Warning: Permanently added '10.128.0.81' (ED25519) to the list of known hosts.
2024/05/26 12:39:38 fuzzer started
2024/05/26 12:39:38 dialing manager at 10.128.0.169:30020
[   53.832549][ T5090] cgroup: Unknown subsys name 'net'
[   54.014070][ T5090] cgroup: Unknown subsys name 'rlimit'
2024/05/26 12:39:39 starting 5 executor processes
[   55.075337][ T5099] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   55.087488][ T5099] syz-executor (5099) used greatest stack depth: 18800 bytes left
[   55.862731][ T5114] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   55.875308][ T5113] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   55.882582][ T5119] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   55.884025][ T5114] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   55.891081][ T5119] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   55.899035][ T5114] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   55.905454][ T5119] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   55.912262][ T5114] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   55.919698][ T5119] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   55.925946][ T5114] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   55.933620][ T5119] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   55.947152][ T5114] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   55.947216][ T5119] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   55.954293][ T5113] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   55.961517][ T5119] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   55.982037][   T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   55.992286][ T5114] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   55.992921][ T5117] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   56.002264][ T5114] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   56.008068][ T5117] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   56.013611][ T5114] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   56.020721][ T5117] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   56.027881][ T5114] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   56.043706][ T5114] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   56.202950][ T5114] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   56.211902][ T5114] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   56.220935][ T5114] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   56.229861][ T5114] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   56.237977][ T5114] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   56.246041][ T5114] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   56.582532][ T5122] chnl_net:caif_netlink_parms(): no params data found
[   56.657228][ T5121] chnl_net:caif_netlink_parms(): no params data found
[   56.697977][ T5123] chnl_net:caif_netlink_parms(): no params data found
[   56.798101][ T5122] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.805903][ T5122] bridge0: port 1(bridge_slave_0) entered disabled state
[   56.813660][ T5122] bridge_slave_0: entered allmulticast mode
[   56.821114][ T5122] bridge_slave_0: entered promiscuous mode
[   56.836326][ T5122] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.843826][ T5122] bridge0: port 2(bridge_slave_1) entered disabled state
[   56.851338][ T5122] bridge_slave_1: entered allmulticast mode
[   56.858081][ T5122] bridge_slave_1: entered promiscuous mode
[   56.978160][ T5122] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   56.996094][ T5122] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.023104][ T5121] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.033724][ T5121] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.041125][ T5121] bridge_slave_0: entered allmulticast mode
[   57.048024][ T5121] bridge_slave_0: entered promiscuous mode
[   57.062006][ T5126] chnl_net:caif_netlink_parms(): no params data found
[   57.101687][ T5122] team0: Port device team_slave_0 added
[   57.107932][ T5121] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.115338][ T5121] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.123431][ T5121] bridge_slave_1: entered allmulticast mode
[   57.130395][ T5121] bridge_slave_1: entered promiscuous mode
[   57.165267][ T5122] team0: Port device team_slave_1 added
[   57.182829][ T5129] chnl_net:caif_netlink_parms(): no params data found
[   57.210871][ T5121] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.231580][ T5123] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.238750][ T5123] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.246313][ T5123] bridge_slave_0: entered allmulticast mode
[   57.253407][ T5123] bridge_slave_0: entered promiscuous mode
[   57.298099][ T5122] batman_adv: batadv0: Adding interface: batadv_slave_0
[   57.305407][ T5122] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.332283][ T5122] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   57.346212][ T5121] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.355771][ T5123] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.363320][ T5123] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.371230][ T5123] bridge_slave_1: entered allmulticast mode
[   57.377973][ T5123] bridge_slave_1: entered promiscuous mode
[   57.401427][ T5122] batman_adv: batadv0: Adding interface: batadv_slave_1
[   57.408404][ T5122] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.434961][ T5122] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   57.507844][ T5121] team0: Port device team_slave_0 added
[   57.516248][ T5121] team0: Port device team_slave_1 added
[   57.525904][ T5123] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.586164][ T5123] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   57.649028][ T5121] batman_adv: batadv0: Adding interface: batadv_slave_0
[   57.656305][ T5121] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.683270][ T5121] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   57.727928][ T5129] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.735305][ T5129] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.742626][ T5129] bridge_slave_0: entered allmulticast mode
[   57.749688][ T5129] bridge_slave_0: entered promiscuous mode
[   57.761280][ T5122] hsr_slave_0: entered promiscuous mode
[   57.769049][ T5122] hsr_slave_1: entered promiscuous mode
[   57.776933][ T5121] batman_adv: batadv0: Adding interface: batadv_slave_1
[   57.784766][ T5121] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   57.811036][ T5121] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   57.830736][ T5123] team0: Port device team_slave_0 added
[   57.837410][ T5126] bridge0: port 1(bridge_slave_0) entered blocking state
[   57.845345][ T5126] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.853033][ T5126] bridge_slave_0: entered allmulticast mode
[   57.860676][ T5126] bridge_slave_0: entered promiscuous mode
[   57.868346][ T5129] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.875830][ T5129] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.883089][ T5129] bridge_slave_1: entered allmulticast mode
[   57.890737][ T5129] bridge_slave_1: entered promiscuous mode
[   57.920030][ T5123] team0: Port device team_slave_1 added
[   57.926100][ T5126] bridge0: port 2(bridge_slave_1) entered blocking state
[   57.933346][ T5126] bridge0: port 2(bridge_slave_1) entered disabled state
[   57.940646][ T5126] bridge_slave_1: entered allmulticast mode
[   57.947960][ T5126] bridge_slave_1: entered promiscuous mode
[   57.985544][ T5129] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   57.998312][ T5129] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.039936][ T4490] Bluetooth: hci1: command tx timeout
[   58.083738][ T5126] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   58.097671][ T5126] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   58.119804][ T4490] Bluetooth: hci2: command tx timeout
[   58.125535][ T4490] Bluetooth: hci3: command tx timeout
[   58.131753][ T5114] Bluetooth: hci0: command tx timeout
[   58.147108][ T5123] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.157383][ T5123] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.184819][ T5123] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.212142][ T5121] hsr_slave_0: entered promiscuous mode
[   58.218621][ T5121] hsr_slave_1: entered promiscuous mode
[   58.225308][ T5121] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   58.233436][ T5121] Cannot create hsr debugfs directory
[   58.247649][ T5129] team0: Port device team_slave_0 added
[   58.255604][ T5123] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.262754][ T5123] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.288906][ T4490] Bluetooth: hci4: command tx timeout
[   58.288942][ T5123] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.329008][ T5126] team0: Port device team_slave_0 added
[   58.338758][ T5129] team0: Port device team_slave_1 added
[   58.366483][ T5126] team0: Port device team_slave_1 added
[   58.433716][ T5129] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.441462][ T5129] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.467797][ T5129] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.494325][ T5123] hsr_slave_0: entered promiscuous mode
[   58.501723][ T5123] hsr_slave_1: entered promiscuous mode
[   58.508016][ T5123] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   58.515699][ T5123] Cannot create hsr debugfs directory
[   58.533166][ T5126] batman_adv: batadv0: Adding interface: batadv_slave_0
[   58.540711][ T5126] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.566869][ T5126] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   58.591904][ T5129] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.598932][ T5129] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.625329][ T5129] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.655723][ T5126] batman_adv: batadv0: Adding interface: batadv_slave_1
[   58.663060][ T5126] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   58.689261][ T5126] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   58.894829][ T5126] hsr_slave_0: entered promiscuous mode
[   58.902525][ T5126] hsr_slave_1: entered promiscuous mode
[   58.908668][ T5126] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   58.916392][ T5126] Cannot create hsr debugfs directory
[   58.926182][ T5129] hsr_slave_0: entered promiscuous mode
[   58.933386][ T5129] hsr_slave_1: entered promiscuous mode
[   58.939878][ T5129] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   58.947467][ T5129] Cannot create hsr debugfs directory
[   59.136410][ T5122] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   59.150295][ T5122] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   59.176791][ T5122] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   59.217741][ T5122] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   59.305729][ T5121] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   59.331838][ T5121] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   59.343047][ T5121] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   59.363831][ T5121] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   59.433346][ T5123] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   59.447807][ T5123] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   59.458878][ T5123] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   59.493219][ T5123] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   59.567096][ T5129] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   59.576973][ T5129] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   59.620149][ T5129] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   59.631724][ T5129] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   59.720836][ T5122] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.744929][ T5126] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   59.756094][ T5126] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   59.767136][ T5126] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   59.777512][ T5126] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   59.823515][ T5121] 8021q: adding VLAN 0 to HW filter on device bond0
[   59.865950][ T5122] 8021q: adding VLAN 0 to HW filter on device team0
[   59.913880][ T5121] 8021q: adding VLAN 0 to HW filter on device team0
[   59.950820][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.958385][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.971632][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.978830][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.992524][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.999737][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.010065][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.017179][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.055000][ T5123] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.120630][ T4490] Bluetooth: hci1: command tx timeout
[   60.157811][ T5123] 8021q: adding VLAN 0 to HW filter on device team0
[   60.200653][ T4490] Bluetooth: hci3: command tx timeout
[   60.206111][ T4490] Bluetooth: hci2: command tx timeout
[   60.212403][ T5114] Bluetooth: hci0: command tx timeout
[   60.222813][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.229993][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.257509][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.264660][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.320143][ T5126] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.335610][ T5129] 8021q: adding VLAN 0 to HW filter on device bond0
[   60.360607][ T4490] Bluetooth: hci4: command tx timeout
[   60.392213][ T5126] 8021q: adding VLAN 0 to HW filter on device team0
[   60.433137][ T5122] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.450418][ T5121] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.458705][ T5135] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.465899][ T5135] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.475997][ T5135] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.483197][ T5135] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.507920][ T5129] 8021q: adding VLAN 0 to HW filter on device team0
[   60.554681][ T5135] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.561842][ T5135] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.587152][ T5164] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.594472][ T5164] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.624540][ T5123] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.703773][ T5122] veth0_vlan: entered promiscuous mode
[   60.747231][ T5122] veth1_vlan: entered promiscuous mode
[   60.763387][ T5121] veth0_vlan: entered promiscuous mode
[   60.803701][ T5121] veth1_vlan: entered promiscuous mode
[   60.873133][ T5126] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.922901][ T5129] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.933387][ T5123] veth0_vlan: entered promiscuous mode
[   60.944093][ T5122] veth0_macvtap: entered promiscuous mode
[   60.955728][ T5122] veth1_macvtap: entered promiscuous mode
[   60.965259][ T5121] veth0_macvtap: entered promiscuous mode
[   60.977982][ T5121] veth1_macvtap: entered promiscuous mode
[   60.995157][ T5123] veth1_vlan: entered promiscuous mode
[   61.032556][ T5121] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.068700][ T5121] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.078670][ T5122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.092119][ T5122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.106746][ T5122] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.130180][ T5121] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.139048][ T5121] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.148861][ T5121] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.158146][ T5121] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.182349][ T5123] veth0_macvtap: entered promiscuous mode
[   61.195485][ T5123] veth1_macvtap: entered promiscuous mode
[   61.205284][ T5122] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.216531][ T5122] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.228307][ T5122] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.241263][ T5122] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.250460][ T5122] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.260642][ T5122] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.269893][ T5122] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.315093][ T5126] veth0_vlan: entered promiscuous mode
[   61.337999][ T5126] veth1_vlan: entered promiscuous mode
[   61.359949][ T5123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.371384][ T5123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.381830][ T5123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.393304][ T5123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.405724][ T5123] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.424232][ T5123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.435241][ T5123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.445650][ T5123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.456517][ T5123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.468122][ T5123] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.500566][ T5123] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.511729][ T5123] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.521118][ T5123] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.532651][ T5123] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.548411][ T5129] veth0_vlan: entered promiscuous mode
[   61.616856][ T5129] veth1_vlan: entered promiscuous mode
[   61.637419][ T5126] veth0_macvtap: entered promiscuous mode
[   61.678092][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.695346][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.718504][ T5126] veth1_macvtap: entered promiscuous mode
[   61.764623][ T5126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.776403][ T5126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.786988][ T5126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.797824][ T5126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.808464][ T5126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.820178][ T5126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.832082][ T5126] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.849198][ T5166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.862639][ T5166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.865195][ T5126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.893163][ T5126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.903575][ T5126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.914254][ T5126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.924309][ T5126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.935096][ T5126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.946776][ T5126] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.976403][ T5126] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.986582][ T5126] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.003360][ T5126] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.012368][ T5126] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.042154][ T5164] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.080869][ T5164] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.095189][ T5164] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.108393][ T5164] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.163356][ T5129] veth0_macvtap: entered promiscuous mode
[   62.199921][ T4490] Bluetooth: hci1: command tx timeout
executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000ec0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, '\x00'}]}, @NFTA_CMP_SREG={0x8}, @NFTA_CMP_OP={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, "ef"}]}], {0x14}}, 0xc8}}, 0x0)

[   62.233135][ T2924] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.270500][ T5129] veth1_macvtap: entered promiscuous mode
executing program 2:
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000003c0)="fe", 0x1}, {&(0x7f0000001240)="1eac4d20f8509e2139d2842c8faedef008bcac1025cbc63d2bfe0c7bbe51c5bf73985d5106bf5b5e7e5761716e35b468ea79633c916c4a8026f9408d056b8977df67c0e6fd0b1b3da5de5d003382ac95eade5dadad870ce3749452d2c1c3651ffff244be3078fdbfeb97d093bba60131e733d91c4ad38e7b52aa7afa9cb8e2351bd3f8a7a2a0425b071f6790992b8c2a51d944b0161c5c97fcdc19c2ef7c66ccc23c77a28a34b216c429444343ea056f171399dc03d56a1131ba74d31fc1012d3deff0e43309fc9e3b88bec90a7680aa74ccd581e02eb436a0009fa62097513d0c9533256d81978fae39288edcb833739d2988ccf5a564bc00edd1ab0853b873cbab3ef227f11325d72dbe2f435351610d01d0f74e180df6eaa94651336e7713414e499586edd5693e587a186fcb68a973e823e61a072aaa4fb9e3a03ff4c17c9e343684255efba0d1b149b22c2d81f1ac5eaccaab01ab108178e97eb8a45d5d6cdeca0d6b9af9f88cfee58935be6902ac7c6915d60548367d164990b142d472b9b5700191b1f978fb36bcde646385dcf5cb7adf1ec70baef4061d2da93d2f5eefae1081374d58ab54532755c1b8bf303584296145e9aad2e3ccef93f30da9c102db5cfe346baba2fd3f157cb6e825e607365ff8c6187e216dc4072e582874ce63166405e21644015f99d5713165a377bfdc3143928e8469b4e312ce1f9dff83fe7c8d9fca791af2b46f1650e3937c9ab589d5f93fb578503aa64042c66571649844d93257489c1b658140e4c194c329a1a2c0117d123a45b213a118dd608bd6bdb2e0a6782f785321ff48eac4158ad9efb3737a6cfbb21d0dba732558493aa09dfa7fa41b4922e4e205a4792c9694661a18eff0d932d824f6987aa3dafa7ddc9b0acd70d43263c78dde88b7c665abbeec1cf1016ddc321f713cc3c149eeda6443b5b278eb3a05b08d510650b055d3193c4d5bbe084431cc40a626e81827d8bf2379435ada42a99569b35faa3af53f90f4dcf7a7d1c2e6fe4d7739b135981d40ba00de019909748640d554a159e552c6a7a7c77b213fad40dd785cc4ee983266b3377fbc7845a44992f82656b8240c169697599074348a4bac29423612e4c0ba89a66d08033b54b4d8f8704ab9470fe6316dc6ba610b7f3c1b0428607b13d2cfbed5c82d9214a1e97edaa27ed011d42800467fd54cddec7841f2aa513e7c8956842ea69b6b80208a4acbe9b678a9ab48a26df1cebd283f0d8e2956d8e8a4aad5b563ae75ddaf9b167d70b0e96f42a4f1c5bef1e777fedcb380707fc7ac87e249f322a01660687c04d1bbeeefeecadf86c3ef805d79964a862877cfbff40eb340f7065bc759013cbdcb25305ba6812a853b8d8e1960227826acb24311ed0e67f84565dd8858ca3be23409569e15ba75120c35dffdc8a4b7688d5d02fedf88434274b828fec979ea029405cd1e7cadc867ebdc98c4a523178715828c1a6361e60ff1f2968efc20d6888ac2a6f81e37cbc7f1e89f3421825cc278df26c8722e1672fc9672a8d0a60dded6f0765ac61f8a91acf0195abc177e56cc91a9c11ccf95d2a58de5494e66cfa1e758438ee4bb163ee05927e551e4d05b308a0eb01cea", 0x47e}], 0x2}, 0x0)
sendmsg$alg(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x40)
ppoll(&(0x7f0000000240)=[{r0}], 0x1, 0x0, 0x0, 0x0)

[   62.284487][ T4490] Bluetooth: hci3: command tx timeout
[   62.292925][ T5114] Bluetooth: hci2: command tx timeout
[   62.292936][ T5117] Bluetooth: hci0: command tx timeout
[   62.301832][ T2924] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.347827][ T5135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.389200][ T5135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.431577][ T2907] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.453495][ T5117] Bluetooth: hci4: command tx timeout
[   62.466028][ T2907] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'hsr0\x00'})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=ANY=[@ANYBLOB="5000000010000305000000000000000000000068", @ANYRES32=0x0, @ANYBLOB="000000000000000030001280080001006873720024000280050007000000000008000200", @ANYRES32, @ANYBLOB="0a000100", @ANYRES32=r1], 0x50}}, 0x0)

[   62.527426][ T5129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.564764][ T5172] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
executing program 4:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b40)={0x80, 0xa, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_EXPRESSIONS={0x6c, 0x12, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}, {0xc, 0x1, 0x0, 0x1, @nat={{0x8}, @void}}, {0x4c, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}]}]}, 0x80}}, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})

[   62.576677][ T5129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.576698][ T5129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.576714][ T5129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.576726][ T5129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.576737][ T5129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.576749][ T5129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.576762][ T5129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.654533][ T5129] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.672343][ T1107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.673026][ T5172] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[   62.693368][ T5172] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[   62.699279][ T1107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program 4:
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x88, &(0x7f0000000740)=ANY=[])
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
close_range(r3, 0xffffffffffffffff, 0x0)

[   62.722700][ T5129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.736282][ T5129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.747655][ T5129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
executing program 0:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b40)={0x44, 0xa, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_EXPRESSIONS={0x28, 0x12, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @nat={{0x8}, @void}}, {0x18, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @void}}]}]}, 0x44}}, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {0x0}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})

[   62.777648][ T5129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.809345][ T5129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.835895][ T5129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.854493][ T5129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.868300][ T5129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.883205][ T5129] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.904753][ T5129] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.916868][ T5129] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r2, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000000c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2]})
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[   62.934864][ T5129] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.943775][ T5129] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r0 = eventfd(0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100)={0x0, &(0x7f0000000040), 0x0, r0})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000000))
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfb, 0x7}, {0x3fe, 0xfffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}]})
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040), 0x10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[   63.116773][ T5181] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   63.137798][ T5163] usb 5-1: new high-speed USB device number 2 using dummy_hcd
executing program 2:
keyctl$KEYCTL_MOVE(0x5, 0x0, 0xfffffffffffffffe, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004d40)=ANY=[@ANYBLOB=' \x00\x00\x00'], 0x20}}, 0x0)
recvfrom(r0, 0x0, 0xf00, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000047c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000440)=""/190, 0xbe}, {&(0x7f0000000600)=""/218, 0xda}, {&(0x7f0000000840)=""/152, 0x98}, {&(0x7f0000002780)=""/4110, 0x100e}, {&(0x7f0000000500)=""/188, 0xbc}, {&(0x7f0000000900)=""/197, 0xc5}], 0x6}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x400000000000106, 0x0, 0x0)

[   63.216336][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.247693][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
executing program 0:
syz_emit_vhci(0x0, 0x15)

[   63.347842][   T25] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.358213][   T25] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.369478][ T5163] usb 5-1: Using ep0 maxpacket: 32
[   63.400239][ T5163] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[   63.433857][ T5163] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   63.467961][ T5163] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[   63.494791][ T5163] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
executing program 0:
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0xf000080)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000047c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="180000007a000107000000000000000007"], 0x18}], 0x1}, 0x0)

[   63.526835][ T5163] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   63.573193][ T5163] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
executing program 3:
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c4000000000010902247251000000"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x88, &(0x7f0000000740)=ANY=[])
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r1)
readv(r2, &(0x7f0000000680)=[{&(0x7f0000000200)=""/14, 0xe}], 0x1)

[   63.610902][ T5163] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
executing program 0:
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
sendmsg$sock(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000a00)="f88a92309c5cc1", 0x7}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x194}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x8}, {&(0x7f00000007c0)=""/154, 0x4c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

[   63.678907][ T5163] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   63.723352][ T5163] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   63.750486][ T5163] usb 5-1: config 0 descriptor??
executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000340)={0x42}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88)

[   64.004432][ T5160] usb 5-1: USB disconnect, device number 2
[   64.019364][ T5166] usb 4-1: new high-speed USB device number 2 using dummy_hcd
executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b40)={0x80, 0xa, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_EXPRESSIONS={0x6c, 0x12, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}, {0xc, 0x1, 0x0, 0x1, @nat={{0x8}, @void}}, {0x4c, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}]}]}, 0x80}}, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})

executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'hsr0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=ANY=[@ANYBLOB="5000000010000305000000000000000000000068", @ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB="0a000100", @ANYRES32=r1], 0x50}}, 0x0)

executing program 2:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0xa840, 0x0)
preadv(r0, &(0x7f0000000380)=[{&(0x7f0000001a80)=""/102385, 0x18ff1}], 0x1, 0x0, 0x0)

[   64.180830][ T5206] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'.
[   64.219391][ T5166] usb 4-1: Using ep0 maxpacket: 32
executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b40)={0x44, 0xa, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_EXPRESSIONS={0x28, 0x12, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @nat={{0x8}, @void}}, {0x18, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @void}}]}]}, 0x44}}, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {0x0}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})

[   64.232042][ T5166] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[   64.265516][ T5166] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   64.279681][ T5117] Bluetooth: hci1: command tx timeout
executing program 1:
ptrace(0x10, 0x1)
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, <r1=>0x0})
ptrace$getenv(0x4204, r1, 0x2, &(0x7f0000000000))

[   64.304709][ T5166] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   64.327472][ T5166] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 81
[   64.338914][ T5166] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   64.349480][ T5166] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.362412][ T5117] Bluetooth: hci0: command tx timeout
[   64.370427][ T5166] usb 4-1: config 0 descriptor??
[   64.375493][ T5117] Bluetooth: hci3: command tx timeout
[   64.375501][ T4490] Bluetooth: hci2: command tx timeout
executing program 2:
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000003c0)="fe", 0x1}, {&(0x7f0000001240)="1eac4d20f8509e2139d2842c8faedef008bcac1025cbc63d2bfe0c7bbe51c5bf73985d5106bf5b5e7e5761716e35b468ea79633c916c4a8026f9408d056b8977df67c0e6fd0b1b3da5de5d003382ac95eade5dadad870ce3749452d2c1c3651ffff244be3078fdbfeb97d093bba60131e733d91c4ad38e7b52aa7afa9cb8e2351bd3f8a7a2a0425b071f6790992b8c2a51d944b0161c5c97fcdc19c2ef7c66ccc23c77a28a34b216c429444343ea056f171399dc03d56a1131ba74d31fc1012d3deff0e43309fc9e3b88bec90a7680aa74ccd581e02eb436a0009fa62097513d0c9533256d81978fae39288edcb833739d2988ccf5a564bc00edd1ab0853b873cbab3ef227f11325d72dbe2f435351610d01d0f74e180df6eaa94651336e7713414e499586edd5693e587a186fcb68a973e823e61a072aaa4fb9e3a03ff4c17c9e343684255efba0d1b149b22c2d81f1ac5eaccaab01ab108178e97eb8a45d5d6cdeca0d6b9af9f88cfee58935be6902ac7c6915d60548367d164990b142d472b9b5700191b1f978fb36bcde646385dcf5cb7adf1ec70baef4061d2da93d2f5eefae1081374d58ab54532755c1b8bf303584296145e9aad2e3ccef93f30da9c102db5cfe346baba2fd3f157cb6e825e607365ff8c6187e216dc4072e582874ce63166405e21644015f99d5713165a377bfdc3143928e8469b4e312ce1f9dff83fe7c8d9fca791af2b46f1650e3937c9ab589d5f93fb578503aa64042c66571649844d93257489c1b658140e4c194c329a1a2c0117d123a45b213a118dd608bd6bdb2e0a6782f785321ff48eac4158ad9efb3737a6cfbb21d0dba732558493aa09dfa7fa41b4922e4e205a4792c9694661a18eff0d932d824f6987aa3dafa7ddc9b0acd70d43263c78dde88b7c665abbeec1cf1016ddc321f713cc3c149eeda6443b5b278eb3a05b08d510650b055d3193c4d5bbe084431cc40a626e81827d8bf2379435ada42a99569b35faa3af53f90f4dcf7a7d1c2e6fe4d7739b135981d40ba00de019909748640d554a159e552c6a7a7c77b213fad40dd785cc4ee983266b3377fbc7845a44992f82656b8240c169697599074348a4bac29423612e4c0ba89a66d08033b54b4d8f8704ab9470fe6316dc6ba610b7f3c1b0428607b13d2cfbed5c82d9214a1e97edaa27ed011d42800467fd54cddec7841f2aa513e7c8956842ea69b6b80208a4acbe9b678a9ab48a26df1cebd283f0d8e2956d8e8a4aad5b563ae75ddaf9b167d70b0e96f42a4f1c5bef1e777fedcb380707fc7ac87e249f322a01660687c04d1bbeeefeecadf86c3ef805d79964a862877cfbff40eb340f7065bc759013cbdcb25305ba6812a853b8d8e1960227826acb24311ed0e67f84565dd8858ca3be23409569e15ba75120c35dffdc8a4b7688d5d02fedf88434274b828fec979ea029405cd1e7cadc867ebdc98c4a523178715828c1a6361e60ff1f2968efc20d6888ac2a6f81e37cbc7f1e89f3421825cc278df26c8722e1672fc9672a8d0a60dded6f0765ac61f8a91acf0195abc177e56cc91a9c11ccf95d2a58de5494e66cfa1e758438ee4bb163ee05927e551e4d05b308a0eb01cea", 0x47e}], 0x2}, 0x0)
sendmsg$alg(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x40)
ppoll(&(0x7f0000000240)=[{r0}], 0x1, 0x0, 0x0, 0x0)

[   64.426053][ T5212] ptrace attach of "/root/syz-executor.1 exec"[5126] was attempted by "/root/syz-executor.1 exec"[5212]
executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r2, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000000c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2]})
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[   64.520690][ T4490] Bluetooth: hci4: command tx timeout
[   64.596987][   T25] usb 4-1: USB disconnect, device number 2
[   64.618407][ T5216] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   64.619690][ T5164] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   64.632026][ T5216] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
executing program 1:
syz_emit_vhci(0x0, 0x15)

executing program 1:
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0xf000080)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000047c0)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="180000007a000107000000000000000007"], 0x18}], 0x1}, 0x0)

[   64.829714][ T5164] usb 5-1: Using ep0 maxpacket: 32
[   64.852757][ T5164] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[   64.878682][ T5164] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000280), &(0x7f0000000380)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3, 0x1c)

[   64.902872][ T5164] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[   64.920851][ T5164] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   64.943669][ T5164] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
executing program 1:
open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r0 = eventfd(0x0)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000100)={0x0, &(0x7f0000000040), 0x0, r0})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000000))
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfb, 0x7}, {0x3fe, 0xfffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}]})
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040), 0x10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

[   64.964768][ T5164] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   64.988727][ T5164] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   65.026459][ T5164] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   65.048738][ T5164] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.076833][ T5164] usb 5-1: config 0 descriptor??
executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b40)={0x80, 0xa, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_EXPRESSIONS={0x6c, 0x12, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}, {0xc, 0x1, 0x0, 0x1, @nat={{0x8}, @void}}, {0x4c, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_FLOW_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}}}]}]}, 0x80}}, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, 0x0, 0x0, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})

[   65.199477][   T25] usb 4-1: new high-speed USB device number 3 using dummy_hcd
executing program 1:
keyctl$KEYCTL_MOVE(0x5, 0x0, 0xfffffffffffffffe, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004d40)=ANY=[@ANYBLOB="200000001200"], 0x20}}, 0x0)
recvfrom(r0, 0x0, 0xf00, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000047c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000440)=""/190, 0xbe}, {&(0x7f0000000600)=""/218, 0xda}, {&(0x7f0000000840)=""/152, 0x98}, {&(0x7f0000002780)=""/4110, 0x100e}, {&(0x7f0000000500)=""/188, 0xbc}, {&(0x7f0000000900)=""/197, 0xc5}], 0x6}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x400000000000106, 0x0, 0x0)

executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'hsr0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=ANY=[@ANYBLOB="5000000010000305000000000000000000000068", @ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB="0a000100", @ANYRES32=r1], 0x50}}, 0x0)

executing program 2:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b40)={0x44, 0xa, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_EXPRESSIONS={0x28, 0x12, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @nat={{0x8}, @void}}, {0x18, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @void}}]}]}, 0x44}}, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})

[   65.390167][   T25] usb 4-1: Using ep0 maxpacket: 32
[   65.414069][   T25] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[   65.437527][   T25] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
executing program 2:
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x194}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x8}, {&(0x7f00000007c0)=""/154, 0x4c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

[   65.467815][   T25] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   65.474256][ T5235] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[   65.481834][   T25] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 81
executing program 0:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0xa840, 0x0)
preadv(r0, &(0x7f0000000380)=[{&(0x7f0000001a80)=""/102385, 0x18ff1}], 0x1, 0x0, 0x0)

[   65.510271][   T25] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   65.524487][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.544185][   T25] usb 4-1: config 0 descriptor??
executing program 2:
lstat(&(0x7f0000000b80)='./file0\x00', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x58}}, 0x0)

executing program 0:
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000001c40)={'syz0'}, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)

executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0), 0x0, 0x0, 0x0})
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000100)={0x0, 0x0, 0x0, "4b9c39f88e56d5d98deee9080b0de7611ebfeef3cef83f51fdb40f0aeab9e862"})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[   65.751023][ T5247] netlink: 'syz-executor.0': attribute type 27 has an invalid length.
[   65.780327][   T45] usb 4-1: USB disconnect, device number 3
[   66.026296][ T5247] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.034877][ T5247] bridge0: port 1(bridge_slave_0) entered disabled state
executing program 1:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETA(r2, 0x4b32, 0x0)

[   66.399815][ T5247] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   66.463308][ T5247] batman_adv: batadv0: Interface deactivated: batadv_slave_1
executing program 3:
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0xa4, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x800}]}]}]}}]}, 0xa4}}, 0x0)

executing program 4:
preadv(0xffffffffffffffff, &(0x7f0000001840)=[{0x0}], 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
dup(0xffffffffffffffff)
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0xa382)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
pwritev(r1, &(0x7f0000000600)=[{&(0x7f0000000180)="10", 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
sendfile(r0, r0, 0x0, 0x24002de8)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x800)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000200)={0x0, {}, 0x0, {}, 0x8000, 0x0, 0x0, 0x0, "4b8b3ea46929dfed0b2f34380d308f95a023d009852471dd5a94a9fe9549918ae7fd1f0ece5b861375b108403362cfe0f4fccffb1b6a2115354d4df15d017a3f", "2363f18d9acc6c25af21ca2af6d2e80e4caadd6d126cfb80c92dc817d44dcdec", [0x0, 0x7]})

executing program 1:
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff080047000030000000000006907800000000000000008608ffffffff0102"], 0x0)
syz_usb_connect(0x0, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000e518a708ac0501859d200000690109022f00010000000009040000000e010000152403"], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)

executing program 2:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="05010000000000107d1e222e00000000000109022400010000000009040000020300020009210000000122020009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000a40)="ad4308a803a93ae832cfe6d5ef23337e0f698efa258fa9d3bc1c9df29b8749c5ffd0074397d4b10c19ca158b9169fc747e0ce81800f6ab54701b60db0d358f0341b17544b7edabe88d90fc5a63b52a5eee75baf1278b9c106f3c728d86482d41a1b38f52ef3ad9e716e77953d785625a2279cf4fd6266ccaba213de2e35c65a01968cf04d00a1ca520baf750b816fafde164d33bfafb0fee4aae07b55527d4d61deda8a79a1be0238b8309d25f34019a61f0363bd8bdf6bae02edd9d34b01b8157e510898a6e7d7217224d331981b5c2bb14d88bdc317c7a88eb04c5ef7be4021f8dbbf25c65b82d0f787de0c0b87c2d51c21e948c9c8f8077e0341b04c4ff0c0f3e7a48fae5ca15222bc350f59307d42d0670f91610d4dec94cfbbbe3b383decd29515965a3059d4b2cbed6a77948d374d320ef04b9fd74c87eef26125b3e3418aca9bd8e98db179d57611d0f85528116cae7b18393dd78c7528c45e7a8d64db9adb31bb95564d75ff0dc06fb71fc52ee5c02779cb166d93180cbd74ab3fb7e19b3509381c4e2b6e9cb7953347d0993c3d7445d201aa1e11c8eace70bc364fb0572af4c00f9c53d1a8fa4702a792ff9a83eef082e90a18dadd9dcbbc808b8887be9f1b74d8bd5de8adfbcd46b7ab3df6ea858bff5a1b4b5d5f85a6df2e90f370f67e9b7b9e9e02f7b5cb615a86297b112bd735d61d66e25624c465d5a87bfc7f7ec3daac70d4abc99c7a12cc79a14e9a7618a86a295c0fd5cbd9f716ad49a35b152828c3a16bdd4b649d0bf6a1c80a500cdde4627b13751d91cb67fd9003ba3a91891f240be702f978e4e55354de192406defe3d84917f02e27855d6611d8ffc41f73ea5abd7b0f48ad277b691a27e5b747a7d8aa632920f3fce2788d4437fc23f59f9a4b4dbe7fa3460c5c4047277a8b02cb508a2c1853d14aa78689c4814b44391bfc4acc022e7119e9109d35225271c063d6d89d09347a8c1d2ab958bad1ac3890de420877b875272db3402a63da014a38c8ddb9568f00c7c29f31d11bcd473dac29c91247d570cc491384ece7f19ce3a3e4b2c8d72bde83120c3c7d38b49fbb640d7842f9f9a86b1ea6915b2121b72e281667bec82aeb7665d5dde31c6bceb7eb14f41f08d71faaf1b8f31f96564a8add5fbdb69045bfba0fbf3a4e1ea032bbbf3babe0de46ca56fd7738562e8c65c7ad1e8ecf3fe810cca9521a345af1d1bab6eac8a35e391bf1787bf16ee6050635188afa2f9b455c44690b2fecf9f40f08a10c7caf00744db2d389f2d618abcf44e5a45348c186fe926d1eb87f7b402735c05ae96544b5ab3367b60bdb4598152cea9f8f2844ca81fd5fd0b87383db0024db1d2b3c7469245793199cb5aba92dafaf2c90a9e1a93841ff78663ca97d8d51deba8cc06f3f5b7a1af71d3b65dfa48c9acd436bf364641db455d6e8e8ed644b30a4dd7806f1ba82f33c856c76e1f28ec3939e1ad0a7d38426e7af4ae49c0aa9e575a13d9d520aa84bd15090c28a142777e0b6a9d5ddd07918e3a20257a6be334196489ee60ba275d0b821d1ff315da51921111905409311b457fef71d2679a271752cd98cd9b0b1f871ec2e1e02525b41587f88a0bbf7bb63e34f8ca3975789c252a0b803518f2c03d327af92f9c2ed4ec9beb301da910331ad8a2d79c2c461362662c47859154ce8a26c9a12bcae161899a4005572dd3191cec8e4db0ab78816455c0a388c78a979c8ebe0593b23a7fd8681555d686507cf215dd4b1ce9ecd49fb7a4e2884f0449e40bf8eb6347f59a268e7a51441890200a4bb9e86aa18c088e5994699657d4d2d518bf83b59adc8220841e7ad807ed7adad95403d2319836d069b15d245ce013867121224e5e74371c32ff8cd9d19cc477ca36b5e0ac7c15041f2fe7f46a91a8c9cd089f4f38a6118f45f1fc9c48eb4820d355a869fecc2b391630b13aeacb2b745b22018d554a2b8d833f404784f1687d554089aedba3d7036788860bf66e8735603e6e2ed2235e8800931fdc30c9eec3d224650c5b58229faaa9cfacc31", 0x5a9}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x21, &(0x7f0000000540), 0x4)
sendmsg$tipc(r3, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
sendmsg$tipc(r2, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000080)={0x0, 0x0, 0x4, {0x4, 0x0, "78e4"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@ipv6_delroute={0x3c, 0x19, 0x1, 0x0, 0x0, {}, [@RTA_PREF={0x5}, @RTA_MULTIPATH={0xc}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @ILA_ATTR_IDENT_TYPE={0x5}}]}, 0x3c}}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000a40)={0x84, &(0x7f0000000600)={0x0, 0x0, 0x3, "26e3d0"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000380)={0x24, &(0x7f0000000400)={0x0, 0xd7c18210e69afc9f, 0xe7, {0xe7, 0x8, "5980b392271d3b2a06ea70dd5f4253bd3fd162c69255867b8659abc8e442cbeb530b9706a37fbba69a2b30a5e68a4bef3d5bb9a334206f7e3ac9fef8ee7a46e2a52754eb54d9704f808a82d867c6f90c9464dc67afa16aadd6fed5890210e84a30e126ee30a6b4463cd863ac6f829e015217408cbeb11c29de179e199ff89ec59b6a5464bedcb6e269d44472721b1227c3213669ecbbb6ec7f5d64d72785ae39efa60b98b817fe2cde71d0771a9b12940caf4a07f2fc065ef4cc5a5660130a3d0b3ac2b45dfa27b4f93841ca82e0ed0a84902be570490ba8574865d48de5b603fa37dd21d2"}}, &(0x7f0000000240)={0x0, 0x3, 0xf, @string={0xf, 0x3, "d6b008d965879c5fcda87f4c0a"}}, &(0x7f0000000300)={0x0, 0x22, 0x20, {[@main=@item_012={0x0, 0x0, 0x8}, @local=@item_012={0x0, 0x2, 0x8}, @global=@item_4={0x3, 0x1, 0x9, "9487e8e8"}, @global=@item_4={0x3, 0x1, 0x5, "0883e8e5"}, @global=@item_012={0x2, 0x1, 0x0, '/p'}, @global=@item_012={0x0, 0x1, 0x7}, @local=@item_4={0x3, 0x2, 0x2, "7ed9cb40"}, @local=@item_4={0x3, 0x2, 0xa, "10cd6dc3"}, @local=@item_012={0x2, 0x2, 0x9, "bbeb"}, @local=@item_012={0x2, 0x2, 0x8, "f2a2"}]}}, &(0x7f0000000340)={0x0, 0x21, 0x9, {0x9, 0x21, 0x5, 0xc6, 0x1, {0x22, 0x9}}}}, &(0x7f0000000900)={0x2c, &(0x7f0000001000)=ANY=[@ANYBLOB="2014fc00000065d80df3f2de2ccc1cffe83c8b601e42b91edff14c944193ed6772f32722f8528467f693edc5e95b8307b6c26c648200374f562e77e1ac1db4243a1f7658cd526bc86e226f83c5a4e51a74470ea83adcad78abc0cdd9124e5b45ce8abf823d8e7c5ed9671b5a2a7b8c55c3c31975a22d6fb5f2beb633818c84480b5b981a193f67e0e29925e9e12ca4798f5ee62efa1616f0250595ca914cb15de44f8d1ea6b425b5dd17e7384349c5874d953ee65f617536343f8e25233d208f0bbe9a47d5282eadddc559853b1001e87b115fbfb508b4eb02254f9ecf89e062e60ecf5df1c868fdb6baeb0060443ce359528dcea20061f347eb4c4caa1bf7bf3808e32d2251e8898c46690191ecb7234a07b3dfc4173eb0506abed375ff463dcd9a0255325772c958f26edd9a3ab26a40"], &(0x7f0000000780)={0x0, 0xa, 0x1, 0xf2}, &(0x7f00000007c0)={0x0, 0x8, 0x1, 0x7}, &(0x7f0000000800)={0x20, 0x1, 0xb0, "ba60c1ae922bd2198857bb937cbd6a95138936a744ca0729212eba30c3931cb92f0086a4c20606f7e60505751a3523e0a183039c9f2fed1ccae23611dc90db1c884b9c40c487db96e590b92f91a1d161c76b0c11043327e5b073e4aa067244fb683152b4a918706e74caa4316e895b21b8e5d0f88d83c02fc9f1f535e97f6fc054d05ce3c148cdec1eb515c69cee8537b62f94cea4fba62800cca7b32170e92d0127f456bdff1a64b44605ecc811915c"}, &(0x7f00000008c0)={0x20, 0x3, 0x1, 0x5}})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
r8 = dup(r7)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000008000011"])
bind$unix(r8, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)

[   66.891531][ T5162] usb 5-1: USB disconnect, device number 3
[   66.957302][ T5247] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   67.006694][ T5247] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   67.035753][ T5285] loop0: detected capacity change from 0 to 16384
[   67.053799][ T5247] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   67.082545][ T5247] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   67.342044][ T5248] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.352221][ T5248] 8021q: adding VLAN 0 to HW filter on device team0
[   67.371570][ T5248] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
executing program 0:
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df00000000000000000009f600"})
r1 = syz_open_pts(r0, 0x801)
r2 = dup3(r1, r0, 0x0)
write$UHID_INPUT(r2, &(0x7f00000001c0)={0xa, {"08c39ee52f329f1698b1c4865f8b540a5eee9f496a0809c3d20325867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76023256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0x1000}}, 0xffffff5c)

[   67.401778][ T5253] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   67.423828][ T5248] syz-executor.0 (5248) used greatest stack depth: 16688 bytes left
[   67.433664][    C0] hrtimer: interrupt took 18553408 ns
[   67.441683][ T5258] usb 2-1: new high-speed USB device number 2 using dummy_hcd
executing program 3:
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000180)=ANY=[@ANYBLOB="e0000000100009050000000000000000080000007f000001a90000002b0e13e735a3184f123d6da2f1acfac0ee2dd2b184b27db1f302de337c0004060000000000bf852c8986626691b01b2d44e4ce28712828bdda0a9423debbb86f9dba4a2dba4dbe076c28282900c446"], 0xe0}], 0x1}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000001800210200000000000000001d01000008000900", @ANYRES32, @ANYBLOB='\b\x00\n'], 0x24}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r1, @ANYBLOB="010028057000fcdbdf253b000000080003", @ANYRES32=r2, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)

[   79.396647][  T783] cfg80211: failed to load regulatory.db
executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x10012, r0, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
preadv2(r1, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0xffe00}], 0x5, 0x0, 0x0, 0x0)

executing program 2:
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x1c}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'sit0\x00'})
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f00000000c0)=0x800, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'sit0\x00', <r1=>0x0})
bind$xdp(0xffffffffffffffff, &(0x7f00000001c0)={0x2c, 0x1, r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$ETHTOOL_MSG_EEE_SET(r0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
getsockname$packet(r0, &(0x7f0000000500)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
r4 = socket$netlink(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x825, 0x0, 0x0, {0x53, 0x0, 0x0, r5}, [@IFLA_PROTO_DOWN={0x8, 0xa, 0xf}]}, 0x28}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x54, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}, @IFLA_XFRM_LINK={0x8}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x54}, 0x1, 0x8100}, 0x0)

[   79.930164][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[   79.945652][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[   92.635835][ T5291] netlink: 892 bytes leftover after parsing attributes in process `syz-executor.3'.
executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newtaction={0x14, 0x30, 0x0, 0x0, 0x0, {0x0, 0x0, 0x6a00}}, 0x14}}, 0x0)

executing program 1:
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x4031, 0xffffffffffffffff, 0x0)

executing program 1:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000023c0)={'veth1_to_batadv\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000002540)={&(0x7f00000003c0)={0x24, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_FEATURES_WANTED={0x4}]}, 0x24}}, 0x0)

executing program 3:
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c4000000000010902247251000000"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x88, &(0x7f0000000740)=ANY=[])
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r1)
readv(r2, &(0x7f0000000680)=[{&(0x7f0000000200)=""/14, 0xe}], 0x1)

2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000000))
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfb, 0x7}, {0x3fe, 0xfffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}]})
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040), 0x10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

executing program 2:
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x88, &(0x7f0000000740)=ANY=[])
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002cexecuting program 2:
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x88, &(0x7f0000000740)=ANY=[])
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
close_range(r3, 0xffffffffffffffff, 0x0)

executing program 0:
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000003c0)="fe", 0x1}, {&(0x7f0000001240)="1eac4d20f8509e2139d2842c8faedef008bcac1025cbc63d2bfe0c7bbe51c5bf73985d5106bf5b5e7e5761716e35b468ea79633c916c4a8026f9408d056b8977df67c0e6fd0b1b3da5de5d003382ac95eade5dadad870ce3749452d2c1c3651ffff244be3078fdbfeb97d093bba60131e733d91c4ad38e7b52aa7afa9cb8e2351bd3f8a7a2a0425b071f6790992b8c2a51d944b0161c5c97fcdc19c2ef7c66ccc23c77a28a34b216c429444343ea056f171399dc03d56a1131ba74d31fc1012d3deff0e43309fc9e3b88bec90a7680aa74ccd581e02eb436a0009fa62097513d0c9533256d81978fae39288edcb833739d2988ccf5a564bc00edd1ab0853b873cbab3ef227f11325d72dbe2f435351610d01d0f74e180df6eaa94651336e7713414e499586edd5693e587a186fcb68a973e823e61a072aaa4fb9e3a03ff4c17c9e343684255efba0d1b149b22c2d81f1ac5eaccaab01ab108178e97eb8a45d5d6cdeca0d6b9af9f88cfee58935be6902ac7c6915d60548367d164990b142d472b9b5700191b1f978fb36bcde646385dcf5cb7adf1ec70baef4061d2da93d2f5eefae1081374d58ab54532755c1b8bf303584296145e9aad2e3ccef93f30da9c102db5cfe346baba2fd3f157cb6e825e607365ff8c6187e216dc4072e582874ce63166405e21644015f99d5713165a377bfdc3143928e8469b4e312ce1f9dff83fe7c8d9fca791af2b46f1650e3937c9ab589d5f93fb578503aa64042c66571649844d93257489c1b658140e4c194c329a1a2c0117d123a45b213a118dd608bd6bdb2e0a6782f785321ff48eac4158ad9efb3737a6cfbb21d0dba732558493aa09dfa7fa41b4922e4e205a4792c9694661a18eff0d932d824f6987aa3dafa7ddc9b0acd70d43263c78dde88b7c665abbeec1cf1016ddc321f713cc3c149eeda6443b5b278eb3a05b08d510650b055d3193c4d5bbe084431cc40a626e81827d8bf2379435ada42a99569b35faa3af53f90f4dcf7a7d1c2e6fe4d7739b135981d40ba00de019909748640d554a159e552c6a7a7c77b213fad40dd785cc4ee983266b3377fbc7845a44992f82656b8240c169697599074348a4bac29423612e4c0ba89a66d08033b54b4d8f8704ab9470fe6316dc6ba610b7f3c1b0428607b13d2cfbed5c82d9214a1e97edaa27ed011d42800467fd54cddec7841f2aa513e7c8956842ea69b6b80208a4acbe9b678a9ab48a26df1cebd283f0d8e2956d8e8a4aad5b563ae75ddaf9b167d70b0e96f42a4f1c5bef1e777fedcb380707fc7ac87e249f322a01660687c04d1bbeeefeecadf86c3ef805d79964a862877cfbff40eb340f7065bc759013cbdcb25305ba6812a853b8d8e1960227826acb24311ed0e67f84565dd8858ca3be23409569e15ba75120c35dffdc8a4b7688d5d02fedf88434274b828fec979ea029405cd1e7cadc867ebdc98c4a523178715828c1a6361e60ff1f2968efc20d6888ac2a6f81e37cbc7f1e89f3421825cc278df26c8722e1672fc9672a8d0a60dded6f0765ac61f8a91acf0195abc177e56cc91a9c11ccf95d2a58de5494e66cfa1e758438ee4bb163ee05927e551e4d05b308a0eb01cea", 0x47e}], 0x2}, 0x0)
sendmsg$alg(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x40)
ppoll(&(0x7f0000000240)=[{r0}], 0x1, 0x0, 0x0, 0x0)

[  113.409275][ T5287] loop0: detected capacity change from 16384 to 16320
[  218.369031][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  218.376078][    C1] rcu: 	0-...!: (1 GPs behind) idle=777c/1/0x4000000000000000 softirq=7490/7496 fqs=3
[  218.386368][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=7321, q=1532 ncpus=2)
[  218.394114][    C1] Sending NMI from CPU 1 to CPUs 0:
[  218.399341][    C0] NMI backtrace for cpu 0
[  218.399360][    C0] CPU: 0 PID: 5122 Comm: syz-executor.0 Not tainted 6.9.0-syzkaller-12393-g9b62e02e6336 #0
[  218.399377][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  218.399390][    C0] RIP: 0010:do_raw_spin_unlock+0x118/0x8b0
[  218.399427][    C0] Code: 49 c7 45 00 ff ff ff ff 0f b6 04 2b 84 c0 0f 85 cf 03 00 00 41 c7 06 ff ff ff ff 48 c7 c0 e0 fd 19 8e 48 c1 e8 03 80 3c 28 00 <74> 0c 48 c7 c7 e0 fd 19 8e e8 0a 18 88 00 48 83 3d 02 3f a6 0c 00
[  218.399440][    C0] RSP: 0018:ffffc90000007c60 EFLAGS: 00000046
[  218.399458][    C0] RAX: 1ffffffff1c33fbc RBX: 1ffff11017285911 RCX: 0000000000000000
[  218.399470][    C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880b942c880
[  218.399480][    C0] RBP: dffffc0000000000 R08: ffff8880b942c883 R09: 1ffff11017285910
[  218.399492][    C0] R10: dffffc0000000000 R11: ffffed1017285911 R12: 1ffff11017285912
[  218.399504][    C0] R13: ffff8880b942c890 R14: ffff8880b942c888 R15: ffff8880b942c880
[  218.399517][    C0] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  218.399535][    C0] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  218.399546][    C0] CR2: 00000000f5e71560 CR3: 000000000e132000 CR4: 00000000003506f0
[  218.399560][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  218.399569][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  218.399580][    C0] Call Trace:
[  218.399591][    C0]  <NMI>
[  218.399599][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  218.399627][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  218.399645][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  218.399665][    C0]  ? nmi_handle+0x2a/0x5a0
[  218.399697][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  218.399715][    C0]  ? nmi_handle+0x14f/0x5a0
[  218.399737][    C0]  ? nmi_handle+0x2a/0x5a0
[  218.399760][    C0]  ? do_raw_spin_unlock+0x118/0x8b0
[  218.399782][    C0]  ? default_do_nmi+0x63/0x160
[  218.399803][    C0]  ? exc_nmi+0x123/0x1f0
[  218.399823][    C0]  ? end_repeat_nmi+0xf/0x53
[  218.399847][    C0]  ? do_raw_spin_unlock+0x118/0x8b0
[  218.399870][    C0]  ? do_raw_spin_unlock+0x118/0x8b0
[  218.399893][    C0]  ? do_raw_spin_unlock+0x118/0x8b0
[  218.399916][    C0]  </NMI>
[  218.399921][    C0]  <IRQ>
[  218.399931][    C0]  _raw_spin_unlock_irqrestore+0x81/0x140
[  218.399951][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  218.399974][    C0]  ? timerqueue_del+0xac/0x100
[  218.399993][    C0]  ? __pfx_advance_sched+0x10/0x10
[  218.400011][    C0]  __hrtimer_run_queues+0x477/0xd50
[  218.400034][    C0]  ? ktime_get_update_offsets_now+0x3c/0x250
[  218.400061][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  218.400083][    C0]  ? ktime_get_update_offsets_now+0x22d/0x250
[  218.400105][    C0]  hrtimer_interrupt+0x396/0x990
[  218.400139][    C0]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[  218.400163][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  218.400187][    C0]  </IRQ>
[  218.400192][    C0]  <TASK>
[  218.400198][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  218.400217][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[  218.400238][    C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 ee d3 6a f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> c3 87 d4 f5 65 8b 05 f4 d1 72 74 85 c0 74 43 48 c7 04 24 0e 36
[  218.400250][    C0] RSP: 0018:ffffc90003f27660 EFLAGS: 00000206
[  218.400263][    C0] RAX: add48288cf8d8a00 RBX: 1ffff920007e4ed0 RCX: ffffffff947a0603
[  218.400275][    C0] RDX: dffffc0000000000 RSI: ffffffff8bcaba80 RDI: 0000000000000001
[  218.400286][    C0] RBP: ffffc90003f276f0 R08: ffffffff8fad43af R09: 1ffffffff1f5a875
[  218.400297][    C0] R10: dffffc0000000000 R11: fffffbfff1f5a876 R12: dffffc0000000000
[  218.400309][    C0] R13: 1ffff920007e4ecc R14: ffffc90003f27680 R15: 0000000000000246
[  218.400330][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  218.400356][    C0]  debug_check_no_obj_freed+0x561/0x580
[  218.400381][    C0]  ? __pfx_lock_release+0x10/0x10
[  218.400401][    C0]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  218.400423][    C0]  ? _raw_spin_unlock+0x28/0x50
[  218.400441][    C0]  ? find_unlink_vmap_area+0x2b6/0x2d0
[  218.400467][    C0]  remove_vm_area+0x1d3/0x300
[  218.400485][    C0]  vfree+0x7c/0x2e0
[  218.400502][    C0]  kcov_close+0x2b/0x50
[  218.400519][    C0]  ? __pfx_kcov_close+0x10/0x10
[  218.400539][    C0]  __fput+0x406/0x8b0
[  218.400561][    C0]  task_work_run+0x24f/0x310
[  218.400585][    C0]  ? __pfx_task_work_run+0x10/0x10
[  218.400607][    C0]  ? do_exit+0xa22/0x27e0
[  218.400625][    C0]  ? kmem_cache_free+0x145/0x350
[  218.400650][    C0]  do_exit+0xa27/0x27e0
[  218.400674][    C0]  ? __pfx_do_exit+0x10/0x10
[  218.400693][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  218.400718][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  218.400736][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  218.400752][    C0]  ? _raw_spin_lock_irq+0xdf/0x120
[  218.400773][    C0]  do_group_exit+0x207/0x2c0
[  218.400792][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  218.400810][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  218.400827][    C0]  get_signal+0x16a1/0x1740
[  218.400857][    C0]  ? __pfx_get_signal+0x10/0x10
[  218.400878][    C0]  ? bpf_lsm_file_ioctl_compat+0x9/0x10
[  218.400896][    C0]  ? security_file_ioctl_compat+0x87/0xb0
[  218.400925][    C0]  arch_do_signal_or_restart+0x96/0x860
[  218.400947][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  218.400975][    C0]  ? syscall_exit_to_user_mode+0xa3/0x370
[  218.400992][    C0]  syscall_exit_to_user_mode+0xc9/0x370
[  218.401010][    C0]  __do_fast_syscall_32+0xc4/0x120
[  218.401029][    C0]  ? exc_page_fault+0x590/0x8c0
[  218.401045][    C0]  do_fast_syscall_32+0x34/0x80
[  218.401063][    C0]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  218.401083][    C0] RIP: 0023:0xf7253579
[  218.401102][    C0] Code: Unable to access opcode bytes at 0xf725354f.
[  218.401109][    C0] RSP: 002b:00000000f74f5d44 EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  218.401124][    C0] RAX: fffffffffffffffc RBX: 0000000000000003 RCX: 0000000000004c01
[  218.401135][    C0] RDX: 0000000000000000 RSI: 00000000f73aaff4 RDI: 00000000f73aaff4
[  218.401145][    C0] RBP: 0000000000000bb8 R08: 0000000000000000 R09: 0000000000000000
[  218.401155][    C0] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  218.401165][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  218.401182][    C0]  </TASK>
[  218.401327][    C1] rcu: rcu_preempt kthread starved for 10487 jiffies! g7321 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  219.020430][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  219.030503][    C1] rcu: RCU grace-period kthread stack dump:
[  219.036501][    C1] task:rcu_preempt     state:R  running task     stack:25168 pid:17    tgid:17    ppid:2      flags:0x00004000
[  219.048298][    C1] Call Trace:
[  219.051580][    C1]  <TASK>
[  219.054527][    C1]  __schedule+0x17e8/0x4a20
[  219.059067][    C1]  ? __pfx___schedule+0x10/0x10
[  219.063932][    C1]  ? __pfx_lock_release+0x10/0x10
[  219.068964][    C1]  ? __asan_memset+0x23/0x50
[  219.073563][    C1]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  219.079376][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  219.085713][    C1]  ? schedule+0x90/0x320
[  219.089984][    C1]  schedule+0x14b/0x320
[  219.094157][    C1]  schedule_timeout+0x1be/0x310
[  219.099018][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  219.104406][    C1]  ? __pfx_process_timeout+0x10/0x10
[  219.109878][    C1]  ? prepare_to_swait_event+0x32e/0x350
[  219.115449][    C1]  rcu_gp_fqs_loop+0x2df/0x1330
[  219.120339][    C1]  ? __pfx_rcu_implicit_dynticks_qs+0x10/0x10
[  219.126500][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  219.131808][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  219.137809][    C1]  ? finish_swait+0xd4/0x1e0
[  219.142497][    C1]  rcu_gp_kthread+0xa7/0x3b0
[  219.147110][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  219.152313][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  219.158222][    C1]  ? __kthread_parkme+0x169/0x1d0
[  219.163259][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  219.168550][    C1]  kthread+0x2f0/0x390
[  219.172634][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  219.177838][    C1]  ? __pfx_kthread+0x10/0x10
[  219.182437][    C1]  ret_from_fork+0x4b/0x80
[  219.186863][    C1]  ? __pfx_kthread+0x10/0x10
[  219.191463][    C1]  ret_from_fork_asm+0x1a/0x30
[  219.196258][    C1]  </TASK>
[  219.199282][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  219.205689][    C1] CPU: 1 PID: 2854 Comm: kworker/u8:8 Not tainted 6.9.0-syzkaller-12393-g9b62e02e6336 #0
[  219.215595][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  219.225670][    C1] Workqueue: events_unbound toggle_allocation_gate
[  219.232212][    C1] RIP: 0010:smp_call_function_many_cond+0x1860/0x29d0
[  219.238998][    C1] Code: 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 99 09 0c 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 44 05 0c 00 eb 38 f3 90 <42> 0f b6 04 23 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 28 05
[  219.258615][    C1] RSP: 0018:ffffc90009757700 EFLAGS: 00000293
[  219.264713][    C1] RAX: ffffffff818a1158 RBX: 1ffff11017288c11 RCX: ffff88802b39da00
[  219.272693][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  219.280670][    C1] RBP: ffffc900097578e0 R08: ffffffff818a1127 R09: 1ffffffff25f50b0
[  219.288650][    C1] R10: dffffc0000000000 R11: fffffbfff25f50b1 R12: dffffc0000000000
[  219.296632][    C1] R13: ffff8880b9446088 R14: ffff8880b953f900 R15: 0000000000000000
[  219.304609][    C1] FS:  0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[  219.313546][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  219.320138][    C1] CR2: 0000561afabb3680 CR3: 000000000e132000 CR4: 00000000003506f0
[  219.328124][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  219.336107][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  219.344085][    C1] Call Trace:
[  219.347378][    C1]  <IRQ>
[  219.350227][    C1]  ? rcu_check_gp_kthread_starvation+0x278/0x310
[  219.356576][    C1]  ? print_other_cpu_stall+0x1470/0x15a0
[  219.362227][    C1]  ? __pfx_print_other_cpu_stall+0x10/0x10
[  219.368040][    C1]  ? __pfx_lock_release+0x10/0x10
[  219.373087][    C1]  ? kvm_check_and_clear_guest_paused+0x6a/0xd0
[  219.379348][    C1]  ? rcu_sched_clock_irq+0x9f4/0x10a0
[  219.384749][    C1]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  219.390398][    C1]  ? hrtimer_run_queues+0x16c/0x460
[  219.395613][    C1]  ? acct_account_cputime+0x207/0x210
[  219.401001][    C1]  ? update_process_times+0x1ce/0x230
[  219.406386][    C1]  ? tick_nohz_handler+0x37c/0x500
[  219.411539][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[  219.417015][    C1]  ? __hrtimer_run_queues+0x551/0xd50
[  219.422404][    C1]  ? ktime_get_update_offsets_now+0x3c/0x250
[  219.428496][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  219.434233][    C1]  ? ktime_get_update_offsets_now+0x22d/0x250
[  219.440318][    C1]  ? hrtimer_interrupt+0x396/0x990
[  219.445557][    C1]  ? __sysvec_apic_timer_interrupt+0x110/0x3f0
[  219.451728][    C1]  ? sysvec_apic_timer_interrupt+0xa1/0xc0
[  219.457550][    C1]  </IRQ>
[  219.460486][    C1]  <TASK>
[  219.463423][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  219.469595][    C1]  ? smp_call_function_many_cond+0x1847/0x29d0
[  219.475769][    C1]  ? smp_call_function_many_cond+0x1878/0x29d0
[  219.481972][    C1]  ? smp_call_function_many_cond+0x1860/0x29d0
[  219.488194][    C1]  ? kmem_cache_alloc_bulk_noprof+0x146/0x770
[  219.494288][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  219.499413][    C1]  ? kmem_cache_alloc_bulk_noprof+0x146/0x770
[  219.505512][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  219.511887][    C1]  ? __pfx___might_resched+0x10/0x10
[  219.517255][    C1]  ? __mutex_trylock_common+0x183/0x2e0
[  219.522817][    C1]  ? __pfx___might_resched+0x10/0x10
[  219.528123][    C1]  ? __pfx_do_sync_core+0x10/0x10
[  219.533164][    C1]  on_each_cpu_cond_mask+0x3f/0x80
[  219.538298][    C1]  text_poke_bp_batch+0x352/0xb30
[  219.543344][    C1]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  219.548900][    C1]  ? __pfx___mutex_lock+0x10/0x10
[  219.553945][    C1]  ? arch_jump_label_transform_queue+0x9b/0x100
[  219.560297][    C1]  text_poke_finish+0x30/0x50
[  219.565096][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[  219.571091][    C1]  static_key_enable_cpuslocked+0x136/0x260
[  219.577010][    C1]  static_key_enable+0x1a/0x20
[  219.581787][    C1]  toggle_allocation_gate+0xb5/0x250
[  219.587089][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  219.592996][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  219.599344][    C1]  ? process_scheduled_works+0x945/0x1830
[  219.605078][    C1]  process_scheduled_works+0xa2c/0x1830
[  219.610749][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  219.616746][    C1]  ? assign_work+0x364/0x3d0
[  219.621348][    C1]  worker_thread+0x86d/0xd70
[  219.625962][    C1]  ? __kthread_parkme+0x169/0x1d0
[  219.630998][    C1]  ? __pfx_worker_thread+0x10/0x10
[  219.636116][    C1]  kthread+0x2f0/0x390
[  219.640194][    C1]  ? __pfx_worker_thread+0x10/0x10
[  219.645317][    C1]  ? __pfx_kthread+0x10/0x10
[  219.649919][    C1]  ret_from_fork+0x4b/0x80
[  219.654349][    C1]  ? __pfx_kthread+0x10/0x10
[  219.659036][    C1]  ret_from_fork_asm+0x1a/0x30
[  219.663828][    C1]  </TASK>