP: 0018:ffffc900031977c0 EFLAGS: 00000206
[  380.771134][    C0] RAX: 0000000000000001 RBX: 1ffff92000632f04 RCX: ffffffff816366b2
[  380.771144][    C0] RDX: dffffc0000000000 RSI: ffffffff8a8b3da0 RDI: ffffffff8ad904c0
[  380.771154][    C0] RBP: ffffc90003197908 R08: dffffc0000000000 R09: fffffbfff20e2426
[  380.771164][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000632f00
[  380.771173][    C0] R13: dffffc0000000000 R14: ffffc90003197820 R15: 0000000000000246
[  380.771185][    C0]  ? validate_chain+0x112/0x5930
[  380.771203][    C0]  ? read_lock_is_recursive+0x10/0x10
[  380.771217][    C0]  ? __might_sleep+0xc0/0xc0
[  380.771230][    C0]  ? mark_lock+0x98/0x340
[  380.771243][    C0]  ? __lock_acquire+0x1295/0x1ff0
[  380.771257][    C0]  __mutex_lock_common+0x1da/0x25a0
[  380.771270][    C0]  ? ieee80211_ibss_work+0xa0/0x1480
[  380.771288][    C0]  ? ieee80211_ibss_work+0xa0/0x1480
[  380.771303][    C0]  ? mutex_lock_io_nested+0x60/0x60
[  380.771318][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  380.771332][    C0]  ? print_irqtrace_events+0x210/0x210
[  380.771346][    C0]  mutex_lock_nested+0x17/0x20
[  380.771359][    C0]  ieee80211_ibss_work+0xa0/0x1480
[  380.771373][    C0]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  380.771386][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  380.771400][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  380.771414][    C0]  ? _raw_spin_unlock+0x40/0x40
[  380.771429][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0x2af0/0x2af0
[  380.771446][    C0]  ? skb_dequeue+0x10f/0x140
[  380.771460][    C0]  ? ieee80211_iface_work+0x9bf/0xcc0
[  380.771475][    C0]  ? ieee80211_iface_work+0xbdf/0xcc0
[  380.771493][    C0]  process_one_work+0x8a1/0x10c0
[  380.771512][    C0]  ? worker_detach_from_pool+0x260/0x260
[  380.771527][    C0]  ? _raw_spin_lock_irqsave+0x120/0x120
[  380.771541][    C0]  ? kthread_data+0x4e/0xc0
[  380.771553][    C0]  ? wq_worker_running+0x97/0x170
[  380.771567][    C0]  worker_thread+0xaca/0x1280
[  380.771581][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  380.771603][    C0]  kthread+0x3f6/0x4f0
[  380.771614][    C0]  ? rcu_lock_release+0x20/0x20
[  380.771627][    C0]  ? kthread_blkcg+0xd0/0xd0
[  380.771640][    C0]  ret_from_fork+0x1f/0x30
[  380.771658][    C0]  </TASK>
[  380.902758][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  380.910205][    C1] vkms_vblank_simulate: vblank timer overrun
[  380.918156][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.15.167-syzkaller #0
[  380.934268][ T1075] usb 1-1: USB disconnect, device number 18
[  380.934667][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  381.411351][   T27] Call Trace:
[  381.414609][   T27]  <TASK>
[  381.417517][   T27]  dump_stack_lvl+0x1e3/0x2d0
[  381.422176][   T27]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  381.427784][   T27]  ? panic+0x860/0x860
[  381.431856][   T27]  panic+0x318/0x860
[  381.435733][   T27]  ? schedule_preempt_disabled+0x20/0x20
[  381.441345][   T27]  ? nmi_trigger_cpumask_backtrace+0x221/0x2a0
[  381.447503][   T27]  ? fb_is_primary_device+0xd0/0xd0
[  381.452704][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  381.458776][   T27]  ? nmi_trigger_cpumask_backtrace+0x221/0x2a0
[  381.464929][   T27]  ? nmi_trigger_cpumask_backtrace+0x281/0x2a0
[  381.471084][   T27]  ? nmi_trigger_cpumask_backtrace+0x286/0x2a0
[  381.477234][   T27]  watchdog+0xeb0/0xeb0
[  381.481398][   T27]  kthread+0x3f6/0x4f0
[  381.485441][   T27]  ? hungtask_pm_notify+0x50/0x50
[  381.490440][   T27]  ? kthread_blkcg+0xd0/0xd0
[  381.495023][   T27]  ret_from_fork+0x1f/0x30
[  381.499418][   T27]  </TASK>
[  381.502635][   T27] Kernel Offset: disabled
[  381.506953][   T27] Rebooting in 86400 seconds..