last executing test programs:

16.83034163s ago: executing program 0 (id=4790):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)

16.580385581s ago: executing program 0 (id=4791):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x800, 0x0, 0x0, {0x0, 0x3, 0x0, 0x0, 0x220, 0x8020}, [@IFLA_TXQLEN={0x8}, @IFLA_IFNAME={0x14, 0x3, 'geneve1\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004000}, 0x20048081)
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r1)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/ipc\x00')
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
lseek(r2, 0x4, 0x0)
getdents(r2, 0x0, 0x48)

16.196550224s ago: executing program 0 (id=4792):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000240)={0x80, 0x6, 0x347, 0x0, 0x0, 0x0, 0x0})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f00000005c0), 0x10)
sendmsg$can_bcm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="000000800100000052ebec73a2e6"], 0x48}}, 0x0)
sendmsg$can_bcm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={0x7, 0x0, 0x0, {0x77359400}, {}, {0x0, 0x0, 0x0, 0x1}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "67d6182ab09c578f"}}, 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000080000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000021440011800a0001006d617463680000003400028008000240000000001c0003006f56053021e3db5e31a40955c600d35da9e6ac400166db480a0001"], 0xc8}}, 0x0)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r0, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)={0x14, 0x3, 0x2, 0x5, 0x0, 0x0, {0x5, 0x0, 0x3}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x84)
sendmsg$NFT_MSG_GETTABLE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x20040040}, 0xd0)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b11d25a806c8c6f94f90424fc601000407a0a000600053582c137153e37000c1180fc0b2f000300", 0x33fe0}], 0x1, 0x0, 0x0, 0xa}, 0x0)
r6 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000007c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xfff3}, {}, {0x1c, 0xc}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x1}]}}]}, 0x3c}}, 0x44050)
r8 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc))
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
vmsplice(r9, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000080)="a1", 0x20000081}], 0x2, 0x0)
vmsplice(r9, &(0x7f0000000040)=[{&(0x7f00000000c0)='c', 0x1}], 0x1, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg1\x00'})
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)

15.431133482s ago: executing program 0 (id=4797):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa3ffffff8000000703000002feffff720af0fff8ffffff71a4f0ff0000000071100000000000001d900500000000004704000001ed00000f030000000000001d44000000000000620a00fe040026ca7203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350844ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffffffffffb9, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async, rerun: 32)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) (async, rerun: 32)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={0x0}}, 0x0) (async)
r1 = open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x12, r1, 0x0)
sendfile(r1, r1, &(0x7f0000000000), 0x7fff) (async, rerun: 64)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) (rerun: 64)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), r2) (async, rerun: 64)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r2, 0x58, &(0x7f0000000040)}, 0x10) (async, rerun: 64)
ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x541c, &(0x7f0000000180)) (async)
syz_emit_ethernet(0x36, &(0x7f0000000500)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr=0x64010102, @local}, {{0x4001, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) (async, rerun: 32)
r3 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 32)
r4 = openat$cuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0) (async, rerun: 64)
dup2(r0, r2) (rerun: 64)
r5 = syz_io_uring_setup(0x5169, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)=<r6=>0x0) (async)
syz_io_uring_setup(0x5e2, &(0x7f0000000280), &(0x7f0000000200)=<r7=>0x0, &(0x7f0000000180)) (async)
read$FUSE(r4, &(0x7f0000000f80)={0x2020, 0x0, <r8=>0x0, 0x0, <r9=>0x0}, 0x2020)
syz_io_uring_submit(r7, r6, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) (async)
io_uring_enter(r5, 0x72dc, 0x0, 0x0, 0x0, 0x0)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000940)={0xb0, 0x0, r8, [{{0x5, 0x3, 0xf, 0x5, 0x0, 0xd, {0x2, 0x0, 0x8, 0xffffffffffffff7f, 0x9, 0x5, 0x3, 0x8ae, 0x1ff, 0x4000, 0x7a5, 0x0, r9, 0x3}}, {0x0, 0xfffffffffffffff0, 0x1, 0x57d4, '#'}}]}, 0xb0) (async, rerun: 32)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async, rerun: 32)
syz_usb_connect(0x1, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000009a65d0860040800dec30102030109021b0500000000000904"], &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3, [{0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}]})

15.273798014s ago: executing program 2 (id=4798):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x1, 0x9, 0xae, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x85, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000880)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000002300)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000900), &(0x7f0000000940), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001e40)}}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000b80)='blkio.bfq.group_wait_time\x00', 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r0}, 0x38)

15.20926729s ago: executing program 0 (id=4799):
r0 = syz_open_dev$usbfs(0x0, 0x1ff, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x24}}, 0x891)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f00000000c0))
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f0000000040)=0x6646)
sendto$inet(r1, &(0x7f0000000080), 0x0, 0x4000000, &(0x7f0000000000)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='syscall\x00')
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time\x00')
pselect6(0x40, &(0x7f0000000000)={0x0, 0x8, 0x7bb30417, 0x8, 0x0, 0xffff, 0x8, 0x80}, &(0x7f0000000140)={0x8, 0x8d, 0x3, 0x1fec, 0x0, 0x0, 0xfffffffffffffffc, 0xffff}, 0x0, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(0xffffffffffffffff, 0xc1004110, &(0x7f0000000040)={0x0, "8dd2356a9ebb85c49090d8e7251a8f47261a8f4797bf8ba7ff669b27d2af3ae0d402a46e4e967621c2c9fd4f42a31536849f6717859f6717c7862a799260eda3"})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00')
r4 = open_tree(r3, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x224020, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x6, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000080)=0x1)
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "e6dd3c3d"}, 0x0, 0x1, {0x0}})
close(r5)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000001, 0x30, r0, 0x0)
syz_io_uring_setup(0x6ee4, &(0x7f00000003c0)={0x0, 0x439d, 0x1, 0x80000, 0x24}, &(0x7f00000001c0), &(0x7f0000000200))
r6 = syz_io_uring_setup(0x6908, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100))
r7 = io_uring_setup(0x7058, &(0x7f0000000040)={0x0, 0x2b99, 0x2, 0x0, 0x0, 0x0, r6})
io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)

14.382854586s ago: executing program 2 (id=4802):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)

14.285025678s ago: executing program 2 (id=4803):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
syz_open_dev$ttys(0xc, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp6\x00')
read$char_usb(r2, &(0x7f0000000140)=""/189, 0xfffffecd)
sendto$inet6(r0, &(0x7f0000000500)="034891e7f8a50f69f3f83fd67af8fc5b018c1ff7d4ac51d98ec69e2e707d28092dff5af4afab981b12927102e67c29ca2a2a42061cc6d34e20c01da0e80d67f3df1e73", 0x43, 0x22004001, &(0x7f0000000100)={0xa, 0x0, 0x180, @remote}, 0x1c)
sendto$inet6(r0, &(0x7f0000000040)='=', 0x1, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x0, @private0}, 0x1c)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x17, &(0x7f0000000240), 0x14)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
io_uring_setup(0x2815, &(0x7f0000000480)={0x0, 0x28f3, 0x0, 0xfffffffe})
connect(r3, &(0x7f00000003c0)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x80)
syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc0585611, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket(0x26, 0x803, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
close(0x3)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r4, 0x0, 0x18, 0x0, 0x0)
setsockopt$inet_int(r4, 0x0, 0x22, &(0x7f0000000040)=0x7, 0xffffffffffffff32)
ioctl$IOMMU_HWPT_ALLOC$NONE(r2, 0x3b89, &(0x7f0000000440)={0x28, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd7, &(0x7f00000002c0)="231840008827ca9b47ef3dd89eac3eca5fabb50a622c43f93eb365b37c127a6a8e6c5cc2d19a8e1af11aaccafa94638016a0d8ce7bf35b125695a9931a7a16d6130994b0affdc1d156150164c713a428badcd7d922115686c4a8f0f4818e3a123125394f0510f736b5b4e85965599e79a2ee24ffa072ba1b4b2cf7e4e6608682dca57544f472c55259e04d4e1bd54cc2b01ddbb09505a248cb46543e36f56d4928f3c4a5cfffb6d4c4d5ecf8820d5bdd6aa2c55ca817bb052356480a52c790ffbc4dd3744498c5a5478de37e46e1a0ea831c8aac574a69"})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="b80000001900674c0000000000000000ff010000000000000000000000000001e000000100000000000000000000000000000000000000000a"], 0xb8}}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="b80000001900674c0000000000000100ff010000000000000000000000000001e000000100000000000000000000000000000000000000000a00"], 0xb8}, 0x1, 0x0, 0x0, 0x2000c091}, 0x0)

14.274917288s ago: executing program 0 (id=4804):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000380)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x8050}, 0x40000)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x16}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d9", 0xc81}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
recvmsg$unix(r2, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100)
socket$rds(0x15, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000001a80)=""/102386, 0x18ff2}], 0x1, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x41}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000000f40)=[{{0x0, 0xcb000004, 0x0}}], 0x28000, 0x0)
syz_emit_ethernet(0x17b, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r5, 0x84, 0xa, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x20)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$xdp(0x2c, 0x3, 0x0)
userfaultfd(0x80001)

14.071312165s ago: executing program 2 (id=4805):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0}, 0x0)

13.470947179s ago: executing program 3 (id=4807):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000002340)={0x4d}, 0x50)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYRESDEC=r0, @ANYRES64=r0, @ANYRESOCT=r0], 0x0)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
read(r0, &(0x7f0000001480)=""/4096, 0x1000)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = epoll_create(0x8)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x5100, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r1, &(0x7f00000000c0)={0x28, 0x3, 0x0, {0x0, 0x7, 0x0, '\x19%,%^)$'}}, 0x28)

13.199046999s ago: executing program 3 (id=4808):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000240)={0x80, 0x6, 0x347, 0x0, 0x0, 0x0, 0x0})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f00000005c0), 0x10)
sendmsg$can_bcm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="000000800100000052ebec73a2e6"], 0x48}}, 0x0)
sendmsg$can_bcm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={0x7, 0x0, 0x0, {0x77359400}, {}, {0x0, 0x0, 0x0, 0x1}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "67d6182ab09c578f"}}, 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000080000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000021440011800a0001006d617463680000003400028008000240000000001c0003006f56053021e3db5e31a40955c600d35da9e6ac400166db480a0001"], 0xc8}}, 0x0)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r0, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)={0x14, 0x3, 0x2, 0x5, 0x0, 0x0, {0x5, 0x0, 0x3}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x84)
sendmsg$NFT_MSG_GETTABLE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x1, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x20040040}, 0xd0)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, 0x0, 0x0)
r6 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000007c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xfff3}, {}, {0x1c, 0xc}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x1}]}}]}, 0x3c}}, 0x44050)
r8 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc))
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
vmsplice(r9, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000080)="a1", 0x20000081}], 0x2, 0x0)
vmsplice(r9, &(0x7f0000000040)=[{&(0x7f00000000c0)='c', 0x1}], 0x1, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg1\x00'})
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)

12.984896164s ago: executing program 1 (id=4809):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r1, 0x4068aea3, &(0x7f0000000140)={0xa8, 0x0, 0x1})
ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f00000000c0)={0x0, 0x8000000, &(0x7f000000f000/0x2000)=nil})

12.9193661s ago: executing program 3 (id=4810):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000400)={0x2, @pix={0x0, 0xbe, 0x0, 0x0, 0x0, 0x0, 0x5}})
socket$alg(0x26, 0x5, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$VIDIOC_SUBDEV_G_SELECTION(0xffffffffffffffff, 0xc0305602, &(0x7f0000000200)={0x1, 0x0, 0x0, 0x1, {0x0, 0xa93}})
r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="180000003d0007010000000000000000027c0000040000003520a1f059e67e041264a99d25883fd13a3a24c0bab23c3cbb2be81ad5a35fff26ab553eb84636c364102dfe5041975b7696f5493aca41a835e303aa5ca1f120eb34c3a1eb7f2dd41b80ffc878757a3539395f3df596f0e08d3e03c2e61e8aaa7c9b4fbe79852a5e898a0cc33502f44cc6f77d306465514bec100f2ae06544b052b7b3f96d36093c798fb4e4e18fbfb7205de8d4cf7637e4018238847717f1ff38644ed8b9"], 0x18}}, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000007980), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, 0x0)
sendmsg$NL80211_CMD_TDLS_MGMT(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000007bc0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYRES32=0x0, @ANYBLOB="a8b5a969ffa5058c3eb1dcc5fa3bc1cc10570a90ec2eb477f87c398bbf128b233465992f077c6434460fea29a212d71fa63ad6e9f2ef7ffaf536934b24d97b9a3a1dfe9bd8c85cfcd1d80ffdbd2d54b80abb45fc9dee89ff0275930058101b38b3ba7c13e5f48e94d92578bb189ac715ec23f74354a3b96e0792c56e02001ffb4a127217f8217f53a01580463ab8ba9e02"], 0x1c}}, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x40047438, 0x0)
ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r2, 0x3)
syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/disk', 0x141b82, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, 0x0)
write$cgroup_int(r6, &(0x7f0000000040)=0x1ff, 0x12)
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

11.996452633s ago: executing program 4 (id=4812):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x1, 0x9, 0xae, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x85, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000880)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000002300)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000900), &(0x7f0000000940), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001e40)}}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000b80)='blkio.bfq.group_wait_time\x00', 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r0}, 0x38)

11.900622258s ago: executing program 3 (id=4813):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)

11.750776536s ago: executing program 3 (id=4814):
r0 = syz_open_dev$usbfs(0x0, 0x1ff, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x24}}, 0x891)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f00000000c0))
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f0000000040)=0x6646)
sendto$inet(r1, &(0x7f0000000080), 0x0, 0x4000000, &(0x7f0000000000)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='syscall\x00')
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time\x00')
pselect6(0x40, &(0x7f0000000000)={0x0, 0x8, 0x7bb30417, 0x8, 0x0, 0xffff, 0x8, 0x80}, &(0x7f0000000140)={0x8, 0x8d, 0x3, 0x1fec, 0x0, 0x0, 0xfffffffffffffffc, 0xffff}, 0x0, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(0xffffffffffffffff, 0xc1004110, &(0x7f0000000040)={0x0, "8dd2356a9ebb85c49090d8e7251a8f47261a8f4797bf8ba7ff669b27d2af3ae0d402a46e4e967621c2c9fd4f42a31536849f6717859f6717c7862a799260eda3"})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00')
r4 = open_tree(r3, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x224020, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x6, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000080)=0x1)
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "e6dd3c3d"}, 0x0, 0x1, {0x0}})
close(r5)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000001, 0x30, r0, 0x0)
syz_io_uring_setup(0x6ee4, &(0x7f00000003c0)={0x0, 0x439d, 0x1, 0x80000, 0x24}, &(0x7f00000001c0), &(0x7f0000000200))
r6 = syz_io_uring_setup(0x6908, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100))
r7 = io_uring_setup(0x7058, &(0x7f0000000040)={0x0, 0x2b99, 0x2, 0x0, 0x0, 0x0, r6})
io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)

11.199046149s ago: executing program 4 (id=4815):
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000080)=ANY=[@ANYBLOB="27bbed2900000000"], 0x8)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
readahead(0xffffffffffffffff, 0x4, 0x3)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000004cc0)=@newtaction={0x14, 0x31, 0x829}, 0x14}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
eventfd(0x5)
r3 = fsopen(&(0x7f0000000000)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='source', &(0x7f0000000240)='//\xf2/\x06\b//\\o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15m.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8\t\x00\x00\x00\x00\x00\x00\x00\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\t\x00\x00\x00\x00\x00\x00\x00h\xe2!\x00\xb9z)\x19\xe3\xed\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,P\xfe\xe4\xfaN\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x9c\xb5K\x960?\x06]\x1eQ\x10\xe8\xed\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xab', 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b40)=@newlink={0x3c, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_LINK_STATE={0xc, 0x5, {0x81000000}}]}]}, @IFLA_GROUP={0x8}]}, 0x3c}}, 0x0)
close(r1)
getsockopt$TIPC_NODE_RECVQ_DEPTH(0xffffffffffffffff, 0x10f, 0x83, &(0x7f0000000100), &(0x7f0000000180)=0x4)

11.079260596s ago: executing program 1 (id=4816):
syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2)
r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000240)="03", 0x1, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r1}, &(0x7f00000001c0)=""/51, 0x33, &(0x7f0000000340)={&(0x7f0000000280)={'crc32\x00'}, &(0x7f0000000040)="6b10b7101b", 0x5})
syz_usb_connect(0x2, 0x2d, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000109737107d071004c1ec0102030109021b00010040b0000904000001362434000905df03"], 0x0)
syz_usb_connect$printer(0x4, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x14c6c210d24f6d54, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x6, 0x10, 0xc, [{{0x9, 0x4, 0x0, 0xfd, 0x2, 0x7, 0x1, 0x2, 0x1, "", {{{0x9, 0x5, 0x1, 0x2, 0x200, 0x0, 0x1, 0x6}}}}}]}}]}}, &(0x7f0000000340)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x310, 0x9, 0x0, 0x0, 0x20, 0xa5}, 0x24, &(0x7f0000000080)={0x5, 0xf, 0x24, 0x5, [@wireless={0xb, 0x10, 0x1, 0xc, 0xf5, 0x7b, 0x5, 0x7, 0x4}, @ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x14, 0x7, 0x2, 0x4}, @ptm_cap={0x3}, @ext_cap={0x7, 0x10, 0x2, 0x2, 0x3, 0x5, 0x80}]}, 0x5, [{0xf6, &(0x7f00000000c0)=@string={0xf6, 0x3, "4ad0ba892fb47ce8b6fa72ac360736058586277e5943561f3ad514fe360fc7467c5d77a29df2f69c17acf01427b45ea875e4e93de95b96c4c7afb150ccc4a7da50d37abf7c592d763ff66a0021cca8fd6c8549b26d43f24f0684df7d2b43fffa39d96ec3ef45f6d0662b456996310f26811eb5ec068a980bad65d406f04707d8b08b7dbcf793cc50dc7f75a94210afbc437478c6cb5e31ea1e426c96a2ae93575f43a678dbea2762d949dfe24642927aad061c6288d47972675ba3cab09ea46bf0c3b3949e1a605e0aa88a4fa789070e0ebf5988be391154fd0a6bfa2c37cff17869846e9aed1c75a5f9609e0adf761d6ecc8502"}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x422}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x2001}}, {0x12, &(0x7f0000000240)=@string={0x12, 0x3, "4f5745c5632d1d0948680da382b72d5c"}}, {0xa5, &(0x7f0000000280)=@string={0xa5, 0x3, "74ab4d985ef7ef8433c3de20e5751509731777159ce10f2c96316dc20398c3d9d5594e75028df0ff5a573d8b1f933faddcca55dee9ed085decf4ae58153be35372f2026db9d76fb31c52ad4893cdf498ece78e9f5b56ffe41b21bbd7f9407a06fc96f254291d2546e7e44a0eae81851c3d1a37f279f1cc3321d3b0fe3605b2975a18479f5ea1f528581ffd476ed1bee5ef1ae04beaa0c5784883479a1d9141c1874853"}}]})

10.149376759s ago: executing program 4 (id=4817):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
renameat2(r1, &(0x7f0000000240)='./mnt\x00', r1, &(0x7f0000000540)='./mnt\x00', 0x5)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
ppoll(&(0x7f00000000c0)=[{r0, 0x4000}], 0x1, &(0x7f0000000140), &(0x7f00000001c0)={[0x6]}, 0x8)
r3 = accept(r0, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010000000000fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600010002000000080006000a000000080003"], 0x84}}, 0x0)
recvfrom(r2, &(0x7f0000000180)=""/60, 0x13e58, 0x40000000, 0x0, 0x0)

10.116609637s ago: executing program 3 (id=4818):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, &(0x7f00000002c0)=[{0x0, 0x3, 0x0, 0x9}, {0x0, 0x4, 0x0, 0x4}, {0x0, 0x2, 0x0, 0x2}, {0x0, 0x1, 0x0, 0x5}, {0x0, 0x4, 0x0, 0xc}], 0x10, 0x0, @void, @value}, 0x90)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000080), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r1, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000200)={&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000004000/0x1000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000000/0xb000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x0}, 0x68)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x1, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r3 = inotify_init1(0x0)
inotify_add_watch(r3, &(0x7f0000000140)='./file0\x00', 0x20000111)
vmsplice(r2, &(0x7f0000000400)=[{&(0x7f0000000200)='R', 0x1}], 0x1, 0x0)

9.967206228s ago: executing program 2 (id=4819):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r1=>0x0})
r2 = socket$inet(0x2, 0x80001, 0x84)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e20, @broadcast}, 0x10)
r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={0x0, 0x80, 0x10}, 0xc)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x7, [@ptr={0x2, 0x0, 0x0, 0x2, 0x2}, @enum={0xc, 0x2, 0x0, 0x6, 0x4, [{0xd, 0x6}, {0x4, 0x8}]}]}, {0x0, [0x61, 0x1e, 0x30, 0x61, 0x30]}}, &(0x7f0000000480)=""/181, 0x47, 0xb5, 0x0, 0x4, 0x0, @void, @value}, 0x28)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000200)={0x3, 0x4, 0x4, 0xa, 0x0, r3, 0x2e3, '\x00', r1, r4, 0x5, 0x5, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
listen(r2, 0x3)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
pwritev2(r5, 0x0, 0x0, 0x9, 0x7, 0x0)
sendto$inet(r2, &(0x7f0000000040)="0502", 0x2, 0x0, &(0x7f0000000340)={0x2, 0x0, @remote}, 0x10)
sendto$packet(r0, &(0x7f0000000380)="f257a8ea7bc273dfaeab96850806e1e43005ab301c56ecdc9a18affe38edf223f90e8c716b38f4c181129dc420d508821c46f860bfe1a701b94e52b5769280d8c9e797e45a61d60490be25bc3c573211ace8e888bc1fe527f0d15ff74fe1af11cfc2fb432ee022b1b29b4380bf58ca558e4b789a4480a1b3282c6272e3ed9368967ebd4ad343ca28f98396d698ad366a11906493c97b9856c69e6209b810040a86627a26f852ce8aaf26713af20ee48c4587917836b31e663b25ec5bff5c364c0ced5db5edf71d2ed2891f8988d105771963a8a59440c327c55dd382966a5fe2a23b487b9c9ff0b1004061fc66fa36e1bca91f01a3", 0xf5, 0x0, &(0x7f0000000000)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14)

4.631413233s ago: executing program 4 (id=4820):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000240)={0x80, 0x6, 0x347, 0x0, 0x0, 0x0, 0x0})
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f00000005c0), 0x10)
sendmsg$can_bcm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="0500"/16, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="000000800100000052ebec73a2e6"], 0x48}}, 0x0)
sendmsg$can_bcm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)={0x7, 0x0, 0x0, {0x77359400}, {}, {0x0, 0x0, 0x0, 0x1}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "67d6182ab09c578f"}}, 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000080000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000021440011800a0001006d617463680000003400028008000240000000001c0003006f56053021e3db5e31a40955c600d35da9e6ac400166db480a0001"], 0xc8}}, 0x0)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r0, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)={0x14, 0x3, 0x2, 0x5, 0x0, 0x0, {0x5, 0x0, 0x3}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x84)
sendmsg$NFT_MSG_GETTABLE(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x1, 0xa, 0x301, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x20040040}, 0xd0)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, 0x0, 0x0)
r6 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000007c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xfff3}, {}, {0x1c, 0xc}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x1}]}}]}, 0x3c}}, 0x44050)
r8 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc))
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
vmsplice(r9, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000080)="a1", 0x20000081}], 0x2, 0x0)
vmsplice(r9, &(0x7f0000000040)=[{&(0x7f00000000c0)='c', 0x1}], 0x1, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wg1\x00'})
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r10, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3.655823787s ago: executing program 1 (id=4822):
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
r1 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
pwritev(r1, &(0x7f0000000600)=[{0x0}, {0x0}], 0x2, 0x800000, 0x0)
sendfile(r0, r1, 0x0, 0x8)

3.611275893s ago: executing program 2 (id=4823):
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000400)={0x2, @pix={0x0, 0xbe, 0x0, 0x0, 0x0, 0x0, 0x5}})
socket$alg(0x26, 0x5, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$VIDIOC_SUBDEV_G_SELECTION(0xffffffffffffffff, 0xc0305602, &(0x7f0000000200)={0x1, 0x0, 0x0, 0x1, {0x0, 0xa93}})
r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="180000003d0007010000000000000000027c0000040000003520a1f059e67e041264a99d25883fd13a3a24c0bab23c3cbb2be81ad5a35fff26ab553eb84636c364102dfe5041975b7696f5493aca41a835e303aa5ca1f120eb34c3a1eb7f2dd41b80ffc878757a3539395f3df596f0e08d3e03c2e61e8aaa7c9b4fbe79852a5e898a0cc33502f44cc6f77d306465514bec100f2ae06544b052b7b3f96d36093c798fb4e4e18fbfb7205de8d4cf7637e4018238847717f1ff38644ed8b9"], 0x18}}, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000007980), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, 0x0)
sendmsg$NL80211_CMD_TDLS_MGMT(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000007bc0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="a8b5a969ffa5058c3eb1dcc5fa3bc1cc10570a90ec2eb477f87c398bbf128b233465992f077c6434460fea29a212d71fa63ad6e9f2ef7ffaf536934b24d97b9a3a1dfe9bd8c85cfcd1d80ffdbd2d54b80abb45fc9dee89ff0275930058101b38b3ba7c13e5f48e94d92578bb189ac715ec23f74354a3b96e0792c56e02001ffb4a127217f8217f53a01580463ab8ba9e02"], 0x1c}}, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x40047438, 0x0)
ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r2, 0x3)
syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/disk', 0x141b82, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, 0x0)
write$cgroup_int(r6, &(0x7f0000000040)=0x1ff, 0x12)
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

3.271562473s ago: executing program 1 (id=4824):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
bind$inet6(r0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1)

3.159694042s ago: executing program 4 (id=4825):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x1, 0x9, 0xae, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x85, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000800)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000880)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000002300)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000900), &(0x7f0000000940), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001e40)}}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000b80)='blkio.bfq.group_wait_time\x00', 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r0}, 0x38)

839.370009ms ago: executing program 1 (id=4826):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x89f1, 0x0)
syz_usb_connect(0x4, 0x2d, &(0x7f0000000000)=ANY=[@ANYRESHEX=r0, @ANYRESHEX], 0x0)

3.170348ms ago: executing program 4 (id=4828):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e22, @local}, 0x10)
shutdown(r0, 0x0)
recvfrom$inet(r0, &(0x7f0000000180)=""/128, 0x80, 0x102, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_usb_connect$hid(0xf63067478e218e8, 0x36, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000000c0)='ns/ipc\x00')
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000200)={'caif0\x00', 0x400})
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(0xffffffffffffffff, 0x29, 0x37, 0x0, 0x8)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect$uac1(0x0, 0xa6, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902940003010000000904000000010100000a24010000000201024c2402000000000000000000052405000008240800000000e40c24fff08220dabb40b40707072407010000000924030000000001000904010000010200000904010101010200000905010900000000000725010000000009040200000102000009040201010102000009058209000000000007250100000000"], 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x0)
r5 = epoll_create(0x2)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000000))
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000000)='cdg\x00', 0x4)
sendmmsg$inet(r6, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000a40)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2fea5e764494873e0d82a172b3bb54f59b458fd35039c7d81e9ab07f2fb4dad61bd500a119b54", 0x65}, {&(0x7f00000002c0)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e1", 0x60}], 0x2}}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000880)={0x0, @in={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1b}}}, 0x0, 0x10, 0x8, 0x100, 0x48, 0x4, 0x3}, &(0x7f0000000940)=0x9c)

0s ago: executing program 1 (id=4829):
r0 = syz_open_dev$usbfs(0x0, 0x1ff, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x24}}, 0x891)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f00000000c0))
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f0000000040)=0x6646)
sendto$inet(r1, &(0x7f0000000080)="ee83408b2be3662b365d3381e5d2937d65f386686be94251bcd0ecc1533a989a986fffbbf6a6167eee842c1c5331babfd25da1d557ef56187daadfb00faca6d787293611", 0x44, 0x4000000, &(0x7f0000000000)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='syscall\x00')
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time\x00')
pselect6(0x40, &(0x7f0000000000)={0x0, 0x8, 0x7bb30417, 0x8, 0x0, 0xffff, 0x8, 0x80}, &(0x7f0000000140)={0x8, 0x8d, 0x3, 0x1fec, 0x0, 0x0, 0xfffffffffffffffc, 0xffff}, 0x0, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(0xffffffffffffffff, 0xc1004110, &(0x7f0000000040)={0x0, "8dd2356a9ebb85c49090d8e7251a8f47261a8f4797bf8ba7ff669b27d2af3ae0d402a46e4e967621c2c9fd4f42a31536849f6717859f6717c7862a799260eda3"})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00')
r4 = open_tree(r3, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x224020, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x6, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000080)=0x1)
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "e6dd3c3d"}, 0x0, 0x1, {0x0}})
close(r5)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000001, 0x30, r0, 0x0)
syz_io_uring_setup(0x6ee4, &(0x7f00000003c0)={0x0, 0x439d, 0x1, 0x80000, 0x24}, &(0x7f00000001c0), &(0x7f0000000200))
r6 = syz_io_uring_setup(0x6908, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100))
r7 = io_uring_setup(0x7058, &(0x7f0000000040)={0x0, 0x2b99, 0x2, 0x0, 0x0, 0x0, r6})
io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)

kernel console output (not intermixed with test programs):

or??
[ 1492.316891][T27244] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4568'.
[ 1492.824509][T27257] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4572'.
[ 1493.252205][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1493.364468][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1494.046827][ T9388] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1494.059888][T27257] sysfs: cannot create duplicate filename '/class/ieee80211/ü!'
[ 1494.065048][ T9388] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1494.074921][T27257] CPU: 0 UID: 0 PID: 27257 Comm: syz.2.4572 Not tainted 6.11.0-syzkaller-09959-gabf2050f51fd #0
[ 1494.074953][T27257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1494.074968][T27257] Call Trace:
[ 1494.074978][T27257]  <TASK>
[ 1494.074989][T27257]  dump_stack_lvl+0x241/0x360
[ 1494.075029][T27257]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1494.075063][T27257]  ? __pfx__printk+0x10/0x10
[ 1494.075097][T27257]  ? sysfs_warn_dup+0x51/0xa0
[ 1494.120901][T27257]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[ 1494.126475][T27257]  sysfs_warn_dup+0x8e/0xa0
[ 1494.130992][T27257]  sysfs_do_create_link_sd+0xbe/0x110
[ 1494.136388][T27257]  device_add_class_symlinks+0x1c5/0x250
[ 1494.142061][T27257]  device_add+0x553/0xbf0
[ 1494.146406][T27257]  wiphy_register+0x1d3f/0x2b30
[ 1494.151329][T27257]  ? __pfx_wiphy_register+0x10/0x10
[ 1494.156539][T27257]  ? minstrel_ht_alloc+0x72b/0x860
[ 1494.161672][T27257]  ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620
[ 1494.167758][T27257]  ieee80211_register_hw+0x30fb/0x3e10
[ 1494.173238][T27257]  ? ieee80211_register_hw+0x1521/0x3e10
[ 1494.178889][T27257]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1494.184730][T27257]  ? __asan_memset+0x23/0x50
[ 1494.189337][T27257]  ? __hrtimer_init+0x170/0x250
[ 1494.194202][T27257]  mac80211_hwsim_new_radio+0x2a9f/0x4a90
[ 1494.199953][T27257]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1494.206032][T27257]  ? __kmalloc_node_track_caller_noprof+0x242/0x440
[ 1494.212645][T27257]  ? kstrndup+0x5c/0xb0
[ 1494.216815][T27257]  ? __asan_memcpy+0x40/0x70
[ 1494.221418][T27257]  hwsim_new_radio_nl+0xece/0x2290
[ 1494.226572][T27257]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1494.232299][T27257]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1494.237874][T27257]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[ 1494.244214][T27257]  genl_rcv_msg+0xb14/0xec0
[ 1494.248721][T27257]  ? mark_lock+0x9a/0x360
[ 1494.253089][T27257]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1494.258162][T27257]  ? __pfx_lock_acquire+0x10/0x10
[ 1494.263241][T27257]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1494.268803][T27257]  ? __pfx___might_resched+0x10/0x10
[ 1494.274110][T27257]  netlink_rcv_skb+0x1e3/0x430
[ 1494.278897][T27257]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1494.283935][T27257]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1494.289249][T27257]  ? __netlink_deliver_tap+0x77e/0x7c0
[ 1494.294761][T27257]  genl_rcv+0x28/0x40
[ 1494.298761][T27257]  netlink_unicast+0x7f6/0x990
[ 1494.303546][T27257]  ? __pfx_netlink_unicast+0x10/0x10
[ 1494.308847][T27257]  ? __virt_addr_valid+0x183/0x530
[ 1494.313975][T27257]  ? __check_object_size+0x48e/0x900
[ 1494.319274][T27257]  netlink_sendmsg+0x8e4/0xcb0
[ 1494.324113][T27257]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1494.329414][T27257]  ? aa_sock_msg_perm+0x91/0x160
[ 1494.334366][T27257]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1494.339665][T27257]  __sock_sendmsg+0x221/0x270
[ 1494.344361][T27257]  ____sys_sendmsg+0x52a/0x7e0
[ 1494.349138][T27257]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1494.354439][T27257]  __sys_sendmsg+0x292/0x380
[ 1494.359042][T27257]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1494.364189][T27257]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1494.370529][T27257]  ? do_syscall_64+0x100/0x230
[ 1494.375315][T27257]  ? do_syscall_64+0xb6/0x230
[ 1494.380009][T27257]  do_syscall_64+0xf3/0x230
[ 1494.384531][T27257]  ? clear_bhb_loop+0x35/0x90
[ 1494.389229][T27257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1494.395147][T27257] RIP: 0033:0x7fc9e0f7def9
[ 1494.399608][T27257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1494.419232][T27257] RSP: 002b:00007fc9e1d11038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1494.427671][T27257] RAX: ffffffffffffffda RBX: 00007fc9e1135f80 RCX: 00007fc9e0f7def9
[ 1494.435645][T27257] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008
[ 1494.443626][T27257] RBP: 00007fc9e0ff0b76 R08: 0000000000000000 R09: 0000000000000000
[ 1494.451604][T27257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1494.459582][T27257] R13: 0000000000000000 R14: 00007fc9e1135f80 R15: 00007fc9e125fa28
[ 1494.467574][T27257]  </TASK>
[ 1494.499138][ T5281] usb 4-1: USB disconnect, device number 116
[ 1494.513941][T27262] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4573'.
[ 1494.533258][T27263] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4573'.
[ 1494.631977][T20592] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1494.646447][T20592] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1495.448322][T27284] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4578'.
[ 1497.353586][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1497.411151][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1497.748526][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1497.760172][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1497.828000][T27320] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4592'.
[ 1497.950846][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1498.004089][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1498.172722][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1498.209701][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1498.332889][T25015] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1498.356990][T25015] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1498.369237][T25015] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1498.381857][T25015] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1498.391685][T25015] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1498.399292][T25015] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1498.756623][   T12] bridge_slave_1: left allmulticast mode
[ 1498.782712][   T12] bridge_slave_1: left promiscuous mode
[ 1498.810866][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1498.840508][   T12] bridge_slave_0: left allmulticast mode
[ 1498.860889][   T12] bridge_slave_0: left promiscuous mode
[ 1498.883991][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1500.436757][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1500.465048][T10846] Bluetooth: hci0: command tx timeout
[ 1500.496807][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1500.547923][   T12] bond0 (unregistering): Released all slaves
[ 1500.620006][T27347] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1500.990084][T27358] xt_CONNSECMARK: invalid mode: 0
[ 1501.320766][   T12] hsr_slave_0: left promiscuous mode
[ 1501.367530][   T12] hsr_slave_1: left promiscuous mode
[ 1501.390301][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1501.435365][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1501.472170][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1501.523517][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1501.646082][   T12] veth1_macvtap: left promiscuous mode
[ 1501.669393][   T12] veth0_macvtap: left promiscuous mode
[ 1501.713690][   T12] veth1_vlan: left promiscuous mode
[ 1501.725965][   T12] veth0_vlan: left promiscuous mode
[ 1502.394951][ T8835] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[ 1502.536701][T10846] Bluetooth: hci0: command tx timeout
[ 1502.556797][ T8835] usb 5-1: Using ep0 maxpacket: 16
[ 1502.636823][ T8835] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1502.658502][ T8835] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1502.715090][ T8835] usb 5-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[ 1502.762172][ T8835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1502.801994][ T8835] usb 5-1: config 0 descriptor??
[ 1503.458128][T27379] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1503.519821][T27379] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1503.798773][ T8835] usbhid 5-1:0.0: can't add hid device: -71
[ 1503.811690][ T8835] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1503.847348][ T8835] usb 5-1: USB disconnect, device number 75
[ 1504.116742][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1504.256166][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1504.616937][T10846] Bluetooth: hci0: command tx timeout
[ 1505.164977][ T8835] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[ 1505.348218][ T8835] usb 5-1: Using ep0 maxpacket: 8
[ 1505.357764][ T8835] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1505.405562][ T8835] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1505.445461][ T8835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1505.522643][ T8835] usb 5-1: config 0 descriptor??
[ 1505.822746][ T8835] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1509.315380][T10846] Bluetooth: hci0: command tx timeout
[ 1510.276194][T10846] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1510.287902][T10846] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1510.299047][T10846] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1510.308327][T10846] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1510.316407][T10846] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[ 1510.323844][T10846] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1510.545590][    T8] usb 5-1: USB disconnect, device number 76
[ 1510.572155][    T8] iowarrior 5-1:0.0: I/O-Warror #0 now disconnected
[ 1510.800661][T25015] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1510.823899][T25015] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1510.832916][T25015] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1510.865311][T25015] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1510.881713][T27398] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1510.897058][T25015] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[ 1510.904397][T25015] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1511.115531][T27330] chnl_net:caif_netlink_parms(): no params data found
[ 1511.180349][   T29] kauditd_printk_skb: 718 callbacks suppressed
[ 1511.180364][   T29] audit: type=1326 audit(1727211751.922:3395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27407 comm="syz.4.4611" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88ba17def9 code=0x0
[ 1511.570458][T27330] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1511.605929][T27330] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1511.635228][T27330] bridge_slave_0: entered allmulticast mode
[ 1511.649117][T27330] bridge_slave_0: entered promiscuous mode
[ 1511.688794][T27330] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1511.707159][T27330] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1511.724620][T27330] bridge_slave_1: entered allmulticast mode
[ 1511.740229][T27330] bridge_slave_1: entered promiscuous mode
[ 1511.770010][T27404] chnl_net:caif_netlink_parms(): no params data found
[ 1511.916788][T27330] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1511.962389][T27435] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1512.015757][T27330] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1512.176072][T27330] team0: Port device team_slave_0 added
[ 1512.186771][T27330] team0: Port device team_slave_1 added
[ 1512.213364][T27392] chnl_net:caif_netlink_parms(): no params data found
[ 1512.255054][   T46] dccp_close: ABORT with 36 bytes unread
[ 1512.362804][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1512.376113][T10846] Bluetooth: hci7: command tx timeout
[ 1512.488742][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1512.517174][T27330] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1512.524150][T27330] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1512.594922][T27330] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1512.671907][T27404] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1512.685109][T27404] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1512.704144][T27404] bridge_slave_0: entered allmulticast mode
[ 1512.727093][T27404] bridge_slave_0: entered promiscuous mode
[ 1512.802772][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1512.856623][T27330] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1512.872992][T27330] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1512.916664][T27330] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1512.935087][T10846] Bluetooth: hci8: command tx timeout
[ 1513.031141][T27404] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1513.050628][T27404] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1513.071221][T27404] bridge_slave_1: entered allmulticast mode
[ 1513.091176][T27404] bridge_slave_1: entered promiscuous mode
[ 1513.225167][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1513.511532][T27404] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1513.538823][T27404] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1513.561394][T27330] hsr_slave_0: entered promiscuous mode
[ 1513.567854][T27330] hsr_slave_1: entered promiscuous mode
[ 1513.573948][T27330] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1513.583396][T27330] Cannot create hsr debugfs directory
[ 1513.610163][T27392] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1513.618020][T27392] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1513.625752][T27392] bridge_slave_0: entered allmulticast mode
[ 1513.632851][T27392] bridge_slave_0: entered promiscuous mode
[ 1513.662026][T27392] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1513.669571][   T46] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[ 1513.677467][T27392] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1513.688769][T27392] bridge_slave_1: entered allmulticast mode
[ 1513.696057][T27392] bridge_slave_1: entered promiscuous mode
[ 1513.760805][T27392] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1513.794639][T27404] team0: Port device team_slave_0 added
[ 1513.818379][T27404] team0: Port device team_slave_1 added
[ 1513.846581][   T46] usb 5-1: Using ep0 maxpacket: 16
[ 1513.858148][   T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1513.887357][T27392] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1513.897036][   T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1513.914978][   T46] usb 5-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[ 1513.934983][   T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1513.955872][   T46] usb 5-1: config 0 descriptor??
[ 1514.047403][T27392] team0: Port device team_slave_0 added
[ 1514.060348][T27392] team0: Port device team_slave_1 added
[ 1514.067526][T27404] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1514.084749][T27404] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1514.132846][T27404] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1514.173926][T27471] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1514.183056][T27404] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1514.192348][T27404] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1514.195141][T27471] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1514.226451][T27404] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1514.402686][T27392] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1514.415069][T27392] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1514.450076][   T46] usbhid 5-1:0.0: can't add hid device: -71
[ 1514.450278][T27392] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1514.468934][T10846] Bluetooth: hci7: command tx timeout
[ 1514.469042][   T46] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1514.476755][T27392] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1514.489996][T27392] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1514.507032][   T46] usb 5-1: USB disconnect, device number 77
[ 1514.516404][T27392] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1514.653868][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1514.709464][T27404] hsr_slave_0: entered promiscuous mode
[ 1514.725508][T27404] hsr_slave_1: entered promiscuous mode
[ 1514.731868][T27404] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1514.744851][T27404] Cannot create hsr debugfs directory
[ 1514.762796][T27392] hsr_slave_0: entered promiscuous mode
[ 1514.771418][T27392] hsr_slave_1: entered promiscuous mode
[ 1514.779389][T27392] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1514.787140][T27392] Cannot create hsr debugfs directory
[ 1514.826553][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1515.015189][T10846] Bluetooth: hci8: command tx timeout
[ 1515.025162][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1515.160947][T27492] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.4620'.
[ 1515.241169][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1515.320126][T27492] debugfs: Directory 'ü!' with parent 'ieee80211' already present!
[ 1515.725600][   T12] bridge_slave_1: left allmulticast mode
[ 1515.731317][   T12] bridge_slave_1: left promiscuous mode
[ 1515.752935][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1515.773851][   T12] bridge_slave_0: left allmulticast mode
[ 1515.780513][   T12] bridge_slave_0: left promiscuous mode
[ 1515.787375][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1515.807106][   T12] bridge_slave_1: left allmulticast mode
[ 1515.812776][   T12] bridge_slave_1: left promiscuous mode
[ 1515.819440][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1515.828930][   T12] bridge_slave_0: left allmulticast mode
[ 1515.834623][   T12] bridge_slave_0: left promiscuous mode
[ 1515.840811][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1516.540773][T10846] Bluetooth: hci7: command tx timeout
[ 1516.798813][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1516.811407][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1516.825528][   T12] bond0 (unregistering): Released all slaves
[ 1517.008011][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1517.022978][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1517.035740][   T12] bond0 (unregistering): Released all slaves
[ 1517.095021][T10846] Bluetooth: hci8: command tx timeout
[ 1517.129324][T27330] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1517.166537][T27330] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1517.221702][T27330] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1517.279065][T27330] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1517.527771][T27330] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1517.566500][T27330] 8021q: adding VLAN 0 to HW filter on device team0
[ 1517.608950][T17615] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1517.616146][T17615] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1517.732519][  T972] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1517.739729][  T972] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1517.959378][T27392] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1518.065968][T27392] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1518.118031][T27392] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1518.150365][   T12] hsr_slave_0: left promiscuous mode
[ 1518.160255][   T12] hsr_slave_1: left promiscuous mode
[ 1518.184576][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1518.202906][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1518.241686][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1518.257055][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1518.273521][   T12] hsr_slave_0: left promiscuous mode
[ 1518.287386][   T12] hsr_slave_1: left promiscuous mode
[ 1518.302833][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1518.313764][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1518.334128][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1518.342733][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1518.441331][   T12] veth1_macvtap: left promiscuous mode
[ 1518.466605][   T12] veth0_macvtap: left promiscuous mode
[ 1518.477261][   T12] veth1_vlan: left promiscuous mode
[ 1518.487274][   T12] veth0_vlan: left promiscuous mode
[ 1518.519528][   T12] veth1_macvtap: left promiscuous mode
[ 1518.528272][   T12] veth0_macvtap: left promiscuous mode
[ 1518.536344][   T12] veth1_vlan: left promiscuous mode
[ 1518.542938][   T12] veth0_vlan: left promiscuous mode
[ 1518.616879][T10846] Bluetooth: hci7: command tx timeout
[ 1519.186003][T10846] Bluetooth: hci8: command tx timeout
[ 1519.433424][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1519.489318][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1520.631164][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1520.684086][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1521.329186][T27392] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1521.703942][T27330] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1521.863587][T27392] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1522.008354][T27392] 8021q: adding VLAN 0 to HW filter on device team0
[ 1522.093846][T27554] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1522.147390][T27552] netlink: 'syz.4.4630': attribute type 49 has an invalid length.
[ 1522.191143][T27330] veth0_vlan: entered promiscuous mode
[ 1522.212071][ T9388] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1522.219222][ T9388] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1522.256881][ T9388] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1522.264025][ T9388] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1522.322322][T27330] veth1_vlan: entered promiscuous mode
[ 1522.345778][T27404] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1522.354707][T27404] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1522.459281][T27404] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1522.486350][T27404] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1522.583645][T27330] veth0_macvtap: entered promiscuous mode
[ 1522.691236][T27330] veth1_macvtap: entered promiscuous mode
[ 1522.728291][T27392] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1522.819270][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1522.850500][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1522.881671][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1522.907324][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1522.931423][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1522.952290][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1522.973447][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1522.985721][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.015026][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1523.036506][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.062300][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1523.083665][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.105085][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1523.132713][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.144976][ T5282] usb 5-1: new full-speed USB device number 78 using dummy_hcd
[ 1523.153067][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1523.174188][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.205095][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1523.226498][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.244400][T27330] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1523.294099][ T5282] usb 5-1: device descriptor read/64, error -71
[ 1523.328086][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1523.340009][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.350092][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1523.365114][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.381463][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1523.392141][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.402835][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1523.414219][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.424362][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1523.435055][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.445176][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1523.460065][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.477982][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1523.493125][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.503257][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1523.514446][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.534983][ T5282] usb 5-1: new full-speed USB device number 79 using dummy_hcd
[ 1523.561261][T27330] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1523.574132][T27330] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1523.586626][T27330] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1523.613298][T27330] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1523.623695][T27330] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1523.633313][T27330] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1523.653031][T27330] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1523.685326][ T5282] usb 5-1: device descriptor read/64, error -71
[ 1523.697778][T27404] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1523.713428][T27392] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1523.769738][T27404] 8021q: adding VLAN 0 to HW filter on device team0
[ 1523.797108][ T5282] usb usb5-port1: attempt power cycle
[ 1523.849310][T20596] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1523.856500][T20596] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1523.908097][T20596] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1523.915267][T20596] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1524.024050][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1524.042052][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1524.088782][T27392] veth0_vlan: entered promiscuous mode
[ 1524.108964][T27404] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1524.121157][T27404] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1524.136848][ T5282] usb 5-1: new full-speed USB device number 80 using dummy_hcd
[ 1524.148612][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1524.165970][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1524.173410][ T5282] usb 5-1: device descriptor read/8, error -71
[ 1524.188630][T27392] veth1_vlan: entered promiscuous mode
[ 1524.262794][T27404] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1524.302416][T27392] veth0_macvtap: entered promiscuous mode
[ 1524.336865][T27392] veth1_macvtap: entered promiscuous mode
[ 1524.380973][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1524.412330][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.425041][ T5282] usb 5-1: new full-speed USB device number 81 using dummy_hcd
[ 1524.432807][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1524.444234][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.454507][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1524.461814][ T5282] usb 5-1: device descriptor read/8, error -71
[ 1524.466762][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.482094][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1524.493219][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.506453][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1524.517272][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.528315][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1524.539968][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.550941][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1524.561763][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.572575][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1524.584155][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.586605][ T5282] usb usb5-port1: unable to enumerate USB device
[ 1524.594912][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1524.612846][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.622857][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1524.636110][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.648673][T27392] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1524.677298][T27404] veth0_vlan: entered promiscuous mode
[ 1524.689379][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1524.725533][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.736316][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1524.747836][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.767965][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1524.783296][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.803148][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1524.803746][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1524.826993][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.847539][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1524.871605][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.891975][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1524.913032][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.933414][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1524.957946][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1524.973776][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1524.996491][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.015403][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1525.036287][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.064965][T27392] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1525.084928][T27392] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.106465][T27392] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1525.166794][T27392] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1525.184851][T27392] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1525.193633][T27392] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1525.229327][T27392] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1525.257060][T27404] veth1_vlan: entered promiscuous mode
[ 1525.359459][T27404] veth0_macvtap: entered promiscuous mode
[ 1525.374478][T27404] veth1_macvtap: entered promiscuous mode
[ 1525.477687][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1525.477688][T27637] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.4636'.
[ 1525.477715][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.541662][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1525.555038][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.565448][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1525.580445][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.590869][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1525.603733][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.614002][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1525.642445][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.663883][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1525.682185][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.702533][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1525.724204][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.758937][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1525.788930][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.799168][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1525.809899][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.821143][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1525.832598][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.842670][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1525.854031][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.870153][T27404] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1525.883523][T20692] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1525.894291][T20692] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1525.921122][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1525.944882][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.954738][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1525.977483][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1525.987693][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1525.998263][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1526.008159][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1526.018668][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1526.032249][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1526.042935][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1526.052853][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1526.063635][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1526.073573][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1526.084117][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1526.094018][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1526.104545][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1526.114448][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1526.125000][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1526.135695][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1526.146668][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1526.156602][T27404] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1526.167155][T27404] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1526.178613][T27404] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1526.187054][T27637] debugfs: Directory 'ü!' with parent 'ieee80211' already present!
[ 1526.237006][T27404] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1526.246201][T27404] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1526.256685][T27404] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1526.265705][T27404] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1526.373430][T27657] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4638'.
[ 1526.390876][T27657] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4638'.
[ 1526.401948][T27659] FAULT_INJECTION: forcing a failure.
[ 1526.401948][T27659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1526.440999][T27659] CPU: 0 UID: 0 PID: 27659 Comm: syz.2.4639 Not tainted 6.11.0-syzkaller-09959-gabf2050f51fd #0
[ 1526.451457][T27659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1526.461530][T27659] Call Trace:
[ 1526.464856][T27659]  <TASK>
[ 1526.467804][T27659]  dump_stack_lvl+0x241/0x360
[ 1526.472503][T27659]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1526.477707][T27659]  ? __pfx__printk+0x10/0x10
[ 1526.482346][T27659]  ? __pfx_lock_release+0x10/0x10
[ 1526.487387][T27659]  ? __lock_acquire+0x1384/0x2050
[ 1526.492456][T27659]  should_fail_ex+0x3b0/0x4e0
[ 1526.497161][T27659]  _copy_from_user+0x2f/0xe0
[ 1526.501779][T27659]  kstrtouint_from_user+0xc6/0x190
[ 1526.506905][T27659]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1526.512627][T27659]  ? __pfx_lock_acquire+0x10/0x10
[ 1526.517668][T27659]  proc_fail_nth_write+0xaa/0x2d0
[ 1526.522723][T27659]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1526.528622][T27659]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1526.534280][T27659]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1526.539936][T27659]  vfs_write+0x29c/0xc90
[ 1526.544205][T27659]  ? __pfx_vfs_write+0x10/0x10
[ 1526.548987][T27659]  ? __fget_files+0x3f3/0x470
[ 1526.553672][T27659]  ? fdget_pos+0x24e/0x320
[ 1526.558090][T27659]  ksys_write+0x183/0x2b0
[ 1526.562427][T27659]  ? __pfx_ksys_write+0x10/0x10
[ 1526.567286][T27659]  ? do_syscall_64+0x100/0x230
[ 1526.572064][T27659]  ? do_syscall_64+0xb6/0x230
[ 1526.576766][T27659]  do_syscall_64+0xf3/0x230
[ 1526.581288][T27659]  ? clear_bhb_loop+0x35/0x90
[ 1526.585978][T27659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1526.591880][T27659] RIP: 0033:0x7f0e4357c9df
[ 1526.596303][T27659] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[ 1526.615917][T27659] RSP: 002b:00007f0e44291030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1526.624339][T27659] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0e4357c9df
[ 1526.632310][T27659] RDX: 0000000000000001 RSI: 00007f0e442910a0 RDI: 0000000000000004
[ 1526.640284][T27659] RBP: 00007f0e44291090 R08: 0000000000000000 R09: 0000000000000000
[ 1526.648304][T27659] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1526.656313][T27659] R13: 0000000000000000 R14: 00007f0e43735f80 R15: 00007f0e4385fa28
[ 1526.664301][T27659]  </TASK>
[ 1526.729277][ T3005] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1526.752819][ T3005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1526.801111][   T46] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[ 1526.842548][ T3005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1526.865654][ T3005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1526.898836][   T29] audit: type=1326 audit(1727211767.632:3396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27660 comm="syz.2.4640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1526.936547][T27663] netlink: 'syz.0.4641': attribute type 3 has an invalid length.
[ 1526.951968][   T29] audit: type=1326 audit(1727211767.642:3397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27660 comm="syz.2.4640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1526.964389][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1527.015690][   T46] usb 5-1: Using ep0 maxpacket: 8
[ 1527.024622][   T29] audit: type=1326 audit(1727211767.642:3398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27660 comm="syz.2.4640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1527.038468][   T46] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee
[ 1527.063623][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1527.102664][   T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1527.125307][   T29] audit: type=1326 audit(1727211767.642:3399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27660 comm="syz.2.4640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1527.134276][   T46] usb 5-1: Product: syz
[ 1527.173321][   T46] usb 5-1: Manufacturer: syz
[ 1527.197308][   T46] usb 5-1: SerialNumber: syz
[ 1527.198809][   T29] audit: type=1326 audit(1727211767.642:3400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27660 comm="syz.2.4640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1527.248304][   T46] usb 5-1: config 0 descriptor??
[ 1527.278000][   T29] audit: type=1326 audit(1727211767.642:3401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27660 comm="syz.2.4640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1527.334069][   T29] audit: type=1326 audit(1727211767.642:3402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27660 comm="syz.2.4640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1527.342588][T27677] fuse: Unknown parameter ' 8û'
[ 1527.363468][ T5228] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[ 1527.448121][   T29] audit: type=1326 audit(1727211767.642:3403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27660 comm="syz.2.4640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1527.480490][   T46] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1527.522606][   T29] audit: type=1326 audit(1727211767.642:3404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27660 comm="syz.2.4640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1527.535900][ T5228] usb 3-1: Using ep0 maxpacket: 8
[ 1527.598582][   T29] audit: type=1326 audit(1727211767.642:3405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27660 comm="syz.2.4640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1527.611374][ T5228] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1527.759436][ T5228] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1527.810417][ T5228] usb 3-1: Product: syz
[ 1527.828860][ T5228] usb 3-1: Manufacturer: syz
[ 1527.851615][ T5228] usb 3-1: SerialNumber: syz
[ 1528.547561][T27695] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1528.587780][T27695] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1528.661315][T27695] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1528.704511][T27695] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1528.755599][T27695] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1528.789107][T27695] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1529.045190][ T5228] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[ 1529.185766][T27677] coredump: 2(syz.3.4608): written to core: VMAs: 35, size 97345536; core: 60050114 bytes, pos 97353728
[ 1529.225173][ T5228] usb 2-1: Using ep0 maxpacket: 32
[ 1529.238137][ T5228] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 1529.258283][ T5228] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1529.277958][ T5228] usb 2-1: Product: syz
[ 1529.287775][ T5228] usb 2-1: Manufacturer: syz
[ 1529.302671][ T5228] usb 2-1: SerialNumber: syz
[ 1529.319868][ T5228] usb 2-1: config 0 descriptor??
[ 1529.336901][ T5228] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 1529.514953][   T46] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[ 1529.782439][ T5279] usb 5-1: USB disconnect, device number 82
[ 1529.857101][ T5228] gspca_stk1135: reg_w 0x2 err -110
[ 1529.880497][ T5228] gspca_stk1135: serial bus timeout: status=0x00
[ 1529.897662][ T5228] gspca_stk1135: Sensor write failed
[ 1529.903074][ T5228] gspca_stk1135: serial bus timeout: status=0x00
[ 1529.924014][ T5228] gspca_stk1135: Sensor write failed
[ 1529.936009][ T5228] gspca_stk1135: serial bus timeout: status=0x00
[ 1529.955261][ T5228] gspca_stk1135: Sensor read failed
[ 1529.972107][ T5228] gspca_stk1135: serial bus timeout: status=0x00
[ 1529.993333][ T5228] gspca_stk1135: Sensor read failed
[ 1530.002243][ T5228] gspca_stk1135: Detected sensor type unknown (0x0)
[ 1530.025509][ T5228] gspca_stk1135: serial bus timeout: status=0x00
[ 1530.039944][ T5228] gspca_stk1135: Sensor read failed
[ 1530.046282][   T46] usb 3-1: USB disconnect, device number 53
[ 1530.076887][ T5228] gspca_stk1135: serial bus timeout: status=0x00
[ 1530.108029][ T5228] gspca_stk1135: Sensor read failed
[ 1530.135418][ T5228] gspca_stk1135: serial bus timeout: status=0x00
[ 1530.157934][ T5228] gspca_stk1135: Sensor write failed
[ 1530.175929][ T5228] gspca_stk1135: serial bus timeout: status=0x00
[ 1530.214641][ T5228] gspca_stk1135: Sensor write failed
[ 1530.223199][ T5228] stk1135 2-1:0.0: probe with driver stk1135 failed with error -110
[ 1530.497480][T27732] xt_CONNSECMARK: invalid mode: 0
[ 1530.814959][ T5228] usb 4-1: new high-speed USB device number 117 using dummy_hcd
[ 1530.995210][ T5228] usb 4-1: Using ep0 maxpacket: 16
[ 1531.020258][ T5228] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1531.045450][ T5228] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1531.075174][ T5228] usb 4-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[ 1531.106151][ T5228] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1531.134748][ T5228] usb 4-1: config 0 descriptor??
[ 1531.376253][T27737] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1531.408639][T27737] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1531.510282][T27745] xt_CHECKSUM: unsupported CHECKSUM operation 68
[ 1531.677774][ T5228] usbhid 4-1:0.0: can't add hid device: -71
[ 1531.690901][ T5228] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1531.727220][ T5228] usb 4-1: USB disconnect, device number 117
[ 1531.768113][ T5279] usb 2-1: USB disconnect, device number 81
[ 1531.870128][T27748] FAULT_INJECTION: forcing a failure.
[ 1531.870128][T27748] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1531.886705][T27748] CPU: 0 UID: 0 PID: 27748 Comm: syz.1.4656 Not tainted 6.11.0-syzkaller-09959-gabf2050f51fd #0
[ 1531.897179][T27748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1531.907267][T27748] Call Trace:
[ 1531.910585][T27748]  <TASK>
[ 1531.913539][T27748]  dump_stack_lvl+0x241/0x360
[ 1531.918281][T27748]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1531.923517][T27748]  ? __pfx__printk+0x10/0x10
[ 1531.928149][T27748]  ? snprintf+0xda/0x120
[ 1531.932421][T27748]  should_fail_ex+0x3b0/0x4e0
[ 1531.937130][T27748]  _copy_to_user+0x2f/0xb0
[ 1531.941583][T27748]  simple_read_from_buffer+0xca/0x150
[ 1531.947087][T27748]  proc_fail_nth_read+0x1e9/0x250
[ 1531.952161][T27748]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1531.957756][T27748]  ? rw_verify_area+0x55e/0x6f0
[ 1531.962642][T27748]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1531.968238][T27748]  vfs_read+0x201/0xbc0
[ 1531.972440][T27748]  ? __pfx_lock_release+0x10/0x10
[ 1531.977519][T27748]  ? __pfx_vfs_read+0x10/0x10
[ 1531.982243][T27748]  ? __fget_files+0x3f3/0x470
[ 1531.986962][T27748]  ? fdget_pos+0x24e/0x320
[ 1531.991409][T27748]  ksys_read+0x183/0x2b0
[ 1531.995686][T27748]  ? __pfx_ksys_read+0x10/0x10
[ 1532.000487][T27748]  ? do_syscall_64+0x100/0x230
[ 1532.005307][T27748]  ? do_syscall_64+0xb6/0x230
[ 1532.010049][T27748]  do_syscall_64+0xf3/0x230
[ 1532.014598][T27748]  ? clear_bhb_loop+0x35/0x90
[ 1532.019405][T27748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1532.025362][T27748] RIP: 0033:0x7f54ccb7c93c
[ 1532.029842][T27748] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 1532.049488][T27748] RSP: 002b:00007f54cda26030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1532.057977][T27748] RAX: ffffffffffffffda RBX: 00007f54ccd35f80 RCX: 00007f54ccb7c93c
[ 1532.065988][T27748] RDX: 000000000000000f RSI: 00007f54cda260a0 RDI: 0000000000000006
[ 1532.073992][T27748] RBP: 00007f54cda26090 R08: 0000000000000000 R09: 0000000000000000
[ 1532.081996][T27748] R10: 00000000200003c0 R11: 0000000000000246 R12: 0000000000000001
[ 1532.090002][T27748] R13: 0000000000000000 R14: 00007f54ccd35f80 R15: 00007f54cce5fa28
[ 1532.098028][T27748]  </TASK>
[ 1532.101207][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1532.282154][T27752] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4658'.
[ 1532.546140][   T46] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[ 1532.725529][   T46] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1532.732212][   T46] usb 2-1: New USB device found, idVendor=0e41, idProduct=4150, bcdDevice=1f.c8
[ 1532.762594][   T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1532.819359][   T46] usb 2-1: config 0 descriptor??
[ 1532.843016][T27765] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1532.874052][   T46] snd_usb_toneport 2-1:0.0: Line 6 POD Studio UX1 found
[ 1533.084062][   T46] snd_usb_toneport 2-1:0.0: cannot get proper max packet size
[ 1533.095119][   T46] snd_usb_toneport 2-1:0.0: Line 6 POD Studio UX1 now disconnected
[ 1533.109972][   T46] snd_usb_toneport 2-1:0.0: probe with driver snd_usb_toneport failed with error -22
[ 1533.282832][   T29] kauditd_printk_skb: 2 callbacks suppressed
[ 1533.282853][   T29] audit: type=1326 audit(1727211774.022:3408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.2.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1533.354087][ T5279] usb 2-1: USB disconnect, device number 82
[ 1533.356821][   T29] audit: type=1326 audit(1727211774.072:3409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.2.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1533.382949][   T29] audit: type=1326 audit(1727211774.072:3410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.2.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1533.408565][   T29] audit: type=1326 audit(1727211774.072:3411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.2.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1533.433005][   T29] audit: type=1326 audit(1727211774.172:3412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.2.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1533.455599][   T29] audit: type=1326 audit(1727211774.172:3413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.2.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1533.478114][   T29] audit: type=1326 audit(1727211774.172:3414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.2.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1533.502205][   T29] audit: type=1326 audit(1727211774.242:3415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27776 comm="syz.2.4665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f0e4357def9 code=0x7ffc0000
[ 1533.560344][T27784] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4665'.
[ 1533.645102][    T9] usb 4-1: new high-speed USB device number 118 using dummy_hcd
[ 1533.815125][    T9] usb 4-1: Using ep0 maxpacket: 8
[ 1533.841740][    T9] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1533.851636][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1533.875542][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1533.927206][    T9] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1533.952655][    T9] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1533.964295][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1534.208677][    T9] usb 4-1: GET_CAPABILITIES returned 0
[ 1534.282475][    T9] usbtmc 4-1:16.0: can't read capabilities
[ 1534.760358][    T9] usb 4-1: USB disconnect, device number 118
[ 1535.995294][ T5281] usb 4-1: new high-speed USB device number 119 using dummy_hcd
[ 1536.156879][ T5281] usb 4-1: config 0 has no interfaces?
[ 1536.162696][ T5281] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1536.242400][ T5281] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1536.356325][ T5281] usb 4-1: config 0 descriptor??
[ 1536.728711][T27806] program syz.3.4674 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1536.739109][ T5282] usb 4-1: USB disconnect, device number 119
[ 1537.123605][T27835] FAULT_INJECTION: forcing a failure.
[ 1537.123605][T27835] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1537.164392][T27835] CPU: 1 UID: 0 PID: 27835 Comm: syz.1.4684 Not tainted 6.11.0-syzkaller-09959-gabf2050f51fd #0
[ 1537.174876][T27835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1537.184954][T27835] Call Trace:
[ 1537.188258][T27835]  <TASK>
[ 1537.191213][T27835]  dump_stack_lvl+0x241/0x360
[ 1537.195935][T27835]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1537.201174][T27835]  ? __pfx__printk+0x10/0x10
[ 1537.205802][T27835]  ? iovec_from_user+0x61/0x240
[ 1537.210715][T27835]  ? __pfx_lock_release+0x10/0x10
[ 1537.215791][T27835]  should_fail_ex+0x3b0/0x4e0
[ 1537.220519][T27835]  _copy_from_user+0x2f/0xe0
[ 1537.225147][T27835]  ____sys_sendmsg+0x2ef/0x7e0
[ 1537.229953][T27835]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1537.235288][T27835]  __sys_sendmmsg+0x3ab/0x730
[ 1537.240034][T27835]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1537.245275][T27835]  ? __pfx_lock_release+0x10/0x10
[ 1537.250342][T27835]  ? kstrtouint_from_user+0x128/0x190
[ 1537.255783][T27835]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1537.261739][T27835]  ? ksys_write+0x229/0x2b0
[ 1537.266285][T27835]  ? __pfx_lock_release+0x10/0x10
[ 1537.271365][T27835]  ? vfs_write+0x7bf/0xc90
[ 1537.275839][T27835]  ? kmem_cache_free+0x1a2/0x420
[ 1537.280833][T27835]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1537.286528][T27835]  ? __fget_files+0x3f3/0x470
[ 1537.291252][T27835]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1537.297278][T27835]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1537.303645][T27835]  ? do_syscall_64+0x100/0x230
[ 1537.308455][T27835]  __x64_sys_sendmmsg+0xa0/0xb0
[ 1537.313343][T27835]  do_syscall_64+0xf3/0x230
[ 1537.317891][T27835]  ? clear_bhb_loop+0x35/0x90
[ 1537.322613][T27835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1537.328548][T27835] RIP: 0033:0x7f54ccb7def9
[ 1537.332996][T27835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1537.352637][T27835] RSP: 002b:00007f54cda26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1537.361104][T27835] RAX: ffffffffffffffda RBX: 00007f54ccd35f80 RCX: 00007f54ccb7def9
[ 1537.369201][T27835] RDX: 0000000000000001 RSI: 0000000020000bc0 RDI: 0000000000000003
[ 1537.377209][T27835] RBP: 00007f54cda26090 R08: 0000000000000000 R09: 0000000000000000
[ 1537.385218][T27835] R10: 0000000014000000 R11: 0000000000000246 R12: 0000000000000001
[ 1537.393226][T27835] R13: 0000000000000000 R14: 00007f54ccd35f80 R15: 00007f54cce5fa28
[ 1537.401246][T27835]  </TASK>
[ 1537.792446][T27840] kAFS: unable to lookup cell '×­àé6Wêáâ6ß¾—™äé%¾$ɆJJ¼÷=1©üU–¿Çxƒì'
[ 1537.860725][T27840] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4686'.
[ 1538.005043][ T5282] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[ 1538.218527][ T5282] usb 2-1: Using ep0 maxpacket: 8
[ 1538.249040][ T5282] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1538.285363][ T5282] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1538.335680][ T5282] usb 2-1: config 0 descriptor??
[ 1539.447323][ T5228] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[ 1539.655364][ T5228] usb 3-1: Using ep0 maxpacket: 16
[ 1539.674332][ T5228] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1539.687120][ T5228] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[ 1539.740761][ T5228] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1023
[ 1539.869763][T27870] program syz.0.4697 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1540.075159][ T5281] usb 4-1: new high-speed USB device number 120 using dummy_hcd
[ 1540.185160][ T5228] usb 3-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[ 1540.194281][ T5228] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1540.204924][ T5228] usb 3-1: Product: syz
[ 1540.209184][ T5228] usb 3-1: Manufacturer: syz
[ 1540.213877][ T5228] usb 3-1: SerialNumber: syz
[ 1540.221756][ T5228] usb 3-1: config 0 descriptor??
[ 1540.225752][ T5281] usb 4-1: Using ep0 maxpacket: 32
[ 1540.227661][T27858] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1540.245450][ T5228] mcba_usb 3-1:0.0 can0: failed tx_urb -90
[ 1540.251306][ T5228] mcba_usb 3-1:0.0 can0: Failed to send cmd (169)
[ 1540.266833][ T5228] mcba_usb 3-1:0.0 can0: failed tx_urb -90
[ 1540.272702][ T5228] mcba_usb 3-1:0.0 can0: Failed to send cmd (169)
[ 1540.284475][ T5281] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1540.294843][ T5228] mcba_usb 3-1:0.0: Microchip CAN BUS Analyzer connected
[ 1540.312299][ T5281] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1540.341709][ T5281] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[ 1540.384575][ T5281] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1540.405937][ T5281] usb 4-1: config 0 descriptor??
[ 1540.417442][ T5282] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1540.427715][ T5282] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[ 1540.490546][ T5282] asix 2-1:0.0: probe with driver asix failed with error -71
[ 1540.542969][ T5282] usb 2-1: USB disconnect, device number 83
[ 1540.670016][T27862] mac80211_hwsim hwsim311 wlan0: entered promiscuous mode
[ 1540.725714][T27862] macvlan2: entered allmulticast mode
[ 1540.731801][T27862] mac80211_hwsim hwsim311 wlan0: entered allmulticast mode
[ 1540.794321][T27862] mac80211_hwsim hwsim311 wlan0: left promiscuous mode
[ 1541.133415][T25015] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1541.146185][T25015] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1541.160337][T25015] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1541.170720][T25015] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1541.180881][T25015] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1541.189887][T25015] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1541.585073][    T9] usb 2-1: new full-speed USB device number 84 using dummy_hcd
[ 1541.703279][ T8835] usb 3-1: USB disconnect, device number 54
[ 1541.710684][ T8835] mcba_usb 3-1:0.0 can0: device disconnected
[ 1541.734657][ T3005] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1541.758954][ T4896] mcba_usb 3-1:0.0 can0: bit-timing not yet defined
[ 1541.769647][    T9] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[ 1541.780309][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1541.837190][    T9] usb 2-1: config 0 has no interface number 0
[ 1541.847600][T27893] chnl_net:caif_netlink_parms(): no params data found
[ 1541.859785][    T9] usb 2-1: config 0 interface 184 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[ 1541.920410][    T9] usb 2-1: config 0 interface 184 has no altsetting 0
[ 1541.940439][    T9] usb 2-1: New USB device found, idVendor=0db0, idProduct=1020, bcdDevice=d7.29
[ 1541.951952][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1541.973435][    T9] usb 2-1: Product: syz
[ 1541.987713][ T3005] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1541.989701][    T9] usb 2-1: Manufacturer: syz
[ 1542.028579][    T9] usb 2-1: SerialNumber: syz
[ 1542.057468][    T9] usb 2-1: config 0 descriptor??
[ 1542.288379][ T3005] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1542.307685][ T8835] usb 2-1: USB disconnect, device number 84
[ 1542.510468][ T3005] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1542.575722][ T5281] usbhid 4-1:0.0: can't add hid device: -71
[ 1542.583601][ T5281] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1542.647453][ T5281] usb 4-1: USB disconnect, device number 120
[ 1542.738848][T27893] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1542.758425][T27893] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1542.772204][T27893] bridge_slave_0: entered allmulticast mode
[ 1542.779605][T27925] program syz.3.4708 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1542.791807][T27893] bridge_slave_0: entered promiscuous mode
[ 1542.807606][T27893] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1542.835207][T27893] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1542.852905][T27893] bridge_slave_1: entered allmulticast mode
[ 1542.874346][T27893] bridge_slave_1: entered promiscuous mode
[ 1543.009420][T27893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1543.031932][T27893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1543.157334][T27893] team0: Port device team_slave_0 added
[ 1543.200091][T27893] team0: Port device team_slave_1 added
[ 1543.256814][T10846] Bluetooth: hci3: command tx timeout
[ 1543.284328][T25015] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1543.302156][T25015] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1543.310572][T25015] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1543.322796][T25015] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1543.331271][T25015] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1543.341348][T25015] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1543.474280][T27893] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1543.536332][T27893] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1543.616270][T27893] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1543.640560][ T3005] bridge_slave_1: left allmulticast mode
[ 1543.655189][ T3005] bridge_slave_1: left promiscuous mode
[ 1543.671274][ T3005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1543.704090][ T3005] bridge_slave_0: left allmulticast mode
[ 1543.722335][ T3005] bridge_slave_0: left promiscuous mode
[ 1543.740419][ T3005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1544.735804][ T3005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1544.758087][ T3005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1544.771716][ T3005] bond0 (unregistering): Released all slaves
[ 1544.788365][T27893] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1544.795493][T27893] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1544.821582][T27893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1544.887799][T27970] netlink: 'syz.1.4717': attribute type 10 has an invalid length.
[ 1544.934478][T27970] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1544.943430][T27970] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 1545.109217][T27979] program syz.1.4719 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1545.112345][T27893] hsr_slave_0: entered promiscuous mode
[ 1545.136395][T27893] hsr_slave_1: entered promiscuous mode
[ 1545.294940][ T5281] usb 4-1: new high-speed USB device number 121 using dummy_hcd
[ 1545.337682][T25015] Bluetooth: hci3: command tx timeout
[ 1545.367741][ T3005] hsr_slave_0: left promiscuous mode
[ 1545.387950][ T3005] hsr_slave_1: left promiscuous mode
[ 1545.416392][ T3005] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1545.424157][ T3005] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1545.425502][T25015] Bluetooth: hci0: command tx timeout
[ 1545.455132][ T5281] usb 4-1: Using ep0 maxpacket: 8
[ 1545.467151][ T5281] usb 4-1: config 0 has an invalid interface number: 143 but max is 0
[ 1545.475528][ T5281] usb 4-1: config 0 has no interface number 0
[ 1545.475832][ T3005] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1545.481626][ T5281] usb 4-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b
[ 1545.508917][ T5281] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1545.518002][ T3005] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1545.526308][ T5281] usb 4-1: config 0 descriptor??
[ 1545.592351][ T3005] veth1_macvtap: left promiscuous mode
[ 1545.598288][ T3005] veth0_macvtap: left promiscuous mode
[ 1545.604035][ T3005] veth1_vlan: left promiscuous mode
[ 1545.617388][ T3005] veth0_vlan: left promiscuous mode
[ 1545.684930][ T5281] viperboard 4-1:0.143: version 0.00 found at bus 004 address 121
[ 1545.715728][ T5281] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100
[ 1545.724494][ T5281] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[ 1545.743498][T27977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1545.779469][T27977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1545.807489][ T5281] usb 4-1: USB disconnect, device number 121
[ 1546.156455][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.162890][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.718940][ T3005] team0 (unregistering): Port device team_slave_1 removed
[ 1546.815290][ T3005] team0 (unregistering): Port device team_slave_0 removed
[ 1546.995052][   T46] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[ 1547.155039][   T46] usb 2-1: Using ep0 maxpacket: 8
[ 1547.177046][   T46] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1547.193756][   T46] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1547.215198][   T46] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 7456, setting to 1024
[ 1547.242584][   T46] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1547.265423][   T46] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1547.295285][   T46] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1547.304683][   T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1547.398379][T28020] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4728'.
[ 1547.426307][T25015] Bluetooth: hci3: command tx timeout
[ 1547.507678][T25015] Bluetooth: hci0: command tx timeout
[ 1547.739102][   T46] usb 2-1: usb_control_msg returned -71
[ 1547.750736][   T46] usbtmc 2-1:16.0: can't read capabilities
[ 1547.771394][   T46] usb 2-1: USB disconnect, device number 85
[ 1547.821777][T28020] debugfs: Directory 'ü!' with parent 'ieee80211' already present!
[ 1548.145201][T28031] input: syz0 as /devices/virtual/input/input117
[ 1548.168878][T27937] chnl_net:caif_netlink_parms(): no params data found
[ 1548.245079][   T29] audit: type=1326 audit(1727211788.982:3416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28029 comm="syz.3.4729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e9fb7def9 code=0x7ffc0000
[ 1548.294595][   T29] audit: type=1326 audit(1727211788.992:3417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28029 comm="syz.3.4729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f4e9fb7def9 code=0x7ffc0000
[ 1548.356852][   T29] audit: type=1326 audit(1727211788.992:3418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28029 comm="syz.3.4729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e9fb7def9 code=0x7ffc0000
[ 1548.436543][   T29] audit: type=1326 audit(1727211788.992:3419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28029 comm="syz.3.4729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4e9fb7def9 code=0x7ffc0000
[ 1548.516591][   T29] audit: type=1326 audit(1727211788.992:3420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28029 comm="syz.3.4729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e9fb7def9 code=0x7ffc0000
[ 1548.635424][   T29] audit: type=1326 audit(1727211788.992:3421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28029 comm="syz.3.4729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4e9fb7def9 code=0x7ffc0000
[ 1548.728576][   T29] audit: type=1326 audit(1727211788.992:3422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28029 comm="syz.3.4729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e9fb7def9 code=0x7ffc0000
[ 1548.772139][   T29] audit: type=1326 audit(1727211788.992:3423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28029 comm="syz.3.4729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4e9fb7def9 code=0x7ffc0000
[ 1548.821384][   T29] audit: type=1326 audit(1727211788.992:3424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28029 comm="syz.3.4729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4e9fb7def9 code=0x7ffc0000
[ 1548.905777][   T29] audit: type=1326 audit(1727211788.992:3425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28029 comm="syz.3.4729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4e9fb7def9 code=0x7ffc0000
[ 1549.069967][T27937] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1549.091021][T27937] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1549.125787][T27937] bridge_slave_0: entered allmulticast mode
[ 1549.134569][T27937] bridge_slave_0: entered promiscuous mode
[ 1549.164268][T27937] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1549.228045][T27937] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1549.235730][T27937] bridge_slave_1: entered allmulticast mode
[ 1549.243106][T27937] bridge_slave_1: entered promiscuous mode
[ 1549.421881][T27937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1549.449348][T27937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1549.495161][T25015] Bluetooth: hci3: command tx timeout
[ 1549.575143][T25015] Bluetooth: hci0: command tx timeout
[ 1549.692198][T27937] team0: Port device team_slave_0 added
[ 1549.721072][T27937] team0: Port device team_slave_1 added
[ 1549.828003][T27937] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1549.847667][T27937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1549.924928][T27937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1549.967030][T27937] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1549.974114][T27937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1550.075803][T27937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1550.100177][T27893] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1550.176582][T27893] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1550.201861][T27893] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1550.232177][T27893] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1550.316579][T27937] hsr_slave_0: entered promiscuous mode
[ 1550.325870][T27937] hsr_slave_1: entered promiscuous mode
[ 1550.335727][T27937] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1550.343649][T27937] Cannot create hsr debugfs directory
[ 1550.717397][T27937] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1550.945961][T27937] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1551.090189][T27937] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1551.134338][T27893] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1551.272411][T27937] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1551.341788][T27893] 8021q: adding VLAN 0 to HW filter on device team0
[ 1551.382928][ T9388] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1551.390116][ T9388] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1551.427446][ T9388] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1551.434648][ T9388] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1551.614427][T27893] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1551.655617][T25015] Bluetooth: hci0: command tx timeout
[ 1551.736988][T27937] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1551.762485][T27937] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1551.771456][T28103] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4738'.
[ 1551.790049][T27937] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1551.840663][T28103] debugfs: Directory 'ü!' with parent 'ieee80211' already present!
[ 1551.887316][T27893] veth0_vlan: entered promiscuous mode
[ 1551.911837][T27937] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1551.945832][T27893] veth1_vlan: entered promiscuous mode
[ 1552.048361][T27893] veth0_macvtap: entered promiscuous mode
[ 1552.099330][T27893] veth1_macvtap: entered promiscuous mode
[ 1552.190469][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1552.203637][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.216140][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1552.228098][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.238564][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1552.265699][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.284918][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1552.318741][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.329558][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1552.355292][T25884] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[ 1552.363257][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.381720][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1552.394755][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.405263][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1552.416361][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.434874][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1552.464978][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.480037][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1552.525004][T25884] usb 2-1: Using ep0 maxpacket: 16
[ 1552.530511][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.546198][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1552.558911][T25884] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1552.573503][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.583621][T25884] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1552.597884][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1552.608724][T25884] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1552.623156][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.635260][T25884] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1552.644339][T25884] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1552.667470][T27893] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1552.740297][T25884] usb 2-1: config 0 descriptor??
[ 1552.748045][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1552.780295][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.812386][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1552.833288][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.850069][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1552.873387][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.884130][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1552.895774][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.926271][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1552.955977][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.967912][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1552.978963][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1552.994575][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1553.011472][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1553.052777][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1553.091832][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1553.114626][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1553.140439][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1553.162597][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1553.221437][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1553.260721][T27893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1553.293949][T27893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1553.396038][T27893] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1553.439195][T27937] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1553.479520][T27893] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1553.500981][T27893] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1553.522366][T27893] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1553.531802][T27893] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1553.588437][T27937] 8021q: adding VLAN 0 to HW filter on device team0
[ 1553.676523][T20692] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1553.683694][T20692] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1553.775850][T20596] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1553.783029][T20596] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1553.912583][T20596] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1553.946629][T20596] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1554.040996][T20692] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1554.056785][T20692] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1554.167515][T27937] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1554.272199][T27937] veth0_vlan: entered promiscuous mode
[ 1554.307789][T27937] veth1_vlan: entered promiscuous mode
[ 1554.354493][T27937] veth0_macvtap: entered promiscuous mode
[ 1554.383827][T27937] veth1_macvtap: entered promiscuous mode
[ 1554.436860][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1554.478700][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1554.509132][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1554.548515][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1554.589088][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1554.644404][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1554.699320][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1554.746277][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1554.818192][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1554.914872][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.002771][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1555.040419][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.076319][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1555.114353][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.136299][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1555.158901][T25884] usbhid 2-1:0.0: can't add hid device: -71
[ 1555.171166][T25884] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1555.199697][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.224861][T25884] usb 2-1: USB disconnect, device number 86
[ 1555.239936][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1555.264123][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.275607][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1555.291645][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.305195][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1555.316734][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.329435][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1555.360864][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.396441][T27937] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1555.469965][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1555.494430][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.512833][T28168] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4748'.
[ 1555.524597][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1555.535495][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.545709][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1555.556702][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.567708][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1555.578588][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.588502][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1555.601004][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.612341][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1555.623221][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.635060][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1555.645888][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.656467][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1555.670900][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.681244][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1555.692078][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.702404][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1555.714939][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.725106][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1555.737991][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.748525][T27937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1555.759575][T27937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1555.772170][T27937] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1555.812620][T27937] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1555.850895][T27937] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1555.888310][T27937] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1555.907298][T27937] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1555.941797][T28168] sysfs: cannot create duplicate filename '/class/ieee80211/ü!'
[ 1555.967542][T28168] CPU: 0 UID: 0 PID: 28168 Comm: syz.1.4748 Not tainted 6.11.0-syzkaller-09959-gabf2050f51fd #0
[ 1555.978279][T28168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1555.988359][T28168] Call Trace:
[ 1555.991675][T28168]  <TASK>
[ 1555.994631][T28168]  dump_stack_lvl+0x241/0x360
[ 1555.999368][T28168]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1556.004630][T28168]  ? __pfx__printk+0x10/0x10
[ 1556.009267][T28168]  ? sysfs_warn_dup+0x51/0xa0
[ 1556.013967][T28168]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[ 1556.019549][T28168]  sysfs_warn_dup+0x8e/0xa0
[ 1556.024077][T28168]  sysfs_do_create_link_sd+0xbe/0x110
[ 1556.029478][T28168]  device_add_class_symlinks+0x1c5/0x250
[ 1556.035160][T28168]  device_add+0x553/0xbf0
[ 1556.039559][T28168]  wiphy_register+0x1d3f/0x2b30
[ 1556.044447][T28168]  ? __pfx_wiphy_register+0x10/0x10
[ 1556.049668][T28168]  ? minstrel_ht_alloc+0x72b/0x860
[ 1556.054802][T28168]  ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620
[ 1556.060895][T28168]  ieee80211_register_hw+0x30fb/0x3e10
[ 1556.066383][T28168]  ? ieee80211_register_hw+0x1521/0x3e10
[ 1556.072031][T28168]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1556.077856][T28168]  ? __asan_memset+0x23/0x50
[ 1556.082461][T28168]  ? __hrtimer_init+0x170/0x250
[ 1556.087332][T28168]  mac80211_hwsim_new_radio+0x2a9f/0x4a90
[ 1556.093083][T28168]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1556.099158][T28168]  ? __kmalloc_node_track_caller_noprof+0x242/0x440
[ 1556.105757][T28168]  ? kstrndup+0x5c/0xb0
[ 1556.109928][T28168]  ? __asan_memcpy+0x40/0x70
[ 1556.114540][T28168]  hwsim_new_radio_nl+0xece/0x2290
[ 1556.119681][T28168]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1556.125422][T28168]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1556.131021][T28168]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[ 1556.137371][T28168]  genl_rcv_msg+0xb14/0xec0
[ 1556.141887][T28168]  ? mark_lock+0x9a/0x360
[ 1556.146241][T28168]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1556.151303][T28168]  ? __pfx_lock_acquire+0x10/0x10
[ 1556.156348][T28168]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1556.161919][T28168]  ? __pfx___might_resched+0x10/0x10
[ 1556.167229][T28168]  netlink_rcv_skb+0x1e3/0x430
[ 1556.172008][T28168]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1556.177041][T28168]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1556.182351][T28168]  ? __netlink_deliver_tap+0x77e/0x7c0
[ 1556.187925][T28168]  genl_rcv+0x28/0x40
[ 1556.191947][T28168]  netlink_unicast+0x7f6/0x990
[ 1556.196733][T28168]  ? __pfx_netlink_unicast+0x10/0x10
[ 1556.202024][T28168]  ? __virt_addr_valid+0x183/0x530
[ 1556.207149][T28168]  ? __check_object_size+0x48e/0x900
[ 1556.212453][T28168]  netlink_sendmsg+0x8e4/0xcb0
[ 1556.217245][T28168]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1556.222552][T28168]  ? aa_sock_msg_perm+0x91/0x160
[ 1556.227508][T28168]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1556.232804][T28168]  __sock_sendmsg+0x221/0x270
[ 1556.237505][T28168]  ____sys_sendmsg+0x52a/0x7e0
[ 1556.242287][T28168]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1556.247592][T28168]  __sys_sendmsg+0x292/0x380
[ 1556.252190][T28168]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1556.257344][T28168]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1556.263682][T28168]  ? do_syscall_64+0x100/0x230
[ 1556.268462][T28168]  ? do_syscall_64+0xb6/0x230
[ 1556.273166][T28168]  do_syscall_64+0xf3/0x230
[ 1556.277692][T28168]  ? clear_bhb_loop+0x35/0x90
[ 1556.282387][T28168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1556.288302][T28168] RIP: 0033:0x7f54ccb7def9
[ 1556.292723][T28168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1556.312332][T28168] RSP: 002b:00007f54cda05038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1556.320788][T28168] RAX: ffffffffffffffda RBX: 00007f54ccd36058 RCX: 00007f54ccb7def9
[ 1556.328767][T28168] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008
[ 1556.336855][T28168] RBP: 00007f54ccbf0b76 R08: 0000000000000000 R09: 0000000000000000
[ 1556.344840][T28168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1556.352833][T28168] R13: 0000000000000000 R14: 00007f54ccd36058 R15: 00007f54cce5fa28
[ 1556.360845][T28168]  </TASK>
[ 1556.447649][T28174] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.4750'.
[ 1556.495779][T28174] sysfs: cannot create duplicate filename '/class/ieee80211/ü!'
[ 1556.503562][T28174] CPU: 0 UID: 0 PID: 28174 Comm: syz.3.4750 Not tainted 6.11.0-syzkaller-09959-gabf2050f51fd #0
[ 1556.514011][T28174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1556.524107][T28174] Call Trace:
[ 1556.527424][T28174]  <TASK>
[ 1556.530402][T28174]  dump_stack_lvl+0x241/0x360
[ 1556.535140][T28174]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1556.540420][T28174]  ? __pfx__printk+0x10/0x10
[ 1556.545088][T28174]  ? sysfs_warn_dup+0x51/0xa0
[ 1556.549810][T28174]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[ 1556.555413][T28174]  sysfs_warn_dup+0x8e/0xa0
[ 1556.559960][T28174]  sysfs_do_create_link_sd+0xbe/0x110
[ 1556.565379][T28174]  device_add_class_symlinks+0x1c5/0x250
[ 1556.571071][T28174]  device_add+0x553/0xbf0
[ 1556.575452][T28174]  wiphy_register+0x1d3f/0x2b30
[ 1556.580368][T28174]  ? __pfx_wiphy_register+0x10/0x10
[ 1556.585608][T28174]  ? minstrel_ht_alloc+0x72b/0x860
[ 1556.590772][T28174]  ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620
[ 1556.596891][T28174]  ieee80211_register_hw+0x30fb/0x3e10
[ 1556.602419][T28174]  ? ieee80211_register_hw+0x1521/0x3e10
[ 1556.608098][T28174]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1556.613956][T28174]  ? __asan_memset+0x23/0x50
[ 1556.618597][T28174]  ? __hrtimer_init+0x170/0x250
[ 1556.623499][T28174]  mac80211_hwsim_new_radio+0x2a9f/0x4a90
[ 1556.629300][T28174]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1556.635417][T28174]  ? __kmalloc_node_track_caller_noprof+0x242/0x440
[ 1556.642049][T28174]  ? kstrndup+0x5c/0xb0
[ 1556.646250][T28174]  ? __asan_memcpy+0x40/0x70
[ 1556.650974][T28174]  hwsim_new_radio_nl+0xece/0x2290
[ 1556.656137][T28174]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1556.661915][T28174]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1556.667544][T28174]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[ 1556.673919][T28174]  genl_rcv_msg+0xb14/0xec0
[ 1556.678459][T28174]  ? mark_lock+0x9a/0x360
[ 1556.682836][T28174]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1556.687914][T28174]  ? __pfx_lock_acquire+0x10/0x10
[ 1556.692965][T28174]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1556.698554][T28174]  ? __pfx___might_resched+0x10/0x10
[ 1556.703887][T28174]  netlink_rcv_skb+0x1e3/0x430
[ 1556.708694][T28174]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1556.713752][T28174]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1556.719177][T28174]  ? __netlink_deliver_tap+0x77e/0x7c0
[ 1556.724702][T28174]  genl_rcv+0x28/0x40
[ 1556.728747][T28174]  netlink_unicast+0x7f6/0x990
[ 1556.733583][T28174]  ? __pfx_netlink_unicast+0x10/0x10
[ 1556.739051][T28174]  ? __virt_addr_valid+0x183/0x530
[ 1556.744207][T28174]  ? __check_object_size+0x48e/0x900
[ 1556.749547][T28174]  netlink_sendmsg+0x8e4/0xcb0
[ 1556.754370][T28174]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1556.759721][T28174]  ? aa_sock_msg_perm+0x91/0x160
[ 1556.764715][T28174]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1556.770091][T28174]  __sock_sendmsg+0x221/0x270
[ 1556.774815][T28174]  ____sys_sendmsg+0x52a/0x7e0
[ 1556.779659][T28174]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1556.784994][T28174]  __sys_sendmsg+0x292/0x380
[ 1556.789624][T28174]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1556.794812][T28174]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1556.801231][T28174]  ? do_syscall_64+0x100/0x230
[ 1556.806129][T28174]  ? do_syscall_64+0xb6/0x230
[ 1556.810857][T28174]  do_syscall_64+0xf3/0x230
[ 1556.815407][T28174]  ? clear_bhb_loop+0x35/0x90
[ 1556.820138][T28174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1556.826071][T28174] RIP: 0033:0x7f4e9fb7def9
[ 1556.830521][T28174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1556.850170][T28174] RSP: 002b:00007f4e9f9f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1556.858635][T28174] RAX: ffffffffffffffda RBX: 00007f4e9fd35f80 RCX: 00007f4e9fb7def9
[ 1556.866651][T28174] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008
[ 1556.874654][T28174] RBP: 00007f4e9fbf0b76 R08: 0000000000000000 R09: 0000000000000000
[ 1556.882661][T28174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1556.890660][T28174] R13: 0000000000000000 R14: 00007f4e9fd35f80 R15: 00007f4e9fe5fa28
[ 1556.898697][T28174]  </TASK>
[ 1557.398632][ T3005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1557.434905][ T3005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1557.506890][T17615] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1557.525597][T17615] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1557.574973][    T9] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[ 1557.734940][    T9] usb 5-1: Using ep0 maxpacket: 16
[ 1557.747608][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1557.763385][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1557.784338][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1557.811094][    T9] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1557.849291][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1557.895191][ T5281] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[ 1557.946217][    T9] usb 5-1: config 0 descriptor??
[ 1558.056404][ T5281] usb 3-1: Using ep0 maxpacket: 16
[ 1558.075013][ T5281] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1558.094106][ T5281] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1558.118921][ T5281] usb 3-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[ 1558.129685][ T5281] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1558.145912][ T5281] usb 3-1: config 0 descriptor??
[ 1558.380598][T28203] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1558.426065][T28203] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1558.525404][T28207] xt_CHECKSUM: unsupported CHECKSUM operation 68
[ 1558.852699][T28214] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4762'.
[ 1558.912101][T28214] sysfs: cannot create duplicate filename '/class/ieee80211/ü!'
[ 1558.938940][T28214] CPU: 1 UID: 0 PID: 28214 Comm: syz.1.4762 Not tainted 6.11.0-syzkaller-09959-gabf2050f51fd #0
[ 1558.949404][T28214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1558.959483][T28214] Call Trace:
[ 1558.962800][T28214]  <TASK>
[ 1558.965766][T28214]  dump_stack_lvl+0x241/0x360
[ 1558.970487][T28214]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1558.975729][T28214]  ? __pfx__printk+0x10/0x10
[ 1558.980404][T28214]  ? sysfs_warn_dup+0x51/0xa0
[ 1558.985140][T28214]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[ 1558.990760][T28214]  sysfs_warn_dup+0x8e/0xa0
[ 1558.995296][T28214]  sysfs_do_create_link_sd+0xbe/0x110
[ 1559.000763][T28214]  device_add_class_symlinks+0x1c5/0x250
[ 1559.006454][T28214]  device_add+0x553/0xbf0
[ 1559.010827][T28214]  wiphy_register+0x1d3f/0x2b30
[ 1559.015747][T28214]  ? __pfx_wiphy_register+0x10/0x10
[ 1559.020988][T28214]  ? minstrel_ht_alloc+0x72b/0x860
[ 1559.026130][T28214]  ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620
[ 1559.032225][T28214]  ieee80211_register_hw+0x30fb/0x3e10
[ 1559.037739][T28214]  ? ieee80211_register_hw+0x1521/0x3e10
[ 1559.043409][T28214]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1559.049266][T28214]  ? __asan_memset+0x23/0x50
[ 1559.053899][T28214]  ? __hrtimer_init+0x170/0x250
[ 1559.058946][T28214]  mac80211_hwsim_new_radio+0x2a9f/0x4a90
[ 1559.064731][T28214]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1559.070823][T28214]  ? __kmalloc_node_track_caller_noprof+0x242/0x440
[ 1559.077451][T28214]  ? kstrndup+0x5c/0xb0
[ 1559.081632][T28214]  ? __asan_memcpy+0x40/0x70
[ 1559.086256][T28214]  hwsim_new_radio_nl+0xece/0x2290
[ 1559.091528][T28214]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1559.097290][T28214]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1559.102897][T28214]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[ 1559.109259][T28214]  genl_rcv_msg+0xb14/0xec0
[ 1559.113791][T28214]  ? mark_lock+0x9a/0x360
[ 1559.118151][T28214]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1559.123217][T28214]  ? __pfx_lock_acquire+0x10/0x10
[ 1559.128260][T28214]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1559.133842][T28214]  ? __pfx___might_resched+0x10/0x10
[ 1559.139170][T28214]  netlink_rcv_skb+0x1e3/0x430
[ 1559.143968][T28214]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1559.149017][T28214]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1559.154356][T28214]  ? __netlink_deliver_tap+0x77e/0x7c0
[ 1559.159857][T28214]  genl_rcv+0x28/0x40
[ 1559.163864][T28214]  netlink_unicast+0x7f6/0x990
[ 1559.168689][T28214]  ? __pfx_netlink_unicast+0x10/0x10
[ 1559.174007][T28214]  ? __virt_addr_valid+0x183/0x530
[ 1559.179151][T28214]  ? __check_object_size+0x48e/0x900
[ 1559.184465][T28214]  netlink_sendmsg+0x8e4/0xcb0
[ 1559.189276][T28214]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1559.194603][T28214]  ? aa_sock_msg_perm+0x91/0x160
[ 1559.199631][T28214]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1559.204954][T28214]  __sock_sendmsg+0x221/0x270
[ 1559.209669][T28214]  ____sys_sendmsg+0x52a/0x7e0
[ 1559.214473][T28214]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1559.219810][T28214]  __sys_sendmsg+0x292/0x380
[ 1559.224445][T28214]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1559.229623][T28214]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1559.236048][T28214]  do_syscall_64+0xf3/0x230
[ 1559.240594][T28214]  ? clear_bhb_loop+0x35/0x90
[ 1559.245371][T28214]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1559.251292][T28214] RIP: 0033:0x7f54ccb7def9
[ 1559.255724][T28214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1559.275351][T28214] RSP: 002b:00007f54cda05038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1559.283778][T28214] RAX: ffffffffffffffda RBX: 00007f54ccd36058 RCX: 00007f54ccb7def9
[ 1559.291763][T28214] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008
[ 1559.299751][T28214] RBP: 00007f54ccbf0b76 R08: 0000000000000000 R09: 0000000000000000
[ 1559.307748][T28214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1559.315771][T28214] R13: 0000000000000000 R14: 00007f54ccd36058 R15: 00007f54cce5fa28
[ 1559.323777][T28214]  </TASK>
[ 1559.326920][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1559.537770][ T5281] usbhid 3-1:0.0: can't add hid device: -71
[ 1559.549146][ T5281] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1559.627278][ T5281] usb 3-1: USB disconnect, device number 55
[ 1560.389603][T28231] FAULT_INJECTION: forcing a failure.
[ 1560.389603][T28231] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1560.429987][    T9] usbhid 5-1:0.0: can't add hid device: -71
[ 1560.435740][T28231] CPU: 1 UID: 0 PID: 28231 Comm: syz.2.4769 Not tainted 6.11.0-syzkaller-09959-gabf2050f51fd #0
[ 1560.446140][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1560.446423][T28231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1560.464244][T28231] Call Trace:
[ 1560.467545][T28231]  <TASK>
[ 1560.470497][T28231]  dump_stack_lvl+0x241/0x360
[ 1560.475229][T28231]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1560.477380][    T9] usb 5-1: USB disconnect, device number 83
[ 1560.480447][T28231]  ? __pfx__printk+0x10/0x10
[ 1560.480492][T28231]  ? snprintf+0xda/0x120
[ 1560.495237][T28231]  should_fail_ex+0x3b0/0x4e0
[ 1560.499954][T28231]  _copy_to_user+0x2f/0xb0
[ 1560.504405][T28231]  simple_read_from_buffer+0xca/0x150
[ 1560.509846][T28231]  proc_fail_nth_read+0x1e9/0x250
[ 1560.514919][T28231]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1560.520525][T28231]  ? rw_verify_area+0x55e/0x6f0
[ 1560.525417][T28231]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1560.531007][T28231]  vfs_read+0x201/0xbc0
[ 1560.535213][T28231]  ? __pfx_lock_release+0x10/0x10
[ 1560.540288][T28231]  ? __pfx_vfs_read+0x10/0x10
[ 1560.545020][T28231]  ? __fget_files+0x3f3/0x470
[ 1560.549741][T28231]  ? fdget_pos+0x24e/0x320
[ 1560.554204][T28231]  ksys_read+0x183/0x2b0
[ 1560.558492][T28231]  ? __pfx_ksys_read+0x10/0x10
[ 1560.563296][T28231]  ? do_syscall_64+0x100/0x230
[ 1560.568097][T28231]  ? do_syscall_64+0xb6/0x230
[ 1560.572821][T28231]  do_syscall_64+0xf3/0x230
[ 1560.577376][T28231]  ? clear_bhb_loop+0x35/0x90
[ 1560.582098][T28231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1560.588030][T28231] RIP: 0033:0x7f310d77c93c
[ 1560.592472][T28231] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 1560.612109][T28231] RSP: 002b:00007f310e598030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1560.620568][T28231] RAX: ffffffffffffffda RBX: 00007f310d935f80 RCX: 00007f310d77c93c
[ 1560.628571][T28231] RDX: 000000000000000f RSI: 00007f310e5980a0 RDI: 0000000000000004
[ 1560.636568][T28231] RBP: 00007f310e598090 R08: 0000000000000000 R09: 0000000000000000
[ 1560.644585][T28231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1560.652588][T28231] R13: 0000000000000000 R14: 00007f310d935f80 R15: 00007f310da5fa28
[ 1560.660613][T28231]  </TASK>
[ 1560.663808][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1561.074935][   T46] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[ 1561.157954][T28256] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.4776'.
[ 1561.196687][T28256] sysfs: cannot create duplicate filename '/class/ieee80211/ü!'
[ 1561.214481][T28256] CPU: 0 UID: 0 PID: 28256 Comm: syz.1.4776 Not tainted 6.11.0-syzkaller-09959-gabf2050f51fd #0
[ 1561.224951][T28256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1561.225092][   T46] usb 3-1: device descriptor read/64, error -71
[ 1561.235009][T28256] Call Trace:
[ 1561.235024][T28256]  <TASK>
[ 1561.235037][T28256]  dump_stack_lvl+0x241/0x360
[ 1561.235083][T28256]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1561.235120][T28256]  ? __pfx__printk+0x10/0x10
[ 1561.235156][T28256]  ? sysfs_warn_dup+0x51/0xa0
[ 1561.235187][T28256]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[ 1561.235235][T28256]  sysfs_warn_dup+0x8e/0xa0
[ 1561.235264][T28256]  sysfs_do_create_link_sd+0xbe/0x110
[ 1561.235297][T28256]  device_add_class_symlinks+0x1c5/0x250
[ 1561.235327][T28256]  device_add+0x553/0xbf0
[ 1561.235358][T28256]  wiphy_register+0x1d3f/0x2b30
[ 1561.235404][T28256]  ? __pfx_wiphy_register+0x10/0x10
[ 1561.235427][T28256]  ? minstrel_ht_alloc+0x72b/0x860
[ 1561.235464][T28256]  ? ieee80211_init_rate_ctrl_alg+0x5a2/0x620
[ 1561.235492][T28256]  ieee80211_register_hw+0x30fb/0x3e10
[ 1561.319170][T28256]  ? ieee80211_register_hw+0x1521/0x3e10
[ 1561.324871][T28256]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1561.330757][T28256]  ? __asan_memset+0x23/0x50
[ 1561.335403][T28256]  ? __hrtimer_init+0x170/0x250
[ 1561.340310][T28256]  mac80211_hwsim_new_radio+0x2a9f/0x4a90
[ 1561.346102][T28256]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1561.352201][T28256]  ? __kmalloc_node_track_caller_noprof+0x242/0x440
[ 1561.358855][T28256]  ? kstrndup+0x5c/0xb0
[ 1561.363069][T28256]  ? __asan_memcpy+0x40/0x70
[ 1561.367703][T28256]  hwsim_new_radio_nl+0xece/0x2290
[ 1561.372867][T28256]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1561.378630][T28256]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1561.384300][T28256]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[ 1561.390699][T28256]  genl_rcv_msg+0xb14/0xec0
[ 1561.395330][T28256]  ? mark_lock+0x9a/0x360
[ 1561.399701][T28256]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1561.404825][T28256]  ? __pfx_lock_acquire+0x10/0x10
[ 1561.409900][T28256]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1561.415493][T28256]  ? __pfx___might_resched+0x10/0x10
[ 1561.420829][T28256]  netlink_rcv_skb+0x1e3/0x430
[ 1561.425635][T28256]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1561.430690][T28256]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1561.436032][T28256]  ? __netlink_deliver_tap+0x77e/0x7c0
[ 1561.441550][T28256]  genl_rcv+0x28/0x40
[ 1561.445568][T28256]  netlink_unicast+0x7f6/0x990
[ 1561.450386][T28256]  ? __pfx_netlink_unicast+0x10/0x10
[ 1561.455710][T28256]  ? __virt_addr_valid+0x183/0x530
[ 1561.460855][T28256]  ? __check_object_size+0x48e/0x900
[ 1561.466183][T28256]  netlink_sendmsg+0x8e4/0xcb0
[ 1561.471001][T28256]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1561.476336][T28256]  ? aa_sock_msg_perm+0x91/0x160
[ 1561.481320][T28256]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1561.486646][T28256]  __sock_sendmsg+0x221/0x270
[ 1561.491363][T28256]  ____sys_sendmsg+0x52a/0x7e0
[ 1561.495998][   T46] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[ 1561.496281][T28256]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1561.509144][T28256]  __sys_sendmsg+0x292/0x380
[ 1561.513775][T28256]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1561.518973][T28256]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1561.525352][T28256]  ? do_syscall_64+0x100/0x230
[ 1561.530174][T28256]  ? do_syscall_64+0xb6/0x230
[ 1561.534922][T28256]  do_syscall_64+0xf3/0x230
[ 1561.539466][T28256]  ? clear_bhb_loop+0x35/0x90
[ 1561.544208][T28256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1561.550162][T28256] RIP: 0033:0x7f54ccb7def9
[ 1561.554610][T28256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1561.574245][T28256] RSP: 002b:00007f54cda05038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1561.582698][T28256] RAX: ffffffffffffffda RBX: 00007f54ccd36058 RCX: 00007f54ccb7def9
[ 1561.590714][T28256] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000008
[ 1561.598729][T28256] RBP: 00007f54ccbf0b76 R08: 0000000000000000 R09: 0000000000000000
[ 1561.606725][T28256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1561.614723][T28256] R13: 0000000000000000 R14: 00007f54ccd36058 R15: 00007f54cce5fa28
[ 1561.622804][T28256]  </TASK>
[ 1561.635850][   T46] usb 3-1: device descriptor read/64, error -71
[ 1561.806024][   T46] usb usb3-port1: attempt power cycle
[ 1562.074951][    T9] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[ 1562.146325][   T46] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[ 1562.175849][   T46] usb 3-1: device descriptor read/8, error -71
[ 1562.244911][    T9] usb 5-1: Using ep0 maxpacket: 16
[ 1562.251820][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1562.277870][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1562.295284][ T5279] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[ 1562.334981][    T9] usb 5-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[ 1562.366566][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1562.397420][    T9] usb 5-1: config 0 descriptor??
[ 1562.452914][   T46] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[ 1562.465076][ T5279] usb 2-1: Using ep0 maxpacket: 16
[ 1562.481433][ T5279] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1562.509953][ T5279] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1562.535853][   T46] usb 3-1: device descriptor read/8, error -71
[ 1562.543370][ T5279] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1562.585561][ T5279] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1562.619082][ T5279] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1562.662011][ T5279] usb 2-1: config 0 descriptor??
[ 1562.678556][T28266] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1562.685210][   T46] usb usb3-port1: unable to enumerate USB device
[ 1562.720082][T28266] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1562.870836][T28274] xt_CHECKSUM: unsupported CHECKSUM operation 68
[ 1563.133939][    T9] usbhid 5-1:0.0: can't add hid device: -71
[ 1563.165071][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1563.204104][    T9] usb 5-1: USB disconnect, device number 84
[ 1564.195790][T28290] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1565.003113][T28270] coredump: 95(syz.3.4781): interrupted: fatal signal pending
[ 1565.012154][T28270] coredump: 95(syz.3.4781): written to core: VMAs: 37, size 97419264; core: 51440470 bytes, pos 76259328
[ 1565.104413][ T5279] usbhid 2-1:0.0: can't add hid device: -71
[ 1565.175158][ T5279] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1565.193607][ T5279] usb 2-1: USB disconnect, device number 87
[ 1565.357732][T28313] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.4792'.
[ 1565.438920][T28313] debugfs: Directory 'ü!' with parent 'ieee80211' already present!
[ 1565.854957][T25884] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[ 1566.005329][T25884] usb 2-1: Using ep0 maxpacket: 16
[ 1566.014081][T25884] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1566.036714][T25884] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1566.047033][T25884] usb 2-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[ 1566.056354][T25884] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1566.077644][T25884] usb 2-1: config 0 descriptor??
[ 1566.215125][ T5281] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[ 1566.301220][T28324] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1566.314122][T28324] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1566.378743][ T5281] usb 5-1: device descriptor read/64, error -71
[ 1566.382569][T28343] xt_CHECKSUM: unsupported CHECKSUM operation 68
[ 1566.588808][T28346] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1566.636493][ T5281] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[ 1566.678615][T25884] usbhid 2-1:0.0: can't add hid device: -71
[ 1566.686117][T25884] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1566.698684][T25884] usb 2-1: USB disconnect, device number 88
[ 1566.814913][ T5281] usb 5-1: device descriptor read/64, error -71
[ 1566.935706][ T5281] usb usb5-port1: attempt power cycle
[ 1566.955168][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1567.392353][T28359] bridge1: entered promiscuous mode
[ 1567.413596][T28359] bridge1: entered allmulticast mode
[ 1568.824980][ T5281] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[ 1568.855637][ T5281] usb 5-1: device descriptor read/8, error -71
[ 1569.025077][    T8] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[ 1569.185858][    T8] usb 3-1: Using ep0 maxpacket: 16
[ 1569.197238][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1569.275931][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1569.310593][    T8] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1569.374899][    T8] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1569.404563][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1569.516656][    T8] usb 3-1: config 0 descriptor??
[ 1570.308788][T28395] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1570.625241][ T5281] usb 2-1: new full-speed USB device number 89 using dummy_hcd
[ 1570.822090][ T5281] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xDF, changing to 0x8F
[ 1570.904543][ T5281] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1570.964879][ T5281] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1571.027477][ T5281] usb 2-1: New USB device found, idVendor=077d, idProduct=0410, bcdDevice=ec.c1
[ 1571.044867][ T5281] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1571.078311][ T5281] usb 2-1: Product: syz
[ 1571.082772][ T5281] usb 2-1: Manufacturer: syz
[ 1571.129245][ T5281] usb 2-1: SerialNumber: syz
[ 1571.171419][ T5281] usb 2-1: config 0 descriptor??
[ 1571.201589][    T8] usbhid 3-1:0.0: can't add hid device: -71
[ 1571.243453][    T8] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1580.909690][T10846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1580.924123][T10846] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1580.933991][T10846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1580.946587][T10846] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1580.954474][T10846] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1580.962557][T10846] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1599.699072][T10846] Bluetooth: hci2: command tx timeout
[ 1609.188772][T25015] Bluetooth: hci2: command tx timeout
[ 1609.369239][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[ 1609.381294][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[ 1612.588329][    T8] usb 3-1: USB disconnect, device number 60
[ 1631.394652][ T5281] powermate: Expected payload of 3--6 bytes, found 0 bytes!
[ 1631.441423][ T5281] powermate 2-1:0.0: probe with driver powermate failed with error -5
[ 1686.434753][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1686.441772][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P27404/2:b..l
[ 1686.450662][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=258809, q=790197 ncpus=2)
[ 1686.458755][    C1] task:syz-executor    state:R  running task     stack:21232 pid:27404 tgid:27404 ppid:1      flags:0x00004006
[ 1686.472286][    C1] Call Trace:
[ 1686.475594][    C1]  <TASK>
[ 1686.478552][    C1]  __schedule+0x1895/0x4b30
[ 1686.483113][    C1]  ? __pfx___schedule+0x10/0x10
[ 1686.488011][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1686.494033][    C1]  ? preempt_schedule_irq+0xf0/0x1c0
[ 1686.499349][    C1]  preempt_schedule_irq+0xfb/0x1c0
[ 1686.504770][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 1686.510538][    C1]  irqentry_exit+0x5e/0x90
[ 1686.514994][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1686.521012][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70
[ 1686.527117][    C1] Code: 89 fb e8 23 00 00 00 48 8b 3d 44 8e 9c 0c 48 89 de 5b e9 f3 cb 5d 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 c0 d7 03 00 65 8b 15 a0 23
[ 1686.546750][    C1] RSP: 0000:ffffc90004857480 EFLAGS: 00000202
[ 1686.552851][    C1] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffff88802d6e8000
[ 1686.560855][    C1] RDX: ffff88802d6e8000 RSI: ffffffff8c60efa0 RDI: ffffffff8c60ef60
[ 1686.568854][    C1] RBP: 0000000000000001 R08: ffffffff81a3b7ea R09: 1ffffffff284bef8
[ 1686.576868][    C1] R10: dffffc0000000000 R11: fffffbfff284bef9 R12: ffff88802d6e8000
[ 1686.584866][    C1] R13: ffffffff81806740 R14: 0000000000000001 R15: 00007f4e9fb7c890
[ 1686.592873][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1686.599064][    C1]  ? is_bpf_text_address+0x5a/0x2a0
[ 1686.604312][    C1]  is_bpf_text_address+0x6c/0x2a0
[ 1686.609388][    C1]  ? is_bpf_text_address+0x26/0x2a0
[ 1686.614721][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1686.620914][    C1]  kernel_text_address+0xa7/0xe0
[ 1686.625891][    C1]  __kernel_text_address+0xd/0x40
[ 1686.630971][    C1]  unwind_get_return_address+0x4d/0x90
[ 1686.636468][    C1]  arch_stack_walk+0xfd/0x150
[ 1686.641190][    C1]  stack_trace_save+0x118/0x1d0
[ 1686.646084][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1686.651510][    C1]  save_stack+0xfb/0x1f0
[ 1686.655784][    C1]  ? __pfx_save_stack+0x10/0x10
[ 1686.660671][    C1]  ? free_unref_page+0xcfb/0xf20
[ 1686.665660][    C1]  ? vfree+0x186/0x2e0
[ 1686.669766][    C1]  ? kcov_close+0x28/0x50
[ 1686.674133][    C1]  ? __fput+0x23f/0x880
[ 1686.678325][    C1]  ? task_work_run+0x24f/0x310
[ 1686.683122][    C1]  ? do_exit+0xa2f/0x28e0
[ 1686.687481][    C1]  ? do_group_exit+0x207/0x2c0
[ 1686.692275][    C1]  ? get_signal+0x176f/0x1810
[ 1686.696982][    C1]  ? arch_do_signal_or_restart+0x96/0x860
[ 1686.702741][    C1]  ? syscall_exit_to_user_mode+0xc9/0x370
[ 1686.708517][    C1]  ? do_syscall_64+0x100/0x230
[ 1686.713339][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1686.719448][    C1]  ? page_ext_get+0x20/0x2a0
[ 1686.724087][    C1]  __reset_page_owner+0x76/0x430
[ 1686.729081][    C1]  free_unref_page+0xcfb/0xf20
[ 1686.733898][    C1]  vfree+0x186/0x2e0
[ 1686.737852][    C1]  kcov_close+0x28/0x50
[ 1686.742045][    C1]  ? __pfx_kcov_close+0x10/0x10
[ 1686.746946][    C1]  __fput+0x23f/0x880
[ 1686.750979][    C1]  task_work_run+0x24f/0x310
[ 1686.755603][    C1]  ? kasan_quarantine_put+0xdc/0x230
[ 1686.760953][    C1]  ? __pfx_task_work_run+0x10/0x10
[ 1686.766091][    C1]  ? do_exit+0xa2a/0x28e0
[ 1686.770453][    C1]  ? kmem_cache_free+0x1a2/0x420
[ 1686.775435][    C1]  ? do_exit+0xa2a/0x28e0
[ 1686.779805][    C1]  do_exit+0xa2f/0x28e0
[ 1686.784012][    C1]  ? __pfx_do_exit+0x10/0x10
[ 1686.788633][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1686.794044][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1686.800093][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1686.806464][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[ 1686.811621][    C1]  do_group_exit+0x207/0x2c0
[ 1686.816240][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1686.821474][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1686.826717][    C1]  get_signal+0x176f/0x1810
[ 1686.831258][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1686.836513][    C1]  ? do_sys_openat2+0x17a/0x1d0
[ 1686.841421][    C1]  ? __pfx_get_signal+0x10/0x10
[ 1686.846312][    C1]  ? do_sys_openat2+0x17a/0x1d0
[ 1686.851199][    C1]  ? do_unlinkat+0x7b0/0x830
[ 1686.855826][    C1]  arch_do_signal_or_restart+0x96/0x860
[ 1686.861416][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1686.867651][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1686.873697][    C1]  ? syscall_exit_to_user_mode+0xa3/0x370
[ 1686.879455][    C1]  syscall_exit_to_user_mode+0xc9/0x370
[ 1686.885037][    C1]  do_syscall_64+0x100/0x230
[ 1686.889699][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1686.894419][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1686.900358][    C1] RIP: 0033:0x7f4e9fb7c890
[ 1686.904812][    C1] RSP: 002b:00007f4e9fe5db60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1686.913256][    C1] RAX: 0000000000000006 RBX: 0000000000000000 RCX: 00007f4e9fb7c890
[ 1686.921275][    C1] RDX: 0000000000000000 RSI: 00007f4e9fe5dc90 RDI: 00000000ffffff9c
[ 1686.929280][    C1] RBP: 00007f4e9fe5dc90 R08: 0000000000000000 R09: 0000000000000000
[ 1686.937289][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 00007f4e9fe5ed80
[ 1686.945313][    C1] R13: 00007f4e9fbf0a14 R14: 000055557b3ba4a8 R15: 0000000000000006
[ 1686.953335][    C1]  </TASK>
[ 1686.956392][    C1] rcu: rcu_preempt kthread starved for 10533 jiffies! g258809 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1686.967706][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1686.977703][    C1] rcu: RCU grace-period kthread stack dump:
[ 1686.983613][    C1] task:rcu_preempt     state:R  running task     stack:25888 pid:17    tgid:17    ppid:2      flags:0x00004000
[ 1686.995464][    C1] Call Trace:
[ 1686.998769][    C1]  <TASK>
[ 1687.001732][    C1]  __schedule+0x1895/0x4b30
[ 1687.006295][    C1]  ? __pfx___schedule+0x10/0x10
[ 1687.011194][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1687.016256][    C1]  ? __asan_memset+0x23/0x50
[ 1687.020888][    C1]  ? __pfx_lockdep_init_map_type+0x10/0x10
[ 1687.026734][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1687.033101][    C1]  ? schedule+0x90/0x320
[ 1687.037374][    C1]  schedule+0x14b/0x320
[ 1687.041577][    C1]  schedule_timeout+0x1be/0x310
[ 1687.046467][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[ 1687.051872][    C1]  ? __pfx_process_timeout+0x10/0x10
[ 1687.057196][    C1]  ? prepare_to_swait_event+0x330/0x350
[ 1687.062876][    C1]  rcu_gp_fqs_loop+0x2df/0x1330
[ 1687.067839][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1687.073080][    C1]  ? rcu_gp_init+0x1256/0x1630
[ 1687.077879][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1687.082837][    C1]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[ 1687.089014][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1687.094333][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1687.100263][    C1]  ? finish_swait+0xd4/0x1e0
[ 1687.104895][    C1]  rcu_gp_kthread+0xa7/0x3b0
[ 1687.109510][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1687.114744][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1687.120839][    C1]  ? __kthread_parkme+0x169/0x1d0
[ 1687.125901][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1687.131124][    C1]  kthread+0x2f0/0x390
[ 1687.135217][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1687.140438][    C1]  ? __pfx_kthread+0x10/0x10
[ 1687.145076][    C1]  ret_from_fork+0x4b/0x80
[ 1687.149530][    C1]  ? __pfx_kthread+0x10/0x10
[ 1687.154169][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1687.159004][    C1]  </TASK>
[ 1687.162044][    C1] rcu: Stack dump where RCU GP kthread last ran:
[ 1687.168385][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1687.173637][    C0] NMI backtrace for cpu 0
[ 1687.173652][    C0] CPU: 0 UID: 0 PID: 25884 Comm: kworker/0:5 Not tainted 6.11.0-syzkaller-09959-gabf2050f51fd #0
[ 1687.173672][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1687.173684][    C0] Workqueue: events nsim_dev_trap_report_work
[ 1687.173711][    C0] RIP: 0010:unwind_next_frame+0x174f/0x22d0
[ 1687.173740][    C0] Code: 85 81 0a 00 00 48 89 d0 48 c1 e8 03 0f b6 04 28 84 c0 0f 85 94 0a 00 00 49 0f bf 06 48 01 c3 4c 89 ef 48 89 de 4c 89 fa eb 45 <48> 8b 54 24 10 48 8d 5a 02 48 83 c2 03 48 89 d8 48 c1 e8 03 0f b6
[ 1687.173755][    C0] RSP: 0018:ffffc90000006c70 EFLAGS: 00000246
[ 1687.173779][    C0] RAX: ffffffff90a3c52e RBX: 1ffffffff21478a5 RCX: 0000000000000000
[ 1687.173792][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffc90000006da0
[ 1687.173807][    C0] RBP: dffffc0000000000 R08: ffffc90000006d9f R09: 0000000000000000
[ 1687.173819][    C0] R10: ffffc90000006d90 R11: fffff52000000db4 R12: ffffc90003ac8000
[ 1687.173830][    C0] R13: ffffc90000006d40 R14: ffffffff816054f0 R15: ffffc90000006d90
[ 1687.173843][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1687.173856][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1687.173868][    C0] CR2: 00007f310da5ecdc CR3: 000000004b54e000 CR4: 00000000003506f0
[ 1687.173882][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1687.173891][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1687.173902][    C0] Call Trace:
[ 1687.173908][    C0]  <NMI>
[ 1687.173915][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 1687.173933][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 1687.173957][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1687.173974][    C0]  ? nmi_handle+0x2a/0x5a0
[ 1687.173996][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1687.174016][    C0]  ? nmi_handle+0x14f/0x5a0
[ 1687.174031][    C0]  ? nmi_handle+0x2a/0x5a0
[ 1687.174046][    C0]  ? unwind_next_frame+0x174f/0x22d0
[ 1687.174068][    C0]  ? default_do_nmi+0x63/0x160
[ 1687.174087][    C0]  ? exc_nmi+0x123/0x1f0
[ 1687.174104][    C0]  ? end_repeat_nmi+0xf/0x53
[ 1687.174126][    C0]  ? kthread+0x2f0/0x390
[ 1687.174144][    C0]  ? unwind_next_frame+0x174f/0x22d0
[ 1687.174167][    C0]  ? unwind_next_frame+0x174f/0x22d0
[ 1687.174190][    C0]  ? unwind_next_frame+0x174f/0x22d0
[ 1687.174213][    C0]  </NMI>
[ 1687.174219][    C0]  <IRQ>
[ 1687.174228][    C0]  ? worker_thread+0x870/0xd30
[ 1687.174250][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1687.174269][    C0]  arch_stack_walk+0x11c/0x150
[ 1687.174287][    C0]  ? kthread+0x2f0/0x390
[ 1687.174303][    C0]  stack_trace_save+0x118/0x1d0
[ 1687.174340][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1687.174360][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1687.174386][    C0]  kasan_save_track+0x3f/0x80
[ 1687.174402][    C0]  ? kasan_save_track+0x3f/0x80
[ 1687.174416][    C0]  ? kasan_save_free_info+0x40/0x50
[ 1687.174437][    C0]  ? __kasan_slab_free+0x59/0x70
[ 1687.174452][    C0]  ? kmem_cache_free+0x1a2/0x420
[ 1687.174473][    C0]  ? nft_synproxy_eval_v4+0x3d2/0x610
[ 1687.174496][    C0]  ? nft_synproxy_do_eval+0x362/0xa60
[ 1687.174517][    C0]  ? nft_do_chain+0x4ad/0x1da0
[ 1687.174540][    C0]  ? nft_do_chain_inet+0x418/0x6b0
[ 1687.174563][    C0]  ? nf_hook_slow+0xc3/0x220
[ 1687.174582][    C0]  ? NF_HOOK+0x29e/0x450
[ 1687.174598][    C0]  ? NF_HOOK+0x3a4/0x450
[ 1687.174613][    C0]  ? __netif_receive_skb+0x2bf/0x650
[ 1687.174632][    C0]  ? process_backlog+0x662/0x15b0
[ 1687.174652][    C0]  ? __napi_poll+0xcb/0x490
[ 1687.174669][    C0]  ? net_rx_action+0x89b/0x1240
[ 1687.174689][    C0]  ? handle_softirqs+0x2c5/0x980
[ 1687.174709][    C0]  ? do_softirq+0x11b/0x1e0
[ 1687.174732][    C0]  ? __local_bh_enable_ip+0x1bb/0x200
[ 1687.174753][    C0]  ? nsim_dev_trap_report_work+0x75d/0xaa0
[ 1687.174774][    C0]  ? process_scheduled_works+0xa63/0x1850
[ 1687.174811][    C0]  ? worker_thread+0x870/0xd30
[ 1687.174844][    C0]  ? skb_release_data+0x6a0/0x8a0
[ 1687.174860][    C0]  kasan_save_free_info+0x40/0x50
[ 1687.174880][    C0]  __kasan_slab_free+0x59/0x70
[ 1687.174895][    C0]  ? nft_synproxy_eval_v4+0x3d2/0x610
[ 1687.174920][    C0]  kmem_cache_free+0x1a2/0x420
[ 1687.174939][    C0]  ? nft_synproxy_eval_v4+0x3d2/0x610
[ 1687.174962][    C0]  nft_synproxy_eval_v4+0x3d2/0x610
[ 1687.174986][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[ 1687.175008][    C0]  ? nf_ip_checksum+0x13a/0x500
[ 1687.175031][    C0]  nft_synproxy_do_eval+0x362/0xa60
[ 1687.175055][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[ 1687.175075][    C0]  ? validate_chain+0x11e/0x5920
[ 1687.175094][    C0]  ? __pfx_validate_chain+0x10/0x10
[ 1687.175114][    C0]  nft_do_chain+0x4ad/0x1da0
[ 1687.175141][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[ 1687.175161][    C0]  ? __local_bh_enable_ip+0x168/0x200
[ 1687.175192][    C0]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[ 1687.175217][    C0]  nft_do_chain_inet+0x418/0x6b0
[ 1687.175240][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1687.175260][    C0]  ? ipt_do_table+0x312/0x1860
[ 1687.175288][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1687.175307][    C0]  nf_hook_slow+0xc3/0x220
[ 1687.175326][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1687.175342][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1687.175359][    C0]  NF_HOOK+0x29e/0x450
[ 1687.175375][    C0]  ? NF_HOOK+0x9a/0x450
[ 1687.175390][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 1687.175406][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1687.175425][    C0]  ? ip_rcv_finish+0x406/0x560
[ 1687.175442][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1687.175458][    C0]  NF_HOOK+0x3a4/0x450
[ 1687.175472][    C0]  ? __lock_acquire+0x1384/0x2050
[ 1687.175495][    C0]  ? NF_HOOK+0x9a/0x450
[ 1687.175509][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 1687.175524][    C0]  ? ip_rcv_core+0x801/0xd10
[ 1687.175540][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1687.175560][    C0]  ? __pfx_ip_rcv+0x10/0x10
[ 1687.175576][    C0]  __netif_receive_skb+0x2bf/0x650
[ 1687.175595][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 1687.175617][    C0]  ? __pfx___netif_receive_skb+0x10/0x10
[ 1687.175634][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1687.175656][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1687.175678][    C0]  ? _raw_spin_lock_irq+0xdf/0x120
[ 1687.175703][    C0]  process_backlog+0x662/0x15b0
[ 1687.175724][    C0]  ? process_backlog+0x33b/0x15b0
[ 1687.175747][    C0]  ? __pfx_process_backlog+0x10/0x10
[ 1687.175766][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1687.175789][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1687.175817][    C0]  __napi_poll+0xcb/0x490
[ 1687.175836][    C0]  net_rx_action+0x89b/0x1240
[ 1687.175864][    C0]  ? __pfx_net_rx_action+0x10/0x10
[ 1687.175885][    C0]  ? sched_balance_domains+0x91b/0xa90
[ 1687.175907][    C0]  ? sched_balance_domains+0x1b2/0xa90
[ 1687.175925][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1687.175951][    C0]  handle_softirqs+0x2c5/0x980
[ 1687.175973][    C0]  ? do_softirq+0x11b/0x1e0
[ 1687.175993][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1687.176017][    C0]  do_softirq+0x11b/0x1e0
[ 1687.176035][    C0]  </IRQ>
[ 1687.176040][    C0]  <TASK>
[ 1687.176046][    C0]  ? __pfx_do_softirq+0x10/0x10
[ 1687.176066][    C0]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[ 1687.176089][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1687.176107][    C0]  __local_bh_enable_ip+0x1bb/0x200
[ 1687.176126][    C0]  ? nsim_dev_trap_report_work+0x75d/0xaa0
[ 1687.176148][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1687.176167][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1687.176187][    C0]  ? nsim_dev_trap_report_work+0x6a7/0xaa0
[ 1687.176210][    C0]  nsim_dev_trap_report_work+0x75d/0xaa0
[ 1687.176237][    C0]  ? process_scheduled_works+0x976/0x1850
[ 1687.176257][    C0]  process_scheduled_works+0xa63/0x1850
[ 1687.176289][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1687.176313][    C0]  ? assign_work+0x364/0x3d0
[ 1687.176335][    C0]  worker_thread+0x870/0xd30
[ 1687.176359][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1687.176381][    C0]  ? __kthread_parkme+0x169/0x1d0
[ 1687.176404][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1687.176424][    C0]  kthread+0x2f0/0x390
[ 1687.176438][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1687.176459][    C0]  ? __pfx_kthread+0x10/0x10
[ 1687.176473][    C0]  ret_from_fork+0x4b/0x80
[ 1687.176494][    C0]  ? __pfx_kthread+0x10/0x10
[ 1687.176508][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1687.176537][    C0]  </TASK>
[ 1688.012584][T10846] Bluetooth: hci2: command tx timeout
[ 1688.460008][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[ 1688.474966][ T1266] ieee802154 phy1 wpan1: encryption failed: -22