last executing test programs:

1m28.772883942s ago: executing program 4 (id=867):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
mknod(&(0x7f0000000140)='./file0\x00', 0x1000, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49468ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", "685a228f", "be0ea450d5a5fd03"}, 0x38)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0x800)

1m27.801273397s ago: executing program 3 (id=878):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000380)={0x0, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040))
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0xb, "a8407a73"}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0x0, "00000080"}]}}, 0x0}, 0x0)
r3 = syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0)
ioctl$HIDIOCGREPORT(r3, 0x400c4807, &(0x7f00000000c0)={0x3, 0x100})
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16, @ANYBLOB="01000000000000e14f003b"], 0x6f4}}, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r6, 0x4138ae84, &(0x7f0000000100)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0xddf8ffdb, 0x0, 0x0, 0x140030})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$unix(r8, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000980)="0f83", 0x2}], 0x1}, 0x20000001)
recvmsg$unix(r7, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)

1m27.591127909s ago: executing program 4 (id=879):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080))
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @fixed}, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000040), &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000140)="d8", 0x1, r1)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000480)=@keyring={'key_or_keyring:', r2})
request_key(&(0x7f0000000400)='user\x00', 0x0, 0x0, r1)
ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000000))
ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000040))
unshare(0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0xac802, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, &(0x7f0000001480)={{0x6, 0x1, 0x2, 0x4, 'syz1\x00', 0x1000}, 0x4, 0x30, 0x7f, 0x0, 0x8, 0x6, 'syz0\x00', &(0x7f0000001400)=['/dev/hwrng\x00', '^{(}:$g\x00', '/dev/hwrng\x00', '\x00', '(\x00', '.(.,\\-[:\'-\\\x00', '/dev/hwrng\x00', '/dev/hwrng\x00'], 0x43})

1m26.420056249s ago: executing program 4 (id=882):
r0 = socket$inet6(0xa, 0x3, 0x8)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x30, 0x0, &(0x7f0000000240)=0x114)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1, 0x4, &(0x7f0000000100)=ANY=[], &(0x7f0000000040)='GPL\x00'}, 0x90)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$dupfd(r1, 0x0, r1)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, 0x0, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$SO_BINDTODEVICE_wg(r2, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(r2, &(0x7f0000000040)="e5", 0xffffffe4, 0x1200, 0x0, 0x0)

1m25.379069812s ago: executing program 4 (id=883):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioprio_set$pid(0x1, 0x0, 0x0)

1m23.013237881s ago: executing program 1 (id=885):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x48882, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, 0x0, 0x14d802, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e"], 0x7c}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = syz_io_uring_setup(0x6908, &(0x7f00000006c0)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000100)=<r7=>0x0)
r8 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90424fc60100005000a000200053582c137153e3704000180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
syz_io_uring_setup(0x1868, &(0x7f0000000140), &(0x7f00000000c0)=<r9=>0x0, &(0x7f0000000240))
syz_io_uring_submit(r9, r7, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r6, 0x184c, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e00014100000000000000000000000008000000", @ANYRES32=r5, @ANYBLOB], 0x1c}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f00004b1000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000640)=0x1)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1m22.986368195s ago: executing program 3 (id=886):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffe}}]}, &(0x7f0000000200)='syzkaller\x00', 0xc, 0xff9, &(0x7f0000000380)=""/4089}, 0x90)

1m22.773017441s ago: executing program 3 (id=889):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
mknod(&(0x7f0000000140)='./file0\x00', 0x1000, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49468ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", "685a228f", "be0ea450d5a5fd03"}, 0x38)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r0, 0x0, 0x800)

1m22.092207418s ago: executing program 1 (id=891):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x0, 0x84)
iopl(0x3)
msync(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0)
iopl(0x40)
shmget(0xffffffffffffffff, 0x1000, 0x200, &(0x7f0000ffe000/0x1000)=nil)
shmat(0x0, &(0x7f0000ffa000/0x3000)=nil, 0x6000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[], 0x7c}}, 0x20040000)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'md5-generic\x00'}, 0x58)
r3 = accept4$alg(r2, 0x0, 0x0, 0x0)
r4 = dup(r3)
sendmsg$inet6(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="e5", 0x1}, {&(0x7f0000000200)='c', 0x1}], 0x2}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=ANY=[@ANYBLOB="140000001000010000000000000000000000000af8000000060a0104000000000000000002000000cc000480c80001800c0001006269647769736500b80000000f040004800800024000000003040005800800064000000000080003400000000808000340000044da0800024000000003740005801c00028008000180ffffffff0800034000000004080003400000f12c3c0002800800034000000001080003400000000908000180fffffffb0900020073797a300000000009000008000180fffffffb180002800900020073797a3100000000080003400000000908000640000000020900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a000000000000000000"], 0x120}}, 0x0)
shmctl$IPC_RMID(0x0, 0x0)
io_uring_setup(0x3305, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'team_slave_0\x00'})
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x1631c3)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000500000000000000000000008500000041000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0x8, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xa, &(0x7f0000000500)=ANY=[@ANYBLOB="7c233edbacbededdff93103171946bca2cb6feaaa96bd41ed4fe135cfbe846d8bf0bba654e33de2d68f276971af03640f149a5f108b70cae53ed46264b5febb222568d94a570d12d48233ba89218b7d5975f53095d64cbbbfa38e43abc3d50e1d7af3dfafa03a450685b1bf0e0604efce422cb366a390a802d560abb71a3832f198768c0192cd002141aa82f04d70663381b1dedc6d69520eef3b9935103307c31bfc4c094ddaded092efeae8bc719ffdfde6d0ed0c437e46e6e179390101a3140ec91fa", @ANYRES32, @ANYRES8], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffc56}, 0x90)
epoll_create1(0x80000)
write$sndseq(r5, &(0x7f0000000680)=[{0x7, 0x4, 0x0, 0x1, @tick=0x2, {0x0, 0x34}, {0x7, 0x7}, @ext={0x3b, &(0x7f0000000000)="d44aee5bb9bbd52f23703f5113ca8d1bd5549cfddcf02f9569b84afc783fb2557b932a72282540580e600051627b3da884d6dfc94bd27cfd5fde92"}}, {0x82, 0x9c, 0xc, 0x2, @tick=0x3fb5, {0xe3, 0x40}, {0x9, 0xfe}, @ext={0x60, &(0x7f0000000080)="9949934c4a336e5b6560aaae4712aeec80e44b8f7e1f453886258c2e7ac333e36b05b27d17d0ffbb78cccaa97bbdff14cb79e00cbfe1e63b1243efee6a6f7ca59ad86c7fd9e4ed2545a01224d6801c9719a14ba9999d84788bf848080007b0b7"}}, {0xf, 0x8, 0x7, 0x8, @time={0x401, 0x5}, {0xe7, 0x8}, {0x0, 0x1}, @connect={{0x7b, 0x81}, {0x3, 0x33}}}, {0x6, 0xa, 0xfd, 0x4, @tick=0x10001, {0xaf}, {0x6, 0x7}, @connect={{0x6, 0x7}, {0x5, 0xd}}}], 0x70)

1m21.192286044s ago: executing program 2 (id=892):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ed50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={0x1, <r2=>0xffffffffffffffff}, 0x4)
r3 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000100), 0x20002, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000640)={r0, 0x20, &(0x7f0000000600)={&(0x7f0000000480)=""/153, 0x99, <r4=>0x0, &(0x7f0000000540)=""/145, 0x91}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0xc, 0xf, &(0x7f0000000340)=@raw=[@map_val={0x18, 0x3, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf}, @func={0x85, 0x0, 0x1, 0x0, 0x8}, @cb_func={0x18, 0x8, 0x4, 0x0, 0x4}, @map_val={0x18, 0x7, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x7}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x5}, @cb_func={0x18, 0x7, 0x4, 0x0, 0xffffffffffffffff}], &(0x7f0000000400)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x82, '\x00', 0x0, 0x23, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0x6, 0x401, 0x8}, 0x10, r4, r1, 0x8, 0x0, &(0x7f0000000680)=[{0x4, 0x3, 0x2, 0xb}, {0x3, 0x3, 0x7, 0xa}, {0x4, 0x4}, {0x3, 0x4, 0xe, 0x1}, {0x2, 0x1, 0x3, 0xf}, {0x3, 0x1, 0x5, 0x8}, {0x3, 0x5, 0x1, 0x4}, {0x0, 0x5, 0xb, 0x2}], 0x10, 0xc}, 0x90)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r5, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000020400085000000a000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x7, 0x8, 0x22}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r9=>0x0})
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0xbb6d, 0x8000, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000340)={r10, 0x0, 0x0}, 0x20)
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r8, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r9, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x4e24, 0x0, @mcast2, 0x7}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000b00)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000a20000000000000000000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fe8000000000000000000000000000bb00"/400], 0x190)
syz_emit_ethernet(0x4e, &(0x7f0000001600)={@broadcast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000202", 0x18, 0x6, 0x0, @remote, @mcast2, {[], @mld={0x0, 0x0, 0x0, 0x0, 0x3, @dev={0xfe, 0x80, '\x00', 0x22}}}}}}}, 0x0)

1m21.191726768s ago: executing program 3 (id=893):
r0 = gettid()
r1 = io_uring_setup(0x77e7, &(0x7f0000000140)={0x0, 0x0, 0x3000, 0x82, 0x400})
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, &(0x7f0000000300)={&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/242, 0xe6, 0x0, &(0x7f0000000480)=""/230, 0xf3}, &(0x7f0000000340)=0x43)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x7c, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME={0x5d, 0x33, @beacon={{{}, {0x8}, @device_b, @device_b}, 0x1000, @random, 0x0, @void, @val, @val={0x3, 0x1, 0x3}, @void, @void, @val={0x5, 0x3}, @void, @void, @val={0x3c, 0x4, {0x0, 0x0, 0xb7}}, @val={0x2d, 0x1a, {0x2, 0x2, 0x6, 0x0, {0x6df, 0xff, 0x0, 0x3, 0x0, 0x1, 0x0, 0x3, 0x1}, 0x1, 0x101, 0x5}}, @void, @val={0x71, 0x7, {0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x60}}, @void}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4005}, 0x0)
io_uring_enter(r1, 0x0, 0xe257, 0x1, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r7, &(0x7f0000000000), 0xffe000)
r8 = syz_io_uring_setup(0xd5, &(0x7f0000000480), &(0x7f0000000040)=<r9=>0x0, &(0x7f0000000080)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r8, 0x47ba, 0x0, 0x0, 0x0, 0x0)
rt_sigqueueinfo(r0, 0x21, &(0x7f0000002d00)={0x0, 0x0, 0xffffffff})
getsockname$packet(r7, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000280)=0x14)
r11 = socket(0x200000100000011, 0x3, 0x0)
r12 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r12, 0x8933, &(0x7f00000000c0))
r13 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r13, 0x0, 0x80, &(0x7f00000001c0)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x0, 0x20000070], 0x0, 0x0, &(0x7f0000000040)=[{}, {0x2}, {}]}, 0x108)
setsockopt$packet_int(r11, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4)
sendmsg$netlink(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)={0x10}, 0x10}, {0x0}], 0x2}, 0x0)
r14 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$FUSE(r14, 0x0, 0x0)

1m21.049529102s ago: executing program 0 (id=894):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x3}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, 0x0, 0x0)
bind$tipc(r0, 0x0, 0x0)

1m21.048738832s ago: executing program 4 (id=895):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xe, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000006b8a00fe00000000c7080000010000007b8af0ff00000000bda100000000000007000000f8ffffffbfa400000000000007040000f0ffffffb7020000080000fa18230000", @ANYRES32=<r2=>r1, @ANYBLOB="0000000000000000b704000008000000850000001a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000079b7040000000000008500000003000000850000000f00000095"], &(0x7f0000000b00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10300, 0xd0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r8 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r8, 0x81044804, &(0x7f0000000400)={0x1})
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000001040)={0xfffffffffffffeb3, 0x0, &(0x7f00000010c0)={0x0, 0x3, 0x4, @string={0x0, 0x3, "ccda42effe3d28211e0cfdc696757f4ccf5965d63b11b781a318f96cdba59e8943826868c86bc65f6476cf2efcab9efd454fc89fecd837c6cae9b1a4138375223b81769c367cbec2a3f8cfcf27c68e5f6d07f65297631df324f90a03e870e220f0eda45114b5e43eae3e9cf06fb06effbbc25e7be61acb8616966f617a5779f8400e0c3f8772b933fadd0d0fdc5e5e7cff5df5bfcc9ac07a1c811cc8be413757ccc4c3b53cbb89490d4d6e5f11708e0b10784428ebd91f010e66d47766e4cd06918b7fb2"}}, 0x0, 0x0, 0x0}, 0x0)

1m20.903003165s ago: executing program 0 (id=896):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f0000000800)})
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000600), 0x64100, 0x0)
ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f00000006c0)={0x4, &(0x7f0000000640)=[{0x911, 0xcf, 0x9, 0x9e300000}, {0xd94, 0xf7, 0x40, 0x6}, {0x8, 0x2, 0x9, 0x6}, {0x4, 0x9, 0xf3, 0x8}]})
r1 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x107382)
r2 = memfd_create(&(0x7f0000002240)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89c\x96#03\x88\xb0\x90u\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7\xff\x01\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xfd\xf4\xaa\xb5\xcd\x04\xdb$\xc1\x80M\x97\x89\xb2T\xec\xd0\xc6\x9dkm\xe6k\xa2\x0f~X8\xa9H\x81:\xe1\xab}\xf3F\x8c\x03c\x88\xc7\xf9\n\xbd\x88\xb7$\xf1n\xf8\xa4\xde\x91w\x03^k\xe2\xcbk\xe2/\x1d\x84\xba\xc4\xbd&>\xad:Li\xae\xd4\xd3\x12hEt\xfao\xa35\xa1n\xb12\xa5\xbb\x96\v\x12\xe0H\x95\xb9\xeaWd\xdb\x1e\a\xd1\x85/\x89<\t\x0f#\xe5\xdb0\x8c6\xfb\xb9\xece\xf6\xc7\xeb\xd7P\xa2d\xc7\xec\x88\x8d\xa1e\xbf\xc2\x9bE\xe7\xf2\xec@\xe7\x92D;\xd5\aj\xae\xad\x03\x00\x00\x00\x00\x00\x00\x00\x97it<\xbd\x86\x83\xc4\x8dWw\xf2\x05\x9e\x82\xb0\xa9=\xc1\x8c\aub[\xf7 _P5U\xf09E\xc7V\a\xa5\x1a\xf7S\xeb\xf0\x9d\xb2\b\xcf\xb3\xb1\x88\xd5V\x0f\xe5@Xa\xd8\xcd\xc4\xc2B\xab%\xd5\xb3\x83e\xa7\xbb\xb8\x10F\xa1yn\x84\xd1*)9\x9b\x97\xdc\xfcRy\x8b\x8b\xb2\xf1\xb7\xfd\x88\xa5\xf2\xa0@,Y\xfeWED\x93\xd7/\xc032\xb5\xb9p\x11\xb1\x9d(\xd8N\xc4\a\x95j\x8e\x9e\xb3\xc1\x80e\xa8\x92/\xf47\xc0\x93\x17\x16\x94\xb6,$\xad\xd7\xb9\xe9\xf9\x9e\xcbK#\x81\n\v\xd4\x9e\xe4v\xa4\\\xdf(\xfe\xebU\xc0\x98H\x0ew\xb4\x9e\xce\x16`\x9b\xc54\x8c;\x99\xec\xe9\x11\xadJ\xb55\xb5\xb2\x01Uv\xeb\xa2\x03Rj\xf84Q\xfa\xb9u\xf8\x82\xd0>\xdc\xe4R6\x14q\xe0\xc1', 0x0)
r3 = accept$inet6(0xffffffffffffffff, &(0x7f0000000680)={0xa, 0x0, 0x0, @private1}, &(0x7f00000000c0)=0x1c)
sendfile(0xffffffffffffffff, r3, &(0x7f0000000100), 0x10000)
socket$inet6_udp(0xa, 0x2, 0x0)
pwritev(r2, &(0x7f0000000ac0)=[{0x0}, {0x0}, {&(0x7f0000000380)="b93eee414941b23f7e236a513d8617bc6281d3b018a87b1ffb52203454a05646dffd32b668a062ef912bf5a197e32ca7db6cf716f67daf54fb", 0x39}, {&(0x7f0000001140)="5016cf957341f1309660144f05a4c852b7c91d465959679f46274313d42623a941d53dda228a21cfe2d24324e88452b9a5826f74c9aa4fa5812d9b4d91a93f16302922eceea74ecda30ce05b11ef5a2bff7c1b3c", 0x54}], 0x4, 0x1800000, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000001200)={0x0, 0x0})
sendfile(r1, r1, 0x0, 0x24002de8)
ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x2)
fallocate(r1, 0x50, 0x7f, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, 0xffffffffffffffff)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r2, 0xc0709411, 0x0)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000200)={0x0, {}, 0x0, {}, 0x8004, 0x6, 0xc, 0x5, "4b8b3ea46929dfed0b2f34380d308f95a023d009852471dd5a94a9fe9549918ae7fd1f0ece5b861375b108403362cfe0f4fccffb1b6a2115354d4df15d017a3f", "2363f18d9acc6c25af21ca2af6d2e80e4caadd6d126cfb80c92dc817d44dcdec", [0x2000000001, 0x807]})

1m20.596723449s ago: executing program 2 (id=897):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340)={0x400000100002f})
r1 = openat(0xffffffffffffff9c, 0x0, 0x281c2, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000080)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000240)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r7}})
io_uring_enter(r4, 0x47ba, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000900)=@newlink={0x3c, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_TX_RATE={0xc}]}]}, @IFLA_MTU={0x8}]}, 0x3c}}, 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000002c0), 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)

1m20.430167563s ago: executing program 1 (id=898):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
sendmsg$alg(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
io_setup(0x0, &(0x7f0000000740))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x5, &(0x7f0000000400)=[{0x6, 0x0, 0x7, 0x7613}, {0x6, 0x2, 0x8, 0x2b52}, {0x5, 0x9, 0x9, 0x3ff}, {0xc0e, 0x3f}, {0x7fff, 0x0, 0x7, 0x8}]})
open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000)
openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x80402)
write$binfmt_elf64(r0, &(0x7f0000002a00)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x6, 0x5, 0x0, 0x40}, [{}]}, 0x78)
prlimit64(0x0, 0xe, &(0x7f0000000140), 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000000680)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000000))
io_uring_setup(0xfc2, &(0x7f0000000180))
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x6, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@cgroup, 0xffffffffffffffff, 0x2b, 0x0, 0x4000}, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)

1m20.150935766s ago: executing program 3 (id=899):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x20)
socket(0x11, 0x800000003, 0x0) (async)
r1 = socket(0x11, 0x800000003, 0x0)
sendmsg$IPCTNL_MSG_EXP_GET(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0xb0, 0x1, 0x2, 0x101, 0x0, 0x0, {0x7, 0x0, 0xa}, [@CTA_EXPECT_MASK={0x28, 0x3, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}]}, @CTA_EXPECT_MASK={0x50, 0x3, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}]}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x2}, @CTA_EXPECT_FN={0x13, 0xb, 'callforwarding\x00'}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x3}]}, 0xb0}, 0x1, 0x0, 0x0, 0xb8430929ab43e403}, 0x40000)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
socket$netlink(0x10, 0x3, 0x0) (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0xac, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x18, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0xa}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0xcb2}]}]}]}}]}, 0xac}}, 0x0)

1m19.872335074s ago: executing program 0 (id=900):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
dup(r0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[], 0x20}}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x102, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x79, r2, 0x4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110020", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x10, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xbb)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305839, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$TCSETSW2(r5, 0x402c542c, &(0x7f00000000c0)={0x8, 0x7f, 0x0, 0x0, 0x3, "f06fc539471398450104663ea5b3e92dad434f"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
write$UHID_INPUT(r6, &(0x7f0000001980)={0x765, {"a2e3ad084fc752f91b2909094bf70e0dd038e7ff7fc6e5539b3245078b089b39353b0e1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b33300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)

1m19.809432109s ago: executing program 1 (id=901):
openat$drirender128(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000240)='sctp_probe_path\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r5 = landlock_create_ruleset(&(0x7f0000000080)={0x5d62}, 0x10, 0x0)
landlock_restrict_self(r5, 0x0)
creat(&(0x7f00000001c0)='./bus\x00', 0x0)
r6 = open(&(0x7f0000000000)='./bus\x00', 0x141b42, 0x0)
sendmmsg$unix(r4, &(0x7f0000000b40), 0x2b842ac, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x15, 0x5, 0x0)
bind$inet(r0, &(0x7f0000003900)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000100), 0x0, 0x4040004, 0x0, 0x0)
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f00000000c0)={0x0, 0x1000000})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr]}}, 0x0, 0x26}, 0x20)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_rose_SIOCRSCLRRT(r6, 0x89e4)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={<r10=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r8, 0x84, 0x1, &(0x7f0000000000)={r10}, &(0x7f0000000080)=0x14)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f0000000140)={r10, 0x40}, 0xc)

1m19.450026334s ago: executing program 4 (id=902):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0xfff0, &(0x7f0000000480)={&(0x7f00000001c0)=@RTM_NEWMDB={0x13, 0x54, 0x1e5}, 0x18}}, 0x0)

1m16.166374897s ago: executing program 2 (id=903):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$clear(0x11, 0xfffffffffffffffd)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r1, &(0x7f0000000140), 0x9)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sendmsg$inet(r1, &(0x7f0000000300)={&(0x7f0000000240)={0x2, 0x4e60, @loopback}, 0x10, &(0x7f0000000280)=[{&(0x7f00000003c0)="ed4e82bdc44b4626f17240da75126c6c124490d6e1b548078f2bfbb3b2144213deecccecf4af153de115e85615196635cc86e4ff71d9588a9cb2aba8fd4b07268cf929808a43aaa7e4b44392d9c67e552eb54fb946da44baf093388610fd928d0798bacc3f33eef8267a318bed8dd50596c299dbc4a80c70d3f13ce3cca7301a10769248fa9347cae6ab712db36abae3dece3acffbb18053b17615661d55ad0fcd4799bdf8b390dd43465bf7840fa33567cd5a94db399d6d6d2c942aecc2714b60634c03e6e02b8f8af3d42e5b512cf459f830cb0b6de118b8ffdff41db05d54e8d56c301df18e88080d8e", 0xeb}, {&(0x7f00000007c0)="b80d8b0089b7cb61da8d5df472181a26b15679ac7f8c78272d864af732b8b28aa0e1a48cbdf44ccb0e4f2112c22ee96f25a9b1119789158355ab025feb9a844f50cd0c85f365ceda583622fc9f84927e238c2c5fab979ce0e9ecfcb11b749e7ebd7d22afb9611270a35da1ea5c669a26a0f70a238ac146a1fe973c084b5dbcf56506997a21a2072f27a03e323520f7b6391eacf105f808ec8557bcc1e5c52e6a6fcf9c072a5527a9f8c7ef28713c6cebccafc270de073f7504c11aea2450", 0xbe}, {&(0x7f0000000600)="7eaf5fb1b36ff33d10c45c93c9ff37ab09bd57dbcc850d56553b3d4acb92e6fb2178dc510264eb4a5608f3f608735ca6d50347c7f2592d2cfc9aec9f5b2ecb156782d6ddb2a0db5c98ef2da4686ce20b30b791a26685e46ef1688c2b38f01eddf912f20a6710605379d66ccb9f54c8a76c038c43cea0067e52c9ed4cbfff8385a6ac2d858aa9effdf04051c7ee95687af2c67c80b626a85e0fb1d88170e92b3df62001a529aea5b6817906b83604d869aacca56c7eac589695cfe1c4d1780693b33c9bf96c778ea88dc338bcfe71fe0944f3666716521d6c09b627884a395deb06a490f077d2617722096769e31036", 0xef}], 0x3}, 0x40040)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0x50}, {0xb1, 0x0, 0x0, 0xbffff038}, {0x6}]}, 0x10)
sendmsg$inet(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000280)="9d", 0x1}], 0x1}, 0x0)
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x11)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="189700000000009eb044c4d4240ff0cd3aaaedaed300000000000000000018ea0017202070251a33a5e8bf92000200000701f87d9f00f82e9f913b2ff2c6d8985572a3e24b8caa01d42a0e37"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000003}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = open$dir(&(0x7f0000000780)='./file0\x00', 0x44200, 0x54)
open_tree(r5, &(0x7f0000000180)='./file0\x00', 0x9001)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x5}]}, 0x38}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000500))
r8 = syz_open_dev$sndpcmp(&(0x7f0000001740), 0x0, 0x802)
mmap$snddsp_status(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, r8, 0x82000000)

1m14.031292809s ago: executing program 1 (id=904):
setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000380)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x18, 0x14, 0x509}, 0x18}}, 0x0)
sendmsg$alg(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
io_setup(0x5, &(0x7f0000000740)=<r3=>0x0)
io_submit(r3, 0x0, &(0x7f00000002c0))
read$alg(r1, &(0x7f00000000c0)=""/84, 0x54)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000200), 0xa08000, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x7, 0x0}, {0x18, 0x2, 0x2, 0x0, r9}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1m14.030712815s ago: executing program 0 (id=905):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioprio_set$pid(0x1, 0x0, 0x0)

1m12.561561564s ago: executing program 2 (id=906):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x2}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f00000000c0)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x3}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, 0x0, 0x0)
bind$tipc(r0, 0x0, 0x0)

1m10.765848698s ago: executing program 2 (id=907):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ed50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={0x1, <r2=>0xffffffffffffffff}, 0x4)
r3 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000100), 0x20002, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000640)={r0, 0x20, &(0x7f0000000600)={&(0x7f0000000480)=""/153, 0x99, <r4=>0x0, &(0x7f0000000540)=""/145, 0x91}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0xc, 0xf, &(0x7f0000000340)=@raw=[@map_val={0x18, 0x3, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4}, @map_idx_val={0x18, 0x1, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0xf}, @func={0x85, 0x0, 0x1, 0x0, 0x8}, @cb_func={0x18, 0x8, 0x4, 0x0, 0x4}, @map_val={0x18, 0x7, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x7}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x5}, @cb_func={0x18, 0x7, 0x4, 0x0, 0xffffffffffffffff}], &(0x7f0000000400)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x82, '\x00', 0x0, 0x23, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x0, 0x6, 0x401, 0x8}, 0x10, r4, r1, 0x8, 0x0, &(0x7f0000000680)=[{0x4, 0x3, 0x2, 0xb}, {0x3, 0x3, 0x7, 0xa}, {0x4, 0x4}, {0x3, 0x4, 0xe, 0x1}, {0x2, 0x1, 0x3, 0xf}, {0x3, 0x1, 0x5, 0x8}, {0x3, 0x5, 0x1, 0x4}, {0x0, 0x5, 0xb, 0x2}], 0x10, 0xc}, 0x90)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r5, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000020400085000000a000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xe, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x12, 0x7, 0x8, 0x22}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r9=>0x0})
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0xbb6d, 0x8000, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000340)={r10, 0x0, 0x0}, 0x20)
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r8, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r9, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x4e24, 0x0, @mcast2, 0x7}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000b00)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000a20000000000000000000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fe8000000000000000000000000000bb00"/400], 0x190)
syz_emit_ethernet(0x4e, &(0x7f0000001600)={@broadcast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000202", 0x18, 0x6, 0x0, @remote, @mcast2, {[], @mld={0x0, 0x0, 0x0, 0x0, 0x3, @dev={0xfe, 0x80, '\x00', 0x22}}}}}}}, 0x0)

1m7.658656249s ago: executing program 0 (id=910):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, 0x0)
syz_usb_connect(0x1, 0x24, &(0x7f00000002c0)={{0x12, 0x1, 0x300, 0xb1, 0xfe, 0x92, 0x8, 0x1415, 0x3, 0x655d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xd3, 0xa5, 0x3e}}]}}]}}, &(0x7f0000000e80)={0x0, 0x0, 0xf, &(0x7f0000000b80)={0x5, 0xf, 0xf, 0x1, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x0, 0x0, 0x2}]}, 0x1, [{0x0, 0x0}]})
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYBLOB, @ANYRES32=r1], 0x1c}}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0xb}, 0x48)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0xba01}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffed, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102372, 0x18fe4}], 0x1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000047000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a876d839240d29c035055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7e8dc34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bb44b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334583239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bf4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc508afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd360000000000000000ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c97a088a22e8b15c3e233db00002e30d46a0024d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c29c5c0ed5bcdf510c3c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ced92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f68fa8d7c2dfb28e1f05e46b0933c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d588afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda6900002a070886df42b27098773b45198b4a34ac97febd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d63521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07afef12ef060cd4403a099f32468f658000b4082d43e12186195cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea209b53b230ef0f2ab85cbdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bd3339403004b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab900000000000000000000d71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdbf24a0c5441ce046078492b53467cfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89cb349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb15f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c00c57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137df47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b558982016b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8b49e3d0168bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85a3009a5d30f479e293a3302e11350ea857b37e76ca3f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c8ffe0d508dcee3070e8b42ac38545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f98117919472b61b20026d7e646174b55d251f7f8ca5ccc22a5efb33b217eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4444e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24000000000000000000000000000000000000cd3211b3842b68a4eddca2eae28529e97a98d7ec3fd902df1ba8fc2ad2377e72d4e7aeacbbccef5614cd965511558f40720025c022bc9c213e407f6bc4b673c55aa8e729299a37fd6339acd906ac861ba56c9fa9b8b12b5e68a3cdadb906355e1f1d336a243172affe50d0fb36c3718a7498eed3d398f405a34d494414e87ef1ce1845510d43d00171d6b4b762f89564c22d542a119878709cd6822c3a3eb47a849b0737929fe9e1eecd1bff5a2b9880e2a6d8a3b3b7e88a673c96cda4455eff1c530db0e6598a2686aa09aeaf0f1aed95aeb8b0a2cc5ca31c0f56285cc05f7090a0e0583cf540d18cd8817e685c7b4ff176178ac1234f23e54445ec20b2689832d78409897a0307e89ebcd5f4ba042a3d10237a5a8a9a6eda36d2f337dc54537b80e8433341b135b4c5bb0173ffde46ccd260e1d4f2c51e8b07bb256f1317912cb1fc9e491e0bb9109e475cc795c23ad9f4f0042c5e9c655a4d865bc4a266e6a1d3d2b7ee53be9efb33a98933b5ba74ee3ac8d34b6af8c1fdbffade3abc80842b74354162f5b994ab5254cb068bc5e2ae242a1d37d0d49947c9317fa1a46c9e259ce0e1f9db992c53f7830a5e8f4fac6b187eb9f15ba61f730f86d7d7b63bbc7a1d9ff37e87a90a14e0655304da069f9009b62717649b6c6af94fcba713f8ee6fcce25aef44d009966614b61be9369ffc589a79051b0a0000000000000003ebd34c41afe268c33c9322c3a783772aec998f51a6e70fb932a8019e72ef5ab127bb30c79ebfd867441083546305fb39449c40a166ea389a6b77b7c87f66e8bf5806726b8fc50b943627314803a12c33312dce0a10f852da3e000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7}, 0x48)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(0xffffffffffffffff, 0x29, 0x37, &(0x7f0000000040)={0x3a}, 0x8)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r6, 0x18000000000002a0, 0x1c, 0x0, &(0x7f0000000480)="b9ff03076844268cb89e14f088a847", 0x0, 0xfe, 0x60000009, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt(r7, 0x84, 0x65, 0x0, 0x0)

33.35027411s ago: executing program 1 (id=911):
openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
gettid()
timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, &(0x7f0000000500))
ptrace(0x8, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r2, 0x0, 0x3, &(0x7f00000000c0)=0x1f, 0x4)
sendto$inet(r2, &(0x7f0000000100)="1ce0", 0xffeb, 0x900, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r3, 0x541c, &(0x7f0000000000))
syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000100))
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="28000000010401840000000000000000009e210000000a000200000000001c0000000500010001000000"], 0x28}}, 0x0)
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r4, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10)
sendmmsg(r4, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
dup(r6)

33.349900354s ago: executing program 3 (id=908):
socket$packet(0x11, 0xa, 0x300)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r0, 0x3000)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$bt_hci(r1, 0x84, 0xe, &(0x7f0000003140)=""/4095, &(0x7f0000000000)=0xfff)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_udp_encap(r2, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
syz_emit_ethernet(0x86, &(0x7f00000008c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "7d917b3509d521a4d70aa3ba08972efaf4f5929d155f1362b0dfb6fbf1f7f38f", "62182f8590f74b6ceb05691a3900f279", {"a2d06e01bc9ec5c94b0edce7f462b47b", "44f2726323dbde5df845ae40d7b5e4a4"}}}}}}}, 0x0)

6.699321754s ago: executing program 2 (id=913):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)={0x40, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @action={{{}, {}, @broadcast}, @ext_ch_sw={0x4, 0x4, {{}, @void}}}}]}, 0x40}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r5=>0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_NR_MMU_PAGES(r7, 0xae44, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
syz_genetlink_get_family_id$batadv(&(0x7f0000000940), r4)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)={0x4c, r9, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_FRAME={0x2e, 0x33, @action={{{}, {}, @device_b}, @channel_switch={0x0, 0x4, {{0x25, 0xfffffffffffffe95}, @val={0x3e, 0x1}, @val={0x76, 0x6}}}}}]}, 0x4c}}, 0x0)
sendmsg$NL80211_CMD_GET_MPP(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, r9, 0x301, 0x0, 0x0, {{0x11}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x24, r2, 0x800, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x6a}, @val={0x8, 0x3, r5}, @void}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4090}, 0x4000000)
getsockopt$sock_buf(r0, 0x1, 0x0, &(0x7f0000000140)=""/125, &(0x7f00000001c0)=0x7d)
r11 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r11, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r11, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r11, 0x0)
r12 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x11900}, &(0x7f0000000000)=<r13=>0x0, &(0x7f0000000040)=<r14=>0x0)
syz_io_uring_submit(r13, r14, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r12, 0x2def, 0x0, 0x0, 0x0, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x1000}, 0x4)
r15 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r15, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=@acquire={0x130, 0x17, 0x1, 0x0, 0x0, {{@in6=@private0}, @in6=@remote, {@in=@remote, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {{@in6=@private2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee00}}}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0x130}}, 0x0)

0s ago: executing program 0 (id=912):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xe, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000006b8a00fe00000000c7080000010000007b8af0ff00000000bda100000000000007000000f8ffffffbfa400000000000007040000f0ffffffb7020000080000fa18230000", @ANYRES32=<r2=>r1, @ANYBLOB="0000000000000000b704000008000000850000001a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000079b7040000000000008500000003000000850000000f00000095"], &(0x7f0000000b00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x10300, 0xd0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1}, 0x48)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r8 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r8, 0x81044804, &(0x7f0000000400)={0x1})
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000001040)={0xfffffffffffffeb3, 0x0, &(0x7f00000010c0)={0x0, 0x3, 0x4, @string={0x0, 0x3, "ccda42effe3d28211e0cfdc696757f4ccf5965d63b11b781a318f96cdba59e8943826868c86bc65f6476cf2efcab9efd454fc89fecd837c6cae9b1a4138375223b81769c367cbec2a3f8cfcf27c68e5f6d07f65297631df324f90a03e870e220f0eda45114b5e43eae3e9cf06fb06effbbc25e7be61acb8616966f617a5779f8400e0c3f8772b933fadd0d0fdc5e5e7cff5df5bfcc9ac07a1c811cc8be413757ccc4c3b53cbb89490d4d6e5f11708e0b10784428ebd91f010e66d47766e4cd06918b7fb2"}}, 0x0, 0x0, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

060362][  T987] hsr_slave_1: left promiscuous mode
[  221.090594][  T987] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  221.098205][  T987] batman_adv: batadv0: Removing interface: batadv_slave_0
[  221.115178][ T5130] usb 1-1: USB disconnect, device number 17
[  221.136413][  T987] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  221.156310][  T987] batman_adv: batadv0: Removing interface: batadv_slave_1
[  221.200088][ T5130] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  221.285187][ T5130] sierra ttyUSB1: Sierra USB modem converter now disconnected from ttyUSB1
[  221.314093][  T987] veth1_macvtap: left promiscuous mode
[  221.319672][  T987] veth0_macvtap: left promiscuous mode
[  221.335518][  T987] veth0_vlan: left promiscuous mode
[  221.359564][ T5130] sierra 1-1:0.0: device disconnected
[  221.526411][ T7532] netlink: 8 bytes leftover after parsing attributes in process `syz.2.638'.
[  221.565973][   T29] audit: type=1326 audit(1720350884.255:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7533 comm="syz.4.640" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6554f75bd9 code=0x0
[  222.414650][  T987] team0 (unregistering): Port device team_slave_1 removed
[  222.547410][  T987] team0 (unregistering): Port device team_slave_0 removed
[  222.571907][ T7545] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.643'.
[  222.598336][ T7545] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  222.622421][ T7545] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  222.906153][   T53] Bluetooth: hci3: command tx timeout
[  223.506261][ T7457] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.513428][ T7457] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.557809][ T7457] bridge_slave_0: entered allmulticast mode
[  223.565911][ T7457] bridge_slave_0: entered promiscuous mode
[  223.577449][ T7557] netlink: 4 bytes leftover after parsing attributes in process `syz.4.645'.
[  223.602335][ T7560] netlink: 12 bytes leftover after parsing attributes in process `syz.3.646'.
[  223.732389][ T7457] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.874911][ T7457] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.922774][ T7457] bridge_slave_1: entered allmulticast mode
[  223.965630][ T7457] bridge_slave_1: entered promiscuous mode
[  223.990985][ T7575] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.648'.
[  224.044357][ T7575] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  224.533846][ T7575] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  224.955826][ T7457] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  225.002585][ T7595] loop7: detected capacity change from 0 to 49152
[  225.013157][   T53] Bluetooth: hci3: command tx timeout
[  225.402810][ T7457] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  225.487011][ T7599] loop7: detected capacity change from 49152 to 49088
[  225.752557][ T7457] team0: Port device team_slave_0 added
[  225.823531][ T7457] team0: Port device team_slave_1 added
[  225.851762][   T29] audit: type=1326 audit(1720350888.535:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7607 comm="syz.0.654" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe04cd75bd9 code=0x0
[  225.936257][ T7457] batman_adv: batadv0: Adding interface: batadv_slave_0
[  225.946402][ T7457] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  225.976846][ T7457] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  225.993910][ T7457] batman_adv: batadv0: Adding interface: batadv_slave_1
[  226.003479][ T7457] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  226.040773][ T7457] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  226.074096][ T5130] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  226.104167][ T5104] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  226.179585][ T7457] hsr_slave_0: entered promiscuous mode
[  226.198844][ T7457] hsr_slave_1: entered promiscuous mode
[  226.223272][ T7457] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  226.241271][ T7457] Cannot create hsr debugfs directory
[  226.269677][ T5130] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  226.282841][ T5130] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  226.295537][ T5134] usb 5-1: new low-speed USB device number 13 using dummy_hcd
[  226.304245][ T5104] usb 3-1: Using ep0 maxpacket: 16
[  226.310220][ T5130] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  226.320641][ T5130] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.337403][ T5104] usb 3-1: config 0 descriptor has 1 excess byte, ignoring
[  226.339194][ T5130] usb 4-1: config 0 descriptor??
[  226.355731][ T5104] usb 3-1: config 0 interface 0 altsetting 8 has 6 endpoint descriptors, different from the interface descriptor's value: 12
[  226.370153][ T7603] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  226.397102][ T5104] usb 3-1: config 0 interface 0 has no altsetting 0
[  226.428524][ T5104] usb 3-1: New USB device found, idVendor=1199, idProduct=0027, bcdDevice=1e.57
[  226.439608][ T5104] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.447825][ T5104] usb 3-1: Product: syz
[  226.452586][ T5104] usb 3-1: Manufacturer: syz
[  226.458087][ T5104] usb 3-1: SerialNumber: syz
[  226.469623][ T5104] usb 3-1: config 0 descriptor??
[  226.480643][ T5104] sierra 3-1:0.0: Sierra USB modem converter detected
[  226.510194][ T5134] usb 5-1: string descriptor 0 read error: -22
[  226.525134][ T5134] usb 5-1: New USB device found, idVendor=1415, idProduct=0003, bcdDevice=65.5d
[  226.535227][ T5134] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.559356][ T5134] usb 5-1: config 0 descriptor??
[  226.935922][ T7603] autofs: Unknown parameter '�'
[  227.702807][ T5130] usbhid 4-1:0.0: can't add hid device: -71
[  227.832726][ T5130] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  227.845118][ T5134] dvb-usb: found a 'Sony PlayTV' in cold state, will try to load a firmware
[  227.873637][ T7457] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  227.884883][ T5130] usb 4-1: USB disconnect, device number 28
[  227.895630][ T5104] usb 3-1: Sierra USB modem converter now attached to ttyUSB0
[  227.897399][ T5134] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  227.924343][ T5104] usb 3-1: Sierra USB modem converter now attached to ttyUSB1
[  227.929674][ T5134] dib0700: firmware download failed at 7 with -22
[  227.967665][ T7457] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  227.976795][ T5134] usb 5-1: USB disconnect, device number 13
[  228.002193][ T5104] usb 3-1: USB disconnect, device number 19
[  228.165604][ T5104] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  228.186851][ T7457] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  228.312387][ T7655] netlink: 12 bytes leftover after parsing attributes in process `syz.0.657'.
[  228.527741][ T5104] sierra ttyUSB1: Sierra USB modem converter now disconnected from ttyUSB1
[  228.701663][ T5104] sierra 3-1:0.0: device disconnected
[  229.076412][ T7457] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  229.198703][ T7658] loop7: detected capacity change from 0 to 49152
[  229.365503][ T7662] loop7: detected capacity change from 49152 to 49088
[  229.449465][ T7457] 8021q: adding VLAN 0 to HW filter on device bond0
[  229.592629][ T7457] 8021q: adding VLAN 0 to HW filter on device team0
[  229.618704][ T5135] bridge0: port 1(bridge_slave_0) entered blocking state
[  229.625939][ T5135] bridge0: port 1(bridge_slave_0) entered forwarding state
[  229.662973][ T5104] bridge0: port 2(bridge_slave_1) entered blocking state
[  229.670162][ T5104] bridge0: port 2(bridge_slave_1) entered forwarding state
[  229.690150][ T7664] netlink: 4 bytes leftover after parsing attributes in process `syz.2.663'.
[  230.057530][ T4394] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  230.393922][ T7689] FAULT_INJECTION: forcing a failure.
[  230.393922][ T7689] name failslab, interval 1, probability 0, space 0, times 0
[  230.438566][ T7669] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.664'.
[  230.473225][ T7689] CPU: 0 PID: 7689 Comm: syz.2.668 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  230.483252][ T7689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  230.493324][ T7689] Call Trace:
[  230.496613][ T7689]  <TASK>
[  230.499551][ T7689]  dump_stack_lvl+0x241/0x360
[  230.504251][ T7689]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.509472][ T7689]  ? __pfx__printk+0x10/0x10
[  230.514094][ T7689]  ? netlink_insert+0x10b7/0x14b0
[  230.519133][ T7689]  should_fail_ex+0x3b0/0x4e0
[  230.523832][ T7689]  ? __alloc_skb+0x1c3/0x440
[  230.528450][ T7689]  should_failslab+0x9/0x20
[  230.532989][ T7689]  kmem_cache_alloc_node_noprof+0x71/0x320
[  230.538623][ T7669] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  230.538806][ T7689]  __alloc_skb+0x1c3/0x440
[  230.549754][ T7669] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  230.551427][ T7689]  ? __pfx___alloc_skb+0x10/0x10
[  230.565111][ T7689]  ? netlink_autobind+0xd6/0x2f0
[  230.570090][ T7689]  ? netlink_autobind+0x2b0/0x2f0
[  230.575159][ T7689]  netlink_sendmsg+0x631/0xcb0
[  230.579977][ T7689]  ? __pfx_netlink_sendmsg+0x10/0x10
[  230.585300][ T7689]  ? __import_iovec+0x536/0x820
[  230.590175][ T7689]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  230.595572][ T7689]  ? security_socket_sendmsg+0x87/0xb0
[  230.601056][ T7689]  ? __pfx_netlink_sendmsg+0x10/0x10
[  230.606361][ T7689]  __sock_sendmsg+0x221/0x270
[  230.611058][ T7689]  ____sys_sendmsg+0x525/0x7d0
[  230.615846][ T7689]  ? __pfx_____sys_sendmsg+0x10/0x10
[  230.621164][ T7689]  __sys_sendmsg+0x2b0/0x3a0
[  230.625778][ T7689]  ? __pfx___sys_sendmsg+0x10/0x10
[  230.630910][ T7689]  ? vfs_write+0x7c4/0xc90
[  230.635386][ T7689]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  230.641731][ T7689]  ? do_syscall_64+0x100/0x230
[  230.646525][ T7689]  ? do_syscall_64+0xb6/0x230
[  230.651232][ T7689]  do_syscall_64+0xf3/0x230
[  230.655754][ T7689]  ? clear_bhb_loop+0x35/0x90
[  230.660459][ T7689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.666373][ T7689] RIP: 0033:0x7fcbd5975bd9
[  230.670798][ T7689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.690422][ T7689] RSP: 002b:00007fcbd53ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  230.698862][ T7689] RAX: ffffffffffffffda RBX: 00007fcbd5b04038 RCX: 00007fcbd5975bd9
[  230.706851][ T7689] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[  230.714838][ T7689] RBP: 00007fcbd53ff0a0 R08: 0000000000000000 R09: 0000000000000000
[  230.722823][ T7689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.727296][ T5080] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  230.730786][ T7689] R13: 000000000000006e R14: 00007fcbd5b04038 R15: 00007fff31abccb8
[  230.730821][ T7689]  </TASK>
[  230.770186][ T5080] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  230.780630][ T5080] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  230.791323][ T5080] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  230.799222][ T5080] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  230.807545][ T5080] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  230.930886][ T4394] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.179346][ T4394] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.284321][ T7457] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.600036][ T4394] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.704516][ T7715] netlink: 12 bytes leftover after parsing attributes in process `syz.4.670'.
[  231.924182][   T45] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  232.147687][   T45] usb 1-1: Using ep0 maxpacket: 16
[  232.172787][   T45] usb 1-1: config 0 descriptor has 1 excess byte, ignoring
[  232.365222][   T45] usb 1-1: config 0 interface 0 altsetting 8 has 6 endpoint descriptors, different from the interface descriptor's value: 12
[  232.424384][   T45] usb 1-1: config 0 interface 0 has no altsetting 0
[  232.503229][   T45] usb 1-1: New USB device found, idVendor=1199, idProduct=0027, bcdDevice=1e.57
[  232.534139][   T45] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.581452][   T45] usb 1-1: Product: syz
[  232.623808][   T45] usb 1-1: Manufacturer: syz
[  232.666558][   T45] usb 1-1: SerialNumber: syz
[  232.691918][   T45] usb 1-1: config 0 descriptor??
[  232.717363][   T45] sierra 1-1:0.0: Sierra USB modem converter detected
[  232.904162][ T5080] Bluetooth: hci2: command tx timeout
[  233.028954][ T7457] veth0_vlan: entered promiscuous mode
[  233.041762][ T7721] netlink: 'syz.4.672': attribute type 29 has an invalid length.
[  233.060048][ T7703] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.669'.
[  233.073462][ T7457] veth1_vlan: entered promiscuous mode
[  233.092348][ T7703] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  233.101647][ T7703] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  233.167722][ T4394] bridge_slave_1: left allmulticast mode
[  233.183208][ T4394] bridge_slave_1: left promiscuous mode
[  233.227079][ T4394] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.326461][ T4394] bridge_slave_0: left allmulticast mode
[  233.347501][ T4394] bridge_slave_0: left promiscuous mode
[  233.364886][ T4394] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.937261][ T4394] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  233.950386][ T4394] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  233.962906][ T4394] bond0 (unregistering): Released all slaves
[  233.980668][ T7721] netlink: 'syz.4.672': attribute type 29 has an invalid length.
[  233.996415][ T7691] chnl_net:caif_netlink_parms(): no params data found
[  234.296855][   T45] usb 1-1: Sierra USB modem converter now attached to ttyUSB0
[  234.333674][   T45] usb 1-1: Sierra USB modem converter now attached to ttyUSB1
[  234.387609][   T45] usb 1-1: USB disconnect, device number 18
[  234.424346][   T45] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  234.448788][   T45] sierra ttyUSB1: Sierra USB modem converter now disconnected from ttyUSB1
[  234.449385][   T45] sierra 1-1:0.0: device disconnected
[  234.505885][ T7457] veth0_macvtap: entered promiscuous mode
[  234.514152][  T784] usb 5-1: new low-speed USB device number 14 using dummy_hcd
[  234.612537][ T7750] tty tty25: ldisc open failed (-12), clearing slot 24
[  234.648708][ T7457] veth1_macvtap: entered promiscuous mode
[  234.720550][  T784] usb 5-1: string descriptor 0 read error: -22
[  234.727645][  T784] usb 5-1: New USB device found, idVendor=1415, idProduct=0003, bcdDevice=65.5d
[  234.774084][  T784] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.812773][ T7691] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.814574][  T784] usb 5-1: config 0 descriptor??
[  234.823766][ T7691] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.848987][ T7691] bridge_slave_0: entered allmulticast mode
[  234.865719][ T7691] bridge_slave_0: entered promiscuous mode
[  234.895101][ T7691] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.919234][ T7691] bridge0: port 2(bridge_slave_1) entered disabled state
[  234.943182][ T7691] bridge_slave_1: entered allmulticast mode
[  234.960681][ T7691] bridge_slave_1: entered promiscuous mode
[  234.990077][ T5080] Bluetooth: hci2: command tx timeout
[  235.014214][ T4394] hsr_slave_0: left promiscuous mode
[  235.033795][ T4394] hsr_slave_1: left promiscuous mode
[  235.046488][ T4394] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.062255][ T4394] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.277664][ T4394] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.438081][ T4394] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.850217][ T4394] veth1_macvtap: left promiscuous mode
[  235.858564][ T4394] veth0_macvtap: left promiscuous mode
[  235.866027][ T4394] veth0_vlan: left promiscuous mode
[  235.914739][ T7782] loop7: detected capacity change from 0 to 49152
[  236.012043][ T7784] loop7: detected capacity change from 49152 to 49088
[  236.970560][ T7794] FAULT_INJECTION: forcing a failure.
[  236.970560][ T7794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.990463][ T7794] CPU: 1 PID: 7794 Comm: syz.2.679 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  237.000486][ T7794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  237.010556][ T7794] Call Trace:
[  237.013844][ T7794]  <TASK>
[  237.016770][ T7794]  dump_stack_lvl+0x241/0x360
[  237.021450][ T7794]  ? __pfx_dump_stack_lvl+0x10/0x10
[  237.026644][ T7794]  ? __pfx__printk+0x10/0x10
[  237.031238][ T7794]  ? __pfx_lock_release+0x10/0x10
[  237.036260][ T7794]  should_fail_ex+0x3b0/0x4e0
[  237.040948][ T7794]  _copy_from_iter+0x1f6/0x1960
[  237.045812][ T7794]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  237.051265][ T7794]  ? dev_get_by_index+0x23/0x2d0
[  237.056203][ T7794]  ? __pfx__copy_from_iter+0x10/0x10
[  237.061491][ T7794]  ? dev_get_by_index+0x23/0x2d0
[  237.066431][ T7794]  packet_sendmsg+0x3622/0x6150
[  237.071287][ T7794]  ? mark_lock+0x9a/0x350
[  237.075619][ T7794]  ? __lock_acquire+0x1346/0x1fd0
[  237.080645][ T7794]  ? smack_socket_sendmsg+0x1b5/0x540
[  237.086016][ T7794]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  237.091728][ T7794]  ? tomoyo_socket_sendmsg_permission+0x288/0x420
[  237.098149][ T7794]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  237.104905][ T7794]  ? __pfx_packet_sendmsg+0x10/0x10
[  237.110106][ T7794]  ? __fget_files+0x29/0x470
[  237.114698][ T7794]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  237.119970][ T7794]  ? security_socket_sendmsg+0x87/0xb0
[  237.125429][ T7794]  ? __pfx_packet_sendmsg+0x10/0x10
[  237.130623][ T7794]  __sock_sendmsg+0x221/0x270
[  237.135293][ T7794]  __sys_sendto+0x3a4/0x4f0
[  237.139792][ T7794]  ? __pfx___sys_sendto+0x10/0x10
[  237.144853][ T7794]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  237.150830][ T7794]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  237.157151][ T7794]  __x64_sys_sendto+0xde/0x100
[  237.161911][ T7794]  do_syscall_64+0xf3/0x230
[  237.166415][ T7794]  ? clear_bhb_loop+0x35/0x90
[  237.171089][ T7794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.176978][ T7794] RIP: 0033:0x7fcbd5975bd9
[  237.181384][ T7794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  237.201070][ T7794] RSP: 002b:00007fcbd6671048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  237.209477][ T7794] RAX: ffffffffffffffda RBX: 00007fcbd5b03f60 RCX: 00007fcbd5975bd9
[  237.217438][ T7794] RDX: 000000000000e90c RSI: 00000000200000c0 RDI: 0000000000000003
[  237.225398][ T7794] RBP: 00007fcbd66710a0 R08: 0000000020000540 R09: 0000000000000014
[  237.233361][ T7794] R10: 000000000000a0c4 R11: 0000000000000246 R12: 0000000000000001
[  237.241318][ T7794] R13: 000000000000000b R14: 00007fcbd5b03f60 R15: 00007fff31abccb8
[  237.249297][ T7794]  </TASK>
[  237.264590][ T5080] Bluetooth: hci2: command tx timeout
[  237.320495][ T4394] team0 (unregistering): Port device team_slave_1 removed
[  237.414628][ T4394] team0 (unregistering): Port device team_slave_0 removed
[  238.581889][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.598345][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.619052][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.639989][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.650732][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.666447][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.680533][ T7457] batman_adv: batadv0: Interface activated: batadv_slave_0
[  238.709488][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.732505][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.743510][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.755997][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.766061][ T7457] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.776873][ T7457] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.802480][ T7457] batman_adv: batadv0: Interface activated: batadv_slave_1
[  238.899880][  T784] dvb-usb: found a 'Sony PlayTV' in cold state, will try to load a firmware
[  238.932418][ T7457] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  238.967658][  T784] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  238.974043][ T7457] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  239.001939][  T784] dib0700: firmware download failed at 7 with -22
[  239.009585][ T7457] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  239.032048][ T7457] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  239.048998][  T784] usb 5-1: USB disconnect, device number 14
[  239.101251][ T7691] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  239.168644][ T7691] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  239.306220][ T5080] Bluetooth: hci2: command tx timeout
[  239.378567][ T7691] team0: Port device team_slave_0 added
[  239.422337][ T7808] netlink: 4 bytes leftover after parsing attributes in process `syz.4.683'.
[  239.501022][ T7808] macvtap1: entered promiscuous mode
[  239.544410][ T7808] bridge0: entered promiscuous mode
[  239.564481][ T7808] macvtap1: entered allmulticast mode
[  239.583737][ T7808] bridge0: entered allmulticast mode
[  239.633278][ T7812] netlink: 4 bytes leftover after parsing attributes in process `syz.4.683'.
[  239.801291][ T7812] bridge0: left allmulticast mode
[  239.810590][ T7812] bridge0: left promiscuous mode
[  239.861476][   T29] audit: type=1326 audit(1720350902.555:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7824 comm="syz.2.687" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbd5975bd9 code=0x0
[  239.899818][ T7812] macvtap1: left promiscuous mode
[  239.905841][ T7812] macvtap1: left allmulticast mode
[  240.276299][ T7691] team0: Port device team_slave_1 added
[  240.626814][ T7691] batman_adv: batadv0: Adding interface: batadv_slave_0
[  240.661810][ T7691] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.731746][ T7691] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  240.789486][ T7691] batman_adv: batadv0: Adding interface: batadv_slave_1
[  240.838564][ T7691] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.876010][ T7853] netlink: 24 bytes leftover after parsing attributes in process `syz.4.690'.
[  240.926885][ T7691] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  241.038483][ T7691] hsr_slave_0: entered promiscuous mode
[  241.050249][ T7691] hsr_slave_1: entered promiscuous mode
[  241.056871][ T7691] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  241.068913][ T7691] Cannot create hsr debugfs directory
[  241.144221][ T5132] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  241.154753][   T45] usb 3-1: new low-speed USB device number 20 using dummy_hcd
[  241.211544][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.232885][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.353233][ T5132] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  241.371418][   T45] usb 3-1: string descriptor 0 read error: -22
[  241.390000][ T5132] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  241.404280][   T45] usb 3-1: New USB device found, idVendor=1415, idProduct=0003, bcdDevice=65.5d
[  241.432036][ T5132] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  241.450054][   T45] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.451063][ T4394] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  241.477767][ T5132] usb 1-1: SerialNumber: syz
[  241.490094][   T45] usb 3-1: config 0 descriptor??
[  241.499608][ T5132] usb 1-1: bad CDC descriptors
[  241.514183][ T4394] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.705492][ T5132] usb 1-1: USB disconnect, device number 19
[  241.763708][   T29] audit: type=1326 audit(1720350904.455:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7865 comm="syz.1.618" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5ced75bd9 code=0x0
[  242.052301][   T45] dvb-usb: found a 'Sony PlayTV' in cold state, will try to load a firmware
[  242.089882][   T45] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  242.098127][   T45] dib0700: firmware download failed at 7 with -22
[  242.119359][   T45] usb 3-1: USB disconnect, device number 20
[  242.163594][ T7691] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  242.188543][ T7691] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  242.200686][ T7691] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  242.210694][ T7691] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  242.476695][ T7691] 8021q: adding VLAN 0 to HW filter on device bond0
[  242.613388][ T7691] 8021q: adding VLAN 0 to HW filter on device team0
[  242.673884][ T5135] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.681084][ T5135] bridge0: port 1(bridge_slave_0) entered forwarding state
[  242.734227][   T45] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  242.741678][ T5130] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.748975][ T5130] bridge0: port 2(bridge_slave_1) entered forwarding state
[  242.972182][   T45] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  243.013474][   T45] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.023916][ T7691] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  243.062857][   T45] usb 5-1: config 0 descriptor??
[  243.069293][ T7691] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  243.262617][   T45] cp210x 5-1:0.0: cp210x converter detected
[  244.368064][   T45] usb 5-1: cp210x converter now attached to ttyUSB0
[  244.486767][   T29] audit: type=1326 audit(1720350907.134:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7914 comm="syz.2.701" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbd5975bd9 code=0x0
[  244.744696][ T7691] 8021q: adding VLAN 0 to HW filter on device batadv0
[  245.005519][ T7691] veth0_vlan: entered promiscuous mode
[  245.056664][ T7691] veth1_vlan: entered promiscuous mode
[  245.299978][ T7691] veth0_macvtap: entered promiscuous mode
[  245.347658][ T7691] veth1_macvtap: entered promiscuous mode
[  245.417475][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.431543][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.449956][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.486550][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.531560][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.548156][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.599915][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.640241][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.658758][ T7691] batman_adv: batadv0: Interface activated: batadv_slave_0
[  245.675775][ T7943] block nbd2: NBD_DISCONNECT
[  245.684543][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.688583][ T7943] block nbd2: Send disconnect failed -107
[  245.702231][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.704420][ T7943] block nbd2: Disconnected due to user request.
[  245.714375][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.726091][ T7943] block nbd2: shutting down sockets
[  245.738367][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.751860][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.768141][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.779630][ T7691] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.803821][ T5129] usb 5-1: USB disconnect, device number 15
[  245.815840][   T45] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  245.831520][ T7691] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.845929][ T7691] batman_adv: batadv0: Interface activated: batadv_slave_1
[  245.858121][ T7691] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  245.873942][ T7691] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  245.894860][ T5129] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  245.906626][ T5132] usb 2-1: new low-speed USB device number 11 using dummy_hcd
[  245.924715][ T7691] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  245.952677][ T7691] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  245.962037][ T5129] cp210x 5-1:0.0: device disconnected
[  246.030644][   T45] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  246.046222][   T45] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.058603][   T45] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.078889][ T7955] netlink: 8 bytes leftover after parsing attributes in process `syz.4.708'.
[  246.087791][   T45] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  246.114309][   T45] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  246.167555][ T2897] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  246.191032][ T2897] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  246.271616][ T7956] netlink: 4 bytes leftover after parsing attributes in process `syz.4.708'.
[  246.329988][    C1] vxcan0: j1939_xtp_rx_dat: no tx connection found
[  246.336539][    C1] vxcan0: j1939_xtp_rx_dat: no rx connection found
[  246.343218][    C1] vxcan0: j1939_xtp_rx_dat: no tx connection found
[  246.349740][    C1] vxcan0: j1939_xtp_rx_dat: no rx connection found
[  246.356411][    C1] vxcan0: j1939_xtp_rx_dat: no tx connection found
[  246.362962][    C1] vxcan0: j1939_xtp_rx_dat: no rx connection found
[  246.369583][    C1] vxcan0: j1939_xtp_rx_dat: no tx connection found
[  246.376152][    C1] vxcan0: j1939_xtp_rx_dat: no rx connection found
[  246.382816][    C1] vxcan0: j1939_xtp_rx_dat: no tx connection found
[  246.389339][    C1] vxcan0: j1939_xtp_rx_dat: no rx connection found
[  246.396003][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.403950][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.412010][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.420098][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.428255][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.436203][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.444261][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.452192][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.460165][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.468101][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.476179][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.484153][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.492226][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.500139][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.508199][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.516139][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.524181][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.532434][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.540465][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.548425][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.556509][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.564480][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.572554][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.580474][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.588544][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.596514][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.604682][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.612626][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.620654][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.628634][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.636711][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.644670][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.654549][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.662529][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.670496][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.678426][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.686429][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.694380][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.702363][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.710287][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.718284][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.726205][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.734254][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.742148][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.750208][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.758147][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.766203][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.774144][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.782147][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.790098][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.798121][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.806045][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.814092][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.821992][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.830008][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.837925][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.845941][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.853890][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.862290][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.870212][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.878336][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.886352][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.894429][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.902333][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.910402][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.918349][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.926405][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.934342][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.942355][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.950286][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.958270][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.966205][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.974161][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.982078][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  246.990061][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  246.997979][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.006081][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.013979][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.021992][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.029912][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.037944][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.045888][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.053927][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.061868][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.069900][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.077818][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.085856][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.093751][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.101774][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.109717][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.117767][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.125681][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.133691][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.141615][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.149664][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.157602][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.167852][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.175783][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.183853][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.191812][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.199877][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.207823][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.215880][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.225108][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.225242][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.241000][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.249068][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.257013][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.265096][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.273025][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.281107][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.289047][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.297153][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.305070][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.313154][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.321099][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.329198][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.337108][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.345187][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.353144][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.361215][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.369160][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.377269][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.385231][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.393298][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.401343][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.409408][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.417315][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.425391][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.433334][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.441410][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.449457][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.457663][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.465636][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.473708][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.481858][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.489921][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.497839][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.505917][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.513962][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.522043][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.530012][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.538067][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.546041][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.554176][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.562170][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.570251][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.578176][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.586285][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.594249][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.602356][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.602381][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.602490][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.626541][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.634646][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.642604][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.650674][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.658593][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.666659][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.674607][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.683999][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.691982][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.699960][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.707880][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.715891][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.723820][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.731863][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.739761][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.747786][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.755803][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.763848][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.771799][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.779779][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.787728][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.795789][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.803764][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.811819][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.819732][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.827804][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.835727][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.843764][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.851722][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.859698][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.867624][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.875615][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.883554][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.891581][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.899481][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.907498][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.915418][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.923498][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.931406][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.939442][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.947358][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.955378][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.963327][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.971286][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.979204][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  247.987185][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  247.995121][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.003251][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.011147][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.019154][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.027098][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.035109][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.043046][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.051013][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.058951][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.066995][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.074950][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.082983][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.090879][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.098922][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.106860][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.114885][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.122785][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.130802][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.138726][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.146780][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.154697][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.162643][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.170563][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.178597][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.186540][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.195254][   T53] Bluetooth: hci4: command 0x0405 tx timeout
[  248.196304][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.209287][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.217342][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.225312][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.233280][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.241283][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.249291][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.257205][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.265263][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.273183][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.281192][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.289149][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.297218][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.305172][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.313189][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.321124][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.329180][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.337120][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.345169][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.353068][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.361083][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.369013][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.377061][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.384962][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.392991][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.400924][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.409022][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.416947][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.424897][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.432819][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.440855][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.448808][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.456830][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.464742][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.472890][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.480827][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.488837][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.496772][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.504739][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.512663][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.520646][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.528577][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.536705][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.544646][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.552735][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.561009][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.569060][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.577092][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.585120][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.593079][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.601129][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.609086][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.617123][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.625036][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.633102][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.641051][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.649089][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.657009][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.665067][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.673019][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.681088][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.689123][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.697150][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.705113][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.714705][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.722712][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.730774][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.738743][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.746789][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.754739][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.762827][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.770772][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.778839][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.786756][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.794812][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.802764][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.810820][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.818769][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.826733][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.834674][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.842686][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.850636][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.858677][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.866581][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.874632][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.882650][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.890708][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.898617][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.906672][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.914623][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.922671][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.930633][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.938645][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.946615][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.954667][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.962624][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.970692][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.978591][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  248.986618][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  248.994577][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.002626][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  249.010567][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.018529][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  249.026457][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.034437][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  249.042382][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.050436][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  249.058335][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.066384][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  249.074322][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.082409][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  249.090345][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.098349][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  249.106283][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.114280][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  249.122217][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.130171][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  249.138086][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.146060][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  249.153990][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.162022][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  249.170003][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.178056][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  249.186004][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.194004][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  249.201979][    C1] vxcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  249.218529][ T5132] usb 2-1: string descriptor 0 read error: -71
[  249.225123][ T5132] usb 2-1: New USB device found, idVendor=1415, idProduct=0003, bcdDevice=65.5d
[  249.234389][ T5132] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.243380][   T45] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  249.253018][   T45] usb 1-1: Manufacturer: syz
[  249.263857][ T5132] usb 2-1: config 0 descriptor??
[  249.271061][   T45] usb 1-1: config 0 descriptor??
[  249.277545][ T5132] usb 2-1: can't set config #0, error -71
[  249.283842][   T45] usb 1-1: can't set config #0, error -71
[  249.291287][ T5132] usb 2-1: USB disconnect, device number 11
[  249.299171][   T45] usb 1-1: USB disconnect, device number 20
[  249.399941][ T5284] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.443325][ T5284] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.523402][   T29] audit: type=1326 audit(1720350912.176:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7971 comm="syz.0.712" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe04cd75bd9 code=0x0
[  250.108225][ T7985] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.716'.
[  250.119906][ T7985] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  250.128556][ T7985] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  250.735246][ T8010] netlink: 8 bytes leftover after parsing attributes in process `syz.1.723'.
[  250.853550][ T8017] 9pnet_fd: Insufficient options for proto=fd
[  252.484555][ T5130] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  252.685960][ T5130] usb 5-1: Using ep0 maxpacket: 16
[  252.700013][ T5130] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  252.716174][ T5130] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  252.724185][ T5130] usb 5-1: Product: syz
[  252.739480][ T5130] usb 5-1: Manufacturer: syz
[  252.759086][ T5130] r8152-cfgselector 5-1: Unknown version 0x0000
[  252.765357][ T5130] r8152-cfgselector 5-1: config 0 descriptor??
[  252.981802][ T5130] r8152-cfgselector 5-1: Needed 1 retries to read version
[  252.989385][ T5130] r8152-cfgselector 5-1: Unknown version 0x0400
[  252.995723][ T5130] r8152-cfgselector 5-1: bad CDC descriptors
[  253.209535][   T45] r8152-cfgselector 5-1: USB disconnect, device number 16
[  253.271390][   T29] audit: type=1326 audit(1720350915.900:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8045 comm="syz.2.732" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbd5975bd9 code=0x0
[  253.385224][ T8051] netlink: 16 bytes leftover after parsing attributes in process `syz.3.734'.
[  254.115861][ T5080] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  254.123683][   T53] Bluetooth: hci5: command 0x1003 tx timeout
[  254.896656][ T8075] netlink: 'syz.4.742': attribute type 9 has an invalid length.
[  254.931307][ T8075] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.742'.
[  255.321368][ T8090] netlink: 16 bytes leftover after parsing attributes in process `syz.1.745'.
[  255.804280][ T8099] netlink: 8 bytes leftover after parsing attributes in process `syz.2.748'.
[  255.836777][ T5130] usb 2-1: new low-speed USB device number 12 using dummy_hcd
[  256.071847][ T5130] usb 2-1: string descriptor 0 read error: -22
[  256.086766][ T5130] usb 2-1: New USB device found, idVendor=1415, idProduct=0003, bcdDevice=65.5d
[  256.096522][ T8121] netlink: 16 bytes leftover after parsing attributes in process `syz.2.755'.
[  256.096943][ T8123] FAULT_INJECTION: forcing a failure.
[  256.096943][ T8123] name failslab, interval 1, probability 0, space 0, times 0
[  256.123723][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  256.130156][ T8123] CPU: 1 PID: 8123 Comm: syz.3.756 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  256.133403][ T5130] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.140138][ T8123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  256.140155][ T8123] Call Trace:
[  256.140164][ T8123]  <TASK>
[  256.140173][ T8123]  dump_stack_lvl+0x241/0x360
[  256.140206][ T8123]  ? __pfx_dump_stack_lvl+0x10/0x10
[  256.140229][ T8123]  ? __pfx__printk+0x10/0x10
[  256.140254][ T8123]  ? __pfx___might_resched+0x10/0x10
[  256.140276][ T8123]  ? __asan_memset+0x23/0x50
[  256.140302][ T8123]  should_fail_ex+0x3b0/0x4e0
[  256.140330][ T8123]  ? security_inode_alloc+0x28/0x120
[  256.140350][ T8123]  should_failslab+0x9/0x20
[  256.140370][ T8123]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  256.140396][ T8123]  security_inode_alloc+0x28/0x120
[  256.140421][ T8123]  inode_init_always+0x947/0xc70
[  256.140447][ T8123]  new_inode_pseudo+0x9e/0x1e0
[  256.140470][ T8123]  new_inode+0x22/0x1d0
[  256.140491][ T8123]  ? start_creating+0x207/0x310
[  256.140519][ T8123]  debugfs_create_dir+0xf6/0x430
[  256.140548][ T8123]  hci_register_dev+0x314/0x8b0
[  256.140585][ T8123]  hci_uart_tty_ioctl+0x821/0x9e0
[  256.140613][ T8123]  ? __pfx_hci_uart_tty_ioctl+0x10/0x10
[  256.140640][ T8123]  tty_ioctl+0x99e/0xdc0
[  256.140661][ T8123]  ? security_file_ioctl+0x87/0xb0
[  256.140679][ T8123]  ? __pfx_tty_ioctl+0x10/0x10
[  256.140703][ T8123]  __se_sys_ioctl+0xfc/0x170
[  256.140731][ T8123]  do_syscall_64+0xf3/0x230
[  256.140762][ T8123]  ? clear_bhb_loop+0x35/0x90
[  256.140790][ T8123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.140813][ T8123] RIP: 0033:0x7f7906775bd9
[  256.140831][ T8123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.140847][ T8123] RSP: 002b:00007f79074d6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  256.140868][ T8123] RAX: ffffffffffffffda RBX: 00007f7906903f60 RCX: 00007f7906775bd9
[  256.140882][ T8123] RDX: 6800000000000000 RSI: 00000000400455c8 RDI: 0000000000000005
[  256.140896][ T8123] RBP: 00007f79074d60a0 R08: 0000000000000000 R09: 0000000000000000
[  256.140909][ T8123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  256.140922][ T8123] R13: 000000000000000b R14: 00007f7906903f60 R15: 00007ffc6d200b68
[  256.140953][ T8123]  </TASK>
[  256.154332][ T8123] debugfs: out of free dentries, can not create directory 'hci5'
[  256.360637][ T5135] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  256.418808][   T53] Bluetooth: hci5: sending frame failed (-49)
[  256.421239][ T5130] usb 2-1: config 0 descriptor??
[  256.426464][ T5084] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  256.577847][ T8129] netlink: 4 bytes leftover after parsing attributes in process `syz.3.758'.
[  256.595237][ T5135] usb 1-1: Using ep0 maxpacket: 8
[  256.596708][ T8129] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  256.679010][ T5135] usb 1-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  256.715514][ T5135] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.741733][ T5135] usb 1-1: config 0 descriptor??
[  256.773376][ T5135] usb-storage 1-1:0.0: USB Mass Storage device detected
[  256.861560][ T5135] usb-storage 1-1:0.0: Quirks match for vid 04e6 pid 000b: 4
[  256.996901][ T8119] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  257.001985][   T29] audit: type=1326 audit(1720350919.605:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8130 comm="syz.4.759" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6554f75bd9 code=0x0
[  257.026253][    C1] vkms_vblank_simulate: vblank timer overrun
[  257.056380][ T8119] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  257.106131][ T8146] ufs: Invalid option: "�: " or missing value
[  257.114745][ T8146] ufs: wrong mount options
[  257.273358][ T5130] dvb-usb: found a 'Sony PlayTV' in cold state, will try to load a firmware
[  257.281787][ T8150] nfs: Unknown parameter ''
[  257.326340][ T5130] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  257.335540][ T5130] dib0700: firmware download failed at 7 with -22
[  257.416768][ T5130] usb 2-1: USB disconnect, device number 12
[  257.523083][ T5132] usb 1-1: USB disconnect, device number 21
[  257.665481][   T45] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  257.681639][ T8127] warn_alloc: 1 callbacks suppressed
[  257.681653][ T8127] syz.2.757: vmalloc error: size 536870912, failed to allocated page array size 1048576, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  257.724611][ T8127] CPU: 0 PID: 8127 Comm: syz.2.757 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  257.734651][ T8127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  257.744727][ T8127] Call Trace:
[  257.748027][ T8127]  <TASK>
[  257.751076][ T8127]  dump_stack_lvl+0x241/0x360
[  257.755800][ T8127]  ? __pfx_dump_stack_lvl+0x10/0x10
[  257.761032][ T8127]  ? __pfx__printk+0x10/0x10
[  257.765654][ T8127]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  257.772096][ T8127]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  257.778659][ T8127]  warn_alloc+0x278/0x410
[  257.783024][ T8127]  ? __pfx_warn_alloc+0x10/0x10
[  257.787909][ T8127]  ? translate_table+0x174/0x2330
[  257.792961][ T8127]  ? __get_vm_area_node+0x23d/0x270
[  257.798180][ T8127]  __vmalloc_node_range_noprof+0x69f/0x1460
[  257.804138][ T8127]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  257.810491][ T8127]  ? rcu_is_watching+0x15/0xb0
[  257.815277][ T8127]  ? trace_kmalloc+0x1f/0xd0
[  257.819882][ T8127]  ? __kmalloc_node_noprof+0x247/0x440
[  257.825365][ T8127]  ? kvmalloc_node_noprof+0x72/0x190
[  257.830682][ T8127]  kvmalloc_node_noprof+0x142/0x190
[  257.835910][ T8127]  ? translate_table+0x174/0x2330
[  257.840967][ T8127]  translate_table+0x174/0x2330
[  257.845852][ T8127]  ? __pfx_translate_table+0x10/0x10
[  257.851135][ T8127]  ? __might_fault+0xaa/0x120
[  257.855800][ T8127]  ? __pfx_lock_release+0x10/0x10
[  257.860816][ T8127]  ? __might_fault+0xaa/0x120
[  257.865480][ T8127]  ? __might_fault+0xc6/0x120
[  257.870147][ T8127]  ? _copy_from_user+0xa6/0xe0
[  257.874901][ T8127]  ? copy_from_sockptr_offset+0x6b/0xb0
[  257.880450][ T8127]  do_ip6t_set_ctl+0xe4c/0x1270
[  257.885317][ T8127]  ? __pfx___might_resched+0x10/0x10
[  257.890600][ T8127]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  257.895988][ T8127]  ? __pfx_lock_release+0x10/0x10
[  257.901050][ T8127]  ? __mutex_unlock_slowpath+0x21d/0x750
[  257.906704][ T8127]  ? mark_lock+0x9a/0x350
[  257.911039][ T8127]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  257.917037][ T8127]  nf_setsockopt+0x295/0x2c0
[  257.921636][ T8127]  rawv6_setsockopt+0x327/0x740
[  257.926482][ T8127]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  257.931862][ T8127]  ? __fget_files+0x29/0x470
[  257.936450][ T8127]  ? sock_common_setsockopt+0x37/0xc0
[  257.941816][ T8127]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  257.947702][ T8127]  do_sock_setsockopt+0x3af/0x720
[  257.952729][ T8127]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  257.958264][ T8127]  ? __fget_files+0x29/0x470
[  257.962848][ T8127]  ? __fget_files+0x3f6/0x470
[  257.967527][ T8127]  __sys_setsockopt+0x1ae/0x250
[  257.972374][ T8127]  __x64_sys_setsockopt+0xb5/0xd0
[  257.977391][ T8127]  do_syscall_64+0xf3/0x230
[  257.981899][ T8127]  ? clear_bhb_loop+0x35/0x90
[  257.986576][ T8127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.992467][ T8127] RIP: 0033:0x7fcbd5975bd9
[  257.996878][ T8127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.016481][ T8127] RSP: 002b:00007fcbd6671048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  258.024892][ T8127] RAX: ffffffffffffffda RBX: 00007fcbd5b03f60 RCX: 00007fcbd5975bd9
[  258.032859][ T8127] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000007
[  258.040822][ T8127] RBP: 00007fcbd59e4aa1 R08: 00000000000007b0 R09: 0000000000000000
[  258.048783][ T8127] R10: 0000000020000900 R11: 0000000000000246 R12: 0000000000000000
[  258.056750][ T8127] R13: 000000000000000b R14: 00007fcbd5b03f60 R15: 00007fff31abccb8
[  258.064729][ T8127]  </TASK>
[  258.069666][   T45] usb 4-1: Using ep0 maxpacket: 16
[  258.076854][ T8127] Mem-Info:
[  258.080621][ T8127] active_anon:235 inactive_anon:4992 isolated_anon:0
[  258.080621][ T8127]  active_file:4757 inactive_file:41931 isolated_file:0
[  258.080621][ T8127]  unevictable:768 dirty:310 writeback:0
[  258.080621][ T8127]  slab_reclaimable:8954 slab_unreclaimable:97813
[  258.080621][ T8127]  mapped:14459 shmem:1230 pagetables:869
[  258.080621][ T8127]  sec_pagetables:0 bounce:0
[  258.080621][ T8127]  kernel_misc_reclaimable:0
[  258.080621][ T8127]  free:1381474 free_pcp:1141 free_cma:0
[  258.080798][   T45] usb 4-1: config 0 descriptor has 1 excess byte, ignoring
[  258.125859][    C1] vkms_vblank_simulate: vblank timer overrun
[  258.160668][   T45] usb 4-1: config 0 interface 0 altsetting 8 has 6 endpoint descriptors, different from the interface descriptor's value: 12
[  258.179627][   T45] usb 4-1: config 0 interface 0 has no altsetting 0
[  258.187689][ T8127] Node 0 active_anon:940kB inactive_anon:19768kB active_file:18916kB inactive_file:167724kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:57372kB dirty:1236kB writeback:0kB shmem:3384kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10304kB pagetables:3376kB sec_pagetables:0kB all_unreclaimable? no
[  258.220300][    C1] vkms_vblank_simulate: vblank timer overrun
[  258.241296][ T8158] netlink: 8 bytes leftover after parsing attributes in process `syz.4.766'.
[  258.249341][ T8127] Node 1 active_anon:0kB inactive_anon:0kB active_file:112kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  258.249632][   T45] usb 4-1: New USB device found, idVendor=1199, idProduct=0027, bcdDevice=1e.57
[  258.296238][ T8127] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  258.298991][ T8162] netlink: 16 bytes leftover after parsing attributes in process `syz.1.767'.
[  258.323478][    C1] vkms_vblank_simulate: vblank timer overrun
[  258.330842][   T45] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.348380][ T8127] lowmem_reserve[]: 0 2571 2571 0 0
[  258.356585][ T8127] Node 0 DMA32 free:1564032kB boost:0kB min:35108kB low:43884kB high:52660kB reserved_highatomic:0KB active_anon:940kB inactive_anon:19828kB active_file:18664kB inactive_file:167672kB unevictable:1536kB writepending:1296kB present:3129332kB managed:2659872kB mlocked:0kB bounce:0kB free_pcp:1520kB local_pcp:548kB free_cma:0kB
[  258.387298][    C1] vkms_vblank_simulate: vblank timer overrun
[  258.395898][   T45] usb 4-1: Product: syz
[  258.400120][   T45] usb 4-1: Manufacturer: syz
[  258.406779][   T45] usb 4-1: SerialNumber: syz
[  258.413117][ T8127] lowmem_reserve[]: 0 0 0 0 0
[  258.418665][ T8127] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:4kB inactive_anon:44kB active_file:252kB inactive_file:52kB unevictable:0kB writepending:4kB present:1048576kB managed:360kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  258.450646][   T45] usb 4-1: config 0 descriptor??
[  258.475826][   T45] sierra 4-1:0.0: Sierra USB modem converter detected
[  258.517312][ T8127] lowmem_reserve[]: 0 0 0 0 0
[  258.522429][ T8127] Node 1 Normal free:3948196kB boost:0kB min:54788kB low:68484kB high:82180kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:112kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194304kB managed:4109120kB mlocked:0kB bounce:0kB free_pcp:1828kB local_pcp:1828kB free_cma:0kB
[  258.551829][    C1] vkms_vblank_simulate: vblank timer overrun
[  258.665629][ T8127] lowmem_reserve[]: 0 0 0 0 0
[  258.683826][ T8127] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  258.697976][ T8127] Node 0 DMA32: 2*4kB (UM) 27*8kB (UME) 43*16kB (UE) 184*32kB (UME) 252*64kB (UME) 55*128kB (UME) 18*256kB (UME) 53*512kB (UM) 55*1024kB (UME) 7*2048kB (UME) 346*4096kB (UM) = 1549584kB
[  258.733569][ T8127] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  258.757290][ T8127] Node 1 Normal: 6*4kB (UM) 10*8kB (UM) 11*16kB (UM) 6*32kB (UM) 14*64kB (UM) 1*128kB (M) 7*256kB (UM) 5*512kB (UM) 4*1024kB (M) 3*2048kB (U) 960*4096kB (M) = 3948248kB
[  258.775680][ T8127] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  258.788002][ T8127] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  258.797792][ T8127] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  258.852279][ T8127] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  258.861805][ T8127] 50768 total pagecache pages
[  258.866499][ T8127] 0 pages in swap cache
[  258.871021][ T8127] Free swap  = 124472kB
[  258.883561][ T8127] Total swap = 124996kB
[  258.894912][ T8127] 2097051 pages RAM
[  258.899916][ T8172] netlink: 4 bytes leftover after parsing attributes in process `syz.0.770'.
[  258.916103][ T8127] 0 pages HighMem/MovableOnly
[  258.927137][ T8127] 400873 pages reserved
[  258.931310][ T8127] 0 pages cma reserved
[  258.943836][ T8167] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  259.659577][ T8184] binder: 8183:8184 ioctl 4018620d 0 returned -22
[  259.799090][ T8189] netlink: 'syz.1.772': attribute type 4 has an invalid length.
[  259.822790][   T29] audit: type=1326 audit(1720350922.407:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8187 comm="syz.0.773" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe04cd75bd9 code=0x0
[  259.825231][   T45] usb 4-1: Sierra USB modem converter now attached to ttyUSB0
[  259.882382][   T45] usb 4-1: Sierra USB modem converter now attached to ttyUSB1
[  259.909773][   T45] usb 4-1: USB disconnect, device number 29
[  260.011896][   T45] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  260.052617][   T45] sierra ttyUSB1: Sierra USB modem converter now disconnected from ttyUSB1
[  260.097640][   T45] sierra 4-1:0.0: device disconnected
[  260.354418][ T8194] netlink: 44 bytes leftover after parsing attributes in process `syz.4.775'.
[  260.528246][ T8196] netlink: 'syz.4.776': attribute type 9 has an invalid length.
[  260.536112][ T8196] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.776'.
[  260.743926][ T8201] netlink: 16 bytes leftover after parsing attributes in process `syz.0.778'.
[  260.774204][ T8196] netlink: 'syz.4.776': attribute type 9 has an invalid length.
[  260.804348][ T8196] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.776'.
[  260.808648][   T45] usb 4-1: new low-speed USB device number 30 using dummy_hcd
[  261.065309][   T45] usb 4-1: string descriptor 0 read error: -22
[  261.082429][   T45] usb 4-1: New USB device found, idVendor=1415, idProduct=0003, bcdDevice=65.5d
[  261.112899][   T45] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.157421][   T45] usb 4-1: config 0 descriptor??
[  261.291614][ T5132] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  261.430624][ T5129] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  262.077738][ T5132] usb 1-1: Using ep0 maxpacket: 8
[  262.178404][ T5129] usb 2-1: Using ep0 maxpacket: 32
[  262.228571][ T5132] usb 1-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  262.287659][ T5129] usb 2-1: config index 0 descriptor too short (expected 26, got 18)
[  262.337141][ T5132] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.373569][ T5129] usb 2-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  262.396950][ T5132] usb 1-1: config 0 descriptor??
[  262.414751][ T5129] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.454646][ T5132] usb-storage 1-1:0.0: USB Mass Storage device detected
[  262.471951][ T5129] usb 2-1: config 0 descriptor??
[  262.491471][ T5132] usb-storage 1-1:0.0: Quirks match for vid 04e6 pid 000b: 4
[  262.656040][ T5129] as10x_usb: device has been detected
[  262.668368][ T8205] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.687813][ T8205] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.737068][   T45] dvb-usb: found a 'Sony PlayTV' in cold state, will try to load a firmware
[  262.747134][ T5129] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  262.802835][ T8228] nfs: Unknown parameter ''
[  262.862098][   T45] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  262.931773][   T45] dib0700: firmware download failed at 7 with -22
[  263.061220][   T45] usb 4-1: USB disconnect, device number 30
[  263.137576][ T5129] usb 2-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  263.317175][ T5129] as10x_usb: error during firmware upload part1
[  263.355860][ T5129] Registered device nBox DVB-T Dongle
[  263.754098][   T29] audit: type=1326 audit(1720350926.313:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8243 comm="syz.3.788" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7906775bd9 code=0x0
[  263.816862][ T5129] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  263.878244][   T45] usb 1-1: USB disconnect, device number 22
[  264.041608][ T5129] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  264.059080][ T5129] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0
[  264.074780][ T5129] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  264.090366][ T5129] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  264.101061][ T5129] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.148084][ T5129] usb 3-1: config 0 descriptor??
[  264.518900][ T5135] usb 2-1: USB disconnect, device number 13
[  264.607639][ T5135] Unregistered device nBox DVB-T Dongle
[  264.635417][ T5135] as10x_usb: device has been disconnected
[  264.652926][ T8248] netlink: 16 bytes leftover after parsing attributes in process `syz.1.789'.
[  264.720173][ T5129] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  264.740063][ T5129] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  264.768256][ T5129] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  264.831217][ T8254] syz.1.792 uses obsolete (PF_INET,SOCK_PACKET)
[  265.134841][ T5104] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  265.918952][ T5104] usb 4-1: Using ep0 maxpacket: 32
[  265.989075][ T5104] usb 4-1: New USB device found, idVendor=199e, idProduct=8102, bcdDevice=33.4f
[  266.064248][ T5104] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.096875][ T5104] usb 4-1: Product: syz
[  266.110475][ T5104] usb 4-1: Manufacturer: syz
[  266.145802][ T5104] usb 4-1: SerialNumber: syz
[  266.221580][ T5104] usb 4-1: config 0 descriptor??
[  266.314471][ T8254] dccp_invalid_packet: P.CsCov 11 exceeds packet length 256
[  266.563370][ T8252] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  266.599572][ T8252] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  266.783431][ T5084] Bluetooth: hci2: command tx timeout
[  266.789517][ T5104] usb 5-1: new low-speed USB device number 17 using dummy_hcd
[  267.100704][ T5104] usb 5-1: string descriptor 0 read error: -22
[  267.174380][ T5104] usb 5-1: New USB device found, idVendor=1415, idProduct=0003, bcdDevice=65.5d
[  267.330969][ T5104] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.397531][ T5104] usb 5-1: config 0 descriptor??
[  267.488133][   T45] usb 3-1: reset high-speed USB device number 21 using dummy_hcd
[  267.879501][ T8295] FAULT_INJECTION: forcing a failure.
[  267.879501][ T8295] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  267.939173][ T8295] CPU: 1 PID: 8295 Comm: syz.0.801 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  267.949201][ T8295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  267.959271][ T8295] Call Trace:
[  267.962566][ T8295]  <TASK>
[  267.965514][ T8295]  dump_stack_lvl+0x241/0x360
[  267.970218][ T8295]  ? __pfx_dump_stack_lvl+0x10/0x10
[  267.975436][ T8295]  ? __pfx__printk+0x10/0x10
[  267.980060][ T8295]  should_fail_ex+0x3b0/0x4e0
[  267.984760][ T8295]  prepare_alloc_pages+0x1da/0x5d0
[  267.989893][ T8295]  __alloc_pages_noprof+0x166/0x6c0
[  267.995113][ T8295]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  268.000862][ T8295]  ? __pfx_validate_chain+0x10/0x10
[  268.006088][ T8295]  alloc_pages_mpol_noprof+0x3e8/0x680
[  268.011575][ T8295]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  268.017573][ T8295]  vma_alloc_folio_noprof+0xf3/0x1f0
[  268.022858][ T8295]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  268.028754][ T8295]  folio_prealloc+0x31/0x170
[  268.033342][ T8295]  handle_pte_fault+0x257b/0x7090
[  268.038388][ T8295]  ? mark_lock+0x9a/0x350
[  268.042714][ T8295]  ? __pfx_handle_pte_fault+0x10/0x10
[  268.048082][ T8295]  ? __lock_acquire+0x1346/0x1fd0
[  268.053112][ T8295]  ? reacquire_held_locks+0x3eb/0x690
[  268.058481][ T8295]  ? lock_vma_under_rcu+0x2f9/0x6e0
[  268.063694][ T8295]  handle_mm_fault+0xfb0/0x19d0
[  268.068559][ T8295]  ? __pfx_handle_mm_fault+0x10/0x10
[  268.073837][ T8295]  ? lock_vma_under_rcu+0x592/0x6e0
[  268.079039][ T8295]  ? exc_page_fault+0x113/0x8c0
[  268.083893][ T8295]  exc_page_fault+0x459/0x8c0
[  268.088574][ T8295]  asm_exc_page_fault+0x26/0x30
[  268.093427][ T8295] RIP: 0033:0x7fe04cd22f8b
[  268.097835][ T8295] Code: c0 8b 87 c0 00 00 00 66 0f 6c c0 85 c0 0f 85 44 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 21 00 00 48 8d 7c 24 20 <0f> 29 44 24 40 49 89 e4 48 89 44 24 50 8b 43 74 48 89 9c 24 00 01
[  268.117439][ T8295] RSP: 002b:00007fe04dbfae20 EFLAGS: 00010246
[  268.123506][ T8295] RAX: 00007fe04dbfcf40 RBX: 00007fe04ced4620 RCX: 0000000000000000
[  268.131468][ T8295] RDX: 00007fe04dbfcf88 RSI: 00007fe04cdd47f8 RDI: 00007fe04dbfae40
[  268.139433][ T8295] RBP: 0000000000000009 R08: 0000000000000000 R09: 0000000000000000
[  268.147485][ T8295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.155446][ T8295] R13: 000000000000000b R14: 00007fe04cf03f60 R15: 00007ffdafd3e9a8
[  268.163423][ T8295]  </TASK>
[  268.166650][    C1] vkms_vblank_simulate: vblank timer overrun
[  268.210772][ T8295] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  268.411354][ T8300] netlink: 16 bytes leftover after parsing attributes in process `syz.0.802'.
[  268.428024][ T5132] usb 3-1: USB disconnect, device number 21
[  269.817844][ T5104] dvb-usb: found a 'Sony PlayTV' in cold state, will try to load a firmware
[  269.846976][  T784] usb 4-1: USB disconnect, device number 31
[  269.864332][ T5104] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  269.910463][ T5104] dib0700: firmware download failed at 7 with -22
[  269.957531][ T5104] usb 5-1: USB disconnect, device number 17
[  270.280602][ T8318] dccp_invalid_packet: P.CsCov 11 exceeds packet length 256
[  270.642537][ T8334] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  271.473569][ T8338] No such timeout policy "syz0"
[  271.778964][ T8350] FAULT_INJECTION: forcing a failure.
[  271.778964][ T8350] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.799297][ T8348] netlink: 16 bytes leftover after parsing attributes in process `syz.4.814'.
[  271.815359][ T8350] CPU: 1 PID: 8350 Comm: syz.1.813 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  271.825388][ T8350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  271.835465][ T8350] Call Trace:
[  271.838758][ T8350]  <TASK>
[  271.841706][ T8350]  dump_stack_lvl+0x241/0x360
[  271.846416][ T8350]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.851745][ T8350]  ? __pfx__printk+0x10/0x10
[  271.856370][ T8350]  ? snprintf+0xda/0x120
[  271.860638][ T8350]  should_fail_ex+0x3b0/0x4e0
[  271.865344][ T8350]  _copy_to_user+0x2f/0xb0
[  271.869783][ T8350]  simple_read_from_buffer+0xca/0x150
[  271.875188][ T8350]  proc_fail_nth_read+0x1e9/0x250
[  271.880247][ T8350]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  271.885817][ T8350]  ? rw_verify_area+0x520/0x6b0
[  271.890514][ T5135] usb 3-1: new full-speed USB device number 22 using dummy_hcd
[  271.890668][ T8350]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  271.903763][ T8350]  vfs_read+0x204/0xbc0
[  271.907947][ T8350]  ? __pfx_lock_release+0x10/0x10
[  271.913088][ T8350]  ? __pfx_vfs_read+0x10/0x10
[  271.917796][ T8350]  ? __fget_files+0x29/0x470
[  271.922413][ T8350]  ? __fget_files+0x3f6/0x470
[  271.927125][ T8350]  ksys_read+0x1a0/0x2c0
[  271.931402][ T8350]  ? __pfx_ksys_read+0x10/0x10
[  271.936201][ T8350]  ? do_syscall_64+0x100/0x230
[  271.940986][ T8350]  ? do_syscall_64+0xb6/0x230
[  271.945691][ T8350]  do_syscall_64+0xf3/0x230
[  271.950231][ T8350]  ? clear_bhb_loop+0x35/0x90
[  271.955030][ T8350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.960945][ T8350] RIP: 0033:0x7fb5ced746bc
[  271.965379][ T8350] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  271.985015][ T8350] RSP: 002b:00007fb5cfb36040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  271.993462][ T8350] RAX: ffffffffffffffda RBX: 00007fb5cef04038 RCX: 00007fb5ced746bc
[  272.001454][ T8350] RDX: 000000000000000f RSI: 00007fb5cfb360b0 RDI: 0000000000000005
[  272.009528][ T8350] RBP: 00007fb5cfb360a0 R08: 0000000000000000 R09: 0000000000000000
[  272.017518][ T8350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.025511][ T8350] R13: 000000000000006e R14: 00007fb5cef04038 R15: 00007fff28968018
[  272.033521][ T8350]  </TASK>
[  272.036648][    C1] vkms_vblank_simulate: vblank timer overrun
[  272.254887][ T5135] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  272.266744][ T5135] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  272.278540][ T5135] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  272.293301][ T5135] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  272.301673][ T5135] usb 3-1: SerialNumber: syz
[  272.337013][ T5135] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  272.367983][ T5135] usb-storage 3-1:1.0: USB Mass Storage device detected
[  272.484484][ T5135] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  272.559947][ T8339] netlink: 64 bytes leftover after parsing attributes in process `syz.2.812'.
[  272.591047][ T5135] scsi host1: usb-storage 3-1:1.0
[  272.687261][ T8368] syz.4.816[8368] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  272.687825][ T8368] syz.4.816[8368] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  272.822181][ T8368] netlink: 56 bytes leftover after parsing attributes in process `syz.4.816'.
[  273.223014][ T8367] netlink: 8 bytes leftover after parsing attributes in process `syz.1.819'.
[  273.311423][ T5130] usb 4-1: new low-speed USB device number 32 using dummy_hcd
[  273.443462][ T8373] kAFS: unable to lookup cell ''
[  273.547675][ T5130] usb 4-1: string descriptor 0 read error: -22
[  273.579188][ T5130] usb 4-1: New USB device found, idVendor=1415, idProduct=0003, bcdDevice=65.5d
[  273.606019][ T5130] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.634849][ T5130] usb 4-1: config 0 descriptor??
[  273.800308][ T5129] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  273.891767][ T5132] usb 3-1: USB disconnect, device number 22
[  274.001081][ T5129] usb 2-1: Using ep0 maxpacket: 16
[  274.034933][ T5129] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  274.061633][ T5129] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  274.073538][ T5129] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  274.084097][ T5129] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.136700][ T5129] usb 2-1: config 0 descriptor??
[  274.160356][   T29] audit: type=1326 audit(1720350936.648:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8392 comm="syz.2.825" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcbd5975bd9 code=0x0
[  274.492280][ T8397] ubi0: attaching mtd0
[  274.498071][ T8397] ubi0: scanning is finished
[  274.540970][ T8397] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  274.548562][ T8397] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  274.555941][ T8397] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  274.562903][ T8397] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  274.570621][ T8397] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  274.578245][ T8397] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  274.586280][ T8397] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3040348572
[  274.596753][ T8397] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  274.608716][ T8398] ubi0: background thread "ubi_bgt0d" started, PID 8398
[  274.679999][ T5130] dvb-usb: found a 'Sony PlayTV' in cold state, will try to load a firmware
[  274.707825][ T5130] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  274.720800][ T5130] dib0700: firmware download failed at 7 with -22
[  274.742958][ T5130] usb 4-1: USB disconnect, device number 32
[  274.893047][ T8401] netlink: 16 bytes leftover after parsing attributes in process `syz.0.826'.
[  274.922062][ T8397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  274.931240][ T8397] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.952053][ T5129] hid-generic 0003:0158:0100.0004: unknown main item tag 0x1
[  274.965215][ T5129] hid-generic 0003:0158:0100.0004: unexpected long global item
[  274.987763][ T5129] hid-generic 0003:0158:0100.0004: probe with driver hid-generic failed with error -22
[  275.146302][ T8397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.155391][ T8397] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  275.160756][ T8407] netlink: 32 bytes leftover after parsing attributes in process `syz.0.827'.
[  275.200220][ T8406] loop7: detected capacity change from 0 to 49152
[  275.241535][ T8403] syz_tun: entered promiscuous mode
[  275.252138][ T8402] syz_tun: left promiscuous mode
[  276.684264][ T8413] loop7: detected capacity change from 49152 to 49088
[  276.761382][ T5134] usb 2-1: USB disconnect, device number 14
[  276.814880][ T5130] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  277.015698][ T5130] usb 5-1: Using ep0 maxpacket: 8
[  277.023386][ T5130] usb 5-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  277.047328][ T5130] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.079035][ T8432] netlink: 9412 bytes leftover after parsing attributes in process `syz.3.832'.
[  277.079468][ T5130] usb 5-1: config 0 descriptor??
[  277.108927][ T5130] usb-storage 5-1:0.0: USB Mass Storage device detected
[  277.153116][ T5130] usb-storage 5-1:0.0: Quirks match for vid 04e6 pid 000b: 4
[  277.246814][ T5134] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  277.346607][ T8409] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.357859][ T8409] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.429368][ T5134] usb 2-1: Using ep0 maxpacket: 16
[  277.515160][ T5134] usb 2-1: config 0 descriptor has 1 excess byte, ignoring
[  277.531753][ T5134] usb 2-1: config 0 interface 0 altsetting 8 has 6 endpoint descriptors, different from the interface descriptor's value: 12
[  277.560398][ T5134] usb 2-1: config 0 interface 0 has no altsetting 0
[  277.580317][ T5134] usb 2-1: New USB device found, idVendor=1199, idProduct=0027, bcdDevice=1e.57
[  277.602645][ T5134] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.676711][ T5134] usb 2-1: Product: syz
[  277.691318][ T5134] usb 2-1: Manufacturer: syz
[  277.702513][ T8441] nfs: Unknown parameter ''
[  277.703025][ T5134] usb 2-1: SerialNumber: syz
[  277.737216][ T5134] usb 2-1: config 0 descriptor??
[  277.816758][ T5134] sierra 2-1:0.0: Sierra USB modem converter detected
[  277.887421][ T8443] netlink: 16 bytes leftover after parsing attributes in process `syz.2.837'.
[  278.075963][ T5132] usb 5-1: USB disconnect, device number 18
[  278.108902][ T8451] FAULT_INJECTION: forcing a failure.
[  278.108902][ T8451] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  278.151843][ T8451] CPU: 1 PID: 8451 Comm: syz.2.840 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  278.161875][ T8451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  278.171955][ T8451] Call Trace:
[  278.175250][ T8451]  <TASK>
[  278.178196][ T8451]  dump_stack_lvl+0x241/0x360
[  278.182904][ T8451]  ? __pfx_dump_stack_lvl+0x10/0x10
[  278.188129][ T8451]  ? __pfx__printk+0x10/0x10
[  278.192747][ T8451]  ? __pfx_lock_release+0x10/0x10
[  278.197804][ T8451]  should_fail_ex+0x3b0/0x4e0
[  278.202512][ T8451]  _copy_from_iter+0x1f6/0x1960
[  278.207387][ T8451]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  278.212868][ T8451]  ? dev_get_by_index+0x23/0x2d0
[  278.217836][ T8451]  ? __pfx__copy_from_iter+0x10/0x10
[  278.223146][ T8451]  ? dev_get_by_index+0x23/0x2d0
[  278.228106][ T8451]  packet_sendmsg+0x3622/0x6150
[  278.232998][ T8451]  ? mark_lock+0x9a/0x350
[  278.237333][ T8451]  ? __lock_acquire+0x1346/0x1fd0
[  278.242361][ T8451]  ? smack_socket_sendmsg+0x1b5/0x540
[  278.247736][ T8451]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  278.253447][ T8451]  ? tomoyo_socket_sendmsg_permission+0x288/0x420
[  278.259863][ T8451]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  278.266638][ T8451]  ? __pfx_packet_sendmsg+0x10/0x10
[  278.271855][ T8451]  ? __fget_files+0x29/0x470
[  278.276453][ T8451]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  278.281744][ T8451]  ? security_socket_sendmsg+0x87/0xb0
[  278.287223][ T8451]  ? __pfx_packet_sendmsg+0x10/0x10
[  278.292443][ T8451]  __sock_sendmsg+0x221/0x270
[  278.297222][ T8451]  __sys_sendto+0x3a4/0x4f0
[  278.301732][ T8451]  ? __pfx___sys_sendto+0x10/0x10
[  278.306773][ T8451]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  278.312767][ T8451]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  278.319106][ T8451]  __x64_sys_sendto+0xde/0x100
[  278.323875][ T8451]  do_syscall_64+0xf3/0x230
[  278.328389][ T8451]  ? clear_bhb_loop+0x35/0x90
[  278.333071][ T8451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.338961][ T8451] RIP: 0033:0x7fcbd5975bd9
[  278.343378][ T8451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.362982][ T8451] RSP: 002b:00007fcbd6671048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  278.371389][ T8451] RAX: ffffffffffffffda RBX: 00007fcbd5b03f60 RCX: 00007fcbd5975bd9
[  278.379379][ T8451] RDX: 000000000000e90c RSI: 00000000200000c0 RDI: 0000000000000003
[  278.387353][ T8451] RBP: 00007fcbd66710a0 R08: 0000000020000540 R09: 0000000000000014
[  278.395318][ T8451] R10: 000000000000a0c4 R11: 0000000000000246 R12: 0000000000000001
[  278.403285][ T8451] R13: 000000000000000b R14: 00007fcbd5b03f60 R15: 00007fff31abccb8
[  278.411262][ T8451]  </TASK>
[  278.414292][    C1] vkms_vblank_simulate: vblank timer overrun
[  278.504500][ T8459] loop0: detected capacity change from 0 to 16384
[  278.816182][   T58] I/O error, dev loop0, sector 128 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  278.826810][   T58] Buffer I/O error on dev loop0, logical block 16, lost async page write
[  278.894230][ T8463] I/O error, dev loop0, sector 136 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  278.904322][ T8463] Buffer I/O error on dev loop0, logical block 17, lost async page write
[  278.942041][ T8459] I/O error, dev loop0, sector 2304 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  279.365541][ T5134] usb 2-1: Sierra USB modem converter now attached to ttyUSB0
[  279.456730][ T5134] usb 2-1: Sierra USB modem converter now attached to ttyUSB1
[  279.485175][ T5134] usb 2-1: USB disconnect, device number 15
[  279.530202][ T5134] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  279.592361][ T5134] sierra ttyUSB1: Sierra USB modem converter now disconnected from ttyUSB1
[  279.715552][ T5134] sierra 2-1:0.0: device disconnected
[  279.777168][ T8470] netlink: 28 bytes leftover after parsing attributes in process `syz.4.843'.
[  280.101020][  T784] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  280.312632][  T784] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  280.338039][  T784] usb 4-1: language id specifier not provided by device, defaulting to English
[  280.348799][   T29] audit: type=1326 audit(1720350942.828:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8485 comm="syz.4.848" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6554f75bd9 code=0x0
[  280.351623][  T784] usb 4-1: New USB device found, idVendor=056a, idProduct=0069, bcdDevice= 0.40
[  280.369736][    C1] vkms_vblank_simulate: vblank timer overrun
[  280.388279][  T784] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.396475][  T784] usb 4-1: Product: syz
[  280.402464][  T784] usb 4-1: Manufacturer: 꼳ꐐ꛲⨀맾ߟな㡰홖⒙ᒅ煗ﵙ
[  280.410547][  T784] usb 4-1: SerialNumber: syz
[  280.428397][  T784] usbhid 4-1:1.0: couldn't find an input interrupt endpoint
[  280.842426][ T8495] netlink: 16 bytes leftover after parsing attributes in process `syz.2.850'.
[  282.053420][ T8510] syz.1.851[8510] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  282.054003][ T8510] syz.1.851[8510] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  282.222582][ T8510] netlink: 56 bytes leftover after parsing attributes in process `syz.1.851'.
[  282.853711][ T5132] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  282.947641][  T784] usb 4-1: USB disconnect, device number 33
[  282.951555][ T8512] netlink: 28 bytes leftover after parsing attributes in process `syz.1.856'.
[  283.013152][ T5129] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  283.076759][ T5132] usb 1-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db
[  283.091015][ T5132] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.106163][ T5132] usb 1-1: config 0 descriptor??
[  283.115833][ T5132] usb 1-1: bad CDC descriptors
[  283.216786][ T5129] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  283.249217][ T5129] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  283.266779][ T5129] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  283.279599][ T5129] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  283.303130][ T5129] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  283.321783][ T5129] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  283.340329][ T5129] usb 3-1: Manufacturer: syz
[  283.367903][ T5129] usb 3-1: config 0 descriptor??
[  283.496072][ T5132] usb 1-1: USB disconnect, device number 23
[  283.841126][ T5129] usbhid 3-1:0.0: can't add hid device: -71
[  283.855811][ T5129] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  283.920644][ T5129] usb 3-1: USB disconnect, device number 23
[  284.007005][  T784] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  284.197894][  T784] usb 4-1: Using ep0 maxpacket: 16
[  284.210005][  T784] usb 4-1: config 0 descriptor has 1 excess byte, ignoring
[  284.416182][  T784] usb 4-1: config 0 interface 0 altsetting 8 has 6 endpoint descriptors, different from the interface descriptor's value: 12
[  284.433248][  T784] usb 4-1: config 0 interface 0 has no altsetting 0
[  284.459171][  T784] usb 4-1: New USB device found, idVendor=1199, idProduct=0027, bcdDevice=1e.57
[  284.478996][  T784] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.487036][  T784] usb 4-1: Product: syz
[  284.501114][  T784] usb 4-1: Manufacturer: syz
[  284.505833][  T784] usb 4-1: SerialNumber: syz
[  284.733175][  T784] usb 4-1: config 0 descriptor??
[  284.989682][  T784] sierra 4-1:0.0: Sierra USB modem converter detected
[  285.316483][ T8539] netlink: 16 bytes leftover after parsing attributes in process `syz.2.863'.
[  285.658487][ T5084] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  285.692246][  T784] usb 4-1: Sierra USB modem converter now attached to ttyUSB0
[  288.325452][  T784] usb 4-1: Sierra USB modem converter now attached to ttyUSB1
[  288.366328][   T29] audit: type=1326 audit(1720350950.815:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8558 comm="syz.4.867" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6554f75bd9 code=0x0
[  288.405877][  T784] usb 4-1: USB disconnect, device number 34
[  288.448029][  T784] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  288.496024][  T784] sierra ttyUSB1: Sierra USB modem converter now disconnected from ttyUSB1
[  288.551136][  T784] sierra 4-1:0.0: device disconnected
[  288.566107][ T8570] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.868'.
[  288.623014][ T8570] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  288.644644][ T8570] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  288.928245][ T8586] netlink: 16 bytes leftover after parsing attributes in process `syz.2.875'.
[  289.034356][ T5084] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  289.640094][   T45] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  289.648024][ T5129] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  290.302813][ T5129] usb 2-1: Using ep0 maxpacket: 8
[  290.315851][   T45] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  290.343399][ T5129] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  290.352517][   T45] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  290.370734][ T5129] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  290.385413][   T45] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  290.398903][ T5129] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  290.411572][ T5129] usb 2-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  290.423373][   T45] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  290.435010][   T45] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.452855][ T5129] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  290.470001][   T45] usb 4-1: config 0 descriptor??
[  290.475713][ T5129] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  290.490283][ T5129] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.515575][ T5129] usbtmc 2-1:16.0: bulk endpoints not found
[  290.533228][ T5132] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  290.756123][ T5132] usb 1-1: Using ep0 maxpacket: 16
[  290.774810][ T5132] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  290.795053][ T5132] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  290.820678][ T5132] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.367580][ T5135] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  291.466811][   T45] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  291.475033][   T45] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  291.485440][ T5132] usb 1-1: config 0 descriptor??
[  291.495354][ T5132] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  291.511583][   T45] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  291.679373][ T5135] usb 3-1: Using ep0 maxpacket: 32
[  291.705172][ T5135] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  291.747812][ T5084] Bluetooth: hci1: unexpected event for opcode 0x0000
[  291.755914][ T5135] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  291.802294][ T5135] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  291.832219][ T5135] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  291.875186][ T5135] usb 3-1: Product: syz
[  291.896764][ T5135] usb 3-1: Manufacturer: syz
[  291.922004][ T5135] hub 3-1:4.0: USB hub found
[  292.050686][ T8607] sp0: Synchronizing with TNC
[  292.123053][ T5135] hub 3-1:4.0: 2 ports detected
[  292.235041][ T5084] Bluetooth: hci1: Malformed LE Event: 0x0b
[  292.240411][ T8607] can0: slcan on ptm0.
[  292.842163][   T45] usb 4-1: reset high-speed USB device number 35 using dummy_hcd
[  292.977136][ T5129] usb 2-1: USB disconnect, device number 16
[  293.025638][   T45] usb 4-1: device descriptor read/64, error -32
[  293.354136][   T45] usb 4-1: reset high-speed USB device number 35 using dummy_hcd
[  293.613083][   T45] usb 4-1: device descriptor read/64, error -32
[  293.794469][ T5135] hub 3-1:4.0: set hub depth failed
[  293.894899][ T5135] usb 3-1: USB disconnect, device number 24
[  293.907756][   T45] usb 4-1: reset high-speed USB device number 35 using dummy_hcd
[  293.967561][ T8607] can0 (unregistered): slcan off ptm0.
[  293.996201][   T57] usb 1-1: USB disconnect, device number 24
[  294.100079][ T8640] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.885'.
[  294.146595][   T45] usb 4-1: device not accepting address 35, error -71
[  294.149279][ T8640] openvswitch: netlink: ufid size 3064 bytes exceeds the range (1, 16)
[  294.166646][   T29] audit: type=1326 audit(1720350956.593:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8647 comm="syz.3.889" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7906775bd9 code=0x0
[  294.170249][ T8648] netlink: 16 bytes leftover after parsing attributes in process `syz.0.887'.
[  294.268015][ T8640] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  294.855468][ T8668] netlink: 4 bytes leftover after parsing attributes in process `syz.0.890'.
[  294.873503][ T8668] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  294.882530][ T8668] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  294.891330][ T8668] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  294.900084][ T8668] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  294.910246][ T8668] vxlan0: entered promiscuous mode
[  295.823643][ T5084] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  295.832451][ T5084] Bluetooth: hci1: Injecting HCI hardware error event
[  295.842355][ T5084] Bluetooth: hci1: hardware error 0x00
[  295.854258][ T5132] usb 4-1: USB disconnect, device number 35
[  295.939412][ T8681] netlink: 24 bytes leftover after parsing attributes in process `syz.1.891'.
[  296.037511][ T8689] loop7: detected capacity change from 0 to 49152
[  296.045214][ T8684] netlink: 4 bytes leftover after parsing attributes in process `syz.2.892'.
[  296.081099][ T8684] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  296.195423][ T8691] loop7: detected capacity change from 49152 to 49088
[  297.953194][ T5084] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  306.205557][ T8734] netlink: 4 bytes leftover after parsing attributes in process `syz.2.907'.
[  313.577971][   T53] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  313.595768][   T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  313.603948][   T53] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  313.612559][   T53] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  313.621835][   T53] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  313.630011][   T53] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  313.858072][   T57] usb 1-1: new low-speed USB device number 25 using dummy_hcd
[  319.367733][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  319.562730][   T53] Bluetooth: hci5: command tx timeout
[  323.809983][   T57] usb 1-1: device descriptor read/64, error -71
[  323.840852][ T5084] Bluetooth: hci5: command tx timeout
[  323.905114][ T5080] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  333.622708][ T5080] Bluetooth: hci5: command tx timeout
[  333.773021][   T53] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  336.104229][ T5080] Bluetooth: hci5: command tx timeout
[  336.113103][ T5084] Bluetooth: hci6: Opcode 0x1001 failed: -110
[  339.220346][ T8752] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  339.231435][ T5084] Bluetooth: hci7: Opcode 0x0c03 failed: -110
[  339.248617][ T5084] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  339.271454][ T5080] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  339.280537][ T5080] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  339.288514][ T5080] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  339.296207][ T5080] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  339.303652][ T5080] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  339.310836][ T5080] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  341.774751][ T5084] Bluetooth: hci8: Opcode 0x0c38 failed: -110
[  341.781324][ T4480] Bluetooth: hci3: command 0x0406 tx timeout
[  341.787378][ T8756] Bluetooth: hci7: Opcode 0x0c03 failed: -110
[  343.506845][ T5084] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  343.515258][ T5084] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  343.523098][ T5084] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  343.639792][   T57] usb 1-1: new low-speed USB device number 26 using dummy_hcd
[  345.572208][ T4480] Bluetooth: hci7: Opcode 0x0c03 failed: -110
[  345.584360][ T5085] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  349.007724][ T8759] Bluetooth: hci7: Opcode 0x0c03 failed: -110
[  349.014511][ T8758] Bluetooth: hci8: Opcode 0x1001 failed: -110
[  363.840571][   T57] usb 1-1: device descriptor read/64, error -110
[  370.107201][   T57] usb usb1-port1: attempt power cycle
[  370.208283][ T5084] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  370.232082][ T8735] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  370.254244][ T5084] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  370.263653][ T5084] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  370.281554][ T5084] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  370.291765][ T5084] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  370.299437][ T5084] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  376.464520][ T5085] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  376.479092][   T57] usb 1-1: new low-speed USB device number 27 using dummy_hcd
[  376.666098][   T57] usb 1-1: device descriptor read/8, error -32
[  376.687903][ T5085] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  376.753113][ T5085] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  376.772325][ T8782] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  376.783050][ T8782] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  376.791672][ T8782] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  376.799169][ T8782] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  376.808629][ T8782] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  376.817118][ T8782] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  376.824247][ T8782] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  376.833268][ T8782] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  376.841531][ T5080] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  377.054030][   T57] usb 1-1: new low-speed USB device number 28 using dummy_hcd
[  377.184280][   T57] usb 1-1: device descriptor read/8, error -32
[  377.294729][   T57] raw-gadget.0 gadget.0: failed to queue suspend event
[  377.301882][   T57] usb usb1-port1: unable to enumerate USB device
[  377.317278][ T8787] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  377.327207][ T8787] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  377.338863][ T8787] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  377.347704][ T8787] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  377.357088][ T8787] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  377.364533][ T8787] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  377.373798][ T8789] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  377.381393][ T8789] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  377.404787][ T8789] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  377.412272][ T8789] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  377.420211][ T8789] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  377.428695][ T8789] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  385.407471][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  416.444616][ T4480] Bluetooth: hci1: command tx timeout
[  441.386122][   T53] Bluetooth: hci1: command tx timeout
[  460.160294][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  481.486378][ T5080] Bluetooth: hci5: command 0x0406 tx timeout
[  481.490478][ T4480] Bluetooth: hci1: command tx timeout
[  497.978159][ T8782] Bluetooth: hci6: command tx timeout
[  497.984291][ T8782] Bluetooth: hci0: command tx timeout
[  497.990309][ T8782] Bluetooth: hci1: command tx timeout
[  498.314513][ T8789] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  498.552990][ T8790] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  498.563118][ T8790] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  498.637554][ T5085] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  498.647022][ T5085] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  498.654922][ T5085] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  498.843787][ T5085] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  498.852829][ T5085] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  498.999396][ T5085] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  499.051305][ T5084] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  499.073955][ T5084] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  499.087194][ T5080] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  499.095694][ T5080] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  499.108551][ T5084] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  499.119151][ T5080] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  499.127630][ T5080] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  499.136762][ T5084] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  499.144131][ T5084] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  499.152315][ T5080] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  499.161027][ T5084] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  499.168333][ T5084] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  499.177654][ T5084] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  499.184820][ T5084] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  499.193065][ T5080] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  499.201212][ T5084] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  499.210702][ T4480] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  499.235165][ T5084] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  499.252621][ T8782] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  499.260409][ T8782] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  499.295353][ T5080] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  502.329246][ T4480] Bluetooth: hci7: command tx timeout
[  502.335649][ T4480] Bluetooth: hci0: command tx timeout
[  502.341233][ T4480] Bluetooth: hci6: command tx timeout
[  502.346711][ T4480] Bluetooth: hci8: command tx timeout
[  508.690765][ T5080] Bluetooth: hci8: command tx timeout
[  508.696205][ T5080] Bluetooth: hci6: command tx timeout
[  508.701740][ T5080] Bluetooth: hci0: command tx timeout
[  508.707250][ T5080] Bluetooth: hci7: command tx timeout
[  508.712807][ T5080] Bluetooth: hci9: command tx timeout
[  508.719261][ T5080] Bluetooth: hci10: command tx timeout
[  508.725566][ T5080] Bluetooth: hci11: command tx timeout
[  508.732231][ T5080] Bluetooth: hci13: command tx timeout
[  508.741070][ T5080] Bluetooth: hci12: command tx timeout
[  517.602163][ T8782] Bluetooth: hci12: command tx timeout
[  517.607703][ T8782] Bluetooth: hci1: command 0x0406 tx timeout
[  517.613722][ T8782] Bluetooth: hci13: command tx timeout
[  517.619210][ T8782] Bluetooth: hci11: command tx timeout
[  517.624706][ T8782] Bluetooth: hci10: command tx timeout
[  517.630206][ T8782] Bluetooth: hci9: command tx timeout
[  517.635610][ T8782] Bluetooth: hci7: command tx timeout
[  517.641039][ T8782] Bluetooth: hci0: command tx timeout
[  517.641280][   T53] Bluetooth: hci6: command tx timeout
[  517.646431][ T8782] Bluetooth: hci8: command tx timeout
[  530.059382][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  530.067372][ T8782] Bluetooth: hci7: command tx timeout
[  530.069657][ T5080] Bluetooth: hci9: command tx timeout
[  530.072778][ T8782] Bluetooth: hci10: command tx timeout
[  530.072826][ T8782] Bluetooth: hci11: command tx timeout
[  530.072869][ T8782] Bluetooth: hci13: command tx timeout
[  530.072911][ T8782] Bluetooth: hci12: command tx timeout
[  530.164286][ T8743] raw-gadget.0 gadget.0: failed to queue disconnect event
[  547.166280][   T53] Bluetooth: hci9: command tx timeout
[  547.173295][   T53] Bluetooth: hci12: command tx timeout
[  547.178807][   T53] Bluetooth: hci13: command tx timeout
[  547.184509][   T53] Bluetooth: hci11: command tx timeout
[  547.189996][   T53] Bluetooth: hci10: command tx timeout
[  547.196536][   T53] Bluetooth: hci8: command tx timeout
[  570.169478][   T30] INFO: task kworker/1:2:57 blocked for more than 153 seconds.
[  570.177456][   T30]       Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  570.185732][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  570.194541][   T30] task:kworker/1:2     state:D stack:20952 pid:57    tgid:57    ppid:2      flags:0x00004000
[  570.205027][   T30] Workqueue: events linkwatch_event
[  570.210265][   T30] Call Trace:
[  570.213867][   T30]  <TASK>
[  570.216813][   T30]  __schedule+0x1796/0x49d0
[  570.221537][   T30]  ? __pfx___schedule+0x10/0x10
[  570.227100][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  570.233143][   T30]  ? __pfx_lock_release+0x10/0x10
[  570.238179][   T30]  ? kick_pool+0x1bd/0x620
[  570.242610][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  570.247871][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  570.253373][   T30]  ? schedule+0x90/0x320
[  570.257622][   T30]  schedule+0x14b/0x320
[  570.261788][   T30]  schedule_preempt_disabled+0x13/0x30
[  570.267377][   T30]  __mutex_lock+0x6a4/0xd70
[  570.271896][   T30]  ? __mutex_lock+0x527/0xd70
[  570.277015][   T30]  ? linkwatch_event+0xe/0x60
[  570.281708][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  570.286878][   T30]  ? process_scheduled_works+0x945/0x1830
[  570.292609][   T30]  linkwatch_event+0xe/0x60
[  570.297156][   T30]  process_scheduled_works+0xa2c/0x1830
[  570.302744][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  570.309055][   T30]  ? assign_work+0x364/0x3d0
[  570.313861][   T30]  worker_thread+0x86d/0xd50
[  570.318473][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  570.324739][   T30]  ? __kthread_parkme+0x169/0x1d0
[  570.329780][   T30]  ? __pfx_worker_thread+0x10/0x10
[  570.334935][   T30]  kthread+0x2f0/0x390
[  570.339016][   T30]  ? __pfx_worker_thread+0x10/0x10
[  570.344165][   T30]  ? __pfx_kthread+0x10/0x10
[  570.348767][   T30]  ret_from_fork+0x4b/0x80
[  570.353232][   T30]  ? __pfx_kthread+0x10/0x10
[  570.357840][   T30]  ret_from_fork_asm+0x1a/0x30
[  570.362633][   T30]  </TASK>
[  570.365759][   T30] INFO: task kworker/u8:8:2866 blocked for more than 153 seconds.
[  570.374013][   T30]       Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  570.381648][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  570.391033][   T30] task:kworker/u8:8    state:D stack:20312 pid:2866  tgid:2866  ppid:2      flags:0x00004000
[  570.401407][   T30] Workqueue: netns cleanup_net
[  570.406231][   T30] Call Trace:
[  570.409962][   T30]  <TASK>
[  570.412909][   T30]  __schedule+0x1796/0x49d0
[  570.417503][   T30]  ? __pfx___schedule+0x10/0x10
[  570.422386][   T30]  ? __pfx_lock_release+0x10/0x10
[  570.427829][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  570.433354][   T30]  ? kthread_data+0x52/0xd0
[  570.437875][   T30]  ? schedule+0x90/0x320
[  570.442135][   T30]  ? wq_worker_sleeping+0x66/0x240
[  570.447346][   T30]  ? schedule+0x90/0x320
[  570.451624][   T30]  schedule+0x14b/0x320
[  570.455858][   T30]  schedule_preempt_disabled+0x13/0x30
[  570.461336][   T30]  __mutex_lock+0x6a4/0xd70
[  570.465897][   T30]  ? __mutex_lock+0x527/0xd70
[  570.470588][   T30]  ? wg_netns_pre_exit+0x1f/0x1e0
[  570.476023][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  570.481078][   T30]  ? __local_bh_enable_ip+0x168/0x200
[  570.486532][   T30]  ? cleanup_net+0x427/0xcc0
[  570.491152][   T30]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  570.496935][   T30]  wg_netns_pre_exit+0x1f/0x1e0
[  570.501817][   T30]  cleanup_net+0x615/0xcc0
[  570.506290][   T30]  ? __pfx_cleanup_net+0x10/0x10
[  570.511781][   T30]  ? process_scheduled_works+0x945/0x1830
[  570.517571][   T30]  process_scheduled_works+0xa2c/0x1830
[  570.523733][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  570.529736][   T30]  ? assign_work+0x364/0x3d0
[  570.534545][   T30]  worker_thread+0x86d/0xd50
[  570.539170][   T30]  ? __kthread_parkme+0x169/0x1d0
[  570.544241][   T30]  ? __pfx_worker_thread+0x10/0x10
[  570.549372][   T30]  kthread+0x2f0/0x390
[  570.553491][   T30]  ? __pfx_worker_thread+0x10/0x10
[  570.558611][   T30]  ? __pfx_kthread+0x10/0x10
[  570.563244][   T30]  ret_from_fork+0x4b/0x80
[  570.567672][   T30]  ? __pfx_kthread+0x10/0x10
[  570.572275][   T30]  ret_from_fork_asm+0x1a/0x30
[  570.577502][   T30]  </TASK>
[  570.580553][   T30] INFO: task kworker/1:5:5131 blocked for more than 154 seconds.
[  570.588303][   T30]       Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  570.595962][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  570.604659][   T30] task:kworker/1:5     state:D stack:26080 pid:5131  tgid:5131  ppid:2      flags:0x00004000
[  570.615150][   T30] Workqueue: events switchdev_deferred_process_work
[  570.621847][   T30] Call Trace:
[  570.625839][   T30]  <TASK>
[  570.628788][   T30]  __schedule+0x1796/0x49d0
[  570.633363][   T30]  ? __pfx___schedule+0x10/0x10
[  570.638224][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  570.644249][   T30]  ? __pfx_lock_release+0x10/0x10
[  570.649286][   T30]  ? kick_pool+0x45c/0x620
[  570.653746][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  570.658960][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  570.664200][   T30]  ? schedule+0x90/0x320
[  570.668448][   T30]  schedule+0x14b/0x320
[  570.672614][   T30]  schedule_preempt_disabled+0x13/0x30
[  570.678452][   T30]  __mutex_lock+0x6a4/0xd70
[  570.683003][   T30]  ? __mutex_lock+0x527/0xd70
[  570.687692][   T30]  ? switchdev_deferred_process_work+0xe/0x20
[  570.693798][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  570.698850][   T30]  ? process_scheduled_works+0x945/0x1830
[  570.704610][   T30]  switchdev_deferred_process_work+0xe/0x20
[  570.710511][   T30]  process_scheduled_works+0xa2c/0x1830
[  570.716410][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  570.722410][   T30]  ? assign_work+0x364/0x3d0
[  570.727586][   T30]  worker_thread+0x86d/0xd50
[  570.732214][   T30]  ? __kthread_parkme+0x169/0x1d0
[  570.737291][   T30]  ? __pfx_worker_thread+0x10/0x10
[  570.742412][   T30]  kthread+0x2f0/0x390
[  570.746522][   T30]  ? __pfx_worker_thread+0x10/0x10
[  570.751647][   T30]  ? __pfx_kthread+0x10/0x10
[  570.756277][   T30]  ret_from_fork+0x4b/0x80
[  570.760705][   T30]  ? __pfx_kthread+0x10/0x10
[  570.765335][   T30]  ret_from_fork_asm+0x1a/0x30
[  570.770163][   T30]  </TASK>
[  570.773584][   T30] INFO: task kworker/u8:11:5284 blocked for more than 154 seconds.
[  570.781480][   T30]       Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  570.789144][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  570.797843][   T30] task:kworker/u8:11   state:D stack:19864 pid:5284  tgid:5284  ppid:2      flags:0x00004000
[  570.808091][   T30] Workqueue: ipv6_addrconf addrconf_verify_work
[  570.814397][   T30] Call Trace:
[  570.818161][   T30]  <TASK>
[  570.821129][   T30]  __schedule+0x1796/0x49d0
[  570.826070][   T30]  ? __pfx___schedule+0x10/0x10
[  570.830964][   T30]  ? __pfx_lock_release+0x10/0x10
[  570.836077][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  570.841558][   T30]  ? kthread_data+0x52/0xd0
[  570.846111][   T30]  ? schedule+0x90/0x320
[  570.850365][   T30]  ? wq_worker_sleeping+0x66/0x240
[  570.855530][   T30]  ? schedule+0x90/0x320
[  570.859782][   T30]  schedule+0x14b/0x320
[  570.863988][   T30]  schedule_preempt_disabled+0x13/0x30
[  570.869455][   T30]  __mutex_lock+0x6a4/0xd70
[  570.874388][   T30]  ? __mutex_lock+0x527/0xd70
[  570.879079][   T30]  ? addrconf_verify_work+0x19/0x30
[  570.884324][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  570.889360][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  570.895383][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  570.901731][   T30]  ? process_scheduled_works+0x945/0x1830
[  570.907489][   T30]  addrconf_verify_work+0x19/0x30
[  570.912528][   T30]  process_scheduled_works+0xa2c/0x1830
[  570.918147][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  570.924768][   T30]  ? assign_work+0x364/0x3d0
[  570.929379][   T30]  worker_thread+0x86d/0xd50
[  570.934215][   T30]  ? __kthread_parkme+0x169/0x1d0
[  570.939258][   T30]  ? __pfx_worker_thread+0x10/0x10
[  570.944413][   T30]  kthread+0x2f0/0x390
[  570.948500][   T30]  ? __pfx_worker_thread+0x10/0x10
[  570.953650][   T30]  ? __pfx_kthread+0x10/0x10
[  570.958250][   T30]  ret_from_fork+0x4b/0x80
[  570.962678][   T30]  ? __pfx_kthread+0x10/0x10
[  570.967313][   T30]  ret_from_fork_asm+0x1a/0x30
[  570.972108][   T30]  </TASK>
[  570.975544][   T30] INFO: task syz-executor:8765 blocked for more than 154 seconds.
[  570.983388][   T30]       Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  570.991020][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  570.999719][   T30] task:syz-executor    state:D stack:24992 pid:8765  tgid:8765  ppid:1      flags:0x00000004
[  571.009929][   T30] Call Trace:
[  571.013244][   T30]  <TASK>
[  571.016190][   T30]  __schedule+0x1796/0x49d0
[  571.020730][   T30]  ? __pfx___schedule+0x10/0x10
[  571.026546][   T30]  ? __pfx_lock_release+0x10/0x10
[  571.031589][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  571.037408][   T30]  ? schedule+0x90/0x320
[  571.041666][   T30]  schedule+0x14b/0x320
[  571.045867][   T30]  schedule_preempt_disabled+0x13/0x30
[  571.051367][   T30]  __mutex_lock+0x6a4/0xd70
[  571.055927][   T30]  ? __mutex_lock+0x527/0xd70
[  571.060614][   T30]  ? rtnetlink_rcv_msg+0x842/0x1180
[  571.065858][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  571.070910][   T30]  rtnetlink_rcv_msg+0x842/0x1180
[  571.076374][   T30]  ? rtnetlink_rcv_msg+0x208/0x1180
[  571.081591][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  571.087101][   T30]  ? is_bpf_text_address+0x285/0x2a0
[  571.092403][   T30]  ? __pfx_validate_chain+0x10/0x10
[  571.097644][   T30]  ? __pfx_validate_chain+0x10/0x10
[  571.102854][   T30]  ? arch_stack_walk+0x16d/0x1b0
[  571.107853][   T30]  ? mark_lock+0x9a/0x350
[  571.112213][   T30]  ? __pfx_validate_chain+0x10/0x10
[  571.117507][   T30]  ? __lock_acquire+0x1346/0x1fd0
[  571.122560][   T30]  ? mark_lock+0x9a/0x350
[  571.127725][   T30]  ? __lock_acquire+0x1346/0x1fd0
[  571.132796][   T30]  netlink_rcv_skb+0x1e3/0x430
[  571.137791][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  571.143316][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  571.148645][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  571.153896][   T30]  netlink_unicast+0x7ea/0x980
[  571.158707][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  571.164091][   T30]  ? __virt_addr_valid+0x183/0x520
[  571.169234][   T30]  ? __check_object_size+0x49c/0x900
[  571.175766][   T30]  ? bpf_lsm_netlink_send+0x9/0x10
[  571.180911][   T30]  netlink_sendmsg+0x8db/0xcb0
[  571.185754][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  571.191062][   T30]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  571.196388][   T30]  ? security_socket_sendmsg+0x87/0xb0
[  571.201870][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  571.207204][   T30]  __sock_sendmsg+0x221/0x270
[  571.211896][   T30]  __sys_sendto+0x3a4/0x4f0
[  571.216451][   T30]  ? __pfx___sys_sendto+0x10/0x10
[  571.221519][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  571.228131][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  571.234689][   T30]  ? exc_page_fault+0x590/0x8c0
[  571.239559][   T30]  __x64_sys_sendto+0xde/0x100
[  571.244373][   T30]  do_syscall_64+0xf3/0x230
[  571.248897][   T30]  ? clear_bhb_loop+0x35/0x90
[  571.253676][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  571.259605][   T30] RIP: 0033:0x7fae0e57796c
[  571.264098][   T30] RSP: 002b:00007ffff7928a20 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  571.272533][   T30] RAX: ffffffffffffffda RBX: 00007fae0f234620 RCX: 00007fae0e57796c
[  571.280882][   T30] RDX: 0000000000000028 RSI: 00007fae0f234670 RDI: 0000000000000003
[  571.288897][   T30] RBP: 0000000000000000 R08: 00007ffff7928a74 R09: 000000000000000c
[  571.296907][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  571.304913][   T30] R13: 0000000000000000 R14: 00007fae0f234670 R15: 0000000000000000
[  571.312908][   T30]  </TASK>
[  571.315971][   T30] INFO: task syz-executor:8775 blocked for more than 154 seconds.
[  571.324169][   T30]       Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  571.332236][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  571.341034][   T30] task:syz-executor    state:D stack:24992 pid:8775  tgid:8775  ppid:1      flags:0x00000004
[  571.351243][   T30] Call Trace:
[  571.354554][   T30]  <TASK>
[  571.357501][   T30]  __schedule+0x1796/0x49d0
[  571.362037][   T30]  ? __pfx___schedule+0x10/0x10
[  571.366928][   T30]  ? __pfx_lock_release+0x10/0x10
[  571.371965][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  571.377989][   T30]  ? schedule+0x90/0x320
[  571.382439][   T30]  schedule+0x14b/0x320
[  571.386707][   T30]  schedule_preempt_disabled+0x13/0x30
[  571.392189][   T30]  __mutex_lock+0x6a4/0xd70
[  571.396760][   T30]  ? __mutex_lock+0x527/0xd70
[  571.401475][   T30]  ? rtnetlink_rcv_msg+0x842/0x1180
[  571.406784][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  571.411851][   T30]  rtnetlink_rcv_msg+0x842/0x1180
[  571.416978][   T30]  ? rtnetlink_rcv_msg+0x208/0x1180
[  571.422238][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  571.428113][   T30]  ? is_bpf_text_address+0x285/0x2a0
[  571.433755][   T30]  ? __pfx_validate_chain+0x10/0x10
[  571.438976][   T30]  ? __pfx_validate_chain+0x10/0x10
[  571.444404][   T30]  ? arch_stack_walk+0x16d/0x1b0
[  571.449376][   T30]  ? mark_lock+0x9a/0x350
[  571.453752][   T30]  ? __pfx_validate_chain+0x10/0x10
[  571.458964][   T30]  ? __lock_acquire+0x1346/0x1fd0
[  571.464044][   T30]  ? mark_lock+0x9a/0x350
[  571.468387][   T30]  ? __lock_acquire+0x1346/0x1fd0
[  571.473813][   T30]  netlink_rcv_skb+0x1e3/0x430
[  571.478598][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  571.484111][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  571.489437][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  571.494682][   T30]  netlink_unicast+0x7ea/0x980
[  571.499468][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  571.504792][   T30]  ? __virt_addr_valid+0x183/0x520
[  571.509947][   T30]  ? __check_object_size+0x49c/0x900
[  571.515275][   T30]  ? bpf_lsm_netlink_send+0x9/0x10
[  571.520404][   T30]  netlink_sendmsg+0x8db/0xcb0
[  571.525573][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  571.530880][   T30]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  571.536519][   T30]  ? security_socket_sendmsg+0x87/0xb0
[  571.541999][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  571.547494][   T30]  __sock_sendmsg+0x221/0x270
[  571.552184][   T30]  __sys_sendto+0x3a4/0x4f0
[  571.556735][   T30]  ? __pfx___sys_sendto+0x10/0x10
[  571.561796][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  571.567977][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  571.574826][   T30]  ? exc_page_fault+0x590/0x8c0
[  571.579715][   T30]  __x64_sys_sendto+0xde/0x100
[  571.584530][   T30]  do_syscall_64+0xf3/0x230
[  571.589047][   T30]  ? clear_bhb_loop+0x35/0x90
[  571.593774][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  571.599682][   T30] RIP: 0033:0x7fc4ecf7796c
[  571.604131][   T30] RSP: 002b:00007ffee06537c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  571.612554][   T30] RAX: ffffffffffffffda RBX: 00007fc4edc34620 RCX: 00007fc4ecf7796c
[  571.620567][   T30] RDX: 0000000000000028 RSI: 00007fc4edc34670 RDI: 0000000000000003
[  571.628916][   T30] RBP: 0000000000000000 R08: 00007ffee0653814 R09: 000000000000000c
[  571.637212][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  571.645394][   T30] R13: 0000000000000000 R14: 00007fc4edc34670 R15: 0000000000000000
[  571.653441][   T30]  </TASK>
[  571.656472][   T30] INFO: task syz-executor:8780 blocked for more than 155 seconds.
[  571.664311][   T30]       Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  571.671937][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  571.681068][   T30] task:syz-executor    state:D stack:24992 pid:8780  tgid:8780  ppid:1      flags:0x00000004
[  571.691323][   T30] Call Trace:
[  571.694655][   T30]  <TASK>
[  571.697640][   T30]  __schedule+0x1796/0x49d0
[  571.702193][   T30]  ? __pfx___schedule+0x10/0x10
[  571.707096][   T30]  ? __pfx_lock_release+0x10/0x10
[  571.712134][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  571.717664][   T30]  ? schedule+0x90/0x320
[  571.721912][   T30]  schedule+0x14b/0x320
[  571.726422][   T30]  schedule_preempt_disabled+0x13/0x30
[  571.732323][   T30]  __mutex_lock+0x6a4/0xd70
[  571.736876][   T30]  ? __mutex_lock+0x527/0xd70
[  571.742064][   T30]  ? rtnetlink_rcv_msg+0x842/0x1180
[  571.747322][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  571.752373][   T30]  rtnetlink_rcv_msg+0x842/0x1180
[  571.757476][   T30]  ? rtnetlink_rcv_msg+0x208/0x1180
[  571.762692][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  571.768193][   T30]  ? is_bpf_text_address+0x285/0x2a0
[  571.773901][   T30]  ? __pfx_validate_chain+0x10/0x10
[  571.779114][   T30]  ? __pfx_validate_chain+0x10/0x10
[  571.784357][   T30]  ? arch_stack_walk+0x16d/0x1b0
[  571.789323][   T30]  ? mark_lock+0x9a/0x350
[  571.793689][   T30]  ? __pfx_validate_chain+0x10/0x10
[  571.798903][   T30]  ? __lock_acquire+0x1346/0x1fd0
[  571.804330][   T30]  ? mark_lock+0x9a/0x350
[  571.808681][   T30]  ? __lock_acquire+0x1346/0x1fd0
[  571.813765][   T30]  netlink_rcv_skb+0x1e3/0x430
[  571.818547][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  571.824356][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  571.829685][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  571.834925][   T30]  netlink_unicast+0x7ea/0x980
[  571.839711][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  571.845318][   T30]  ? __virt_addr_valid+0x183/0x520
[  571.850451][   T30]  ? __check_object_size+0x49c/0x900
[  571.855943][   T30]  ? bpf_lsm_netlink_send+0x9/0x10
[  571.861071][   T30]  netlink_sendmsg+0x8db/0xcb0
[  571.865894][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  571.871210][   T30]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  571.876880][   T30]  ? security_socket_sendmsg+0x87/0xb0
[  571.882357][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  571.887683][   T30]  __sock_sendmsg+0x221/0x270
[  571.892371][   T30]  __sys_sendto+0x3a4/0x4f0
[  571.897532][   T30]  ? __pfx___sys_sendto+0x10/0x10
[  571.902593][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  571.908610][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  571.914976][   T30]  ? exc_page_fault+0x590/0x8c0
[  571.920104][   T30]  __x64_sys_sendto+0xde/0x100
[  571.925250][   T30]  do_syscall_64+0xf3/0x230
[  571.929768][   T30]  ? clear_bhb_loop+0x35/0x90
[  571.934494][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  571.940403][   T30] RIP: 0033:0x7fe75d57796c
[  571.945174][   T30] RSP: 002b:00007fff0c64dbf0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  571.953797][   T30] RAX: ffffffffffffffda RBX: 00007fe75e234620 RCX: 00007fe75d57796c
[  571.961780][   T30] RDX: 0000000000000028 RSI: 00007fe75e234670 RDI: 0000000000000003
[  571.969795][   T30] RBP: 0000000000000000 R08: 00007fff0c64dc44 R09: 000000000000000c
[  571.983039][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  571.991030][   T30] R13: 0000000000000000 R14: 00007fe75e234670 R15: 0000000000000000
[  572.023384][   T30]  </TASK>
[  572.026449][   T30] INFO: task syz-executor:8784 blocked for more than 155 seconds.
[  572.043038][   T30]       Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  572.051099][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  572.083045][   T30] task:syz-executor    state:D stack:24992 pid:8784  tgid:8784  ppid:1      flags:0x00000004
[  572.113280][   T30] Call Trace:
[  572.116593][   T30]  <TASK>
[  572.119535][   T30]  __schedule+0x1796/0x49d0
[  572.163074][   T30]  ? __pfx___schedule+0x10/0x10
[  572.167976][   T30]  ? __pfx_lock_release+0x10/0x10
[  572.183063][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  572.188573][   T30]  ? schedule+0x90/0x320
[  572.192823][   T30]  schedule+0x14b/0x320
[  572.213056][   T30]  schedule_preempt_disabled+0x13/0x30
[  572.218555][   T30]  __mutex_lock+0x6a4/0xd70
[  572.243056][   T30]  ? __mutex_lock+0x527/0xd70
[  572.247780][   T30]  ? rtnetlink_rcv_msg+0x842/0x1180
[  572.263242][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  572.268319][   T30]  rtnetlink_rcv_msg+0x842/0x1180
[  572.283081][   T30]  ? rtnetlink_rcv_msg+0x208/0x1180
[  572.288324][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  572.303052][   T30]  ? is_bpf_text_address+0x285/0x2a0
[  572.308379][   T30]  ? __pfx_validate_chain+0x10/0x10
[  572.323419][   T30]  ? __pfx_validate_chain+0x10/0x10
[  572.328648][   T30]  ? arch_stack_walk+0x16d/0x1b0
[  572.343069][   T30]  ? mark_lock+0x9a/0x350
[  572.347427][   T30]  ? __pfx_validate_chain+0x10/0x10
[  572.352636][   T30]  ? __lock_acquire+0x1346/0x1fd0
[  572.374592][   T30]  ? mark_lock+0x9a/0x350
[  572.378963][   T30]  ? __lock_acquire+0x1346/0x1fd0
[  572.384057][   T30]  netlink_rcv_skb+0x1e3/0x430
[  572.388833][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  572.396624][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  572.401966][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  572.407603][   T30]  netlink_unicast+0x7ea/0x980
[  572.412412][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  572.417851][   T30]  ? __virt_addr_valid+0x183/0x520
[  572.422993][   T30]  ? __check_object_size+0x49c/0x900
[  572.428758][   T30]  ? bpf_lsm_netlink_send+0x9/0x10
[  572.437510][   T30]  netlink_sendmsg+0x8db/0xcb0
[  572.442336][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  572.447709][   T30]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  572.452998][   T30]  ? security_socket_sendmsg+0x87/0xb0
[  572.459007][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  572.464351][   T30]  __sock_sendmsg+0x221/0x270
[  572.469045][   T30]  __sys_sendto+0x3a4/0x4f0
[  572.473890][   T30]  ? __pfx___sys_sendto+0x10/0x10
[  572.478969][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  572.485138][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  572.491474][   T30]  ? exc_page_fault+0x590/0x8c0
[  572.496373][   T30]  __x64_sys_sendto+0xde/0x100
[  572.501157][   T30]  do_syscall_64+0xf3/0x230
[  572.505708][   T30]  ? clear_bhb_loop+0x35/0x90
[  572.510408][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  572.516340][   T30] RIP: 0033:0x7fda5657796c
[  572.520768][   T30] RSP: 002b:00007fffae945080 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  572.529603][   T30] RAX: ffffffffffffffda RBX: 00007fda57234620 RCX: 00007fda5657796c
[  572.537615][   T30] RDX: 0000000000000028 RSI: 00007fda57234670 RDI: 0000000000000003
[  572.545618][   T30] RBP: 0000000000000000 R08: 00007fffae9450d4 R09: 000000000000000c
[  572.553624][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  572.562047][   T30] R13: 0000000000000000 R14: 00007fda57234670 R15: 0000000000000000
[  572.570090][   T30]  </TASK>
[  572.573481][   T30] INFO: task syz-executor:8786 blocked for more than 156 seconds.
[  572.581285][   T30]       Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  572.588956][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  572.597655][   T30] task:syz-executor    state:D stack:24992 pid:8786  tgid:8786  ppid:1      flags:0x00000004
[  572.607861][   T30] Call Trace:
[  572.611149][   T30]  <TASK>
[  572.614133][   T30]  __schedule+0x1796/0x49d0
[  572.618671][   T30]  ? __pfx___schedule+0x10/0x10
[  572.624188][   T30]  ? __pfx_lock_release+0x10/0x10
[  572.629317][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  572.634917][   T30]  ? schedule+0x90/0x320
[  572.639173][   T30]  schedule+0x14b/0x320
[  572.643371][   T30]  schedule_preempt_disabled+0x13/0x30
[  572.648835][   T30]  __mutex_lock+0x6a4/0xd70
[  572.653387][   T30]  ? __mutex_lock+0x527/0xd70
[  572.658079][   T30]  ? rtnetlink_rcv_msg+0x842/0x1180
[  572.663602][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  572.668652][   T30]  rtnetlink_rcv_msg+0x842/0x1180
[  572.674254][   T30]  ? rtnetlink_rcv_msg+0x208/0x1180
[  572.679475][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  572.684980][   T30]  ? is_bpf_text_address+0x285/0x2a0
[  572.690280][   T30]  ? __pfx_validate_chain+0x10/0x10
[  572.695518][   T30]  ? __pfx_validate_chain+0x10/0x10
[  572.700728][   T30]  ? arch_stack_walk+0x16d/0x1b0
[  572.705720][   T30]  ? mark_lock+0x9a/0x350
[  572.710055][   T30]  ? __pfx_validate_chain+0x10/0x10
[  572.715389][   T30]  ? __lock_acquire+0x1346/0x1fd0
[  572.720436][   T30]  ? mark_lock+0x9a/0x350
[  572.725202][   T30]  ? __lock_acquire+0x1346/0x1fd0
[  572.730260][   T30]  netlink_rcv_skb+0x1e3/0x430
[  572.735067][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  572.740550][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  572.745898][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  572.751109][   T30]  netlink_unicast+0x7ea/0x980
[  572.755920][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  572.761210][   T30]  ? __virt_addr_valid+0x183/0x520
[  572.766634][   T30]  ? __check_object_size+0x49c/0x900
[  572.771930][   T30]  ? bpf_lsm_netlink_send+0x9/0x10
[  572.777578][   T30]  netlink_sendmsg+0x8db/0xcb0
[  572.782383][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  572.787730][   T30]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  572.793018][   T30]  ? security_socket_sendmsg+0x87/0xb0
[  572.798527][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  572.803853][   T30]  __sock_sendmsg+0x221/0x270
[  572.808541][   T30]  __sys_sendto+0x3a4/0x4f0
[  572.813113][   T30]  ? __pfx___sys_sendto+0x10/0x10
[  572.818179][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  572.824539][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  572.830876][   T30]  ? exc_page_fault+0x590/0x8c0
[  572.835774][   T30]  __x64_sys_sendto+0xde/0x100
[  572.840556][   T30]  do_syscall_64+0xf3/0x230
[  572.845105][   T30]  ? clear_bhb_loop+0x35/0x90
[  572.849800][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  572.855736][   T30] RIP: 0033:0x7f993af7796c
[  572.860167][   T30] RSP: 002b:00007ffffc84c4a0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  572.868897][   T30] RAX: ffffffffffffffda RBX: 00007f993bc34620 RCX: 00007f993af7796c
[  572.877404][   T30] RDX: 0000000000000028 RSI: 00007f993bc34670 RDI: 0000000000000003
[  572.885419][   T30] RBP: 0000000000000000 R08: 00007ffffc84c4f4 R09: 000000000000000c
[  572.893428][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  572.901404][   T30] R13: 0000000000000000 R14: 00007f993bc34670 R15: 0000000000000000
[  572.909447][   T30]  </TASK>
[  572.912491][   T30] 
[  572.912491][   T30] Showing all locks held in the system:
[  572.920246][   T30] 1 lock held by pool_workqueue_/3:
[  572.925934][   T30] 5 locks held by kworker/u8:0/11:
[  572.931048][   T30] 1 lock held by khungtaskd/30:
[  572.935928][   T30]  #0: ffffffff8e333f20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  572.945842][   T30] 3 locks held by kworker/1:2/57:
[  572.950868][   T30]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  572.961889][   T30]  #1: ffffc90001377d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  572.973236][   T30]  #2: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  572.982236][   T30] 3 locks held by kworker/u8:4/62:
[  572.987873][   T30]  #0: ffff888015089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  572.999600][   T30]  #1: ffffc900015d7d00 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  573.011321][   T30]  #2: ffffffff8e3392f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  573.022292][   T30] 4 locks held by kworker/u8:8/2866:
[  573.027938][   T30]  #0: ffff888015ed3148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  573.038875][   T30]  #1: ffffc90009dbfd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  573.049463][   T30]  #2: ffffffff8f5c80d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  573.058928][   T30]  #3: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: wg_netns_pre_exit+0x1f/0x1e0
[  573.068308][   T30] 2 locks held by getty/4833:
[  573.073327][   T30]  #0: ffff88802b3350a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  573.083670][   T30]  #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  573.093861][   T30] 3 locks held by kworker/1:4/5129:
[  573.099060][   T30] 3 locks held by kworker/1:5/5131:
[  573.104289][   T30]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  573.115320][   T30]  #1: ffffc900043bfd00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  573.127307][   T30]  #2: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[  573.137876][   T30] 4 locks held by kworker/1:6/5132:
[  573.143109][   T30]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  573.154128][   T30]  #1: ffffc900043cfd00 ((work_completion)(&aux->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  573.165845][   T30]  #2: ffffffff8e3a6368 (pack_mutex){+.+.}-{3:3}, at: bpf_prog_pack_free+0x27/0x410
[  573.176430][   T30]  #3: ffffffff8e1e3688 (text_mutex){+.+.}-{3:3}, at: text_poke_set+0xbf/0x1b0
[  573.185628][   T30] 5 locks held by kworker/0:4/5134:
[  573.190826][   T30] 3 locks held by kworker/u8:11/5284:
[  573.196230][   T30]  #0: ffff88802a8c2148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  573.207868][   T30]  #1: ffffc900049bfd00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  573.221582][   T30]  #2: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  573.231481][   T30] 1 lock held by syz.3.899/8709:
[  573.236451][   T30] 1 lock held by syz.4.902/8717:
[  573.241392][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[  573.250419][   T30] 1 lock held by syz.1.904/8727:
[  573.255383][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[  573.264404][   T30] 1 lock held by syz.2.907/8739:
[  573.269339][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3e/0x1b0
[  573.278985][   T30] 3 locks held by syz-executor/8744:
[  573.284468][   T30] 1 lock held by syz-executor/8765:
[  573.289668][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  573.299227][   T30] 1 lock held by syz-executor/8775:
[  573.304456][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  573.314005][   T30] 1 lock held by syz-executor/8780:
[  573.319203][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  573.329103][   T30] 1 lock held by syz-executor/8784:
[  573.334349][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  573.343905][   T30] 1 lock held by syz-executor/8786:
[  573.349101][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  573.358660][   T30] 4 locks held by kworker/u9:7/8789:
[  573.363973][   T30] 1 lock held by syz-executor/8796:
[  573.369167][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  573.379301][   T30] 1 lock held by syz-executor/8798:
[  573.384696][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  573.394253][   T30] 1 lock held by syz-executor/8801:
[  573.399454][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  573.409007][   T30] 1 lock held by syz-executor/8805:
[  573.414233][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  573.424145][   T30] 1 lock held by syz-executor/8807:
[  573.429344][   T30]  #0: ffffffff8f5d4908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x842/0x1180
[  573.438900][   T30] 1 lock held by dhcpcd/8816:
[  573.443609][   T30] 1 lock held by dhcpcd/8818:
[  573.448288][   T30] 1 lock held by dhcpcd/8819:
[  573.452964][   T30] 1 lock held by dhcpcd/8820:
[  573.459673][   T30] 1 lock held by dhcpcd/8821:
[  573.472766][   T30] 2 locks held by udevd/8822:
[  573.482965][   T30]  #0: ffff88801518cd98 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x2a9/0xc80
[  573.492136][   T30]  #1: ffff88802eebf298 (&anon_vma->rwsem){++++}-{3:3}, at: __put_anon_vma+0xf6/0x2d0
[  573.504670][   T30] 2 locks held by udevd/8823:
[  573.509367][   T30] 2 locks held by udevd/8824:
[  573.523570][   T30] 
[  573.525939][   T30] =============================================
[  573.525939][   T30] 
[  573.550867][   T30] NMI backtrace for cpu 1
[  573.555245][   T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  573.565149][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  573.575209][   T30] Call Trace:
[  573.578491][   T30]  <TASK>
[  573.581431][   T30]  dump_stack_lvl+0x241/0x360
[  573.586130][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  573.591340][   T30]  ? __pfx__printk+0x10/0x10
[  573.595944][   T30]  ? vprintk_emit+0x631/0x770
[  573.600634][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[  573.605678][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  573.610630][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  573.616092][   T30]  ? _printk+0xd5/0x120
[  573.620257][   T30]  ? __pfx__printk+0x10/0x10
[  573.624867][   T30]  ? __wake_up_klogd+0xcc/0x110
[  573.629730][   T30]  ? __pfx__printk+0x10/0x10
[  573.634342][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  573.639377][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  573.645365][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  573.651358][   T30]  watchdog+0xfde/0x1020
[  573.655613][   T30]  ? watchdog+0x1ea/0x1020
[  573.660041][   T30]  ? __pfx_watchdog+0x10/0x10
[  573.664727][   T30]  kthread+0x2f0/0x390
[  573.668810][   T30]  ? __pfx_watchdog+0x10/0x10
[  573.673496][   T30]  ? __pfx_kthread+0x10/0x10
[  573.678098][   T30]  ret_from_fork+0x4b/0x80
[  573.682522][   T30]  ? __pfx_kthread+0x10/0x10
[  573.687122][   T30]  ret_from_fork_asm+0x1a/0x30
[  573.691919][   T30]  </TASK>
[  573.695289][   T30] Sending NMI from CPU 1 to CPUs 0:
[  573.700515][    C0] NMI backtrace for cpu 0
[  573.700527][    C0] CPU: 0 PID: 5134 Comm: kworker/0:4 Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  573.700545][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  573.700557][    C0] Workqueue: events_power_efficient gc_worker
[  573.700581][    C0] RIP: 0010:lock_acquire+0x20a/0x550
[  573.700600][    C0] Code: 00 ff 75 10 ff 74 24 48 e8 c3 04 00 00 48 83 c4 28 48 c7 c7 c0 cc ca 8b e8 c3 ec 0a 0a b8 ff ff ff ff 65 0f c1 05 06 22 90 7e <83> f8 01 0f 85 a3 01 00 00 49 89 de 48 c1 eb 03 42 80 3c 2b 00 74
[  573.700614][    C0] RSP: 0018:ffffc90000007b20 EFLAGS: 00000057
[  573.700627][    C0] RAX: 0000000000000001 RBX: ffffc90000007b80 RCX: 0000000000000001
[  573.700639][    C0] RDX: dffffc0000000000 RSI: ffffffff8bcaccc0 RDI: ffffffff8c1f1600
[  573.700651][    C0] RBP: ffffc90000007c68 R08: ffffffff92f71707 R09: 1ffffffff25ee2e0
[  573.700664][    C0] R10: dffffc0000000000 R11: fffffbfff25ee2e1 R12: 1ffff92000000f6c
[  573.700676][    C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000046
[  573.700686][    C0] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  573.700700][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  573.700712][    C0] CR2: 000055e587d07ca3 CR3: 000000007a206000 CR4: 00000000003506f0
[  573.700727][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  573.700736][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  573.700747][    C0] Call Trace:
[  573.700753][    C0]  <NMI>
[  573.700760][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  573.700778][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  573.700796][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  573.700813][    C0]  ? nmi_handle+0x2a/0x5a0
[  573.700846][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  573.700864][    C0]  ? nmi_handle+0x14f/0x5a0
[  573.700887][    C0]  ? nmi_handle+0x2a/0x5a0
[  573.700911][    C0]  ? lock_acquire+0x20a/0x550
[  573.700927][    C0]  ? default_do_nmi+0x63/0x160
[  573.700945][    C0]  ? exc_nmi+0x123/0x1f0
[  573.700962][    C0]  ? end_repeat_nmi+0xf/0x53
[  573.700992][    C0]  ? lock_acquire+0x20a/0x550
[  573.701008][    C0]  ? lock_acquire+0x20a/0x550
[  573.701030][    C0]  ? lock_acquire+0x20a/0x550
[  573.701047][    C0]  </NMI>
[  573.701052][    C0]  <IRQ>
[  573.701061][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  573.701079][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  573.701105][    C0]  ? __hrtimer_run_queues+0x477/0xd50
[  573.701127][    C0]  ? __pfx_lock_release+0x10/0x10
[  573.701147][    C0]  ? __pfx_advance_sched+0x10/0x10
[  573.701171][    C0]  _raw_spin_lock+0x2e/0x40
[  573.701193][    C0]  ? advance_sched+0xab/0xca0
[  573.701215][    C0]  advance_sched+0xab/0xca0
[  573.701240][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  573.701263][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  573.701292][    C0]  ? __pfx_advance_sched+0x10/0x10
[  573.701315][    C0]  __hrtimer_run_queues+0x59b/0xd50
[  573.701337][    C0]  ? ktime_get_update_offsets_now+0x3c/0x250
[  573.701364][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  573.701391][    C0]  hrtimer_interrupt+0x396/0x990
[  573.701426][    C0]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[  573.701451][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  573.701472][    C0]  </IRQ>
[  573.701477][    C0]  <TASK>
[  573.701483][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  573.701505][    C0] RIP: 0010:seqcount_lockdep_reader_access+0x1e0/0x220
[  573.701525][    C0] Code: f7 4d 85 ed 75 16 e8 bf de fe f7 eb 15 e8 b8 de fe f7 e8 a3 ee e5 01 4d 85 ed 74 ea e8 a9 de fe f7 fb 48 c7 04 24 0e 36 e0 45 <4b> c7 04 3c 00 00 00 00 66 43 c7 44 3c 09 00 00 43 c6 44 3c 0b 00
[  573.701539][    C0] RSP: 0018:ffffc900043ef9a0 EFLAGS: 00000293
[  573.701552][    C0] RAX: ffffffff89974817 RBX: 0000000000000000 RCX: ffff88806451da00
[  573.701564][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  573.701573][    C0] RBP: ffffc900043efa50 R08: ffffffff899747ed R09: 1ffffffff25ee2c2
[  573.701585][    C0] R10: dffffc0000000000 R11: fffffbfff25ee2c3 R12: dffffc0000000000
[  573.701597][    C0] R13: 0000000000000200 R14: 0000000000000046 R15: 1ffff9200087df34
[  573.701612][    C0]  ? seqcount_lockdep_reader_access+0x1ad/0x220
[  573.701629][    C0]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  573.701653][    C0]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  573.701680][    C0]  gc_worker+0x316/0x1530
[  573.701700][    C0]  ? gc_worker+0x26b/0x1530
[  573.701724][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  573.701744][    C0]  ? __pfx_gc_worker+0x10/0x10
[  573.701772][    C0]  ? process_scheduled_works+0x945/0x1830
[  573.701788][    C0]  process_scheduled_works+0xa2c/0x1830
[  573.701820][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  573.701842][    C0]  ? assign_work+0x364/0x3d0
[  573.701860][    C0]  worker_thread+0x86d/0xd50
[  573.701882][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  573.701908][    C0]  ? __kthread_parkme+0x169/0x1d0
[  573.701928][    C0]  ? __pfx_worker_thread+0x10/0x10
[  573.701944][    C0]  kthread+0x2f0/0x390
[  573.701962][    C0]  ? __pfx_worker_thread+0x10/0x10
[  573.701978][    C0]  ? __pfx_kthread+0x10/0x10
[  573.701997][    C0]  ret_from_fork+0x4b/0x80
[  573.702020][    C0]  ? __pfx_kthread+0x10/0x10
[  573.702039][    C0]  ret_from_fork_asm+0x1a/0x30
[  573.702069][    C0]  </TASK>
[  574.245988][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  574.252876][   T30] CPU: 1 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc6-syzkaller-00215-g22f902dfc51e #0
[  574.262771][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  574.272824][   T30] Call Trace:
[  574.276105][   T30]  <TASK>
[  574.279038][   T30]  dump_stack_lvl+0x241/0x360
[  574.283846][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  574.289066][   T30]  ? __pfx__printk+0x10/0x10
[  574.293681][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  574.299704][   T30]  ? vscnprintf+0x5d/0x90
[  574.304048][   T30]  panic+0x349/0x860
[  574.307960][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  574.314129][   T30]  ? __pfx_panic+0x10/0x10
[  574.318558][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  574.323946][   T30]  ? __irq_work_queue_local+0x137/0x410
[  574.329498][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  574.334890][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  574.341067][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  574.347244][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  574.353417][   T30]  watchdog+0x101d/0x1020
[  574.357767][   T30]  ? watchdog+0x1ea/0x1020
[  574.362198][   T30]  ? __pfx_watchdog+0x10/0x10
[  574.366882][   T30]  kthread+0x2f0/0x390
[  574.370960][   T30]  ? __pfx_watchdog+0x10/0x10
[  574.375665][   T30]  ? __pfx_kthread+0x10/0x10
[  574.380278][   T30]  ret_from_fork+0x4b/0x80
[  574.384709][   T30]  ? __pfx_kthread+0x10/0x10
[  574.389327][   T30]  ret_from_fork_asm+0x1a/0x30
[  574.394138][   T30]  </TASK>
[  575.503274][   T30] Shutting down cpus with NMI
[  575.508203][   T30] Kernel Offset: disabled
[  575.512518][   T30] Rebooting in 86400 seconds..