last executing test programs:

18.529780903s ago: executing program 1 (id=430):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x4a, &(0x7f00000007c0)={@local, @random="89ab9b4c72ca", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x0, 0x400, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe800000002c000000000000000000bbfe8000000000000000000000000000aa"], 0x0)

18.354971914s ago: executing program 1 (id=432):
syz_emit_ethernet(0x4a, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd6090b50000140600fe80000000000000000000000080febbfe8000000000000000000000000000aafffc4e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5002000090780000c53928b0"], 0x0)

18.202164659s ago: executing program 1 (id=434):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000080)={'broute\x00', 0x0, 0x0, 0x0, [0x3ff, 0x35b, 0x10001, 0x3, 0x5], 0x0, 0x0}, 0x78)
clock_gettime(0x0, &(0x7f0000000080)={<r2=>0x0, <r3=>0x0})
r4 = signalfd(0xffffffffffffffff, &(0x7f00000001c0)={[0x7]}, 0x8)
r5 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000940)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
mkdir(&(0x7f0000001580)='./file0\x00', 0x3)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r7, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r7, &(0x7f0000008180)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_INIT(r7, &(0x7f0000000180)={0x50, 0x0, r8, {0x7, 0x27, 0x0, 0x1205027}}, 0x50)
syz_fuse_handle_req(r7, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e62bec1881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa6fdc5cd687c3b3fcbf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de5007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e3807665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9a0100e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beac69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3000000009540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007d010000801717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db06000000000000008442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b702d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5e146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a00", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x90, 0x0, 0x0, {0x4, 0x0, 0x2, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x8000}}}, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r7, &(0x7f0000004140)="c98bb9a2a79e72fbca051478fe6e24cbeab04e730a86fef02db30a01d33d07efbac36f4e0e786aa540e01cc4ec64adbac57f750e7b0b749206bb7fc70de5cbcd7bf78bdb59c1095a03ef60a8d22a4e0dcea0aa96c523a2c7f666f1ac51acec733c589f2ab3ca2c8e129a652d7ec8ce120c530ca4fad46123b30cb061fb9998ff71ed9844b1f49f8b8e30e887ecd82a0f44450a325720e5b5065ae543bad2cef4486d5759515a29f048b21b3c78e9a95913a9df61bc854512fc21a6d0376742532ad21cf3b18c7f70b25345a81ede616baf89824f817fb808ea9ca55ac0ecdb91687f27177bbf1f1cdb2321efa1366e8287587ec7f39237537c625c813feae6cffdcb4c829e5ac0bda5c1b746edeb78bc7e1c198ae04f319f0fe41f24c7cbc7c0e3278a349bbf7c804dd729114792d4f81f19f49b2c018e49f43e72eaf5fd4c0ae32f73c0106c2b202152cdb28b21cf2132c6f9c7c583114d7790d397177165952670ccbfc0f4eff26391e8f4faca3536a070470e76d26625a6ec4df17b0fb0923fc31dfc1606f6a9cadaf4718d681d2351ddd138df20ff419c67f684d0d13792c78bfa348e5d76f00503124114034f41283e15ddbe79d5f4e200d5f28ada106334eca95a37fa843aa23236ef3d8aff07df194e8c4396561132379a60c449c5f1b400d2709d5c5f1ee1542790d5843e35f11be0ca4e7caa32c8329320069daea18ab51fad9ae4080d79671d73242278044391b9187eb0c05bbfef7d51bf64275f64ce780b25b509741c695f9e396234e3a67bc6988f05f6ad547371709e50b599179f7fc3def57115b58be578feb01612126bf5d1f08091743b76cd9cac032998adeb68a066387edb528b08d2063c3c504574e3d64ebee51da66e92bc3201baf0fa10bf5686e077a606c2b03a5529c97612b5d299078b99fc644aa101565836991bdcb92afae97b0330fc10c9af1edf05337221c05731246d57f7b063ee01778b99c768c8a8eb07e88f472d53bb59ec1db64191a32e981d384653943289d58970f4785d0081e321e5411bbe8738ee580a36be332a9082126579c797e162a37987a348743225786cf2e4e46f0c0ab0f7c14a6a16dc33e0f7042f203855db6776a3d760846ba5fd2173af04989b2f21cfd7e9e61df98adebef311c1c31f8b14f49c63ce924258af21d2d1766313a60dd23cf1966772551649ed78110d2462e47f14de5eed932bb03d3635f3bcbb8824bfa8b5c77649f097d78ec071b0d09dcdfc2078d0a97f96cb3e32f4cf80da4e07fad909eeabeb5715296ce578ada637a133ada68676e30632acba4f32fd2d23267a685f14a47fad0b36f2940494283a15b30576ff31e2b4472388fe3fecaa2e243818fce1d5de9a0e10aed4dc38a8636bec2ce0d43da7aa2541e8123bc4229ba6f9db4ec6b03c208125be4c389f8e587081209531f3c187077318698b08ace5b1e5a1c5b82633abfb6c4ef2bad7f9e61a142caef3c44dd6b81a9937650f75dfdb6f56bc26edc801fb0f53aa49655ce5f51283d8bb56ba56e9fc9f48395299a4ca4ae5b74398e1be02e2ea0565976ab155ae5df2114301565e23c25595853247dae9c2a598776c44ec0cfc26b3447c20b08424762dd29bfff90cf3f71f0fe933d1b1a29c3f6839858c7993a666401e2a03a1117988b28ae1c82adef8caf1ab564eb445199b57666397a7e7301ccfa9304dbf2854c8b50ab72ce6887e9cd69a647766f87a59d580a19964c9f691fb1eabe8143228bb375cbf12b5167085168ed22de2fee1b26d44324321a632b43d1b7bd13f15b807d1ab259b8456ba5d014fad3876b492b7f14af2ac75cb0f19eef7ad5c3d7f692d81ce1eb3e3fb96200d9253d338cb6d4097f3e6f4f061edcc98994b694b64ce1a266eac23e0506e68d09e4a3d0049420be6e73d684f7566e01bb43c1d51ed2e2c76be592bf4c6cf7471a31ba817f8c708ed76e14d6352e28deb6199bd7ec1232a041c6a655fbc01be4f749def876e0a94275c79bded1eb5bb3f9bfe286e14702e81c0e8a65f4b0a0a7ae62cfd4093a7e0fb07a02ab6a2f005ef538fd56392a3072f8317a1cedcdaecd857cef0f574efca11a6a28fbaa6fa2f6d74676197dec824d96b4ce0cc5999766b4926a6c21e21d4a78f71e87e9a8f1e2c4e3005da888457957377defd70d82fe26041f5399f295d869eb65c8e185a4f853c64603decb3c499a6921534730afbc41c1be57539603f0c1bdc2f61b8d7cfc971fe3fff189faae8411928dc039cb1ee33404544992a7f5646efd1e12d890ef7290ecc5e957a35cc6defb180b8006f8c016621bf17a6546022b9c579e781a66e57bc30d4c5ec8c56c42efce79bb8f203cb3c08133be710f2061879b90905671b346aaf735f2a614e7e46755d35570754e365490e2658090f40c2cb9164b0a1742b3bda5a32a4ebe25166c4ec0b387538362e7998092b1b737370239ef58f1f68f80753146ca2c166119fae83b2c60a19a1461903341d315d5ef8c57473bfd995964dc7b73ca7d35e88589cc7766480c9829ce44af423dcbef90b1ec62d8da8d812ad001e8e67df683dcb9de40db531e9eab3ca59b84689453b40f7df2b04051a6f052f179df5989bcb2e9245d23dee5d9b9ee03ee1ca0cef1b843acf0eb8dacd69047f5afda11b2a7ce274279c8b8a5da4618580f14d6c80bf1a647c90d2ef66395da4a0284427227ed59cc010088f39c12af4fb420683803db81f5ed467508b4e34886ce1550d7e9e29f9c92872d50566726af8b66b10498ce695ebc41573bc9100b6373c53cec7696bb79260d8214390d453d3223b9261c49fca17cf9923d7d1f3ac3abb332f37ddd9d0e09fb4df9305e88fc11f00ca1ddfce8dcc386e05a517c9b42d74629ff2460557107e7d39c0c1938e5b5f1da2dbffb30e3eb77c53d459580077eefb5260d59ad9fba11a66ffa703a3750d5979850acd8644de3c23a5514b4ba922dc20f5911b0d5078a1704f4016c84e39719c280db3ad2cd5f0693c8da07969c239608067fa82aba83d9a3a0f5f3e1f845a27bae1d8708d82eb10c7c205c07234b6e71312d54e878b960c821fd2dd01685143ffad375598dfd10038002a0d9aeceec499669523fb865683cb9379229761ac546e700a26523769ff1432d00073eb387e393d674eeb33a17422b3c0cedd91b3f0802ee59f1307467900c0a919bfaf92578fc18765cfc29cee13da07e821cc26354f5793d9e507cf13fdb55befeb814f4863552cc22440c3e80a61d7db867d72dfb41196bcc020f265fc9beec0004afff442c4a01a772db48a02d2f109a2096ec6d0f938cf8bc0835e07fa180f17cebf8a25b950380be955c4eb6a4f7fc6543a7eee578f800f5137069d08cd04f50cd02580aa7b249156baecd972eb6d8d9ff7598b85c0b0395016ade7107dcc8663c265857fbd7e42b3d4fb7a8c5f58b8befb22530ab47add8ca50611b23770d39a041c7291f30a92873d6c9f193f0bd8a7dc0949d435a3dbd554bf884bee76c3b28b2836e297a7b2dd940e6199b3c14ddf6bf7989eb9f721da9adbd2c754e91304b431c61deff5a7a24107a4f5bbeb1f422fcf10af1f5bcd204deb239c47e93d2f4ac55f4920bb4cbb0c358567ae115bfbcbdb2ff940f0d897fd54e9c198142e5445dc4a6ca4f794e26382394f6f11fc93acc4930cdb6fb39b04867eae0dad3cd2414ca0a1d9d8836a54894697bc3710e1ec9f58b28588a7108e6d8ea098c3e26646818345680dfd4812f89a2b632d2197e8d0d88fe932a1e52a1345d9e9d968e000ccf3658162ca9f50beb08b858a26ffe9cc320bc49cba66582647c5358234d9b38d3e605a2c1c4ddce61dd90070e26fc211d01fbec9fbfcc4cb0c1882014438284303cc80dee1760f631fc66a72d0eb6c6d01a7701a92c2a45613000ce87734f37ecce7774083b8e71dfba4a455516447b4dffe7288d578a37908ce0256d70d07c936a5d21ae223a3197f9cbede4ae983b9356a7073f2b6ba2068556721fd9379041897472c237a0c2007aa8f75a6e145c60a2f0cb7ffda5b6443e2682ec08eea3c851a72aa31508a186185962e79620791a3337abfdf527e513ea287a7b95f2a50f58575aac96af999ce667b1e415545fb931a02282eefad0e9489ec6478218b2a9478aa6060566f2ce636e28ce3d7a6d0c62c340c224efe58b8c99b9d59e6890e858244cf85102a44909645fcd66f57a1e4cde0697e53547aefeadef57db39543bc4b444f1fb5e99d3df8860fa13b91b3c9c47cba2ef823f7739d93f1d59251f2ecbe25b2cd67be1fe37359c5a673564688806154cd28bff8cf321578ef5580b945d208050f13e4429247dadbfeb417519d6b48aeef36e32c656d138191d612b99bcd11225187c41cba1b17b401698a12a3d28f6807be56dee75b93a27a5a120ce4fa25b45a41e2ff5affcd8771ef5efaeba4763fca7f3cadb4a96fd45dc42767dac4efc77aec88035a4936754d42c6bfe35a677aa972873190683712960a9172e75d039ae8f724e51f3770e85efb65dceedbf3e41f5e25244771a004b77777d745ef7401ab7f4586e2c10b0bece0137db9e5285a27621cf0dbe74ddbdeb2904beea55318ff8d65836dd2a57ee5354ac92e7727d2efefa10885184a2647597fb6d482f928baf0be5f83feb05be019268d05e419f58e9e59009427e3ad7da2aa0fdcd2cfa2f7e7b26750d9049c0402d3def15b15491e1326f71a1d1e4a2a24ff9902f2d0e0e36cfd4314610be7a4e5f6ded81cc6048ee9f4e857f91a131220eedb51838cb1e406c20ef20a5783fb2cfdbaebce5d56a59579b994a0bebf58626e98bc4a7387b9bee07d5dd14a38e27d350cf159200fb2761d8953f1906298c74ee6c78deadd208bb84d3bc074ef127166f6b6c9c6315a76e2606a3aa91b19ae867eb6c87aec5fe40af5c816e7771cba0ba9957b6736b6d556daac4c1f60479c7ca81783f6e97509ce609ee07891b79020199018e67c05de3ba577af655ab3b5c79672cfb14c57499558d76f9e1e9681a07acde5064380e0f0446b1e9c2a15cbfdf5fae562884c2bd1f724fec6b0c520aa7df5239c1d54bcbaeb711be9e224eb5aa5dac0df99d8782248f70d9f86c1b576bef030d386beb50ca315c14b768baa013f3b70d85b6fe13bdfe7aa839804a139877c54c5135c920e11404d33a8385559acca5600e96cae8f459bfe295df4198fd19a192ae26c8a694151c70d70d5101b002f2c2580f969571d2cce22218d577b9ec43136e6284953546650b5974da34ad5dd4b0fb1e8e699eb3333e7e3477f21aacd908c69b4d9d092f881039c59c03f4503dfb1dc84f89c16be07b39a0aba23ad387fbb0980809b4147fce3127aaeb40638c889ceda0144189352a3497912daebdde46fb603cec06d9dc6e49fc916c7265c8ef0122f60f46dfd5047f75178e8eed1e2323e67ffbb1de6ca51dfb052862eebc8c81a038906831ae942bbd1148c632af20a06e032f7d91d7a07c740b174d641eee12e66d8db9aa9fadb4004290302d4e35485d9118b4abbb97a2690ec53a1d8555861185f66ec039c627dc74b7b51c7e7754a1391ae29488dce09416116d3e5fb2511865181471a6e8d11febe050358294738931a58326faf5ad405941a8a90cf88b9e155470e4034ad0c3de21c03697d09ce094b5532a77ea66f9c05609f079edac54b310fdd8452a2134ecfddc899f57014754b4783dd4cf190bb957271e9f9f4aa1bf1e792f711c2156cf09015707371a4e88987c25707c5c5a7fc7891b358d1ce9b0ec38983853d0059d5bf5da2c4c5a7e8863ba0b91cb18e94ce20ff72c7cba848355f5afd5e5c086fd16c1647d145cef93f2e7e337f43f67198abff32dc3e624f768ace48bb989e49e02b42bb4831610f561c47b84624f00c011ffee7376ca0b0aa09b048826a40463a6949c47473ac1d524bd808ec7e876822f15512a6814dc335daa536e7148fbfb8200603b882e4c693f5960965e419bb00fe41743084b619cefa3fddf2485e753f1b96de55e3e54cef66885c73dde661978fe65a6966767c9991f030d1dc9b882cd6fbb83181474fb57360a591c2782369d00df5be76697dcc697351006d7fe8363437a220df1cf36f464de3ada90fb8b6c56d607f245a8a8175bbf63fea0c45c8a6462140c285a86ca0bc0b872297c0981bc33c53a0499f849cf9a86db6bb48b87b597f2dd04b29e376a757e070d6b724d7a4ded0a01fd03e58c2d1d7c9bd084c8388e3a193423010e328952c5a62b4100788d1ac5b61c203c31997003d7669f4eff0e01a75d3a06cc7ef7b9a621a93cc6954118d8f7736245665c24ba84f9bf5851c481cac617fbb0ff71f3eaf5441348e61f5e4e7e8bca22d9e91e4a6e843bf02d324c8b55ec8a519b6f95818d84ac9e0f4ec36b7fb44b3db6924bef1a431dde856cecfb479072bc2d97efedb1dfd9fffbcf6dd430899d0fd8dcf33a2c137296d28373cf70984d6ffd823abd4721303c0c4072bd9c0723b7e868290b9e6f2d5b92feb6a4d2ea5dfb31c3a9cae8611a567ade5fc050eb7b74a240ead9a70679e61b4b8ac671695e70879459afd7151bb29655274d7ec3d10766eb919f5dcc648394717507588a95800b0c9969c70b981dd37e1b5702f50f49a67aed32db437746da94c965344e7fda47d36488fd24489f462b8abc2bd08ffc7c54dd7a2d1ebffe3b126565b89b764a289e505411ae846f5b8f9877ffcd70a8a57b3b7dcf8356d774aaa2746f63fd8e9e5e4b6d5b2ea62bdea0a90696608d156623863985f13b312a56960e3d5cd908ce456a2465ac72232fafd4f1c779b8e6707f3b34c5dc1356ae159bcf311d77e15dccb6c094ab12e999e1aea1026afd8c3dafa5f761a7e82bc139951e1cac736d0e3ed163837b3e8a120df674355c32a17efb6d126beda38ac57722f16e5e2ff5a5979b219e6a886f3cb853291cb5c835d591b6229ae938cb59ac73caaff0a1e13f6efb4a3e1385fc8fe77a33a189cf1b1a5eed06bee4d5237aafdede0f3c883f64ceaed04d88ac0e3738f89f7eba17fa71ea5bdad5af6c2a3c281c6762cc70f277361aec24a666ccfd95a8cc9af0dbb331f840e1990083cf648f7068808f903f281e6222d3ea6da539d047f6309d2d0c0d1fc9b7e2b2b7d082432f8d819f923f54e2ffff2e1504c3f7b17a9b19c32bed9ef376fe6d0d0647f9be85c617eacc82cf9ec9a9c901cc4088fa90e1abbb6f1340e34e4445313922286d5d1e655da8b42e799eb04a8f766d88ae24dcbe9f589104ee2c83335d6b3a498fd236fdd26c1b8e72258925de84861e3946a389bbce2d87e044d242ce9684afaf75ff20306db09dfead4481c844dbba005146a50dfbe3b4d939d3bb587a00daefb7db1f1cfe616c0528941d28cae06f057650475dad0fd3be6e85f5693b32636e8677634fb17ed60379b9a74a22f0abb12f74f2084c8bff00afd1e7ccc43a3b08ecabc1aa4a722e1f3b1c2510476e643df4b4a6f069e8029c975f471c89a3c0c49c63c6c0899950ea89f6d692a0f2e2e7a8e828f7e9cadda537119db284505380296a689a7bc168da713671c3d47af2ac32e53a05796ae11afc14d87f2daae13201275228d0d536d72cd43580726378be6b9a7b4e56670998adf46cbcb2a61d5daffc57acbc682d1e1716409527db61a11bf2d0b6b8ec8ac9a6fb553935329ba9f877b1019d1bea3ea0e98d65b830765e50786a2dc0600000061efc79e406155f2e6df3187b0a22864cbd5ee9d29c0ed153fd2751ce7d6cc9178481c0a3806791f6e4be674352a76eeffcf07dc867fac687933d2b7597008c2614a2e0157cad1f7bcf75a3e98bfafa4addf57db94421b54c8e3580c554c11b15e9f10a33c21e430bf3e13f3fcea6b17ce4d7f32ac0ecc9540b1deebb0b73bcb56f9632cced1b0f5f1ba4a9fa5100e8916bb7f47f71e5fc4cc46b344dadc9a9bc1bd70583490a6304b374da44a179533dc00f3614678b292841b47f34dde4f08f0f86fd50f4a6984bed2a1d8dbb49f987dc196180aa6797f8b9cf739a5b6b940c841346ed2189f76733ddad49787b44737ffd2179ce2d3c9b94332014ee0f3882f62ab697d09dd37cb5d602e1fb24fef4309e72e76cb43a2bdcfd5ba97ff84f19801aba142c1be10851cf937d4cef92423d630646b1c9ae3580907c84db42ec4132cb9702781760c5a7d3aadc0395bdd0b7dce7bbdf8cfe6610dd7187ae6534cdf6267f8e9423e9805bab23e22169f9af3312cbea92d784a343419e4f038d1547625e13258e2f7330c75adf5d810efd666ca9b93368ae3a745113f125f961a0ca79287c3eba8ac2a81e7ea5b66bbd04b5e12a9e73f776ff17bbb3deb2473e10a284ec98e9e52c178cff024e1885b86ef7559227e033ec4f8074e513d85b50810b158e9dc1d42a810251443b44f325dcca8e47f7b1dfcdccdca14947083a9377694bef2acc5af03e63edcd03f54bb53c0cb8769d1a009f096de7f43c79eb83d2f360fd5118f4ca54367389b9b3c68e0f655a25328585cd27d3d908787ff816968da7769838e26bb215e6823d987f09f3d5cea873c788d667e92fd590463c579bcccd21b0edc12eab5c6939487baa24a1e22ceff90b9d6587d6b7bd69a15efa818e30f3b65c4234de7951ba94f0e6726d1237e0168b2044b7067de2c0766e1d3502094ccf35d0882a09e9f50d7d20e3ac8ecfe6e1c0606fc750dd9f340a7776d2eeb6eb5e50823a82f308eaf3ad5908baf58a780759d6ae8022aaddcd599c427dde8d986f14fb433b5b351edf64e943f1fcc31a0e1fb7c077557d9581d91e9ce1f71193db30cc42d280517b8de8818dc1477882039247841870285cf1e1da4c443b83b5c791b0a8eaf697f571e7c3d51baf0cd27dfb809cb31df5f714051f5a9a83773102641f7d345bb18641f0eb4c8a168ad8f056662ef7565906a71ba7a79ce9f0853054655c432dcf32b78b7b3b4bdc5b40092da20b5a8859b4d2b863f94e21fcd70425177e6dd9a64b2ab690e14ccee1374a7815f06a5f09de4f6043d2b39fddcef29e92910a6eea18ced41c1bedfcdee1089ec2deee3ad76b7cabd255b1a2a53f7575f459e0230c018165747126060172d5f13816edc644972a072a7e401d439dad958949ef477d8a2b5e5899a8ea8846cbc7b335b78c7f2644c8c69a1e6b254f58b8aa7a7885c4234bfd962352c311a007c2a7bb5a8e34202dd52692304624117be8ce6f110782767587aa4943a9ddbb960b7e00396fdbabcddd4854e0313daa94422601af0462314c173afc2528db6052e221dc59d594f89e7c9452b5c605b5955b469482d5135cfbf2d0d3b455508d9f40f37eca2b11fbac931f4e2ebcc9bc690de80641ce0213689946735ea8473f6c89e24f5246d22ebb22dd377ef43579702cd3d80650e14766ce7a37a8823841967b650a7a3a347a6f0b2ba7d8bb1e9fded9cd7e2b47742fd726d07447de92ae4b02db7c30a7e065b2d05ff5ff5709b7cf283606903f80e99810799780780d6a28cdda40505d3a4df0996b9d9bb237477cac4fdd3fa1717c9365ac7318de52070fc91861db4624f83dc374690209ae7ff09a0d2aae536937cd86ddd187bace3b7b42974e81cbe54fc011ca1817c1323cd0914ea96b6e7ebb10b7213a51a34b3bba4c129d571ca9f41a6aa41ce336bca6911f24f45cbb4122e1100a559a3e580957dcdf5f14bb32154ed64f250f480b282f5fe9ee65621093d370682afd2b8f37a7e9aaab1447c5162887f3d0f6c74959938c0716ab03dd242f967f574df9cd25cfd64bcb2e6f5788530e761711990778960bd7a828497cec05da36777433fb27bd80d717f6850c46d84b101ea644b596d352714945d6e31b2c43c1acb4e09e443fe51890559a0dd049dbe33d375e46f008bb5ee4af3a7609120cb5498a7aa33fd64f7b3e18170cfe1875cb6e25ce1dc78d04130894d757b66da2349a7f038c747138b0eaf0f2fa933dd7f51dfedb586bc0f49c76860f46009e28ab730290080e0483c70635da84b373e7413fa576e2a3e464c1d2432b3fe5e1a08e06e004d6c47868da8f8290db7ef807a23aabce4fc3e2164be066a721a7ace91f82ceecf3a1339d60134e410dee712bc5585c2ad61389ddeb49bf8679112d537418f9d2379c4bc56850fc400c6ba0b3f9252d43bf5271167adea041bc537b33d22a6c7226a6b9897aa1d34a35198f151865243de05435a58716e5f8a864e01ebe6ec6fd841210b5a1c39027f59e3df97b3090ea6a0e7113bd1ee146e174aec4139bbf6f9fdd7b6dc5d92ee3b4d5044db49e04a90a820993bda6858c36e414e8fa033cb86c58ca687043a0754d0a96cd9833f188cb5b9ca73f412a81dc92b3b88f8585fc357129ab44fcd3c04d46aa09b6373539e784aa546106b7a7472829206a5a1df78df26d0cc691d158136da9661990109e74d75e866388e2fbc8a905c5e939e56a09bb168954ddac4be6f1b9770137440129c4328246cb71bcfc2e95925616fba756806fac7b4256597a837bd170674fa678d8bb70c9c50c4d62ed7bab199363854d073f50758f89d2670b39ba58e16267aa45f69367e003e3ee1899f7400580b375984dd040ab6eab1ec0fcd3ffa536004727ae17dc4cd76d4c2534bd50b92a5e1039e4cceeeb7e48cf347314db3534c6e835d94315fe129bdfbaaf4ab528d20fc0c802eebba43b81d31f2f25079057e25f3fab4bb1b61a8380694e586a5d248fdd0b30a54794eb3852267ea6e5b6d3dcec4e3c889ff42759c96f535f5330b1d869bdc41592791dc4a56f9de48e90182bcf0af670155b79291e811fee0098a39d12f6001f71547bed9f07a10ad3d8054dc5cabfa30feadcf25c851a64fa03d75c0f2e57f9887c9606707005d6d1fb9dee4b4ae52637ae6d963f6c3409e8506c165ae21185f04c55e7bc5af51de5b561a3493f2d7b30ec26bb8a03e4493d27de6608ede356b6b62111c25f446f4fac3056c70f762919f021d7bc4c1470ece9776dac82ed0678c88cd3c8fcd92de28e0ce9a091405f9b8f2d3aac3a78553f47b75b6d91cf53e4e93857b55edfc7afe956b264067d9a0591acd3f6b32ddd93de8ddc046ff55d1f41de1021ce62c988fb378e9e4e1efdc428dbccacf0fa8232a52673aa67ac0251bed7ec2eddad07ed57d9cc6a735171cc180544a8ba5887f7cb588474897376c3b5d0b633a54ea821f2117ef8bf9d4f509bd6487042b0208069d44aceff75f49fe3ab2a39069ec0ac2f3dbee0b982b8f04013ed2e99907030eff31be0b847bbc818f68103e8c24d99f8fee0fdd968751ee3482e90c210ee47cb2f6b5e5fb87248ed281dad438af5808128f83a3b602a2238632d3067e19a764b4386e726bbe17b70499c5b381d94d83c9ff03667f3b6cb8505efc134a7e2c1460349f0efe1b5ef15519445d5f4c146a1af51a164353733f8dd16704f462fdd309cdc5aa1d6be35643cbb94e3872d82c9ded4f3a287d199e6bf2a35567bc382b34957b8730b0dd9400", 0x2000, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)={0x90, 0x0, 0x0, {0x4, 0x0, 0x4, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0xffffffffffffa839, 0x0, 0x0, 0x0, 0x5, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x4}}}, 0x0, 0x0, 0x0, 0x0})
rename(&(0x7f0000000100)='./file0/../file0/file0\x00', &(0x7f0000000140)='./file0/../file0/file0\x00')
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000008c0)=[0x0], &(0x7f0000000900), 0x0, 0x1, 0x0, 0x0, r6})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000001340)={&(0x7f00000012c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, r6, 0xfbfbfbfb})
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x77359400}, {r2, r3+10000000}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x13)
ioctl$BTRFS_IOC_RM_DEV_V2(r9, 0x5000943a, &(0x7f00000002c0)={{}, 0x0, 0xe, @inherit={0x48, &(0x7f00000001c0)=ANY=[]}, @subvolid=0x1000})
r10 = socket(0x10, 0x803, 0x0)
r11 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_FMT(r11, 0xc0d05605, &(0x7f0000000180)={0x2, @raw_data="6721cedcbe8259a17288d4eb564ac3841fddebca7bd0c6fe0542ee629d3ad3b36ff1ac0c7b072e46dd590f3d3a8206be0e167cc7a4539f9738eb31bf0fd329eef0d0ba887f618c7e8fdbc10ce5f2288ae849b0d7e01e39e05a275fa12ac47f5a443556e2e5ddbf71413e3350bdebe8722386aac03e12a1197d8e8fa2cdbe1a47fc3da93268c643d739ee856ee8d47cdb772437ee28ed49d0c0b2328d16c854f28674f81182cef2c998da3bcc28c20e8fa572db2289892a9e4d331d8a199c241946e04452294720ab"})
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r14=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r12, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r14, @ANYBLOB="08000500060000000a00e8000802110000e55754"], 0x30}}, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r10, 0x114, 0x7, &(0x7f00000014c0)={@ethernet={0x1, @local}, {&(0x7f0000001380)=""/199, 0xc7}, &(0x7f0000001480), 0x14}, 0xa0)
sendmsg$nl_route(r10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3800000056000100000000000000000007020000", @ANYRES32, @ANYBLOB="200001"], 0x38}}, 0x0)

16.451375729s ago: executing program 1 (id=439):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="480000001000030500"/18, @ANYRES32=0x0, @ANYBLOB="00000000000000002000128008000100687372"], 0x48}}, 0x0)
socket$inet(0x2, 0x80001, 0x84)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=@newqdisc={0x4c, 0x14, 0x0, 0x0, 0x0, {0x2}, [@TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x4c}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000380)="7fbb858496a1f4a079024ae752d00e6cd85bf4e86b4a3205ddd000126d0861f09d", 0x21}], 0x1}, 0x8800)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_CAP_HYPERV_SYNIC2(r3, 0x4068aea3, &(0x7f0000000300))
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000a00)={[], 0x0, 0x78469555c77fef7b})
ioctl$KVM_RUN(r3, 0xae80, 0x0) (fail_nth: 1)

16.231587247s ago: executing program 1 (id=442):
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040001}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b00010067726574617000000c000280080001"], 0x44}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a00170000000004003700090003", 0x27}], 0x1)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x0, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x60}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90324fc602f00001550000100053582c137153e370248018088a81700894f", 0x33fe0}], 0x1}, 0x3a00)

14.963263353s ago: executing program 3 (id=446):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'ip6_vti0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_usb_connect$cdc_ecm(0x0, 0x6f, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000020000402505a1a440000000010109025d000101000000090400000002060000052406000005240000000d240f010000000004000000001524120000a317a88b045e4f01a607c0ffcb7e312a072414faffffff052407"], 0x0)
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a8f4dd086d0492082a6d0000000109021b0001000000000904"], 0x0)
unshare(0x60400)
socket(0x40000000015, 0x5, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000480)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f00000000c0)=0x1)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000080)={0x0, 0x80000000, 0xffffffff, 0x0, 0x0, "fe94b89fc43c3328eae0cae1f5eba329e6f216"})
splice(r4, 0x0, r3, 0x0, 0x7ffff000, 0x0)
read(r2, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000600)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x10000000000002)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
r7 = socket(0x2b, 0x6, 0x3a)
setsockopt$MRT6_DONE(r7, 0x29, 0xd0, 0x0, 0x0)
close(r6)

11.631434058s ago: executing program 3 (id=456):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="66643d918f800d7cd5fd3a43fd", @ANYRESHEX=r0, @ANYBLOB="856377c3cf9ce09c131911846f6f2c726f6f746d6fe4653d303030303034303030302c757365725f69643d", @ANYBLOB="3b6eaf1b77f71bfa", @ANYBLOB=',group_id=', @ANYRESDEC=r0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
chdir(&(0x7f0000004340)='./file0\x00')
write$FUSE_INIT(r0, &(0x7f00000066c0)={0x50, 0x0, r1, {0x7, 0x21}}, 0x50)
read$FUSE(r0, &(0x7f0000006740)={0x2020, 0x0, <r2=>0x0}, 0x2020)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x6240, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20040000000a05000000000000010000000900010073797a300000000040000000030a0102000000000000000001000000090003f01bbd20d30073797a320000000014000480080002400000000008000140000000000900010073797a300000000054000000060a010400000000000000000100000008000b40000000000900010073797a30000000002c00048028000180080001006e6174001c0002800800988f0540000000090800bf812de4b6214cad0240000000021400000011e644ae1f1b82b4658100010000400000000000000000aa5a80780e881bff7b385cca484069b6256acc6f7f7cfdd09f6c4da67bf601916c16d98ec524624fe7ddaf1a54d7d7ed80b19883354bbe8007ba5839e86cbdb90ef1f66006814feb50c95f7bb42db242ef96912e73c880513884229b6944cd42d30bdb290591435fe41da1f4826515afd0"], 0xdc}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r3, 0xc0189378, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r5=>r4, {r4}}, './file0\x00'})
write$FUSE_INTERRUPT(r0, &(0x7f00000063c0)={0x10, 0x0, r2}, 0x10)
dup(r3)
r6 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x44b80, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000000880)={0x0, 0x0, {0x0, @usage, <r7=>0x0}, {0x0, @struct, <r8=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_BALANCE_V2(r6, 0xc4009420, &(0x7f0000000c80)={0x12, 0x3, {0xf, @usage=0x4, r8, 0x0, 0xef, 0x100000000, 0x1, 0xe, 0x43c, @struct={0x6, 0x6}, 0x81, 0x10, [0x40, 0x3, 0x6, 0x7fff, 0x6, 0x7227]}, {0x20, @usage=0xc, 0x0, 0xbd1, 0xb, 0x5, 0x2, 0x3, 0x407, @usage=0x7, 0xfffffff8, 0x4, [0x3, 0xf, 0x2, 0x8000, 0xfeeb, 0x2]}, {0x8000000000000001, @usage=0x8, r7, 0xffffffff, 0x7, 0x4, 0x8, 0x6, 0x408, @struct={0x1, 0x7fff}, 0x2, 0xfffffffc, [0x5, 0x4, 0xe00000000, 0x7, 0x7, 0x84]}, {0x3, 0x0, 0x1}})
ioctl$BTRFS_IOC_SCRUB(r5, 0xc400941b, &(0x7f0000000900)={r8, 0xfffffffffffffffc, 0xffffffffffff5cf5})
read$FUSE(r0, &(0x7f0000004380)={0x2020}, 0x2020)
mount$fuseblk(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000001c0))
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000880)=ANY=[@ANYBLOB="600000000206050000000000000000000000810012000300686173683a6e65742c706f72740000000900020073797a32000000000500040000000000050005000200000005000100060000001400078008000640000000000800084000"], 0x60}}, 0x0)
r10 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0)
syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f0000000cc0)=ANY=[], 0x0)
writev(r10, &(0x7f0000000240)=[{&(0x7f0000000800)='9', 0x1}], 0x1)
r11 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r11, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r11, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r12 = accept4(r11, 0x0, 0x0, 0x0)
recvmsg$kcm(r12, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000440)=""/64, 0x40}], 0x1}, 0x0)

8.405899117s ago: executing program 3 (id=467):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000400)="d8000000180081054e81f782db4cb9040a1d080006007c09e8fe55a10a0015000500142603600e1208000f0000000401a8000900080008400400027c9c000461c1d67f6f94001600cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775010016a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920726f9a941", 0xd8}], 0x1}, 0x0)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = dup(r2)
open(0x0, 0x80c01, 0x0)
ppoll(&(0x7f00000005c0)=[{r3, 0x40a}, {r1, 0x80c0}], 0x2, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r4}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b000100000100"/32, @ANYRES32=r7, @ANYBLOB="08000300", @ANYRES32=r7, @ANYBLOB], 0x44}}, 0x0)

7.783301688s ago: executing program 3 (id=469):
r0 = socket$nl_route(0x10, 0x3, 0x0)
connect$netlink(r0, &(0x7f0000000280)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
ftruncate(0xffffffffffffffff, 0xc17a)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=@newlink={0x40, 0x10, 0x300, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x5}]}, 0x40}}, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000300)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000021000f0000f901000000000002"], 0x1c}}, 0x0)

7.633252829s ago: executing program 2 (id=470):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000580), 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, r1, 0x1, 0x70bd27}, 0x14}}, 0x40000)
syz_usb_connect(0x0, 0x4f, &(0x7f0000000640)={{0x12, 0x1, 0x0, 0x3d, 0xa3, 0x77, 0x20, 0x572, 0xcafe, 0x5501, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x4, 0x96, 0xdb, 0xa8, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x7, 0x5, "e37e1b82e6"}]}}, {{0x9, 0x5, 0xb, 0x2}}, {{0x9, 0x5, 0x1}}, {{0x9, 0x5, 0x2, 0x0, 0x10}}]}}]}}]}}, 0x0)

6.70072339s ago: executing program 3 (id=472):
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
ioctl$IOMMU_DESTROY$ioas(0xffffffffffffffff, 0x3b80, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x100010001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r2, &(0x7f00000000c0)='G', 0xfffffffffffffca0, 0x8001, 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000080))
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000440)={r1, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000001c0)=ANY=[@ANYRES64, @ANYRES16], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0xfffffffe}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socket$isdn(0x22, 0x2, 0x0)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x24)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r3, &(0x7f0000001880)=[{{0x0, 0x2, 0x0}}], 0xf000, 0x10002, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_MAX_THREADS(0xffffffffffffffff, 0x40046205, &(0x7f0000000480)=0x80000001)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=@newae={0x40, 0x1e, 0x468bbc8229e18b43, 0x0, 0x0, {{}, @in6=@empty}}, 0x40}}, 0x0)

4.372599062s ago: executing program 2 (id=474):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newlink={0x38, 0x10, 0x503, 0x70bd26, 0x0, {0x0, 0xcf, 0x0, 0x0, 0x0, 0x20}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_CREATE_SOCKETS={0x5}]}}}]}, 0x38}, 0x1, 0xc3ffffffffffffff}, 0x20040000)

4.274320134s ago: executing program 0 (id=410):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) (async)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_NOP={0x0, 0x10})
r1 = getpid()
rt_tgsigqueueinfo(r1, 0x0, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x240})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r2, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x1}) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000400)={0x14, 0x1, 0xfe})

3.846690406s ago: executing program 2 (id=476):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x3d, 0x800000000004, @tid=r0}, &(0x7f0000000400))
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f0000000040)={0x0, 0x20000006})
ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0)
r2 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
r3 = add_key$user(&(0x7f0000000140), &(0x7f0000000080)={'syz', 0x1}, &(0x7f00000009c0)="c218b8fb4f2711662cda19348d3cb55586a0b8af4c8b0e15dd9b6a54e2b1949a11fd43529b6d7178ad1bca2c14db39ff5a5cc5653035257088bc4796d6ee8733d014bdff64c5adb64d1df761b14bf856875d2ccbe1d4559c3a7600ffffff237a5aa929be91720d0bf73b3edd5a16ce80c2d474cff4fabd20cfa00fdc867ccd24521a769b61fd609b55a3672c221fc7ad9d29bb5a826e9e7fc46139e19bd49c2528fdfba998dd047e8115c02807698c6c824a940100000000000000636c88246f7df2ea55c356a3f2ff7136e701d9b54cf5f1cc7dc8a6500d08b554a0932784e083692004220e9d7109cee984e6c620739f594cd4e06742cad50cc162b30348ab2082176734522f00f9b1baec7e6aeed020c10affa1d20a79dde91f42882b766be08d1a9b39060af788a357b05120948857f8dde09dbde139ec000000000000177c19e9d794dbc1fedae6b4fe888eb81797573ce906000000000000000882bf91b9dca924ce486e689efc06414ae6cd74587fe44f82969f4958e835253a6cfe0e35da29333b3999f1dc472fd82e3e6d40e43a08003b0f24989f800ffc2f4b9b19455bd8590921a9b460c69c05d662a275ae207c4eb0dd9acf59ddf6cae11c353147", 0x1c1, r2)
r4 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x3}, &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe)
r5 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r4, r5, r3}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'crct10dif\x00\x00\x00 \x00\x00\x00+\xcc\xff%\xd2cTH,\x00'}})
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r7, 0xc08c5332, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r7, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r6, 0x40505412, &(0x7f0000000440)={0x1, 0x20000006})
ioctl$SNDRV_TIMER_IOCTL_START(r6, 0x54a0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r8 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffa)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r9, 0xc0a85320, &(0x7f0000000340)={{0x80}, 'port0\x00', 0x1b6})
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r9, 0xc0a85320, &(0x7f0000000180)={{0x80, 0x80}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5})
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r10, 0xc0a85352, &(0x7f0000000200)={{0x80}, 'port1\x00', 0x0, 0x141821})
r11 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9)
keyctl$instantiate(0xc, r8, &(0x7f0000000100)=ANY=[@ANYBLOB='new ecryptfs\'user:/dev/snd/timer\x00 00000000000000000006\x00'], 0x37, r11)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000940), 0x0)
clock_gettime(0x0, 0x0)

3.846217017s ago: executing program 0 (id=477):
r0 = socket$nl_route(0x10, 0x3, 0x0)
connect$netlink(r0, &(0x7f0000000280)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$nl_route(r0, &(0x7f0000000300)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000021000f0000f901000000000002"], 0x1c}, 0x1, 0x0, 0x2000000}, 0x0)

3.728394797s ago: executing program 4 (id=478):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000000c0)="2c385a4706", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x80, 0x0, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x1}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_IPPROTO={0x5}, @FOU_ATTR_PEER_V6={0x14, 0x9, @dev={0xfe, 0x80, '\x00', 0x17}}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @loopback}, @FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_PEER_V6={0x14, 0x9, @local}]}, 0x80}, 0x1, 0x0, 0x0, 0x4000}, 0x20044045)
recvmmsg$unix(r1, &(0x7f00000012c0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000002b80)=""/4110, 0x100e}], 0x1}}], 0x40000c1, 0x7000000, 0x0)

3.484583732s ago: executing program 0 (id=479):
socket$packet(0x11, 0x3, 0x300)
socket(0xa, 0x3, 0x3a)
socket$rds(0x15, 0x5, 0x0)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close(r0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$inet_tcp(0x2, 0x1, 0x0)
pipe(&(0x7f0000000100))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000013c0)=@newlink={0x34, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_MASTER={0x8, 0xa, r3}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x34}}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r4)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0)
write(r5, &(0x7f0000000240)="01", 0x1)
execveat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', &(0x7f0000000640), 0x0, 0x0)
execveat(r4, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x1000)

3.317698503s ago: executing program 2 (id=480):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14110000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)

2.947003231s ago: executing program 2 (id=481):
socket$inet_udplite(0x2, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
getsockopt(0xffffffffffffffff, 0x1, 0x45, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
socket$inet_udplite(0x2, 0x2, 0x88)
socket(0x10, 0x80002, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
socket$kcm(0x2, 0xa, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
socket$inet_dccp(0x2, 0x6, 0x0)
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x0)
r2 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r2, 0x0, 0x23, &(0x7f0000000080)=ANY=[@ANYBLOB="e0000808ac1414", @ANYRES64=r1], 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, 0x0)

2.600850293s ago: executing program 3 (id=482):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, &(0x7f0000000040)={0x1, 0x0, 0xfffffffd, &(0x7f0000000000)={0x3, "5889248e6109ff82fbf2ba1a028fb28a616ba5fc89d0c200"}})
setsockopt$sock_attach_bpf(r0, 0x1, 0x10, 0x0, 0x0) (async)
setsockopt$sock_attach_bpf(r0, 0x1, 0x10, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000200), 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
memfd_create(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) (async)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r1, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
syz_open_dev$sndctrl(0x0, 0x0, 0x0) (async)
r2 = syz_open_dev$sndctrl(0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000100)) (async)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000100))
r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000140)=0x200000000)
write$vhost_msg_v2(r3, &(0x7f0000000980)={0x2, 0x0, {0x0, 0x4b, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r3, &(0x7f0000002080)={0x2, 0x0, {&(0x7f0000001f80)=""/143, 0x8f, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r3, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000a00)=""/87, 0x57, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r1, &(0x7f0000001f00)={0x2, 0x0, {&(0x7f0000000440)=""/110, 0x6e, 0x0, 0x1, 0x1}}, 0x48)
write$vhost_msg_v2(r3, &(0x7f0000000200)={0x2, 0x0, {&(0x7f0000000840)=""/211, 0xd3, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r3, &(0x7f00000003c0)={0x2, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4}}, 0x48)
openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0)
ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0) (async)
ioctl$SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="021800001b000000000000000400000005000500000000000a0000000000000000000000000000000035d90000000001000000000000000008001200000000000000000000000000060000000000b504ad251c3438b7d7675778a7178100000000000000000000ac1414bb0000000000000000000000002001000000000000000000000000000205000600000000000a0000000000000020010000000000000000000000000001aa000000000000da7d0e93dd612f32000700190000000000020000006401010100000000000000000a0000000000100000000000000000000000ffffac1414aa0000000000000000a3782a2ce191c4ddd732382fe352ede1b919b04baec19b6c033106a5bc2a0ff603e4ca6985f43eacf609469c06874a332c29d557a6ef817f999d09373b86b1485ce06a3b2ceeefde0e4731695c63a55eac"], 0xd8}}, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x4, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000540)={0x1, @pix_mp={0x0, 0xfffffffc, 0x34524742, 0x0, 0x2, [{}, {0xffffffff, 0xfffffffe}, {0x0, 0x1}, {0x200}, {0x0, 0x7918}, {0x0, 0x1}], 0x0, 0x0, 0x4, 0x1, 0x7}}) (async)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000540)={0x1, @pix_mp={0x0, 0xfffffffc, 0x34524742, 0x0, 0x2, [{}, {0xffffffff, 0xfffffffe}, {0x0, 0x1}, {0x200}, {0x0, 0x7918}, {0x0, 0x1}], 0x0, 0x0, 0x4, 0x1, 0x7}})
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e20, @private=0xa010101}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000fd9e1a40f30c74933bbc0000000109021b0001040000000904000065d4695e000905", @ANYBLOB='Q3M'], 0x0) (async)
syz_usb_connect(0x0, 0x2d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000fd9e1a40f30c74933bbc0000000109021b0001040000000904000065d4695e000905", @ANYBLOB='Q3M'], 0x0)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) (async)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)

2.464176665s ago: executing program 0 (id=483):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x5c, 0x3, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc}, @NFTA_COUNTER_BYTES={0xc}]}]}, @NFT_MSG_NEWTABLE={0x1c, 0x0, 0xa, 0x401, 0x0, 0x0, {0x3}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}], {0x14}}, 0xc0}}, 0x0) (fail_nth: 9)

2.463790795s ago: executing program 4 (id=484):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000b00)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000000002000000000000000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fe8000000000000000000000000000bb"], 0x190)
syz_emit_ethernet(0x42, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c2000000ffffffffffff86dd60010100000c1100fe8000000000200000000000000000bbff020000000000000000000000000001"], 0x0)

2.250544941s ago: executing program 2 (id=485):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x2, 0x1ff, &(0x7f0000006680))
mlock2(&(0x7f00001d1000/0x1000)=nil, 0x1000, 0x1)
openat$uinput(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05", @ANYRES16=r0, @ANYRES16, @ANYRES16], 0x0)

1.470558637s ago: executing program 4 (id=486):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = dup2(r2, r1)
close_range(r3, 0xffffffffffffffff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000004c0)='./binderfs/binder0\x00', 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020800000100000000000001000000000100140003"], 0x18}}, 0x0)
io_setup(0x8, &(0x7f0000000600)=<r4=>0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0))
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
io_submit(r4, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f00000000c0)="01", 0x24}])
r6 = io_uring_setup(0x7, &(0x7f00000000c0))
io_uring_enter(r6, 0x0, 0x54aa, 0x5, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r6, 0x13, &(0x7f0000000040), 0x2)
io_uring_enter(r6, 0x6436, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x5c, 0x3, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_COUNTERS={0x1c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc}, @NFTA_COUNTER_BYTES={0xc}]}]}, @NFT_MSG_NEWTABLE={0x1c, 0x0, 0xa, 0x401, 0x0, 0x0, {0x3}, [@NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}], {0x14}}, 0xc0}}, 0x0)

1.021380081s ago: executing program 0 (id=487):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x8, &(0x7f0000000000), 0x8)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x30, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x6}}]}, 0x30}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000004c0)={'geneve0\x00', <r6=>0x0})
sendto$packet(r0, &(0x7f0000000180)="0b051000e0ff030006004788aa96a13bb1000000000088a8400f", 0x10000, 0xa6, &(0x7f0000000140)={0x11, 0x0, r6}, 0x14)

908.179785ms ago: executing program 4 (id=488):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000002340)={'xfrm0\x00'}) (async)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'team0\x00'}) (async)
syz_mount_image$fuse(&(0x7f0000002d00), &(0x7f0000002d40)='./file0\x00', 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="3df9567c", @ANYBLOB="2e676e6f75705f69643ff63d"], 0x3, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x104000, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000140)=0x1) (async)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r2, 0x8040942d, 0x0) (async)
socketpair$unix(0x1, 0x5, 0x0, 0x0) (async)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000b28000)=0x3) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0) (async)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) (async, rerun: 64)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) (rerun: 64)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f0000000300)=0x100000001, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) (async)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000000)=[@timestamp, @timestamp, @timestamp, @mss={0x2, 0xfff}, @sack_perm, @timestamp], 0x6)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0), 0xc7) (async)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x0, 0x0, 0xfffffffffffffd25)
socket$inet_udp(0x2, 0x2, 0x0)

631.060577ms ago: executing program 0 (id=489):
socket$kcm(0x11, 0x2, 0x0)
r0 = landlock_create_ruleset(&(0x7f0000006f80)={0x0, 0x3}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r0, 0x2, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$tipc(0x1e, 0x2, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000800)={{0x12, 0x1, 0x0, 0x96, 0x5d, 0x6, 0x40, 0x133e, 0x815, 0x7e66, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0x87, 0x28}}]}}]}}, 0x0)
socket$inet6(0xa, 0x200000000003, 0x87)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="4000000010003b150000ef000000000000004888", @ANYRES32=0x0, @ANYBLOB="d530d995212cf95a2000128008000100687372001400028008000200", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES64=r3], 0x40}}, 0x4004040)

402.009805ms ago: executing program 4 (id=490):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0xc00, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x30, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}], {0x14, 0x10}}, 0x78}}, 0x0)

103.196124ms ago: executing program 4 (id=491):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, 0x0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000059d360205f0501d09288000000010902120001000000000904"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000000100), 0x7f5b, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r2, 0xc0585605, &(0x7f0000000200)={0x1, 0x0, {0x0, 0xfffffffd, 0x3010, 0x5, 0xb}})
io_setup(0x3, &(0x7f00000000c0)=<r3=>0x0)
io_submit(r3, 0x2, &(0x7f0000000080)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x6, 0x0, 0x1}])
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000540)={0x2c, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0})

0s ago: executing program 1 (id=443):
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000000c0), 0x4)
set_mempolicy(0x3, &(0x7f0000000040)=0x10000000005, 0x7) (async)
set_mempolicy(0x8000, &(0x7f0000000000)=0x1, 0x26d5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240), 0x0, 0x0, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
syz_emit_ethernet(0x1e, &(0x7f0000003680)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaeabb00ad2687e3c0040100007992052531611cd1"], 0x0) (async)
setxattr$trusted_overlay_opaque(&(0x7f0000000140)='./file2\x00', &(0x7f0000000180), &(0x7f00000001c0), 0x2, 0x2)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r1, 0x0, 0x0)
r2 = userfaultfd(0x80401)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) (async)
ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffa000/0x4000)=nil, &(0x7f000084f000/0x2000)=nil, 0x4000}) (async)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc534, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r3, 0x0, 0x0) (async)
syz_usb_control_io$hid(r3, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x8, "a8f46877"}]}}, 0x0}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000083c0)) (async)
prlimit64(0x0, 0x0, 0x0, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$TCFLSH(r4, 0x540b, 0x0)

kernel console output (not intermixed with test programs):

1] usb 2-1: Product: syz
[  114.476871][   T51] usb 2-1: Manufacturer: syz
[  114.476890][   T51] usb 2-1: SerialNumber: syz
[  114.478746][ T5321] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  114.478770][ T5321] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.478787][ T5321] usb 3-1: Product: syz
[  114.478799][ T5321] usb 3-1: Manufacturer: syz
[  114.478812][ T5321] usb 3-1: SerialNumber: syz
[  114.482215][   T51] usb 2-1: config 0 descriptor??
[  114.491255][ T5321] cdc_wdm 3-1:1.128: skipping garbage
[  114.491292][ T5321] cdc_wdm 3-1:1.128: probe with driver cdc_wdm failed with error -22
[  114.505280][   T51] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[  114.753713][ T5964] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  114.784879][ T5964] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  114.851163][ T5980] netlink: 'syz.4.180': attribute type 4 has an invalid length.
[  114.980371][ T5980] netlink: 20 bytes leftover after parsing attributes in process `syz.4.180'.
[  114.991297][ T5964] loop2: detected capacity change from 0 to 7
[  115.008097][ T5964] Dev loop2: unable to read RDB block 7
[  115.017557][ T5964]  loop2: AHDI p1 p3
[  115.024996][ T5964] loop2: partition table partially beyond EOD, truncated
[  115.038063][ T5964] loop2: p1 start 2048 is beyond EOD, truncated
[  115.077335][   T30] audit: type=1326 audit(1726944729.456:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5984 comm="syz.0.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6a417def9 code=0x7ffc0000
[  115.141047][   T30] audit: type=1326 audit(1726944729.506:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5984 comm="syz.0.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6a417def9 code=0x7ffc0000
[  115.163966][   T30] audit: type=1326 audit(1726944729.516:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5984 comm="syz.0.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7ff6a417def9 code=0x7ffc0000
[  115.190260][   T30] audit: type=1326 audit(1726944729.516:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5984 comm="syz.0.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6a417def9 code=0x7ffc0000
[  115.213402][   T30] audit: type=1326 audit(1726944729.516:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5984 comm="syz.0.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6a417def9 code=0x7ffc0000
[  115.236092][   T30] audit: type=1326 audit(1726944729.516:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5984 comm="syz.0.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff6a417def9 code=0x7ffc0000
[  115.282423][   T30] audit: type=1326 audit(1726944729.516:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5984 comm="syz.0.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6a417def9 code=0x7ffc0000
[  115.343711][ T5990] netlink: 'syz.4.184': attribute type 9 has an invalid length.
[  115.344169][   T30] audit: type=1326 audit(1726944729.516:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5984 comm="syz.0.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6a417def9 code=0x7ffc0000
[  115.378984][   T30] audit: type=1326 audit(1726944729.516:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5984 comm="syz.0.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7ff6a417def9 code=0x7ffc0000
[  115.401885][   T30] audit: type=1326 audit(1726944729.516:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5984 comm="syz.0.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6a417def9 code=0x7ffc0000
[  115.585572][ T5268] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  115.715987][ T5994] warning: `syz.4.186' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  115.736974][ T5994] netlink: 12 bytes leftover after parsing attributes in process `syz.4.186'.
[  115.781861][ T5268] usb 1-1: Using ep0 maxpacket: 16
[  115.810841][ T5268] usb 1-1: unable to get BOS descriptor or descriptor too short
[  115.821078][ T5268] usb 1-1: config 254 has an invalid interface number: 1 but max is 0
[  115.832471][ T5268] usb 1-1: config 254 has no interface number 0
[  115.840653][ T5268] usb 1-1: config 254 interface 1 has no altsetting 0
[  115.852534][ T5268] usb 1-1: New USB device found, idVendor=15ba, idProduct=0004, bcdDevice=76.d4
[  115.862348][ T5268] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.871313][ T5268] usb 1-1: Product: syz
[  115.877202][ T5268] usb 1-1: Manufacturer: syz
[  115.882292][ T5268] usb 1-1: SerialNumber: syz
[  116.106031][ T5318] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  116.162232][ T5268] ftdi_sio 1-1:254.1: FTDI USB Serial Device converter detected
[  116.171623][ T5268] ftdi_sio ttyUSB0: unknown device type: 0x76d4
[  116.211481][ T5268] usb 1-1: USB disconnect, device number 7
[  116.229703][ T5268] ftdi_sio 1-1:254.1: device disconnected
[  116.259805][ T5318] usb 5-1: config 0 has no interfaces?
[  116.265644][ T5318] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  116.288812][ T5318] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.323844][ T5318] usb 5-1: config 0 descriptor??
[  116.350942][ T6001] netlink: 40 bytes leftover after parsing attributes in process `syz.3.189'.
[  116.378703][ T5275] usb 18-1: device descriptor read/8, error -110
[  116.587465][   T25] usb 5-1: USB disconnect, device number 5
[  116.762958][ T6006] netlink: 24 bytes leftover after parsing attributes in process `syz.0.191'.
[  116.781201][ T5275] usb usb18-port1: attempt power cycle
[  116.806169][ T5318] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  116.872003][ T5321] usb 3-1: USB disconnect, device number 14
[  117.013731][ T5318] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  117.035979][   T51] gspca_xirlink_cit: Failed to write a register (index 0x0437, value 0x07, error -71)
[  117.056659][ T5318] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.071705][   T51] gspca_xirlink_cit: Failed to write a register (index 0x042F, value 0x15, error -71)
[  117.099374][ T5318] usb 4-1: Product: syz
[  117.119726][   T51] gspca_xirlink_cit: Failed to write a register (index 0x0439, value 0x2B, error -71)
[  117.130826][ T5318] usb 4-1: Manufacturer: syz
[  117.145733][ T5318] usb 4-1: SerialNumber: syz
[  117.154964][   T51] gspca_xirlink_cit: Failed to write a register (index 0x043A, value 0x26, error -71)
[  117.167313][   T51] gspca_xirlink_cit: Failed to write a register (index 0x0438, value 0x08, error -71)
[  117.178334][ T5318] usb 4-1: config 0 descriptor??
[  117.191285][   T51] gspca_xirlink_cit: Failed to write a register (index 0x042B, value 0x1E, error -71)
[  117.203778][ T5318] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -22
[  117.226321][   T51] gspca_xirlink_cit: Failed to write a register (index 0x042C, value 0x41, error -71)
[  117.249187][   T51] gspca_xirlink_cit: Failed to write a register (index 0x0100, value 0xC0, error -71)
[  117.277260][   T51] input: xirlink-cit as /devices/platform/dummy_hcd.1/usb2/2-1/input/input6
[  117.313659][   T51] usb 2-1: USB disconnect, device number 4
[  117.396977][ T5275] usb usb18-port1: unable to enumerate USB device
[  117.461246][ T6004] dummy0: entered promiscuous mode
[  117.512506][ T6004] dummy0: left promiscuous mode
[  117.597471][   T25] usb 4-1: USB disconnect, device number 13
[  117.927732][ T6029] FAULT_INJECTION: forcing a failure.
[  117.927732][ T6029] name failslab, interval 1, probability 0, space 0, times 0
[  117.940713][ T6029] CPU: 1 UID: 0 PID: 6029 Comm: syz.2.200 Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0
[  117.951009][ T6029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  117.961342][ T6029] Call Trace:
[  117.961543][ T6028] netlink: 'syz.4.199': attribute type 10 has an invalid length.
[  117.964628][ T6029]  <TASK>
[  117.975322][ T6029]  dump_stack_lvl+0x241/0x360
[  117.980060][ T6029]  ? __pfx_dump_stack_lvl+0x10/0x10
[  117.985317][ T6029]  ? __pfx__printk+0x10/0x10
[  117.989970][ T6029]  ? __pfx_lock_acquire+0x10/0x10
[  117.995047][ T6029]  ? is_bpf_text_address+0x26/0x2a0
[  118.000296][ T6029]  should_fail_ex+0x3b0/0x4e0
[  118.005017][ T6029]  ? dst_alloc+0x12b/0x190
[  118.009490][ T6029]  should_failslab+0xac/0x100
[  118.014218][ T6029]  ? dst_alloc+0x12b/0x190
[  118.018685][ T6029]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  118.024123][ T6029]  dst_alloc+0x12b/0x190
[  118.028426][ T6029]  ip_route_input_rcu+0x24be/0x3910
[  118.033689][ T6029]  ? __pfx_ip_route_input_rcu+0x10/0x10
[  118.039299][ T6029]  ? __pfx_lock_acquire+0x10/0x10
[  118.044387][ T6029]  ? ipt_do_table+0x157a/0x1860
[  118.049298][ T6029]  ip_route_input_noref+0x170/0x260
[  118.054547][ T6029]  ? ip_route_input_noref+0xb1/0x260
[  118.059872][ T6029]  ? __pfx_ip_route_input_noref+0x10/0x10
[  118.065650][ T6029]  ? tcp_v4_early_demux+0x99/0x930
[  118.070899][ T6029]  ip_rcv_finish_core+0x5ab/0x1b40
[  118.076070][ T6029]  ip_rcv_finish+0x14a/0x560
[  118.080702][ T6029]  ? NF_HOOK+0x392/0x450
[  118.084986][ T6029]  ? __pfx_ip_rcv_finish+0x10/0x10
[  118.090103][ T6029]  NF_HOOK+0x3a4/0x450
[  118.094183][ T6029]  ? NF_HOOK+0x9a/0x450
[  118.098357][ T6029]  ? __pfx_NF_HOOK+0x10/0x10
[  118.102981][ T6029]  ? ip_rcv_core+0x801/0xd10
[  118.107600][ T6029]  ? __pfx_ip_rcv_finish+0x10/0x10
[  118.112729][ T6029]  ? __pfx_ip_rcv+0x10/0x10
[  118.117243][ T6029]  __netif_receive_skb+0x2bf/0x650
[  118.122382][ T6029]  ? __pfx_lock_acquire+0x10/0x10
[  118.127445][ T6029]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  118.133735][ T6029]  ? __pfx___netif_receive_skb+0x10/0x10
[  118.139387][ T6029]  ? __kasan_slab_alloc+0x66/0x80
[  118.144448][ T6029]  ? read_tsc+0x9/0x20
[  118.148538][ T6029]  ? timekeeping_get_ns+0x2c0/0x420
[  118.153768][ T6029]  ? netif_receive_skb+0x131/0x890
[  118.158888][ T6029]  ? netif_receive_skb+0x131/0x890
[  118.164024][ T6029]  netif_receive_skb+0x1e8/0x890
[  118.168975][ T6029]  ? tun_rx_batched+0x160/0x8f0
[  118.173853][ T6029]  ? __pfx_netif_receive_skb+0x10/0x10
[  118.179367][ T6029]  ? tun_rx_batched+0x160/0x8f0
[  118.184258][ T6029]  tun_rx_batched+0x1b7/0x8f0
[  118.188983][ T6029]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  118.195329][ T6029]  ? __pfx_lock_acquire+0x10/0x10
[  118.196043][ T5275] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  118.200532][ T6029]  ? __pfx_tun_rx_batched+0x10/0x10
[  118.200584][ T6029]  tun_get_user+0x3056/0x47e0
[  118.200611][ T6029]  ? tun_get_user+0x2b44/0x47e0
[  118.223000][ T6029]  ? __lock_acquire+0x1384/0x2050
[  118.228060][ T6029]  ? __pfx_tun_get_user+0x10/0x10
[  118.233143][ T6029]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  118.238638][ T6029]  ? tun_get+0x1e/0x2f0
[  118.242803][ T6029]  ? __pfx_lock_release+0x10/0x10
[  118.247869][ T6029]  ? tun_get+0x1e/0x2f0
[  118.252063][ T6029]  ? tun_get+0x27d/0x2f0
[  118.256342][ T6029]  tun_chr_write_iter+0x10d/0x1f0
[  118.261587][ T6029]  vfs_write+0xa6d/0xc90
[  118.265875][ T6029]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  118.271462][ T6029]  ? __pfx_vfs_write+0x10/0x10
[  118.276312][ T6029]  ? __fdget_pos+0x19a/0x320
[  118.280967][ T6029]  ksys_write+0x1a0/0x2c0
[  118.285348][ T6029]  ? __pfx_ksys_write+0x10/0x10
[  118.290246][ T6029]  ? do_syscall_64+0x100/0x230
[  118.295064][ T6029]  ? do_syscall_64+0xb6/0x230
[  118.299795][ T6029]  do_syscall_64+0xf3/0x230
[  118.304345][ T6029]  ? clear_bhb_loop+0x35/0x90
[  118.309068][ T6029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.315092][ T6029] RIP: 0033:0x7fcfded7c9df
[  118.319545][ T6029] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  118.339189][ T6029] RSP: 002b:00007fcfdebf9000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  118.347647][ T6029] RAX: ffffffffffffffda RBX: 00007fcfdef35f80 RCX: 00007fcfded7c9df
[  118.355654][ T6029] RDX: 000000000000003e RSI: 0000000020000100 RDI: 00000000000000c8
[  118.363742][ T6029] RBP: 00007fcfdebf9090 R08: 0000000000000000 R09: 0000000000000000
[  118.371806][ T6029] R10: 000000000000003e R11: 0000000000000293 R12: 0000000000000001
[  118.379789][ T6029] R13: 0000000000000000 R14: 00007fcfdef35f80 R15: 00007fcfdf05fa28
[  118.387796][ T6029]  </TASK>
[  118.418565][ T6028] team0: Port device netdevsim0 added
[  118.419374][ T5275] usb 1-1: Using ep0 maxpacket: 32
[  118.439421][ T6031] netlink: 40 bytes leftover after parsing attributes in process `syz.1.201'.
[  118.479290][ T5275] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  118.502233][ T5275] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.538763][ T5275] usb 1-1: config 0 descriptor??
[  118.556197][ T5275] gspca_main: nw80x-2.14.0 probing 055f:d001
[  118.791805][ T6043] netlink: 32 bytes leftover after parsing attributes in process `syz.1.205'.
[  118.825795][ T6043] netlink: 4 bytes leftover after parsing attributes in process `syz.1.205'.
[  119.075561][   T25] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  119.247073][   T25] usb 2-1: config 36 interface 0 altsetting 0 has an endpoint descriptor with address 0x63, changing to 0x3
[  119.265534][   T25] usb 2-1: config 36 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  119.288632][   T25] usb 2-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=26.29
[  119.305933][   T25] usb 2-1: New USB device strings: Mfr=244, Product=0, SerialNumber=0
[  119.319604][   T25] usb 2-1: Manufacturer: syz
[  119.543967][   T25] usbhid 2-1:36.0: couldn't find an input interrupt endpoint
[  119.553453][   T25] usb 2-1: USB disconnect, device number 5
[  119.612788][ T6071] netlink: 256 bytes leftover after parsing attributes in process `syz.4.214'.
[  119.814568][ T6075] netlink: 40 bytes leftover after parsing attributes in process `syz.2.215'.
[  119.919359][ T5275] gspca_nw80x: reg_r err -110
[  119.935594][ T5275] nw80x 1-1:0.0: probe with driver nw80x failed with error -110
[  120.157903][ T6082] netlink: 'syz.2.218': attribute type 9 has an invalid length.
[  120.169812][ T6082] netlink: 134660 bytes leftover after parsing attributes in process `syz.2.218'.
[  120.579294][ T6091] netlink: 4 bytes leftover after parsing attributes in process `syz.4.224'.
[  120.625655][   T51] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  120.641098][ T5232] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  120.650863][ T5232] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  120.658685][ T5232] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  120.668529][ T5232] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  120.683022][ T5232] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  120.695853][ T5232] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  120.752106][ T6096] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  120.772271][ T6096] batman_adv: batadv0: Adding interface: ip6gretap1
[  120.781624][ T6096] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  120.791781][   T51] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  120.807241][    C0] vkms_vblank_simulate: vblank timer overrun
[  120.823788][ T6096] batman_adv: batadv0: Not using interface ip6gretap1 (retrying later): interface not active
[  120.825565][   T51] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  120.845580][   T51] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  120.854667][   T51] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.862780][   T51] usb 2-1: Product: syz
[  120.867040][   T51] usb 2-1: Manufacturer: syz
[  120.871668][   T51] usb 2-1: SerialNumber: syz
[  120.878777][   T51] usb 2-1: config 0 descriptor??
[  120.905092][ T6096] netlink: 4 bytes leftover after parsing attributes in process `syz.4.225'.
[  120.913809][ T5275] usb 1-1: USB disconnect, device number 8
[  120.914176][ T6096] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  120.935778][ T6096] batman_adv: batadv0: Removing interface: batadv_slave_0
[  121.018562][ T6096] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  121.045931][ T6096] batman_adv: batadv0: Removing interface: batadv_slave_1
[  121.086970][ T6096] batman_adv: batadv0: Removing interface: ip6gretap1
[  121.227862][ T5268] usb 3-1: new full-speed USB device number 15 using dummy_hcd
[  121.308496][ T6097] chnl_net:caif_netlink_parms(): no params data found
[  121.402289][ T5268] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  121.425155][ T5268] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 32, changing to 4
[  121.440900][ T5268] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  121.452122][ T5268] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.462951][ T5268] usb 3-1: Product: syz
[  121.467949][ T5268] usb 3-1: Manufacturer: syz
[  121.473993][ T5268] usb 3-1: SerialNumber: syz
[  121.474779][ T6117] netlink: 8 bytes leftover after parsing attributes in process `syz.1.221'.
[  121.528314][ T6097] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.536151][ T6097] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.543651][ T6097] bridge_slave_0: entered allmulticast mode
[  121.553876][ T6097] bridge_slave_0: entered promiscuous mode
[  121.567354][ T6097] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.574893][ T6097] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.582594][ T6097] bridge_slave_1: entered allmulticast mode
[  121.591244][ T6097] bridge_slave_1: entered promiscuous mode
[  121.633141][ T6097] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  121.646023][ T6097] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  121.700009][ T6097] team0: Port device team_slave_0 added
[  121.709645][ T6097] team0: Port device team_slave_1 added
[  121.720171][ T5268] usb 3-1: 2:1 : format type 0 is detected, processed as PCM
[  121.802880][ T6097] batman_adv: batadv0: Adding interface: batadv_slave_0
[  121.825590][ T6097] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  121.851541][    C0] vkms_vblank_simulate: vblank timer overrun
[  121.869110][ T5268] usb 3-1: USB disconnect, device number 15
[  121.922475][ T6097] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  121.980380][ T5242] udevd[5242]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  122.010374][ T6097] batman_adv: batadv0: Adding interface: batadv_slave_1
[  122.036394][ T6097] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  122.078247][ T6097] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  122.168168][   T29] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.279071][   T29] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.287149][   T25] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  122.313285][ T6097] hsr_slave_0: entered promiscuous mode
[  122.327840][ T6097] hsr_slave_1: entered promiscuous mode
[  122.352792][ T6133] syz.4.232 uses obsolete (PF_INET,SOCK_PACKET)
[  122.389552][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  122.389570][   T30] audit: type=1326 audit(1726944736.766:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6132 comm="syz.4.232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f666617def9 code=0x7ffc0000
[  122.435097][   T29] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.445527][   T30] audit: type=1326 audit(1726944736.776:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6132 comm="syz.4.232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f666617def9 code=0x7ffc0000
[  122.445573][   T30] audit: type=1326 audit(1726944736.776:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6132 comm="syz.4.232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f666617def9 code=0x7ffc0000
[  122.445611][   T30] audit: type=1326 audit(1726944736.776:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6132 comm="syz.4.232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f666617def9 code=0x7ffc0000
[  122.465496][   T25] usb 1-1: Using ep0 maxpacket: 8
[  122.468199][    C0] vkms_vblank_simulate: vblank timer overrun
[  122.491888][ T6135] netlink: 4 bytes leftover after parsing attributes in process `syz.4.232'.
[  122.530569][   T25] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  122.558812][ T6134] netlink: 'syz.4.232': attribute type 16 has an invalid length.
[  122.568360][ T6134] netlink: 8 bytes leftover after parsing attributes in process `syz.4.232'.
[  122.584895][   T25] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  122.603953][   T30] audit: type=1326 audit(1726944736.976:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6132 comm="syz.4.232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f666617def9 code=0x7ffc0000
[  122.634673][   T25] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  122.648624][   T25] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  122.667686][   T30] audit: type=1326 audit(1726944736.976:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6132 comm="syz.4.232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f666617def9 code=0x7ffc0000
[  122.693951][   T29] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.699330][   T25] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  122.726791][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.782711][ T5232] Bluetooth: hci4: command tx timeout
[  122.894648][ T6139] fuse: Unknown parameter 'ÿÿ0x0000000000000003'
[  122.985321][ T6128] netlink: 8 bytes leftover after parsing attributes in process `syz.0.230'.
[  123.028212][   T25] usb 1-1: GET_CAPABILITIES returned 0
[  123.033758][   T25] usbtmc 1-1:16.0: can't read capabilities
[  123.074241][   T29] bridge_slave_1: left allmulticast mode
[  123.083593][   T29] bridge_slave_1: left promiscuous mode
[  123.094267][   T29] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.118980][   T29] bridge_slave_0: left allmulticast mode
[  123.124678][   T29] bridge_slave_0: left promiscuous mode
[  123.138713][   T29] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.201373][ T5275] IPVS: starting estimator thread 0...
[  123.254244][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  123.270471][ T5275] usb 1-1: USB disconnect, device number 9
[  123.306652][ T6148] IPVS: using max 19 ests per chain, 45600 per kthread
[  123.365050][   T51] usb 2-1: USB disconnect, device number 6
[  123.430923][   T30] audit: type=1326 audit(1726944737.806:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.1.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  123.505538][   T30] audit: type=1326 audit(1726944737.836:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.1.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  123.546975][   T30] audit: type=1326 audit(1726944737.836:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.1.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  123.569086][    C0] vkms_vblank_simulate: vblank timer overrun
[  123.586348][ T5275] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  123.613089][   T30] audit: type=1326 audit(1726944737.836:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.1.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  123.659246][ T5232] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  123.668601][ T5232] Bluetooth: hci1: Injecting HCI hardware error event
[  123.677732][ T5232] Bluetooth: hci1: hardware error 0x00
[  123.785753][ T5275] usb 1-1: Using ep0 maxpacket: 8
[  123.792933][ T5275] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  123.825757][ T5275] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  123.841009][ T5275] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  123.851649][ T5275] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  123.865262][ T5275] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  123.874885][ T5275] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.068428][   T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  124.093599][   T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  124.108529][   T29] bond0 (unregistering): Released all slaves
[  124.162666][ T5268] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  124.238369][ T6163] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  124.292758][ T5275] usb 1-1: usb_control_msg returned -71
[  124.298891][ T5268] usb 2-1: device descriptor read/64, error -71
[  124.311811][ T5275] usbtmc 1-1:16.0: can't read capabilities
[  124.341005][ T5275] usb 1-1: USB disconnect, device number 10
[  124.471532][ T6176] netlink: 8 bytes leftover after parsing attributes in process `syz.4.246'.
[  124.546201][ T5268] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  124.684716][ T6184] __nla_validate_parse: 1 callbacks suppressed
[  124.684738][ T6184] netlink: 52 bytes leftover after parsing attributes in process `syz.2.249'.
[  124.709485][ T5268] usb 2-1: device descriptor read/64, error -71
[  124.756968][   T29] hsr_slave_0: left promiscuous mode
[  124.784118][   T29] hsr_slave_1: left promiscuous mode
[  124.794905][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  124.827063][   T29] batman_adv: batadv0: Removing interface: batadv_slave_0
[  124.832834][ T5268] usb usb2-port1: attempt power cycle
[  124.855718][ T5229] Bluetooth: hci4: command tx timeout
[  124.865260][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.893709][   T29] batman_adv: batadv0: Removing interface: batadv_slave_1
[  124.982282][   T29] veth1_macvtap: left promiscuous mode
[  124.990412][   T29] veth0_macvtap: left promiscuous mode
[  125.003529][   T29] veth1_vlan: left promiscuous mode
[  125.009676][   T29] veth0_vlan: left promiscuous mode
[  125.206007][ T5268] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  125.225568][   T25] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  125.243144][ T5268] usb 2-1: device descriptor read/8, error -71
[  125.408094][   T25] usb 1-1: Using ep0 maxpacket: 32
[  125.417697][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.457772][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.477277][   T25] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  125.501464][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.536312][ T5268] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  125.537266][   T25] usb 1-1: config 0 descriptor??
[  125.573099][   T25] hub 1-1:0.0: USB hub found
[  125.586343][ T5268] usb 2-1: device descriptor read/8, error -71
[  125.710766][ T5268] usb usb2-port1: unable to enumerate USB device
[  125.740904][ T5232] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  125.805263][   T25] hub 1-1:0.0: 1 port detected
[  125.922491][   T29] team0 (unregistering): Port device team_slave_1 removed
[  125.983206][   T29] team0 (unregistering): Port device team_slave_0 removed
[  126.411283][   T25] hub 1-1:0.0: activate --> -90
[  126.441501][ T6185] netlink: 52 bytes leftover after parsing attributes in process `syz.2.249'.
[  126.621559][ T6097] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  126.654245][ T6097] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  126.690201][ T6097] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  126.712857][ T6097] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  126.822062][ T6198] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.895746][ T6198] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  126.921869][ T5321] usb 1-1: USB disconnect, device number 11
[  126.935728][ T5232] Bluetooth: hci4: command tx timeout
[  127.031688][ T6097] 8021q: adding VLAN 0 to HW filter on device bond0
[  127.075326][ T6097] 8021q: adding VLAN 0 to HW filter on device team0
[  127.104355][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.111581][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  127.160772][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.168062][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  127.205671][   T25] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  127.324498][ T6097] 8021q: adding VLAN 0 to HW filter on device batadv0
[  127.365787][   T25] usb 3-1: Using ep0 maxpacket: 8
[  127.379229][ T6097] veth0_vlan: entered promiscuous mode
[  127.384447][   T25] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  127.392226][ T6097] veth1_vlan: entered promiscuous mode
[  127.408005][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  127.424466][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  127.435540][ T5277] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  127.453750][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  127.491425][ T6097] veth0_macvtap: entered promiscuous mode
[  127.502519][   T25] usb 3-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  127.519099][ T6097] veth1_macvtap: entered promiscuous mode
[  127.524242][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.549455][   T25] usb 3-1: Product: syz
[  127.553682][   T25] usb 3-1: Manufacturer: syz
[  127.566147][ T6097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.570515][   T25] usb 3-1: SerialNumber: syz
[  127.597816][ T6097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.624627][   T25] usb 3-1: config 0 descriptor??
[  127.626597][ T5277] usb 5-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  127.640455][ T5277] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.646489][   T25] streamzap 3-1:0.0: streamzap_probe: endpoint Max Packet Size is 0!?!
[  127.655473][ T6097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.675475][ T5277] usb 5-1: Product: syz
[  127.679689][ T5277] usb 5-1: Manufacturer: syz
[  127.685563][ T5277] usb 5-1: SerialNumber: syz
[  127.691100][ T6097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.721054][ T5277] usb 5-1: config 0 descriptor??
[  127.740054][ T6097] batman_adv: batadv0: Interface activated: batadv_slave_0
[  127.753411][ T5277] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -22
[  127.780350][ T6097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.802825][ T6097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.832361][ T6097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.854403][ T6097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.867750][ T6097] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.876527][ T6222] netlink: 108 bytes leftover after parsing attributes in process `syz.2.259'.
[  127.878333][ T6097] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.898540][ T6097] batman_adv: batadv0: Interface activated: batadv_slave_1
[  127.911241][ T6097] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  127.920037][ T6097] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  127.928820][ T6097] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.937673][ T6097] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  127.977773][   T25] usb 3-1: USB disconnect, device number 16
[  128.025328][ T5277] usb 5-1: USB disconnect, device number 6
[  128.087789][ T3046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.102242][ T3046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.166956][ T6256] FAULT_INJECTION: forcing a failure.
[  128.166956][ T6256] name failslab, interval 1, probability 0, space 0, times 0
[  128.173786][  T968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  128.189765][  T968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  128.192228][ T6256] CPU: 0 UID: 0 PID: 6256 Comm: syz.1.267 Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0
[  128.207501][ T6256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  128.217570][ T6256] Call Trace:
[  128.220881][ T6256]  <TASK>
[  128.223848][ T6256]  dump_stack_lvl+0x241/0x360
[  128.228568][ T6256]  ? __pfx_dump_stack_lvl+0x10/0x10
[  128.233787][ T6256]  ? __pfx__printk+0x10/0x10
[  128.238391][ T6256]  ? __kmalloc_noprof+0xb0/0x400
[  128.243333][ T6256]  ? __pfx___might_resched+0x10/0x10
[  128.248631][ T6256]  should_fail_ex+0x3b0/0x4e0
[  128.253319][ T6256]  ? nla_strdup+0x9c/0x140
[  128.257747][ T6256]  should_failslab+0xac/0x100
[  128.262455][ T6256]  ? nla_strdup+0x9c/0x140
[  128.266884][ T6256]  __kmalloc_noprof+0xd8/0x400
[  128.271669][ T6256]  ? __kasan_kmalloc+0x98/0xb0
[  128.276462][ T6256]  nla_strdup+0x9c/0x140
[  128.280736][ T6256]  nf_tables_newtable+0x59b/0x1e10
[  128.285878][ T6256]  ? nfnl_pernet+0x23/0x240
[  128.290430][ T6256]  ? __pfx_nf_tables_newtable+0x10/0x10
[  128.296013][ T6256]  ? __nla_parse+0x40/0x60
[  128.300463][ T6256]  nfnetlink_rcv+0x14dc/0x2ab0
[  128.305265][ T6256]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  128.310427][ T6256]  ? netlink_deliver_tap+0x2e/0x1b0
[  128.315634][ T6256]  ? skb_clone+0x240/0x390
[  128.320068][ T6256]  ? __pfx_lock_release+0x10/0x10
[  128.325116][ T6256]  ? netlink_deliver_tap+0x2e/0x1b0
[  128.330329][ T6256]  netlink_unicast+0x7f6/0x990
[  128.335107][ T6256]  ? __pfx_netlink_unicast+0x10/0x10
[  128.340420][ T6256]  ? __virt_addr_valid+0x183/0x530
[  128.345548][ T6256]  ? __check_object_size+0x49c/0x900
[  128.350868][ T6256]  netlink_sendmsg+0x8e4/0xcb0
[  128.355654][ T6256]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.360955][ T6256]  ? aa_sock_msg_perm+0x91/0x160
[  128.365914][ T6256]  ? __pfx_netlink_sendmsg+0x10/0x10
[  128.371386][ T6256]  __sock_sendmsg+0x221/0x270
[  128.376093][ T6256]  ____sys_sendmsg+0x52a/0x7e0
[  128.380891][ T6256]  ? __pfx_____sys_sendmsg+0x10/0x10
[  128.386206][ T6256]  __sys_sendmsg+0x2aa/0x390
[  128.390841][ T6256]  ? __pfx___sys_sendmsg+0x10/0x10
[  128.395980][ T6256]  ? vfs_write+0x7bf/0xc90
[  128.400453][ T6256]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  128.406791][ T6256]  ? do_syscall_64+0x100/0x230
[  128.411569][ T6256]  ? do_syscall_64+0xb6/0x230
[  128.416272][ T6256]  do_syscall_64+0xf3/0x230
[  128.420785][ T6256]  ? clear_bhb_loop+0x35/0x90
[  128.425490][ T6256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.431429][ T6256] RIP: 0033:0x7fa12217def9
[  128.435863][ T6256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.455488][ T6256] RSP: 002b:00007fa123061038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  128.463942][ T6256] RAX: ffffffffffffffda RBX: 00007fa122335f80 RCX: 00007fa12217def9
[  128.471928][ T6256] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  128.479906][ T6256] RBP: 00007fa123061090 R08: 0000000000000000 R09: 0000000000000000
[  128.487888][ T6256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  128.495882][ T6256] R13: 0000000000000000 R14: 00007fa122335f80 R15: 00007fa12245fa28
[  128.503890][ T6256]  </TASK>
[  128.648206][ T6260] netlink: 4 bytes leftover after parsing attributes in process `syz.0.268'.
[  128.970644][ T6275] openvswitch: netlink: Message has 225 unknown bytes.
[  128.984018][ T6275] openvswitch: netlink: Actions may not be safe on all matching packets
[  129.017539][ T5232] Bluetooth: hci4: command tx timeout
[  129.314938][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  129.314958][   T30] audit: type=1326 audit(1726944743.686:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6287 comm="syz.4.279" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f666617def9 code=0x0
[  129.442381][ T6295] mmap: syz.4.279 (6295) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  129.468015][ T6298] openvswitch: netlink: Message has 225 unknown bytes.
[  129.475065][ T6298] openvswitch: netlink: Actions may not be safe on all matching packets
[  129.617173][ T5277] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  129.737828][ T5275] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  129.785558][ T5277] usb 3-1: Using ep0 maxpacket: 8
[  129.793462][ T5277] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  129.842955][ T5277] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  129.871881][ T5277] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 138, changing to 11
[  129.888933][ T5277] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 2306, setting to 64
[  129.904882][ T5277] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  129.924914][ T5275] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  129.944301][ T5275] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.001144][ T5275] usb 4-1: config 0 descriptor??
[  130.029222][ T5277] usb 3-1: string descriptor 0 read error: -22
[  130.041087][ T5277] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  130.051366][ T5277] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.062088][ T5275] cp210x 4-1:0.0: cp210x converter detected
[  130.091667][ T5277] cdc_ncm 3-1:1.0: NCM or ECM functional descriptors missing
[  130.129852][ T5277] cdc_ncm 3-1:1.0: bind() failure
[  130.159708][ T5277] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  130.177672][ T5277] cdc_ncm 3-1:1.1: bind() failure
[  130.266448][ T5275] cp210x 4-1:0.0: failed to get vendor val 0x370b size 1: -121
[  130.274079][ T5275] cp210x 4-1:0.0: querying part number failed
[  130.310548][ T5275] usb 4-1: cp210x converter now attached to ttyUSB0
[  130.386835][ T6311] IPVS: set_ctl: invalid protocol: 8 224.0.0.2:20000
[  130.399350][ T6313] FAULT_INJECTION: forcing a failure.
[  130.399350][ T6313] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  130.422701][ T6313] CPU: 1 UID: 0 PID: 6313 Comm: syz.0.286 Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0
[  130.433005][ T6313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  130.443097][ T6313] Call Trace:
[  130.446422][ T6313]  <TASK>
[  130.449379][ T6313]  dump_stack_lvl+0x241/0x360
[  130.454104][ T6313]  ? __pfx_dump_stack_lvl+0x10/0x10
[  130.459353][ T6313]  ? __pfx__printk+0x10/0x10
[  130.464019][ T6313]  ? __pfx_lock_release+0x10/0x10
[  130.469095][ T6313]  ? __lock_acquire+0x1384/0x2050
[  130.474177][ T6313]  should_fail_ex+0x3b0/0x4e0
[  130.478905][ T6313]  _copy_from_user+0x2f/0xe0
[  130.483560][ T6313]  kstrtouint_from_user+0xc6/0x190
[  130.488723][ T6313]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  130.494490][ T6313]  ? __pfx_lock_acquire+0x10/0x10
[  130.499592][ T6313]  proc_fail_nth_write+0xaa/0x2d0
[  130.504658][ T6313]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  130.510610][ T6313]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  130.516288][ T6313]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  130.521969][ T6313]  vfs_write+0x29c/0xc90
[  130.526262][ T6313]  ? __pfx_vfs_write+0x10/0x10
[  130.531070][ T6313]  ? __fget_files+0x3f3/0x470
[  130.535808][ T6313]  ? __fdget_pos+0x24e/0x320
[  130.540459][ T6313]  ksys_write+0x1a0/0x2c0
[  130.544843][ T6313]  ? __pfx_ksys_write+0x10/0x10
[  130.549736][ T6313]  ? do_syscall_64+0x100/0x230
[  130.554560][ T6313]  ? do_syscall_64+0xb6/0x230
[  130.559290][ T6313]  do_syscall_64+0xf3/0x230
[  130.563850][ T6313]  ? clear_bhb_loop+0x35/0x90
[  130.568580][ T6313]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.574529][ T6313] RIP: 0033:0x7ff6a417c9df
[  130.578997][ T6313] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  130.598650][ T6313] RSP: 002b:00007ff6a4f16030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  130.607118][ T6313] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff6a417c9df
[  130.615124][ T6313] RDX: 0000000000000001 RSI: 00007ff6a4f160a0 RDI: 0000000000000004
[  130.623131][ T6313] RBP: 00007ff6a4f16090 R08: 0000000000000000 R09: 0000000000000000
[  130.631136][ T6313] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  130.639143][ T6313] R13: 0000000000000000 R14: 00007ff6a4335f80 R15: 00007ff6a445fa28
[  130.647173][ T6313]  </TASK>
[  131.175856][ T5277] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  131.215556][   T51] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  131.313024][ T6295] coredump: 136(syz.4.279): written to core: VMAs: 42, size 97681408; core: 62137102 bytes, pos 97693696
[  131.348099][ T5277] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  131.360434][ T5277] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  131.375516][   T51] usb 2-1: Using ep0 maxpacket: 8
[  131.375970][ T5277] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  131.406771][ T6326] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  131.418205][ T5277] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  131.428014][ T6326] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  131.449423][ T5277] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.452149][   T51] usb 2-1: unable to get BOS descriptor or descriptor too short
[  131.470373][ T5277] usb 1-1: config 0 descriptor??
[  131.479792][   T51] usb 2-1: unable to read config index 0 descriptor/start: -71
[  131.505894][   T51] usb 2-1: can't read configurations, error -71
[  131.898418][ T5277] acrux 0003:1A34:0802.0001: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.0-1/input0
[  131.912876][ T5277] acrux 0003:1A34:0802.0001: no inputs found
[  131.919635][ T5277] acrux 0003:1A34:0802.0001: Failed to enable force feedback support, error: -19
[  132.047913][ T6337] openvswitch: netlink: Missing valid actions attribute.
[  132.055032][ T6337] openvswitch: netlink: Actions may not be safe on all matching packets
[  132.101073][ T5268] usb 1-1: USB disconnect, device number 12
[  132.114004][ T6339] fuse: Unknown parameter ''
[  132.249096][ T5277] usb 4-1: USB disconnect, device number 14
[  132.260979][ T5277] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  132.275222][ T5277] cp210x 4-1:0.0: device disconnected
[  132.297175][ T6328] netlink: 3 bytes leftover after parsing attributes in process `syz.0.292'.
[  132.341199][ T6328] ipvlan2: entered promiscuous mode
[  132.362230][ T6345] vivid-000: disconnect
[  132.376889][ T5268] usb 3-1: USB disconnect, device number 17
[  132.492758][ T6327] vivid-000: reconnect
[  132.511865][ T6348] netlink: 12 bytes leftover after parsing attributes in process `syz.2.298'.
[  132.565694][   T51] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  132.705654][   T51] usb 2-1: device descriptor read/64, error -71
[  132.825155][   T51] usb usb2-port1: attempt power cycle
[  132.938797][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  132.945228][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  132.991069][ T6355] netlink: 8 bytes leftover after parsing attributes in process `syz.2.300'.
[  133.196010][   T51] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  133.228059][   T51] usb 2-1: device descriptor read/8, error -71
[  133.297353][ T6363] netlink: 24 bytes leftover after parsing attributes in process `syz.2.302'.
[  133.475589][   T51] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  133.496871][   T51] usb 2-1: device descriptor read/8, error -71
[  133.615909][   T51] usb usb2-port1: unable to enumerate USB device
[  133.625594][ T5321] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  133.640537][ T6372] netlink: 'syz.0.305': attribute type 4 has an invalid length.
[  133.801376][ T5321] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  133.812216][ T5321] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  133.825348][ T5321] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  133.835586][ T5321] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.853573][ T5321] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  133.863703][ T5321] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  133.873982][ T5321] usb 4-1: Product: syz
[  133.879779][ T5321] usb 4-1: Manufacturer: syz
[  133.898229][ T5321] cdc_wdm 4-1:1.0: skipping garbage
[  133.920394][ T5321] cdc_wdm 4-1:1.0: skipping garbage
[  133.930282][ T5321] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  133.938970][ T5321] cdc_wdm 4-1:1.0: Unknown control protocol
[  134.129362][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  134.135963][ T5268] usb 4-1: USB disconnect, device number 15
[  134.136647][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  134.148424][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  134.530682][ T6379] bond0: Device is already in use.
[  135.297985][ T6387] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  135.361650][ T6389] netlink: 12 bytes leftover after parsing attributes in process `syz.1.311'.
[  135.456046][ T5321] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  135.615573][ T5321] usb 3-1: Using ep0 maxpacket: 8
[  135.662552][ T5321] usb 3-1: config 0 has an invalid interface number: 52 but max is 0
[  135.691160][ T5321] usb 3-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  135.723196][ T5321] usb 3-1: config 0 has no interface number 0
[  135.739936][ T5321] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 48, changing to 9
[  135.794352][ T5321] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 24624, setting to 1024
[  135.812424][ T5321] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  135.829103][ T5321] usb 3-1: config 0 interface 52 has no altsetting 0
[  135.843577][ T5321] usb 3-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  135.856486][ T5321] usb 3-1: New USB device strings: Mfr=22, Product=149, SerialNumber=35
[  135.875246][ T5321] usb 3-1: Product: syz
[  135.881157][ T5321] usb 3-1: Manufacturer: syz
[  135.889771][ T5321] usb 3-1: SerialNumber: syz
[  135.917543][ T5321] usb 3-1: config 0 descriptor??
[  136.155248][ T5321] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.52/input/input7
[  136.349722][ T5232] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  136.351779][ T6385] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  136.397381][ T6385] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  136.429808][ T5321] usb 3-1: USB disconnect, device number 18
[  136.429902][    C1] synaptics_usb 3-1:0.52: synusb_irq - usb_submit_urb failed with result: -19
[  136.888484][ T2576] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.075622][ T5321] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  137.091602][ T2576] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.215775][ T5321] usb 4-1: device descriptor read/64, error -71
[  137.359225][ T2576] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.489270][ T5229] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  137.496679][ T5321] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  137.527172][ T5229] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  137.538860][ T5229] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  137.553648][ T5229] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  137.563628][ T2576] team0: Port device netdevsim0 removed
[  137.569857][ T5229] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  137.580116][ T5229] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  137.635559][ T5321] usb 4-1: device descriptor read/64, error -71
[  137.639333][ T2576] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.707050][ T6417] netlink: 8 bytes leftover after parsing attributes in process `syz.1.323'.
[  137.745916][ T5321] usb usb4-port1: attempt power cycle
[  137.956807][ T2576] bridge_slave_1: left allmulticast mode
[  137.985087][ T2576] bridge_slave_1: left promiscuous mode
[  138.005110][ T2576] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.036842][ T2576] bridge_slave_0: left allmulticast mode
[  138.039514][ T6396] coredump: 194(syz.0.314): written to core: VMAs: 40, size 93749248; core: 56047970 bytes, pos 93761536
[  138.045441][ T2576] bridge_slave_0: left promiscuous mode
[  138.066823][ T2576] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.086969][ T5321] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  138.106198][ T5321] usb 4-1: device descriptor read/8, error -71
[  138.289215][ T5275] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  138.357263][ T5321] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  138.388433][ T5321] usb 4-1: device descriptor read/8, error -71
[  138.469468][ T5275] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.492317][ T5275] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.511758][ T5275] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  138.515990][ T5321] usb usb4-port1: unable to enumerate USB device
[  138.521594][ T5275] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.576811][ T5275] usb 3-1: config 0 descriptor??
[  138.671335][ T2576] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  138.685344][ T2576] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  138.707304][ T2576] bond0 (unregistering): Released all slaves
[  138.748938][ T6438] netlink: 40 bytes leftover after parsing attributes in process `syz.0.331'.
[  138.946426][ T6443] openvswitch: netlink: Actions may not be safe on all matching packets
[  139.004677][ T5275] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[  139.014379][ T5275] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[  139.033100][ T5275] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0D8C:0022.0002/input/input9
[  139.092137][ T5275] cm6533_jd 0003:0D8C:0022.0002: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0
[  139.160345][ T6427] chnl_net:caif_netlink_parms(): no params data found
[  139.185786][    T8] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  139.260117][ T2576] hsr_slave_0: left promiscuous mode
[  139.261604][ T2576] hsr_slave_1: left promiscuous mode
[  139.293776][ T2576] veth1_macvtap: left promiscuous mode
[  139.293876][ T2576] veth0_macvtap: left promiscuous mode
[  139.294032][ T2576] veth1_vlan: left promiscuous mode
[  139.294150][ T2576] veth0_vlan: left promiscuous mode
[  139.341370][ T6457] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  139.341743][ T6457] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  139.348993][    T8] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  139.349049][    T8] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  139.350838][    T8] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  139.350871][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.350895][    T8] usb 2-1: Product: syz
[  139.350913][    T8] usb 2-1: Manufacturer: syz
[  139.350932][    T8] usb 2-1: SerialNumber: syz
[  139.353063][    T8] usb 2-1: config 0 descriptor??
[  139.353722][ T6441] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  139.353850][ T6441] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  139.569779][ T6441] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  139.613521][    C0] vkms_vblank_simulate: vblank timer overrun
[  139.653168][ T6441] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  139.656067][ T5229] Bluetooth: hci2: command tx timeout
[  140.293401][ T5321] usb 3-1: reset high-speed USB device number 19 using dummy_hcd
[  140.435070][ T2576] team0 (unregistering): Port device team_slave_1 removed
[  140.491278][ T2576] team0 (unregistering): Port device team_slave_0 removed
[  140.778151][    T8] dm9601 2-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71
[  141.060828][ T6478] tipc: Enabling of bearer <eth:s> rejected, failed to enable media
[  141.098726][    T8] dm9601 2-1:0.0 eth5: register 'dm9601' at usb-dummy_hcd.1-1, Davicom DM96xx USB 10/100 Ethernet, 54:01:47:1e:47:20
[  141.132883][    T8] usb 2-1: USB disconnect, device number 15
[  141.142615][    T8] dm9601 2-1:0.0 eth5: unregister 'dm9601' usb-dummy_hcd.1-1, Davicom DM96xx USB 10/100 Ethernet
[  141.279751][ T6427] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.293843][ T6427] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.308070][ T6427] bridge_slave_0: entered allmulticast mode
[  141.315195][ T6427] bridge_slave_0: entered promiscuous mode
[  141.338001][ T6427] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.373727][ T6427] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.384845][ T6427] bridge_slave_1: entered allmulticast mode
[  141.404381][ T6427] bridge_slave_1: entered promiscuous mode
[  141.417158][ T6491] VFS: Mount too revealing
[  141.464707][ T6427] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  141.516525][ T6427] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  141.670119][ T6499] netlink: 'syz.3.339': attribute type 10 has an invalid length.
[  141.690665][ T6499] 8021q: adding VLAN 0 to HW filter on device batadv0
[  141.724564][ T6499] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  141.735788][ T5229] Bluetooth: hci2: command tx timeout
[  141.761550][ T6427] team0: Port device team_slave_0 added
[  141.797115][ T6427] team0: Port device team_slave_1 added
[  141.802470][   T51] usb 3-1: USB disconnect, device number 19
[  141.936964][ T6427] batman_adv: batadv0: Adding interface: batadv_slave_0
[  141.970221][ T6427] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  141.996254][    C0] vkms_vblank_simulate: vblank timer overrun
[  142.059820][ T6427] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  142.120134][ T6427] batman_adv: batadv0: Adding interface: batadv_slave_1
[  142.130273][ T6427] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.156344][    C0] vkms_vblank_simulate: vblank timer overrun
[  142.174760][ T6427] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  142.321944][ T6427] hsr_slave_0: entered promiscuous mode
[  142.322937][ T6427] hsr_slave_1: entered promiscuous mode
[  142.323537][ T6427] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  142.323617][ T6427] Cannot create hsr debugfs directory
[  142.779141][ T6471] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  142.796838][ T6471] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  142.941076][ T6471] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  143.013149][ T6471] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  143.024696][ T6471] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  143.054024][ T6471] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  143.079513][ T6471] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  143.096128][ T5229] Bluetooth: hci3: command 0x0c1a tx timeout
[  143.097071][ T6471] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  143.132247][ T6471] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  143.177144][ T6471] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  143.225611][ T6471] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  143.264574][ T6471] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  143.383470][ T6427] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  143.437990][ T6427] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  143.662075][ T6427] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  143.715510][   T25] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  143.723675][ T6427] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  143.801053][ T6553] netlink: 12 bytes leftover after parsing attributes in process `syz.2.349'.
[  143.825943][ T6553] netlink: 12 bytes leftover after parsing attributes in process `syz.2.349'.
[  143.848319][ T6553] netlink: 8 bytes leftover after parsing attributes in process `syz.2.349'.
[  143.885519][   T25] usb 2-1: Using ep0 maxpacket: 16
[  143.911067][   T25] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  143.936355][   T25] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  143.965526][   T25] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  143.988663][   T25] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  143.988701][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.988728][   T25] usb 2-1: Product: syz
[  143.988747][   T25] usb 2-1: Manufacturer: syz
[  143.988766][   T25] usb 2-1: SerialNumber: syz
[  144.001939][ T6557] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  144.005540][ T5321] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  144.046681][ T6557] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  144.059789][ T6427] 8021q: adding VLAN 0 to HW filter on device bond0
[  144.087076][ T6557] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  144.154115][ T6557] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  144.164874][ T6427] 8021q: adding VLAN 0 to HW filter on device team0
[  144.229221][ T2576] bridge0: port 1(bridge_slave_0) entered blocking state
[  144.236434][ T2576] bridge0: port 1(bridge_slave_0) entered forwarding state
[  144.238562][ T6560] coredump: 36(syz.3.350): coredump has not been created, error -2
[  144.255493][ T5321] usb 1-1: Using ep0 maxpacket: 8
[  144.269982][ T5321] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  144.283284][   T25] usb 2-1: 0:2 : does not exist
[  144.295444][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  144.302579][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  144.302991][ T5321] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83
[  144.332058][   T25] usb 2-1: USB disconnect, device number 16
[  144.353197][ T6557] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  144.382731][ T6557] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  144.392883][ T5321] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 127, changing to 10
[  144.404297][ T6557] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  144.404323][ T6557] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  144.445609][ T5321] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33936, setting to 1024
[  144.475690][ T5321] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  144.485958][ T6427] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  144.501695][ T6427] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  144.584770][ T6427] 8021q: adding VLAN 0 to HW filter on device batadv0
[  144.615891][ T5321] usb 1-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  144.624997][ T5321] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.633524][ T5321] usb 1-1: Product: syz
[  144.637988][ T5321] usb 1-1: Manufacturer: syz
[  144.642751][ T5321] usb 1-1: SerialNumber: syz
[  144.691663][ T5321] usb 1-1: config 0 descriptor??
[  144.803651][ T6427] veth0_vlan: entered promiscuous mode
[  144.877681][ T6427] veth1_vlan: entered promiscuous mode
[  144.956079][ T6552] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  145.012720][ T6427] veth0_macvtap: entered promiscuous mode
[  145.016113][ T5321] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input10
[  145.049633][   T30] audit: type=1326 audit(1726944759.416:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  145.077885][ T6427] veth1_macvtap: entered promiscuous mode
[  145.127332][  T940] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  145.155871][   T30] audit: type=1326 audit(1726944759.416:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  145.166751][ T6427] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.180822][ T6508] coredump: 1(syz.1.340): written to core: VMAs: 36, size 97419264; core: 60077110 bytes, pos 97427456
[  145.201766][   T30] audit: type=1326 audit(1726944759.466:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  145.224610][   T30] audit: type=1326 audit(1726944759.466:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  145.246964][   T30] audit: type=1326 audit(1726944759.466:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  145.269269][   T30] audit: type=1326 audit(1726944759.466:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  145.272435][ T6427] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.291558][   T30] audit: type=1326 audit(1726944759.466:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  145.291605][   T30] audit: type=1326 audit(1726944759.466:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  145.291644][   T30] audit: type=1326 audit(1726944759.466:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  145.291729][   T30] audit: type=1326 audit(1726944759.466:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6568 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  145.437795][  T940] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  145.445507][ T6549] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.450146][  T940] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  145.499897][ T6427] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.513775][  T940] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  145.552605][  T940] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  145.566408][ T5321] rc_core: IR keymap rc-imon-pad not found
[  145.572351][ T5321] Registered IR keymap rc-empty
[  145.579289][ T6427] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.590422][ T5321] imon 1-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  145.601288][ T6427] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  145.617619][ T5321] imon 1-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  145.635612][  T940] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  145.645506][ T6427] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.663154][  T940] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.669121][ T6427] batman_adv: batadv0: Interface activated: batadv_slave_0
[  145.680054][ T6549] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.699185][  T940] usb 4-1: config 0 descriptor??
[  145.726004][ T6549] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.790088][ T6549] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.801113][ T6427] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.846070][ T5275] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  145.853900][ T6549] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.866251][ T6427] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.906797][ T6427] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  145.949201][ T6427] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  145.987104][ T6427] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.015620][ T5275] usb 2-1: device descriptor read/64, error -71
[  146.038555][ T6427] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.069617][ T6427] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  146.094058][ T6427] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  146.130175][  T940] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  146.138363][ T6549] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  146.141561][ T6427] batman_adv: batadv0: Interface activated: batadv_slave_1
[  146.181184][  T940] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  146.198835][ T6427] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  146.228161][ T6427] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  146.257758][  T940] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  146.274881][ T6427] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  146.295624][ T5275] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  146.308005][ T6427] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  146.388484][ T5321] imon:send_packet: packet tx failed (-71)
[  146.436670][ T5321] imon 1-1:0.0: remote input dev register failed
[  146.458229][ T5321] imon 1-1:0.0: imon_init_intf0: rc device setup failed
[  146.485667][ T5275] usb 2-1: device descriptor read/64, error -71
[  146.610300][ T3046] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  146.617968][ T5268] usb 4-1: USB disconnect, device number 20
[  146.627777][ T5275] usb usb2-port1: attempt power cycle
[  146.657564][ T3046] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  146.687465][ T6598] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  146.693635][ T5321] imon 1-1:0.0: unable to initialize intf0, err 0
[  146.721510][ T5321] imon:imon_probe: failed to initialize context!
[  146.744176][ T5321] imon 1-1:0.0: unable to register, err -19
[  146.762240][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  146.793039][ T5321] usb 1-1: USB disconnect, device number 13
[  146.802869][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  146.966891][ T6605] netlink: 'syz.2.359': attribute type 7 has an invalid length.
[  146.985583][ T5275] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  147.006179][ T6605] netlink: 256 bytes leftover after parsing attributes in process `syz.2.359'.
[  147.028638][ T5275] usb 2-1: device descriptor read/8, error -71
[  147.276170][ T5275] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  147.327031][ T5275] usb 2-1: device descriptor read/8, error -71
[  147.456834][ T5275] usb usb2-port1: unable to enumerate USB device
[  147.543859][ T6629] netlink: 3 bytes leftover after parsing attributes in process `syz.4.365'.
[  147.604344][ T6629] ipvlan2: entered promiscuous mode
[  148.641337][ T6695] tipc: Enabling of bearer <eth:s> rejected, failed to enable media
[  148.816307][ T5268] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  148.841409][ T6705] ALSA: seq fatal error: cannot create timer (-22)
[  148.907196][ T6705] ALSA: seq fatal error: cannot create timer (-22)
[  148.975694][ T5268] usb 3-1: device descriptor read/64, error -71
[  149.096152][ T5321] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  149.245846][ T5268] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  149.267546][ T5321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.302913][ T5321] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  149.324140][ T5321] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  149.348122][ T5321] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.398562][ T5268] usb 3-1: device descriptor read/64, error -71
[  149.400441][ T5321] usb 4-1: config 0 descriptor??
[  149.546005][ T5268] usb usb3-port1: attempt power cycle
[  149.646572][ T6709] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  149.658757][ T6709] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  149.764132][ T6738] team_slave_0: entered promiscuous mode
[  149.764176][ T6738] team_slave_1: entered promiscuous mode
[  149.764262][ T6738] vlan2: entered promiscuous mode
[  149.764277][ T6738] team0: entered promiscuous mode
[  149.764624][ T6738] vlan2: entered allmulticast mode
[  149.764644][ T6738] team0: entered allmulticast mode
[  149.764660][ T6738] team_slave_0: entered allmulticast mode
[  149.764678][ T6738] team_slave_1: entered allmulticast mode
[  149.790367][ T5275] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  149.808952][ T6738] team0: left allmulticast mode
[  149.809124][ T6738] team_slave_0: left allmulticast mode
[  149.809370][ T6738] team_slave_1: left allmulticast mode
[  149.809609][ T6738] team0: left promiscuous mode
[  149.812596][ T6738] team_slave_0: left promiscuous mode
[  149.812657][ T6738] team_slave_1: left promiscuous mode
[  149.865734][   T25] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  149.915586][ T5268] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  149.935686][ T5275] usb 2-1: Using ep0 maxpacket: 32
[  149.936304][ T5268] usb 3-1: device descriptor read/8, error -71
[  149.938462][ T5275] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 40, changing to 9
[  149.938501][ T5275] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9540, setting to 1024
[  149.938547][ T5275] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  149.938576][ T5275] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.940683][ T5275] usb 2-1: config 0 descriptor??
[  149.942015][ T6735] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  149.943410][ T5275] hub 2-1:0.0: USB hub found
[  150.108619][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  150.108690][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  150.108728][   T25] usb 5-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  150.108749][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.128104][   T25] usb 5-1: config 0 descriptor??
[  150.158348][ T5275] hub 2-1:0.0: config failed, can't read hub descriptor (err -90)
[  150.198863][ T5268] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  150.226625][ T5268] usb 3-1: device descriptor read/8, error -71
[  150.337094][ T5268] usb usb3-port1: unable to enumerate USB device
[  150.497277][ T5321] usbhid 4-1:0.0: can't add hid device: -71
[  150.503711][ T5321] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  150.524003][ T5321] usb 4-1: USB disconnect, device number 21
[  150.785910][   T25] hid-led 0003:1D34:000A.0004: hidraw0: USB HID v0.00 Device [HID 1d34:000a] on usb-dummy_hcd.4-1/input0
[  150.836128][   T25] hid-led 0003:1D34:000A.0004: Dream Cheeky Webmail Notifier initialized
[  151.010238][ T6736] netlink: 14 bytes leftover after parsing attributes in process `syz.4.392'.
[  151.021445][ T6736] netlink: 14 bytes leftover after parsing attributes in process `syz.4.392'.
[  151.031133][ T6736] netlink: 14 bytes leftover after parsing attributes in process `syz.4.392'.
[  151.040985][ T6736] netlink: 14 bytes leftover after parsing attributes in process `syz.4.392'.
[  151.050683][ T6736] netlink: 14 bytes leftover after parsing attributes in process `syz.4.392'.
[  151.061425][ T6736] netlink: 14 bytes leftover after parsing attributes in process `syz.4.392'.
[  151.074394][ T6736] netlink: 14 bytes leftover after parsing attributes in process `syz.4.392'.
[  151.085737][ T6736] netlink: 14 bytes leftover after parsing attributes in process `syz.4.392'.
[  151.097432][ T6736] netlink: 14 bytes leftover after parsing attributes in process `syz.4.392'.
[  151.110180][ T6736] netlink: 14 bytes leftover after parsing attributes in process `syz.4.392'.
[  151.140844][   T30] kauditd_printk_skb: 12 callbacks suppressed
[  151.140863][   T30] audit: type=1326 audit(1726944765.516:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.4.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ea8d7def9 code=0x7ffc0000
[  151.169256][    C1] vkms_vblank_simulate: vblank timer overrun
[  151.189616][   T30] audit: type=1326 audit(1726944765.566:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.4.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ea8d7def9 code=0x7ffc0000
[  151.244668][   T30] audit: type=1326 audit(1726944765.616:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.4.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7f0ea8d7def9 code=0x7ffc0000
[  151.305043][   T30] audit: type=1326 audit(1726944765.616:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.4.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ea8d7def9 code=0x7ffc0000
[  151.352057][   T30] audit: type=1326 audit(1726944765.616:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.4.392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ea8d7def9 code=0x7ffc0000
[  151.866626][ T6758] gretap0: entered promiscuous mode
[  152.593054][ T5268] usb 5-1: USB disconnect, device number 7
[  152.609091][ T5275] usbhid 2-1:0.0: can't add hid device: -71
[  152.621617][ T5275] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  152.724625][ T5275] usb 2-1: USB disconnect, device number 21
[  153.207391][   T30] audit: type=1326 audit(1726944767.566:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.1.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  153.266947][   T30] audit: type=1326 audit(1726944767.566:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.1.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  153.389543][   T30] audit: type=1326 audit(1726944767.576:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.1.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  153.442621][   T30] audit: type=1326 audit(1726944767.606:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.1.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  153.475032][   T29] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.489615][   T30] audit: type=1326 audit(1726944767.606:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.1.406" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12217def9 code=0x7ffc0000
[  153.577745][  T937] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  153.768812][  T937] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.779983][  T937] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  153.821225][  T937] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  153.837643][   T29] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.855267][  T937] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.013297][  T937] usb 5-1: config 0 descriptor??
[  154.046158][ T5321] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  154.225572][ T5321] usb 4-1: Using ep0 maxpacket: 8
[  154.237558][   T29] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.280649][ T5229] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  154.293191][ T5229] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  154.301513][ T5229] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  154.309792][ T5229] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  154.317802][ T5229] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  154.327604][ T5229] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  154.336125][ T5321] usb 4-1: config 1 has an invalid interface number: 128 but max is 1
[  154.344376][ T5321] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  154.354567][ T5321] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  154.363571][ T5321] usb 4-1: config 1 has no interface number 0
[  154.369936][ T5321] usb 4-1: config 1 interface 128 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  154.392020][ T5321] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  154.401234][ T5321] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.409343][ T5321] usb 4-1: Product: syz
[  154.413549][ T5321] usb 4-1: Manufacturer: syz
[  154.418315][ T5321] usb 4-1: SerialNumber: syz
[  154.450117][ T5321] cdc_wdm 4-1:1.128: skipping garbage
[  154.464045][ T5321] cdc_wdm 4-1:1.128: probe with driver cdc_wdm failed with error -22
[  154.669139][ T6802] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  154.782808][ T6802] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  154.997296][   T29] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.034526][ T6802] loop2: detected capacity change from 0 to 7
[  155.063844][ T6802] Dev loop2: unable to read RDB block 7
[  155.070218][ T6802]  loop2: AHDI p1 p3
[  155.074350][ T6802] loop2: partition table partially beyond EOD, truncated
[  155.094410][ T6802] loop2: p1 start 2048 is beyond EOD, truncated
[  155.415604][    T8] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  155.574659][   T29] bridge_slave_1: left allmulticast mode
[  155.592181][    T8] usb 3-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  155.610717][   T29] bridge_slave_1: left promiscuous mode
[  155.631086][   T29] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.649371][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.669627][   T29] bridge_slave_0: left allmulticast mode
[  155.680668][    T8] usb 3-1: Product: syz
[  155.699955][    T8] usb 3-1: Manufacturer: syz
[  155.711802][    T8] usb 3-1: SerialNumber: syz
[  155.722892][   T29] bridge_slave_0: left promiscuous mode
[  155.754040][    T8] usb 3-1: config 0 descriptor??
[  155.766577][   T29] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.789504][    T8] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -22
[  156.052965][  T937] usbhid 5-1:0.0: can't add hid device: -71
[  156.103537][  T937] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  156.130028][  T937] usb 5-1: USB disconnect, device number 8
[  156.223376][ T6835] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  156.352703][ T6838] netlink: 'syz.4.422': attribute type 11 has an invalid length.
[  156.392844][ T6838] netlink: 'syz.4.422': attribute type 11 has an invalid length.
[  156.407951][ T6838] __nla_validate_parse: 66 callbacks suppressed
[  156.408160][ T6838] netlink: 209800 bytes leftover after parsing attributes in process `syz.4.422'.
[  156.535782][ T5232] Bluetooth: hci1: command tx timeout
[  156.547907][   T29] batman_adv: batadv0: Removing interface: gretap1
[  156.719736][   T25] usb 4-1: USB disconnect, device number 22
[  156.994682][   T29] team0: Port device bond0 removed
[  157.000808][   T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  157.009220][   T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  157.035791][   T29] bond0 (unregistering): Released all slaves
[  157.052939][ T6831] dummy0: entered promiscuous mode
[  157.054165][ T6831] dummy0: left promiscuous mode
[  157.064384][ T6840] netlink: 'syz.4.423': attribute type 10 has an invalid length.
[  157.089443][ T6840] team0: Port device netdevsim0 added
[  157.127292][   T25] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  157.129569][  T940] usb 3-1: USB disconnect, device number 24
[  157.285623][   T25] usb 4-1: Using ep0 maxpacket: 16
[  157.305079][   T25] usb 4-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=46.8b
[  157.332870][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.355511][   T25] usb 4-1: Product: syz
[  157.365723][   T25] usb 4-1: Manufacturer: syz
[  157.370391][   T25] usb 4-1: SerialNumber: syz
[  157.429826][ T6827] chnl_net:caif_netlink_parms(): no params data found
[  157.440386][   T25] usb 4-1: config 0 descriptor??
[  157.782267][ T6872] netlink: 4 bytes leftover after parsing attributes in process `syz.4.431'.
[  157.823583][ T6872] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  157.990818][ T6872] batman_adv: batadv0: Removing interface: batadv_slave_0
[  158.083995][    T8] usb 4-1: USB disconnect, device number 23
[  158.094445][    T8] f81534a_ctrl 4-1:0.0: failed to set register 0x116: -19
[  158.171575][    T8] f81534a_ctrl 4-1:0.0: failed to enable ports: -19
[  158.191960][   T29] hsr_slave_0: left promiscuous mode
[  158.211420][ T6891] netlink: 256 bytes leftover after parsing attributes in process `syz.2.435'.
[  158.268512][   T29] hsr_slave_1: left promiscuous mode
[  158.282211][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  158.290055][   T29] batman_adv: batadv0: Removing interface: batadv_slave_0
[  158.324718][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  158.340306][   T29] batman_adv: batadv0: Removing interface: batadv_slave_1
[  158.368198][   T29] veth1_macvtap: left promiscuous mode
[  158.373800][   T29] veth0_macvtap: left promiscuous mode
[  158.380220][   T29] veth1_vlan: left promiscuous mode
[  158.385704][   T29] veth0_vlan: left promiscuous mode
[  158.599187][ T5268] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  158.615866][ T5232] Bluetooth: hci1: command tx timeout
[  158.759057][ T5268] usb 3-1: device descriptor read/64, error -71
[  158.925274][   T29] team0 (unregistering): Port device team_slave_1 removed
[  158.975434][   T29] team0 (unregistering): Port device team_slave_0 removed
[  159.006799][ T5268] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  159.145547][ T5268] usb 3-1: device descriptor read/64, error -71
[  159.265044][ T5268] usb usb3-port1: attempt power cycle
[  159.463845][ T6827] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.496431][ T6827] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.503714][ T6827] bridge_slave_0: entered allmulticast mode
[  159.515780][ T6827] bridge_slave_0: entered promiscuous mode
[  159.523574][ T6894] netlink: 40 bytes leftover after parsing attributes in process `syz.4.436'.
[  159.546318][ T6899] netlink: 40 bytes leftover after parsing attributes in process `syz.3.438'.
[  159.623572][ T5268] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  159.666727][ T5268] usb 3-1: device descriptor read/8, error -71
[  159.689505][ T6827] bridge0: port 2(bridge_slave_1) entered blocking state
[  159.699143][ T6827] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.706680][ T6827] bridge_slave_1: entered allmulticast mode
[  159.714363][ T6827] bridge_slave_1: entered promiscuous mode
[  159.844860][ T6827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  159.887207][ T6827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  159.925554][ T5268] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  160.006093][ T5268] usb 3-1: device descriptor read/8, error -71
[  160.048670][ T6827] team0: Port device team_slave_0 added
[  160.077893][ T6827] team0: Port device team_slave_1 added
[  160.125868][ T5268] usb usb3-port1: unable to enumerate USB device
[  160.209393][ T6827] batman_adv: batadv0: Adding interface: batadv_slave_0
[  160.211060][ T6912] netlink: 4 bytes leftover after parsing attributes in process `syz.3.444'.
[  160.239192][ T6827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.265232][    C1] vkms_vblank_simulate: vblank timer overrun
[  160.308765][ T6827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  160.340852][ T6827] batman_adv: batadv0: Adding interface: batadv_slave_1
[  160.355894][ T6827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.381849][    C1] vkms_vblank_simulate: vblank timer overrun
[  160.423482][ T6827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  160.459138][ T6919] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  160.486702][ T6919] batman_adv: batadv0: Adding interface: ip6gretap1
[  160.515976][ T6919] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.559969][ T6919] batman_adv: batadv0: Not using interface ip6gretap1 (retrying later): interface not active
[  160.586910][ T5229] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  160.596851][ T5229] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  160.605290][ T5229] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  160.614914][ T5229] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  160.635594][ T5229] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  160.645788][ T5229] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  160.662535][ T6923] netlink: 4 bytes leftover after parsing attributes in process `syz.3.445'.
[  160.695623][ T5232] Bluetooth: hci1: command tx timeout
[  160.715465][ T6923] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.722928][ T6923] batman_adv: batadv0: Removing interface: batadv_slave_0
[  160.757094][ T6923] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  160.764692][ T6923] batman_adv: batadv0: Removing interface: batadv_slave_1
[  160.773421][ T6923] batman_adv: batadv0: Removing interface: ip6gretap1
[  160.824966][ T6923] bond0: (slave batadv0): Releasing backup interface
[  160.939036][ T6827] hsr_slave_0: entered promiscuous mode
[  160.945304][ T6827] hsr_slave_1: entered promiscuous mode
[  160.959641][ T6827] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  160.970014][ T6827] Cannot create hsr debugfs directory
[  161.139807][   T29] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.257114][   T29] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.296087][ T5268] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  161.482187][ T5268] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  161.499247][   T29] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.543477][ T5268] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  161.565573][ T5268] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  161.601963][ T5268] usb 4-1: SerialNumber: syz
[  161.639841][ T5268] cdc_ether 4-1:1.0: skipping garbage
[  161.645288][ T5268] usb 4-1: bad CDC descriptors
[  161.750506][   T29] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.840978][ T6931] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  161.885637][ T6931] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  162.118935][ T6928] chnl_net:caif_netlink_parms(): no params data found
[  162.335650][    T8] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  162.632987][ T6928] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.641385][ T6928] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.650668][ T6928] bridge_slave_0: entered allmulticast mode
[  162.679353][ T6928] bridge_slave_0: entered promiscuous mode
[  162.703024][ T5232] Bluetooth: hci0: command tx timeout
[  162.714406][ T6928] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.721860][ T6928] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.731454][ T6928] bridge_slave_1: entered allmulticast mode
[  162.740144][ T6928] bridge_slave_1: entered promiscuous mode
[  162.764328][   T29] bridge_slave_1: left allmulticast mode
[  162.778017][ T5232] Bluetooth: hci1: command tx timeout
[  162.786237][   T29] bridge_slave_1: left promiscuous mode
[  162.815058][   T29] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.863309][   T29] bridge_slave_0: left allmulticast mode
[  162.869683][   T29] bridge_slave_0: left promiscuous mode
[  162.885736][   T29] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.215591][   T25] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  163.419398][   T25] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  163.460627][   T25] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  163.505338][   T25] usb 5-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  163.539856][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.576096][   T25] usb 5-1: Product: syz
[  163.589937][   T25] usb 5-1: Manufacturer: syz
[  163.661943][   T25] usb 5-1: SerialNumber: syz
[  163.682903][   T25] usb 5-1: config 0 descriptor??
[  164.034814][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  164.034834][   T30] audit: type=1326 audit(1726944778.416:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6987 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfded7def9 code=0x7ffc0000
[  164.076906][   T30] audit: type=1326 audit(1726944778.456:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6987 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfded7def9 code=0x7ffc0000
[  164.129724][   T30] audit: type=1326 audit(1726944778.486:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6987 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fcfded7def9 code=0x7ffc0000
[  164.153439][   T30] audit: type=1326 audit(1726944778.486:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6987 comm="syz.2.454" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfded7def9 code=0x7ffc0000
[  164.232703][   T29] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  164.249553][   T29] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  164.271187][   T29] bond0 (unregistering): (slave batadv_slave_0): Releasing backup interface
[  164.283105][   T29] bond0 (unregistering): Released all slaves
[  164.318947][ T6992] netlink: 8 bytes leftover after parsing attributes in process `syz.4.453'.
[  164.320772][  T940] usb 4-1: USB disconnect, device number 24
[  164.422730][ T6928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  164.436693][ T6995] fuse: Bad value for 'fd'
[  164.445128][ T6928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  164.533741][ T6928] team0: Port device team_slave_0 added
[  164.547661][ T6827] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  164.566703][ T6928] team0: Port device team_slave_1 added
[  164.597185][ T6827] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  164.607161][ T6827] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  164.615793][    T8] usb 3-1: device descriptor read/64, error -71
[  164.660091][ T6928] batman_adv: batadv0: Adding interface: batadv_slave_0
[  164.669407][ T6928] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  164.697891][ T6928] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  164.713380][ T6928] batman_adv: batadv0: Adding interface: batadv_slave_1
[  164.720683][ T6928] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  164.747176][ T6928] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  164.761256][ T6827] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  164.775627][ T5232] Bluetooth: hci0: command tx timeout
[  164.811344][   T29] hsr_slave_0: left promiscuous mode
[  164.821447][   T29] hsr_slave_1: left promiscuous mode
[  164.829054][   T29] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  164.839469][   T29] batman_adv: batadv0: Removing interface: batadv_slave_1
[  164.862633][   T29] veth1_macvtap: left promiscuous mode
[  164.868332][   T29] veth0_macvtap: left promiscuous mode
[  164.874131][   T29] veth1_vlan: left promiscuous mode
[  164.882066][   T29] veth0_vlan: left promiscuous mode
[  164.887516][    T8] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  165.060933][    T8] usb 3-1: Using ep0 maxpacket: 16
[  165.067881][    T8] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  165.092952][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  165.120846][    T8] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  165.140958][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.149272][    T8] usb 3-1: Product: syz
[  165.153488][    T8] usb 3-1: Manufacturer: syz
[  165.167992][    T8] usb 3-1: SerialNumber: syz
[  165.182180][    T8] usb 3-1: config 0 descriptor??
[  165.195342][    T8] em28xx 3-1:0.0: error: skipping audio endpoint 0x83, because it uses bulk transfers !
[  165.399525][    T8] usb 3-1: USB disconnect, device number 30
[  165.470187][   T29] team0 (unregistering): Port device team_slave_1 removed
[  165.519349][   T29] team0 (unregistering): Port device team_slave_0 removed
[  165.953211][  T940] usb 5-1: USB disconnect, device number 9
[  166.112497][ T6928] hsr_slave_0: entered promiscuous mode
[  166.152893][ T6928] hsr_slave_1: entered promiscuous mode
[  166.171561][ T6928] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  166.180414][ T6928] Cannot create hsr debugfs directory
[  166.267671][ T7002] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  166.483837][ T7009] netlink: 'syz.4.461': attribute type 3 has an invalid length.
[  166.503472][ T7010] netlink: 'syz.4.461': attribute type 3 has an invalid length.
[  166.577712][   T29] IPVS: stop unused estimator thread 0...
[  166.622996][ T6827] 8021q: adding VLAN 0 to HW filter on device bond0
[  166.715863][ T6827] 8021q: adding VLAN 0 to HW filter on device team0
[  166.755167][ T3046] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.762346][ T3046] bridge0: port 1(bridge_slave_0) entered forwarding state
[  166.815067][ T6824] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.822282][ T6824] bridge0: port 2(bridge_slave_1) entered forwarding state
[  166.856023][ T5232] Bluetooth: hci0: command tx timeout
[  167.355565][  T940] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  167.465011][ T6827] 8021q: adding VLAN 0 to HW filter on device batadv0
[  167.545759][  T940] usb 5-1: Using ep0 maxpacket: 16
[  167.602193][  T940] usb 5-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be
[  167.670146][  T940] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.721892][  T940] usb 5-1: Product: syz
[  167.751679][  T940] usb 5-1: Manufacturer: syz
[  167.793885][  T940] usb 5-1: SerialNumber: syz
[  167.803038][ T6827] veth0_vlan: entered promiscuous mode
[  167.839104][  T940] usb 5-1: config 0 descriptor??
[  167.871885][ T7033] netlink: 'syz.3.467': attribute type 21 has an invalid length.
[  168.009917][ T7033] netlink: 12 bytes leftover after parsing attributes in process `syz.3.467'.
[  168.041721][ T6827] veth1_vlan: entered promiscuous mode
[  168.105661][  T940] peak_usb 5-1:0.0: PEAK-System PCAN-Chip USB v0 fw v0.0.0 (1 channels)
[  168.274531][ T6827] veth0_macvtap: entered promiscuous mode
[  168.317543][  T940] peak_usb 5-1:0.0 can0: sending command failure: -22
[  168.359204][ T6827] veth1_macvtap: entered promiscuous mode
[  168.382281][  T940] peak_usb 5-1:0.0 can0: sending command failure: -22
[  168.435967][  T940] peak_usb 5-1:0.0 can0: sending command failure: -22
[  168.511174][ T7023] binder: 7021:7023 ioctl c0306201 20000280 returned -14
[  168.649251][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  168.690337][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.722604][ T6827] batman_adv: batadv0: Interface activated: batadv_slave_0
[  168.774489][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.804707][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.841169][ T6827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  168.856897][   T25] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  168.886205][ T6827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  168.923027][ T6827] batman_adv: batadv0: Interface activated: batadv_slave_1
[  168.935828][ T5232] Bluetooth: hci0: command tx timeout
[  169.004581][ T6827] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  169.034894][ T6827] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  169.048251][   T25] usb 3-1: Using ep0 maxpacket: 32
[  169.064282][   T25] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  169.082535][ T6827] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  169.101111][   T25] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  169.122332][ T6827] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  169.156028][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  169.244036][   T25] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  169.341707][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  169.436200][   T25] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  169.454558][ T6928] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  169.502334][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  169.552652][ T6928] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  169.580283][   T25] usb 3-1: config 0 interface 0 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[  169.658471][ T6928] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  169.691247][   T25] usb 3-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01
[  169.727601][ T6928] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  169.765992][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.774044][   T25] usb 3-1: Product: syz
[  169.841334][   T25] usb 3-1: Manufacturer: syz
[  169.865505][   T25] usb 3-1: SerialNumber: syz
[  169.877447][ T5318] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  169.900258][   T25] usb 3-1: config 0 descriptor??
[  169.917808][  T961] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.944997][ T7043] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  169.966249][  T961] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.085542][ T5318] usb 4-1: Using ep0 maxpacket: 32
[  170.132985][ T5318] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  170.203140][   T25] cxacru 3-1:0.0: submit of read urb for cm 0x90 failed (-8)
[  170.232006][ T5318] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  170.555940][ T5318] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  170.571335][ T7065] cxacru 3-1:0.0: Direct firmware load for cxacru-fw.bin failed with error -2
[  170.723497][  T940] peak_usb 5-1:0.0: probe with driver peak_usb failed with error -22
[  171.278941][   T25] usb 3-1: USB disconnect, device number 31
[  171.286747][ T6824] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.294612][ T6824] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  171.306803][ T5318] usb 4-1: Product: syz
[  171.311015][ T5318] usb 4-1: Manufacturer: syz
[  171.334369][ T7065] cxacru 3-1:0.0: Falling back to sysfs fallback for: cxacru-fw.bin
[  171.415737][  T940] usb 5-1: USB disconnect, device number 10
[  171.425625][ T5318] usb 4-1: SerialNumber: syz
[  171.439929][ T5318] usb 4-1: config 0 descriptor??
[  171.617241][ T7057] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  171.962660][  T940] usb 4-1: USB disconnect, device number 25
[  172.012874][ T6928] 8021q: adding VLAN 0 to HW filter on device bond0
[  172.186386][ T6928] 8021q: adding VLAN 0 to HW filter on device team0
[  172.318394][  T968] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.325593][  T968] bridge0: port 1(bridge_slave_0) entered forwarding state
[  172.429942][  T968] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.437140][  T968] bridge0: port 2(bridge_slave_1) entered forwarding state
[  172.485546][  T940] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  172.685512][  T940] usb 4-1: Using ep0 maxpacket: 32
[  172.718207][  T940] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  172.809526][  T940] usb 4-1: string descriptor 0 read error: -22
[  172.844232][ T7087] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  172.844454][  T940] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  172.921219][ T6928] 8021q: adding VLAN 0 to HW filter on device batadv0
[  173.033316][  T940] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  173.122524][  T940] usb 4-1: config 0 descriptor??
[  173.357868][  T940] usb 4-1: can't set config #0, error -71
[  173.456851][ T6928] veth0_vlan: entered promiscuous mode
[  173.476038][  T940] usb 4-1: USB disconnect, device number 26
[  173.598571][ T6928] veth1_vlan: entered promiscuous mode
[  173.750216][ T7104] FAULT_INJECTION: forcing a failure.
[  173.750216][ T7104] name failslab, interval 1, probability 0, space 0, times 0
[  173.918237][ T6928] veth0_macvtap: entered promiscuous mode
[  173.952272][ T7104] CPU: 1 UID: 0 PID: 7104 Comm: syz.0.483 Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0
[  173.962585][ T7104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  173.972681][ T7104] Call Trace:
[  173.975999][ T7104]  <TASK>
[  173.978962][ T7104]  dump_stack_lvl+0x241/0x360
[  173.983698][ T7104]  ? __pfx_dump_stack_lvl+0x10/0x10
[  173.988952][ T7104]  ? __pfx__printk+0x10/0x10
[  173.993601][ T7104]  ? __kmalloc_node_noprof+0xb7/0x440
[  173.999011][ T7104]  ? __pfx___might_resched+0x10/0x10
[  174.004425][ T7104]  ? __asan_memset+0x23/0x50
[  174.009064][ T7104]  should_fail_ex+0x3b0/0x4e0
[  174.013875][ T7104]  should_failslab+0xac/0x100
[  174.018699][ T7104]  __kmalloc_node_noprof+0xdf/0x440
[  174.023937][ T7104]  ? __kvmalloc_node_noprof+0x72/0x190
[  174.029445][ T7104]  __kvmalloc_node_noprof+0x72/0x190
[  174.034775][ T7104]  rhashtable_init_noprof+0x534/0xa60
[  174.040203][ T7104]  rhltable_init_noprof+0x1c/0x60
[  174.045275][ T7104]  nf_tables_newtable+0x7e8/0x1e10
[  174.050435][ T7104]  ? nfnl_pernet+0x23/0x240
[  174.055079][ T7104]  ? __pfx_nf_tables_newtable+0x10/0x10
[  174.060677][ T7104]  ? __nla_parse+0x40/0x60
[  174.065152][ T7104]  nfnetlink_rcv+0x14dc/0x2ab0
[  174.070003][ T7104]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  174.075250][ T7104]  ? netlink_deliver_tap+0x2e/0x1b0
[  174.080493][ T7104]  ? skb_clone+0x240/0x390
[  174.084948][ T7104]  ? __pfx_lock_release+0x10/0x10
[  174.090038][ T7104]  ? netlink_deliver_tap+0x2e/0x1b0
[  174.095288][ T7104]  netlink_unicast+0x7f6/0x990
[  174.100115][ T7104]  ? __pfx_netlink_unicast+0x10/0x10
[  174.105478][ T7104]  ? __virt_addr_valid+0x183/0x530
[  174.110630][ T7104]  ? __check_object_size+0x49c/0x900
[  174.115966][ T7104]  netlink_sendmsg+0x8e4/0xcb0
[  174.120794][ T7104]  ? __pfx_netlink_sendmsg+0x10/0x10
[  174.126128][ T7104]  ? aa_sock_msg_perm+0x91/0x160
[  174.131122][ T7104]  ? __pfx_netlink_sendmsg+0x10/0x10
[  174.136446][ T7104]  __sock_sendmsg+0x221/0x270
[  174.141167][ T7104]  ____sys_sendmsg+0x52a/0x7e0
[  174.145979][ T7104]  ? __pfx_____sys_sendmsg+0x10/0x10
[  174.151360][ T7104]  __sys_sendmsg+0x2aa/0x390
[  174.155990][ T7104]  ? __pfx___sys_sendmsg+0x10/0x10
[  174.161148][ T7104]  ? vfs_write+0x7bf/0xc90
[  174.165647][ T7104]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  174.172029][ T7104]  ? do_syscall_64+0x100/0x230
[  174.176843][ T7104]  ? do_syscall_64+0xb6/0x230
[  174.181575][ T7104]  do_syscall_64+0xf3/0x230
[  174.186125][ T7104]  ? clear_bhb_loop+0x35/0x90
[  174.190851][ T7104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.196797][ T7104] RIP: 0033:0x7f10af37def9
[  174.201248][ T7104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.220900][ T7104] RSP: 002b:00007f10b0090038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  174.229364][ T7104] RAX: ffffffffffffffda RBX: 00007f10af535f80 RCX: 00007f10af37def9
[  174.237370][ T7104] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  174.245395][ T7104] RBP: 00007f10b0090090 R08: 0000000000000000 R09: 0000000000000000
[  174.253400][ T7104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.261408][ T7104] R13: 0000000000000000 R14: 00007f10af535f80 R15: 00007f10af65fa28
[  174.269438][ T7104]  </TASK>
[  174.445655][ T6928] veth1_macvtap: entered promiscuous mode
[  174.504986][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.584813][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.614252][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  174.637195][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.653071][ T6928] batman_adv: batadv0: Interface activated: batadv_slave_0
[  174.710248][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.723312][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.734281][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.746166][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.757487][ T6928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.804681][ T6928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.842551][ T6928] batman_adv: batadv0: Interface activated: batadv_slave_1
[  174.917156][ T6928] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.954734][ T6928] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.988731][ T6928] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.061811][ T6928] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.124112][ T7121] netlink: 4 bytes leftover after parsing attributes in process `syz.0.487'.
[  175.153254][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  175.567295][  T968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.623240][  T968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.768238][ T6824] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.808042][ T6824] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.902130][ T5318] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  176.131129][ T5318] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  185.325590][ T5318] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.585596][ T5318] usb 1-1: Product: syz
[  185.605645][ T5318] usb 1-1: Manufacturer: syz
[  185.965595][ T5318] usb 1-1: SerialNumber: syz
[  185.974647][   T16] sched: DL replenish lagged too much
[  186.505980][ T5318] usb 1-1: config 0 descriptor??
[  186.601984][ T5318] usb 1-1: can't set config #0, error -71
[  186.670060][ T5318] usb 1-1: USB disconnect, device number 14
[  188.675298][ T5229] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  188.763746][ T5229] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  188.785542][ T5229] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  188.800515][ T5229] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  188.809483][ T5229] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  188.821897][ T5229] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  188.919578][   T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  188.947546][   T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  188.956751][   T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  188.975528][   T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  188.984061][   T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  188.997884][   T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  189.338931][ T5229] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  189.362914][ T5229] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  189.379232][ T5229] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  189.394327][ T5229] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  189.402479][ T5229] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  189.410374][ T5229] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  189.485857][ T5232] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  189.515507][ T5232] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  189.523894][ T5232] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  189.532563][ T5232] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  189.555346][ T5232] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  189.564882][ T5232] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  189.808633][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  189.823226][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  189.832263][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  189.840691][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  189.848833][   T54] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  189.866653][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  191.176032][ T5232] Bluetooth: hci5: command tx timeout
[  191.182440][ T5232] Bluetooth: hci3: command tx timeout
[  191.496988][   T54] Bluetooth: hci0: command tx timeout
[  191.655783][   T54] Bluetooth: hci1: command tx timeout
[  191.895817][   T54] Bluetooth: hci2: command tx timeout
[  193.255601][   T54] Bluetooth: hci3: command tx timeout
[  193.261077][   T54] Bluetooth: hci5: command tx timeout
[  193.575582][   T54] Bluetooth: hci0: command tx timeout
[  193.737702][ T5232] Bluetooth: hci1: command tx timeout
[  193.975730][   T54] Bluetooth: hci2: command tx timeout
[  194.381222][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  194.392811][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  195.335598][ T5232] Bluetooth: hci3: command tx timeout
[  195.343083][   T54] Bluetooth: hci5: command tx timeout
[  195.659609][   T54] Bluetooth: hci0: command tx timeout
[  195.815678][   T54] Bluetooth: hci1: command tx timeout
[  196.055752][   T54] Bluetooth: hci2: command tx timeout
[  197.415574][ T5232] Bluetooth: hci3: command tx timeout
[  197.421068][   T54] Bluetooth: hci5: command tx timeout
[  197.735592][   T54] Bluetooth: hci0: command tx timeout
[  197.895684][   T54] Bluetooth: hci1: command tx timeout
[  198.135785][   T54] Bluetooth: hci2: command tx timeout
[  233.147852][ T4681] udevd[4681]: worker [6129] /devices/platform/dummy_hcd.2/usb3/3-1 is taking a long time
[  235.357368][ T7065] cxacru 3-1:0.0: firmware (cxacru-fw.bin) unavailable (system misconfigured?)
[  247.681482][ T5232] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  247.691659][ T5232] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  247.699791][ T5232] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  247.708613][ T5232] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  247.716290][ T5232] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  247.725180][ T5232] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  249.002769][ T5232] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  249.013030][ T5232] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  249.024825][ T5232] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  249.033684][ T5232] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  249.042515][ T5232] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  249.052170][ T5232] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  249.077536][   T54] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  249.089607][   T54] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  249.125649][   T54] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  249.134057][   T54] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  249.145173][   T54] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  249.155218][   T54] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  249.330456][ T5232] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  249.341864][ T5232] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  249.351110][ T5232] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  249.363700][ T5232] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  249.371842][ T5232] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  249.379567][ T5232] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  249.442357][ T5232] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  249.454060][ T5232] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  249.465970][ T5232] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  249.478766][ T5232] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  249.493069][ T5232] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  249.501040][ T5232] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  249.820272][ T5232] Bluetooth: hci6: command tx timeout
[  251.175833][ T5232] Bluetooth: hci7: command tx timeout
[  251.260197][ T5232] Bluetooth: hci8: command tx timeout
[  251.495654][ T5232] Bluetooth: hci9: command tx timeout
[  251.575742][ T5232] Bluetooth: hci10: command tx timeout
[  251.895731][ T5232] Bluetooth: hci6: command tx timeout
[  253.256342][   T54] Bluetooth: hci7: command tx timeout
[  253.335632][ T5232] Bluetooth: hci8: command tx timeout
[  253.576606][ T5232] Bluetooth: hci9: command tx timeout
[  253.655655][ T5232] Bluetooth: hci10: command tx timeout
[  253.975805][ T5232] Bluetooth: hci6: command tx timeout
[  255.335808][ T5232] Bluetooth: hci7: command tx timeout
[  255.415862][ T5232] Bluetooth: hci8: command tx timeout
[  255.655645][ T5232] Bluetooth: hci9: command tx timeout
[  255.740296][ T5232] Bluetooth: hci10: command tx timeout
[  255.821840][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  255.828406][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  256.055545][ T5232] Bluetooth: hci6: command tx timeout
[  257.425905][ T5232] Bluetooth: hci7: command tx timeout
[  257.495546][ T5232] Bluetooth: hci8: command tx timeout
[  257.735582][ T5232] Bluetooth: hci9: command tx timeout
[  257.815595][ T5232] Bluetooth: hci10: command tx timeout
[  311.506049][   T54] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  311.525498][   T54] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  311.533793][   T54] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  311.542756][   T54] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  311.550593][   T54] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  311.558173][   T54] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  312.326733][   T54] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  312.348140][   T54] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  312.357347][   T54] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  312.366206][   T54] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  312.376814][   T54] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  312.384293][   T54] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  312.563392][ T5224] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  312.573762][ T5224] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  312.586291][ T5224] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  312.605938][ T5224] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  312.613802][ T5224] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  312.621856][ T5224] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  312.706783][   T54] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  312.716792][   T54] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  312.724881][   T54] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  312.733708][   T54] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  312.748336][   T54] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  312.755794][   T54] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  313.655678][   T54] Bluetooth: hci11: command tx timeout
[  313.848226][ T5224] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  313.857750][ T5224] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  313.866601][ T5224] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  313.876607][ T5224] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  313.884347][ T5224] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[  313.892458][ T5224] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  314.225435][ T5224] Bluetooth: hci1: command 0x0406 tx timeout
[  314.231616][ T5224] Bluetooth: hci3: command 0x0406 tx timeout
[  314.240990][   T54] Bluetooth: hci5: command 0x0406 tx timeout
[  314.251503][ T5228] Bluetooth: hci0: command 0x0406 tx timeout
[  314.260790][ T5228] Bluetooth: hci2: command 0x0406 tx timeout
[  314.455668][ T5226] Bluetooth: hci12: command tx timeout
[  314.700295][ T5226] Bluetooth: hci13: command tx timeout
[  314.775642][ T5226] Bluetooth: hci14: command tx timeout
[  315.735649][ T5226] Bluetooth: hci11: command tx timeout
[  315.975941][ T5226] Bluetooth: hci15: command tx timeout
[  316.535517][ T5226] Bluetooth: hci12: command tx timeout
[  316.775495][ T5226] Bluetooth: hci13: command tx timeout
[  316.855538][ T5226] Bluetooth: hci14: command tx timeout
[  317.258164][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  317.264519][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  317.815522][ T5226] Bluetooth: hci11: command tx timeout
[  318.055581][ T5226] Bluetooth: hci15: command tx timeout
[  318.615572][ T5226] Bluetooth: hci12: command tx timeout
[  318.865628][ T5226] Bluetooth: hci13: command tx timeout
[  318.935679][ T5226] Bluetooth: hci14: command tx timeout
[  319.895563][ T5226] Bluetooth: hci11: command tx timeout
[  320.135620][ T5226] Bluetooth: hci15: command tx timeout
[  320.705625][ T5226] Bluetooth: hci12: command tx timeout
[  320.935754][ T5226] Bluetooth: hci13: command tx timeout
[  321.015579][ T5226] Bluetooth: hci14: command tx timeout
[  322.215562][ T5226] Bluetooth: hci15: command tx timeout
[  332.616379][   T31] INFO: task syz.2.73:5580 blocked for more than 143 seconds.
[  332.623921][   T31]       Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  332.665403][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  332.674238][   T31] task:syz.2.73        state:D stack:24640 pid:5580  tgid:5580  ppid:5241   flags:0x00004006
[  332.816040][   T31] Call Trace:
[  332.819425][   T31]  <TASK>
[  332.822403][   T31]  __schedule+0x1893/0x4b50
[  332.894607][   T31]  ? __pfx___schedule+0x10/0x10
[  332.925498][   T31]  ? __pfx_lock_release+0x10/0x10
[  332.930633][   T31]  ? schedule+0x90/0x320
[  332.934927][   T31]  schedule+0x14b/0x320
[  332.981667][   T31]  schedule_timeout+0xb0/0x310
[  333.002304][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  333.035496][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  333.067281][   T31]  ? wait_for_completion+0x2fe/0x620
[  333.072654][   T31]  ? wait_for_completion+0x2fe/0x620
[  333.110396][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  333.142577][   T31]  ? lockdep_hardirqs_on+0x99/0x150
[  333.175670][   T31]  ? wait_for_completion+0x2fe/0x620
[  333.181049][   T31]  wait_for_completion+0x355/0x620
[  333.225185][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  333.265410][   T31]  ? __flush_work+0xe7/0xc50
[  333.270097][   T31]  __flush_work+0xa37/0xc50
[  333.274654][   T31]  ? __flush_work+0xe7/0xc50
[  333.308944][   T31]  ? __pfx___flush_work+0x10/0x10
[  333.314063][   T31]  ? __pfx_wq_barrier_func+0x10/0x10
[  333.352277][   T31]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  333.374894][   T31]  ? _raw_spin_lock_irq+0xdf/0x120
[  333.395450][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  333.400740][   T31]  unregister_netdevice_many_notify+0x87b/0x1da0
[  333.435385][   T31]  ? __pfx_lock_release+0x10/0x10
[  333.440508][   T31]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  333.488750][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  333.494837][   T31]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  333.538664][   T31]  ? __queue_work+0x199/0xf50
[  333.543532][   T31]  ? queue_delayed_work_on+0x1eb/0x390
[  333.580361][   T31]  ? lockdep_hardirqs_on+0x99/0x150
[  333.605487][   T31]  unregister_netdevice_queue+0x303/0x370
[  333.611303][   T31]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  333.652068][   T31]  __tun_detach+0x6b9/0x1600
[  333.685033][   T31]  tun_chr_close+0x105/0x1b0
[  333.700122][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[  333.706994][   T31]  __fput+0x23f/0x880
[  333.711062][   T31]  task_work_run+0x24f/0x310
[  333.722525][   T31]  ? kasan_quarantine_put+0xdc/0x230
[  333.728407][   T31]  ? __pfx_task_work_run+0x10/0x10
[  333.735914][   T31]  ? do_exit+0xa2a/0x27f0
[  333.740299][   T31]  ? kmem_cache_free+0x1a3/0x420
[  333.745288][   T31]  ? do_exit+0xa2a/0x27f0
[  333.756340][   T31]  do_exit+0xa2f/0x27f0
[  333.760866][   T31]  ? __pfx_do_exit+0x10/0x10
[  333.771006][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  333.778973][   T31]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  333.790298][   T31]  do_group_exit+0x207/0x2c0
[  333.794955][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  333.800692][   T31]  ? lockdep_hardirqs_on+0x99/0x150
[  333.811066][   T31]  get_signal+0x176f/0x1810
[  333.816154][   T31]  ? do_nanosleep+0x80/0x600
[  333.820817][   T31]  ? __pfx_get_signal+0x10/0x10
[  333.830757][   T31]  ? hrtimer_nanosleep+0x331/0x3f0
[  333.841075][   T31]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  333.851567][   T31]  arch_do_signal_or_restart+0x96/0x860
[  333.857931][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  333.864145][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  333.875809][   T31]  ? syscall_exit_to_user_mode+0xa3/0x370
[  333.881609][   T31]  syscall_exit_to_user_mode+0xc9/0x370
[  333.891346][   T31]  do_syscall_64+0x100/0x230
[  333.898054][   T31]  ? clear_bhb_loop+0x35/0x90
[  333.902806][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.915805][   T31] RIP: 0033:0x7fcfdedaffe5
[  333.920276][   T31] RSP: 002b:00007fcfdebb6f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  333.934110][   T31] RAX: fffffffffffffdfc RBX: 00007fcfdef36130 RCX: 00007fcfdedaffe5
[  333.945070][   T31] RDX: 00007fcfdebb6fc0 RSI: 0000000000000000 RDI: 0000000000000000
[  333.960534][   T31] RBP: 00007fcfdedf0b76 R08: 0000000000000000 R09: 0000000000000000
[  333.970574][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  333.983383][   T31] R13: 0000000000000000 R14: 00007fcfdef36130 R15: 00007fcfdf05fa28
[  333.993233][   T31]  </TASK>
[  334.000130][   T31] INFO: task syz-executor:6427 blocked for more than 144 seconds.
[  334.009657][   T31]       Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0
[  334.022197][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  334.032467][   T31] task:syz-executor    state:D stack:20880 pid:6427  tgid:6427  ppid:1      flags:0x00004006
[  334.050211][   T31] Call Trace:
[  334.053547][   T31]  <TASK>
[  334.057109][   T31]  __schedule+0x1893/0x4b50
[  334.062071][   T31]  ? __pfx___schedule+0x10/0x10
[  334.072026][   T31]  ? __pfx_lock_release+0x10/0x10
[  334.078763][   T31]  ? __mutex_trylock_common+0x92/0x2e0
[  334.084292][   T31]  ? schedule+0x90/0x320
[  334.094622][   T31]  schedule+0x14b/0x320
[  334.099237][   T31]  schedule_preempt_disabled+0x13/0x30
[  334.104764][   T31]  __mutex_lock+0x6a7/0xd70
[  334.114350][   T31]  ? __mutex_lock+0x52a/0xd70
[  334.119439][   T31]  ? tun_chr_close+0x3b/0x1b0
[  334.124166][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  334.135560][   T31]  ? __pfx_call_rcu+0x10/0x10
[  334.140314][   T31]  tun_chr_close+0x3b/0x1b0
[  334.151883][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[  334.162860][   T31]  __fput+0x23f/0x880
[  334.172294][   T31]  task_work_run+0x24f/0x310
[  334.177291][   T31]  ? kasan_quarantine_put+0xdc/0x230
[  334.182636][   T31]  ? __pfx_task_work_run+0x10/0x10
[  334.192900][   T31]  ? do_exit+0xa2a/0x27f0
[  334.199226][   T31]  ? kmem_cache_free+0x1a3/0x420
[  334.204221][   T31]  ? do_exit+0xa2a/0x27f0
[  334.213702][   T31]  do_exit+0xa2f/0x27f0
[  334.218332][   T31]  ? __pfx_do_exit+0x10/0x10
[  334.222974][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  334.233497][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  334.239883][   T31]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  334.255025][   T31]  ? _raw_spin_lock_irq+0xdf/0x120
[  334.260532][   T31]  do_group_exit+0x207/0x2c0
[  334.265206][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  334.276566][   T31]  ? lockdep_hardirqs_on+0x99/0x150
[  334.281842][   T31]  get_signal+0x176f/0x1810
[  334.290584][   T31]  ? __pfx_get_signal+0x10/0x10
[  334.301298][   T31]  arch_do_signal_or_restart+0x96/0x860
[  334.313271][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  334.320902][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  334.330840][   T31]  ? syscall_exit_to_user_mode+0xa3/0x370
[  334.338386][   T31]  syscall_exit_to_user_mode+0xc9/0x370
[  334.344001][   T31]  do_syscall_64+0x100/0x230
[  334.354984][   T31]  ? clear_bhb_loop+0x35/0x90
[  334.361324][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.373817][   T31] RIP: 0033:0x7f0ea8d7c93c
[  334.382924][   T31] RSP: 002b:00007f0ea905fd90 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  334.395351][   T31] RAX: fffffffffffffe00 RBX: 0000000000000003 RCX: 00007f0ea8d7c93c
[  334.403376][   T31] RDX: 0000000000000028 RSI: 00007f0ea905fe40 RDI: 00000000000000f9
[  334.415992][   T31] RBP: 00007f0ea905fdec R08: 0000000000000000 R09: 0079746972756365
[  334.424014][   T31] R10: 00007f0ea8f087e0 R11: 0000000000000246 R12: 0000000000000019
[  334.439441][   T31] R13: 000000000002afd0 R14: 000000000002afae R15: 00007f0ea905fe40
[  334.452683][   T31]  </TASK>
[  334.458475][   T31] INFO: task kworker/u8:10:6824 blocked for more than 145 seconds.
[  334.469333][   T31]       Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0
[  334.479349][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  334.492432][   T31] task:kworker/u8:10   state:D stack:23168 pid:6824  tgid:6824  ppid:2      flags:0x00004000
[  334.505472][   T31] Workqueue: events_unbound linkwatch_event
[  334.511438][   T31] Call Trace:
[  334.514750][   T31]  <TASK>
[  334.522949][   T31]  __schedule+0x1893/0x4b50
[  334.528362][   T31]  ? __pfx___schedule+0x10/0x10
[  334.533296][   T31]  ? __pfx_lock_release+0x10/0x10
[  334.545204][   T31]  ? __mutex_trylock_common+0x92/0x2e0
[  334.551089][   T31]  ? kthread_data+0x52/0xd0
[  334.562939][   T31]  ? schedule+0x90/0x320
[  334.567654][   T31]  ? wq_worker_sleeping+0x66/0x240
[  334.572833][   T31]  ? schedule+0x90/0x320
[  334.582723][   T31]  schedule+0x14b/0x320
[  334.587331][   T31]  schedule_preempt_disabled+0x13/0x30
[  334.592847][   T31]  __mutex_lock+0x6a7/0xd70
[  334.602490][   T31]  ? __mutex_lock+0x52a/0xd70
[  334.608916][   T31]  ? linkwatch_event+0xe/0x60
[  334.613658][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  334.624133][   T31]  ? process_scheduled_works+0x976/0x1850
[  334.630652][   T31]  linkwatch_event+0xe/0x60
[  334.635215][   T31]  process_scheduled_works+0xa63/0x1850
[  334.645392][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  334.651448][   T31]  ? assign_work+0x364/0x3d0
[  334.663631][   T31]  worker_thread+0x870/0xd30
[  334.669892][   T31]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  334.680896][   T31]  ? __kthread_parkme+0x169/0x1d0
[  334.686582][   T31]  ? __pfx_worker_thread+0x10/0x10
[  334.691950][   T31]  kthread+0x2f0/0x390
[  334.701676][   T31]  ? __pfx_worker_thread+0x10/0x10
[  334.707366][   T31]  ? __pfx_kthread+0x10/0x10
[  334.712006][   T31]  ret_from_fork+0x4b/0x80
[  334.721554][   T31]  ? __pfx_kthread+0x10/0x10
[  334.726588][   T31]  ret_from_fork_asm+0x1a/0x30
[  334.731429][   T31]  </TASK>
[  334.734557][   T31] INFO: task syz-executor:6827 blocked for more than 145 seconds.
[  334.753761][   T31]       Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0
[  334.764387][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  334.778166][   T31] task:syz-executor    state:D stack:20856 pid:6827  tgid:6827  ppid:1      flags:0x00004006
[  334.793122][   T31] Call Trace:
[  334.800509][   T31]  <TASK>
[  334.803491][   T31]  __schedule+0x1893/0x4b50
[  334.809811][   T31]  ? __pfx___schedule+0x10/0x10
[  334.814729][   T31]  ? __pfx_lock_release+0x10/0x10
[  334.823708][   T31]  ? __mutex_trylock_common+0x92/0x2e0
[  334.830794][   T31]  ? schedule+0x90/0x320
[  334.835100][   T31]  schedule+0x14b/0x320
[  334.843181][   T31]  schedule_preempt_disabled+0x13/0x30
[  334.852319][   T31]  __mutex_lock+0x6a7/0xd70
[  334.863693][   T31]  ? __mutex_lock+0x52a/0xd70
[  334.872163][   T31]  ? tun_chr_close+0x3b/0x1b0
[  334.878415][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  334.883510][   T31]  ? __pfx_call_rcu+0x10/0x10
[  334.892487][   T31]  tun_chr_close+0x3b/0x1b0
[  334.898526][   T31]  ? __pfx_tun_chr_close+0x10/0x10
[  334.903692][   T31]  __fput+0x23f/0x880
[  334.913047][   T31]  task_work_run+0x24f/0x310
[  334.919229][   T31]  ? kasan_quarantine_put+0xdc/0x230
[  334.924572][   T31]  ? __pfx_task_work_run+0x10/0x10
[  334.933710][   T31]  ? do_exit+0xa2a/0x27f0
[  334.939884][   T31]  ? kmem_cache_free+0x1a3/0x420
[  334.944879][   T31]  ? do_exit+0xa2a/0x27f0
[  334.953188][   T31]  do_exit+0xa2f/0x27f0
[  334.959044][   T31]  ? __pfx_do_exit+0x10/0x10
[  334.970017][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  334.978624][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  334.984668][   T31]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  334.996667][   T31]  ? _raw_spin_lock_irq+0xdf/0x120
[  335.001852][   T31]  do_group_exit+0x207/0x2c0
[  335.010673][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  335.017582][   T31]  ? lockdep_hardirqs_on+0x99/0x150
[  335.022844][   T31]  get_signal+0x176f/0x1810
[  335.031339][   T31]  ? __pfx_get_signal+0x10/0x10
[  335.039176][   T31]  arch_do_signal_or_restart+0x96/0x860
[  335.044794][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  335.054986][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  335.062583][   T31]  ? syscall_exit_to_user_mode+0xa3/0x370
[  335.074467][   T31]  syscall_exit_to_user_mode+0xc9/0x370
[  335.081575][   T31]  do_syscall_64+0x100/0x230
[  335.089950][   T31]  ? clear_bhb_loop+0x35/0x90
[  335.094693][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.104333][   T31] RIP: 0033:0x7f10af37c93c
[  335.111520][   T31] RSP: 002b:00007f10af65fd90 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  335.122679][   T31] RAX: fffffffffffffe00 RBX: 00000000ffffffff RCX: 00007f10af37c93c
[  335.133380][   T31] RDX: 0000000000000028 RSI: 00007f10af65fe40 RDI: 00000000000000f9
[  335.144046][   T31] RBP: 00007f10af65fdec R08: 0000000000000000 R09: 0079746972756365
[  335.154816][   T31] R10: 00007f10af5087e0 R11: 0000000000000246 R12: 0000555588aaa5eb
[  335.167806][   T31] R13: 0000555588aaa590 R14: 000000000002adaa R15: 00007f10af65fe40
[  335.180027][   T31]  </TASK>
[  335.183179][   T31] INFO: task syz-executor:7159 blocked for more than 145 seconds.
[  335.192997][   T31]       Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0
[  335.204774][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  335.216503][   T31] task:syz-executor    state:D stack:26288 pid:7159  tgid:7159  ppid:1      flags:0x00004004
[  335.231859][   T31] Call Trace:
[  335.235180][   T31]  <TASK>
[  335.238614][   T31]  __schedule+0x1893/0x4b50
[  335.243206][   T31]  ? __pfx___schedule+0x10/0x10
[  335.253306][   T31]  ? __pfx_lock_release+0x10/0x10
[  335.258834][   T31]  ? __mutex_trylock_common+0x92/0x2e0
[  335.264361][   T31]  ? schedule+0x90/0x320
[  335.275370][   T31]  schedule+0x14b/0x320
[  335.279596][   T31]  schedule_preempt_disabled+0x13/0x30
[  335.285101][   T31]  __mutex_lock+0x6a7/0xd70
[  335.299048][   T31]  ? __mutex_lock+0x52a/0xd70
[  335.303802][   T31]  ? register_nexthop_notifier+0x84/0x290
[  335.315808][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  335.320919][   T31]  ? __asan_memset+0x23/0x50
[  335.330805][   T31]  register_nexthop_notifier+0x84/0x290
[  335.342295][   T31]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  335.353244][   T31]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  335.359883][   T31]  ? __pfx_register_nexthop_notifier+0x10/0x10
[  335.371104][   T31]  ? __asan_memset+0x23/0x50
[  335.378501][   T31]  ops_init+0x31e/0x590
[  335.382726][   T31]  ? lockdep_init_map_type+0xa1/0x910
[  335.393442][   T31]  setup_net+0x287/0x9e0
[  335.399323][   T31]  ? __pfx_down_read_killable+0x10/0x10
[  335.404974][   T31]  ? __pfx_setup_net+0x10/0x10
[  335.418409][   T31]  copy_net_ns+0x33f/0x570
[  335.422900][   T31]  create_new_namespaces+0x425/0x7b0
[  335.433803][   T31]  unshare_nsproxy_namespaces+0x124/0x180
[  335.439873][   T31]  ksys_unshare+0x619/0xc10
[  335.444431][   T31]  ? __pfx_ksys_unshare+0x10/0x10
[  335.454893][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  335.463005][   T31]  ? do_syscall_64+0x100/0x230
[  335.472876][   T31]  __x64_sys_unshare+0x38/0x40
[  335.480350][   T31]  do_syscall_64+0xf3/0x230
[  335.484919][   T31]  ? clear_bhb_loop+0x35/0x90
[  335.494871][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.501547][   T31] RIP: 0033:0x7f51e3f7f6f7
[  335.510939][   T31] RSP: 002b:00007f51e425ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[  335.521989][   T31] RAX: ffffffffffffffda RBX: 00007f51e3ff22ec RCX: 00007f51e3f7f6f7
[  335.535055][   T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[  335.543643][   T31] RBP: 0000000000000000 R08: 00007f51e4c67d60 R09: 0000000000000000
[  335.556980][   T31] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c
[  335.565006][   T31] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  335.578379][   T31]  </TASK>
[  335.581526][   T31] 
[  335.581526][   T31] Showing all locks held in the system:
[  335.595365][   T31] 3 locks held by kworker/0:0/8:
[  335.600349][   T31] 3 locks held by kworker/1:0/25:
[  335.612134][   T31]  #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  335.625184][   T31]  #1: ffffc900001f7d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  335.641794][   T31]  #2: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0
[  335.654410][   T31] 3 locks held by kworker/u8:2/29:
[  335.665571][   T31]  #0: ffff88814b262948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  335.684669][   T31]  #1: ffffc90000a57d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  335.704853][   T31]  #2: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  335.715177][   T31] 1 lock held by khungtaskd/31:
[  335.725088][   T31]  #0: ffffffff8e9389e0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  335.735612][   T31] 2 locks held by dhcpcd/4895:
[  335.740421][   T31]  #0: ffff8880602316c8 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: __netlink_dump_start+0x119/0x790
[  335.755709][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_dumpit+0x99/0x200
[  335.764610][   T31] 2 locks held by getty/4986:
[  335.775825][   T31]  #0: ffff88814b4c20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  335.792957][   T31]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  335.803788][   T31] 3 locks held by kworker/0:4/5275:
[  335.814161][   T31] 2 locks held by syz.2.73/5580:
[  335.820666][   T31]  #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  335.836199][   T31]  #1: ffffffff8e7d28d0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0
[  335.852767][   T31] 1 lock held by syz-executor/6427:
[  335.858358][   T31]  #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  335.872604][   T31] 3 locks held by kworker/u8:10/6824:
[  335.878855][   T31]  #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  335.899639][   T31]  #1: ffffc9000309fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  335.912703][   T31]  #2: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  335.925664][   T31] 1 lock held by syz-executor/6827:
[  335.930908][   T31]  #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  335.947198][   T31] 1 lock held by syz-executor/6928:
[  335.952448][   T31]  #0: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  335.966685][   T31] 2 locks held by syz-executor/7159:
[  335.972025][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  335.984635][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.000201][   T31] 2 locks held by syz-executor/7160:
[  336.009771][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.021938][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.034810][   T31] 2 locks held by syz-executor/7166:
[  336.042916][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.055205][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.071761][   T31] 2 locks held by syz-executor/7167:
[  336.079836][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.094677][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.107527][   T31] 2 locks held by syz-executor/7171:
[  336.112898][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.129928][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.141744][   T31] 2 locks held by syz-executor/7178:
[  336.150815][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.161891][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.179090][   T31] 2 locks held by syz-executor/7186:
[  336.184426][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.201376][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.212015][   T31] 2 locks held by syz-executor/7187:
[  336.222643][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.234629][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.249930][   T31] 2 locks held by syz-executor/7190:
[  336.255260][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.265262][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.282055][   T31] 2 locks held by syz-executor/7191:
[  336.292533][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.304840][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.320244][   T31] 2 locks held by syz-executor/7200:
[  336.326416][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.342810][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.353334][   T31] 2 locks held by syz-executor/7203:
[  336.363598][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.373535][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.393187][   T31] 2 locks held by syz-executor/7206:
[  336.405225][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.420258][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.435578][   T31] 2 locks held by syz-executor/7207:
[  336.440929][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.456393][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.473976][   T31] 2 locks held by syz-executor/7209:
[  336.479725][   T31]  #0: ffffffff8fcbcd90 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  336.494352][   T31]  #1: ffffffff8fcc9888 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  336.513272][   T31] 
[  336.515983][   T31] =============================================
[  336.515983][   T31] 
[  336.524737][   T31] NMI backtrace for cpu 1
[  336.529120][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0
[  336.539496][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  336.549674][   T31] Call Trace:
[  336.552985][   T31]  <TASK>
[  336.555945][   T31]  dump_stack_lvl+0x241/0x360
[  336.560672][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.566014][   T31]  ? __pfx__printk+0x10/0x10
[  336.570661][   T31]  nmi_cpu_backtrace+0x49c/0x4d0
[  336.575646][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  336.581143][   T31]  ? _printk+0xd5/0x120
[  336.585387][   T31]  ? __pfx__printk+0x10/0x10
[  336.590122][   T31]  ? __wake_up_klogd+0xcc/0x110
[  336.595012][   T31]  ? __pfx__printk+0x10/0x10
[  336.599666][   T31]  ? __rcu_read_unlock+0xa1/0x110
[  336.604732][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  336.610842][   T31]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  336.616865][   T31]  watchdog+0xff4/0x1040
[  336.621152][   T31]  ? watchdog+0x1ea/0x1040
[  336.625617][   T31]  ? __pfx_watchdog+0x10/0x10
[  336.630344][   T31]  kthread+0x2f0/0x390
[  336.634451][   T31]  ? __pfx_watchdog+0x10/0x10
[  336.639170][   T31]  ? __pfx_kthread+0x10/0x10
[  336.643793][   T31]  ret_from_fork+0x4b/0x80
[  336.648253][   T31]  ? __pfx_kthread+0x10/0x10
[  336.652882][   T31]  ret_from_fork_asm+0x1a/0x30
[  336.657730][   T31]  </TASK>
[  336.661781][   T31] Sending NMI from CPU 1 to CPUs 0:
[  336.667862][    C0] NMI backtrace for cpu 0
[  336.667878][    C0] CPU: 0 UID: 0 PID: 5275 Comm: kworker/0:4 Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0
[  336.667900][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  336.667912][    C0] Workqueue: events_power_efficient neigh_periodic_work
[  336.667940][    C0] RIP: 0010:unwind_next_frame+0x178d/0x22d0
[  336.667971][    C0] Code: 0f b6 04 28 84 c0 0f 85 81 0a 00 00 48 89 d0 48 c1 e8 03 0f b6 04 28 84 c0 0f 85 93 0a 00 00 48 0f bf 03 48 8b 34 24 48 01 c6 <49> 8d 55 40 4c 89 ef e8 37 0e 00 00 84 c0 0f 84 66 01 00 00 49 bc
[  336.667987][    C0] RSP: 0018:ffffc90000006a70 EFLAGS: 00000287
[  336.668002][    C0] RAX: fffffffffffffff0 RBX: ffffffff912221b0 RCX: 0000000000000000
[  336.668016][    C0] RDX: ffffffff912221b1 RSI: ffffc90000007050 RDI: ffffc90000006ba0
[  336.668030][    C0] RBP: dffffc0000000000 R08: ffffc90000006b9f R09: 0000000000000000
[  336.668043][    C0] R10: ffffc90000006b90 R11: fffff52000000d74 R12: ffffc90000008000
[  336.668056][    C0] R13: ffffc90000006b40 R14: ffffffff89e1ab6a R15: ffffc90000006b90
[  336.668070][    C0] FS:  0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000
[  336.668086][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  336.668101][    C0] CR2: 000000110c3c2fa2 CR3: 0000000027678000 CR4: 00000000003506f0
[  336.668117][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  336.668128][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  336.668139][    C0] Call Trace:
[  336.668146][    C0]  <NMI>
[  336.668153][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  336.668174][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  336.668202][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  336.668221][    C0]  ? nmi_handle+0x2a/0x5a0
[  336.668245][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  336.668269][    C0]  ? nmi_handle+0x14f/0x5a0
[  336.668285][    C0]  ? nmi_handle+0x2a/0x5a0
[  336.668303][    C0]  ? unwind_next_frame+0x178d/0x22d0
[  336.668330][    C0]  ? default_do_nmi+0x63/0x160
[  336.668357][    C0]  ? exc_nmi+0x123/0x1f0
[  336.668376][    C0]  ? end_repeat_nmi+0xf/0x53
[  336.668401][    C0]  ? synproxy_send_client_synack+0x1ba/0xf30
[  336.668429][    C0]  ? unwind_next_frame+0x178d/0x22d0
[  336.668457][    C0]  ? unwind_next_frame+0x178d/0x22d0
[  336.668484][    C0]  ? unwind_next_frame+0x178d/0x22d0
[  336.668512][    C0]  </NMI>
[  336.668518][    C0]  <IRQ>
[  336.668528][    C0]  ? __alloc_skb+0x1c3/0x440
[  336.668555][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  336.668578][    C0]  arch_stack_walk+0x11c/0x150
[  336.668598][    C0]  ? synproxy_send_client_synack+0x1ba/0xf30
[  336.668623][    C0]  stack_trace_save+0x118/0x1d0
[  336.668643][    C0]  ? stack_trace_save+0x118/0x1d0
[  336.668663][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  336.668684][    C0]  ? __asan_memset+0x23/0x50
[  336.668705][    C0]  ? unwind_next_frame+0x193b/0x22d0
[  336.668735][    C0]  kasan_save_track+0x3f/0x80
[  336.668756][    C0]  ? kasan_save_track+0x3f/0x80
[  336.668777][    C0]  ? __kasan_slab_alloc+0x66/0x80
[  336.668799][    C0]  ? kmem_cache_alloc_node_noprof+0x16b/0x320
[  336.668817][    C0]  ? __alloc_skb+0x1c3/0x440
[  336.668864][    C0]  __kasan_slab_alloc+0x66/0x80
[  336.668887][    C0]  ? __alloc_skb+0x1c3/0x440
[  336.668912][    C0]  kmem_cache_alloc_node_noprof+0x16b/0x320
[  336.668932][    C0]  __alloc_skb+0x1c3/0x440
[  336.668960][    C0]  ? __pfx___alloc_skb+0x10/0x10
[  336.668989][    C0]  synproxy_send_client_synack+0x1ba/0xf30
[  336.669015][    C0]  ? kasan_quarantine_put+0xdc/0x230
[  336.669037][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  336.669062][    C0]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  336.669087][    C0]  ? synproxy_pernet+0x45/0x270
[  336.669113][    C0]  nft_synproxy_eval_v4+0x3ca/0x610
[  336.669141][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  336.669166][    C0]  ? nf_ip_checksum+0x13a/0x500
[  336.669193][    C0]  nft_synproxy_do_eval+0x362/0xa60
[  336.669220][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  336.669248][    C0]  ? __pfx_validate_chain+0x10/0x10
[  336.669266][    C0]  ? validate_chain+0x11e/0x5920
[  336.669289][    C0]  nft_do_chain+0x4ad/0x1da0
[  336.669320][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  336.669350][    C0]  ? __local_bh_enable_ip+0x168/0x200
[  336.669387][    C0]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[  336.669416][    C0]  nft_do_chain_inet+0x418/0x6b0
[  336.669442][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  336.669466][    C0]  ? ipt_do_table+0x312/0x1860
[  336.669509][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  336.669531][    C0]  nf_hook_slow+0xc3/0x220
[  336.669552][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  336.669570][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  336.669588][    C0]  NF_HOOK+0x29e/0x450
[  336.669606][    C0]  ? NF_HOOK+0x9a/0x450
[  336.669622][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  336.669639][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  336.669660][    C0]  ? ip_rcv_finish+0x406/0x560
[  336.669678][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  336.669695][    C0]  NF_HOOK+0x3a4/0x450
[  336.669711][    C0]  ? __lock_acquire+0x1384/0x2050
[  336.669737][    C0]  ? NF_HOOK+0x9a/0x450
[  336.669753][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  336.669768][    C0]  ? ip_rcv_core+0x801/0xd10
[  336.669786][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  336.669807][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  336.669823][    C0]  __netif_receive_skb+0x2bf/0x650
[  336.669844][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  336.669869][    C0]  ? __pfx___netif_receive_skb+0x10/0x10
[  336.669887][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  336.669912][    C0]  ? __pfx_lock_release+0x10/0x10
[  336.669937][    C0]  ? _raw_spin_lock_irq+0xdf/0x120
[  336.669965][    C0]  process_backlog+0x662/0x15b0
[  336.669987][    C0]  ? process_backlog+0x33b/0x15b0
[  336.670012][    C0]  ? __pfx_process_backlog+0x10/0x10
[  336.670032][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  336.670058][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  336.670084][    C0]  __napi_poll+0xcb/0x490
[  336.670106][    C0]  net_rx_action+0x89b/0x1240
[  336.670136][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  336.670157][    C0]  ? __pfx_tmigr_handle_remote+0x10/0x10
[  336.670197][    C0]  handle_softirqs+0x2c5/0x980
[  336.670223][    C0]  ? do_softirq+0x11b/0x1e0
[  336.670246][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  336.670273][    C0]  do_softirq+0x11b/0x1e0
[  336.670294][    C0]  </IRQ>
[  336.670300][    C0]  <TASK>
[  336.670306][    C0]  ? __pfx_do_softirq+0x10/0x10
[  336.670328][    C0]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  336.670360][    C0]  ? rcu_is_watching+0x15/0xb0
[  336.670380][    C0]  __local_bh_enable_ip+0x1bb/0x200
[  336.670402][    C0]  ? neigh_periodic_work+0xb35/0xd50
[  336.670422][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  336.670445][    C0]  ? neigh_destroy+0x423/0x580
[  336.670466][    C0]  neigh_periodic_work+0xb35/0xd50
[  336.670489][    C0]  ? process_scheduled_works+0x976/0x1850
[  336.670532][    C0]  process_scheduled_works+0xa63/0x1850
[  336.670570][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  336.670598][    C0]  ? assign_work+0x364/0x3d0
[  336.670624][    C0]  worker_thread+0x870/0xd30
[  336.670652][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  336.670678][    C0]  ? __kthread_parkme+0x169/0x1d0
[  336.670705][    C0]  ? __pfx_worker_thread+0x10/0x10
[  336.670729][    C0]  kthread+0x2f0/0x390
[  336.670746][    C0]  ? __pfx_worker_thread+0x10/0x10
[  336.670770][    C0]  ? __pfx_kthread+0x10/0x10
[  336.670787][    C0]  ret_from_fork+0x4b/0x80
[  336.670812][    C0]  ? __pfx_kthread+0x10/0x10
[  336.670828][    C0]  ret_from_fork_asm+0x1a/0x30
[  336.670861][    C0]  </TASK>
[  337.441066][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  337.447993][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.11.0-syzkaller-07462-g1868f9d0260e #0
[  337.458186][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  337.468280][   T31] Call Trace:
[  337.471588][   T31]  <TASK>
[  337.474549][   T31]  dump_stack_lvl+0x241/0x360
[  337.479278][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.484561][   T31]  ? __pfx__printk+0x10/0x10
[  337.489233][   T31]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  337.495279][   T31]  ? vscnprintf+0x5d/0x90
[  337.499644][   T31]  panic+0x349/0x880
[  337.503586][   T31]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  337.509790][   T31]  ? __pfx_panic+0x10/0x10
[  337.514254][   T31]  ? tick_nohz_tick_stopped+0x82/0xb0
[  337.519691][   T31]  ? __irq_work_queue_local+0x137/0x410
[  337.525306][   T31]  ? preempt_schedule_thunk+0x1a/0x30
[  337.530719][   T31]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  337.536916][   T31]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  337.543125][   T31]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  337.549515][   T31]  watchdog+0x1033/0x1040
[  337.553981][   T31]  ? watchdog+0x1ea/0x1040
[  337.558460][   T31]  ? __pfx_watchdog+0x10/0x10
[  337.563180][   T31]  kthread+0x2f0/0x390
[  337.567305][   T31]  ? __pfx_watchdog+0x10/0x10
[  337.572027][   T31]  ? __pfx_kthread+0x10/0x10
[  337.576658][   T31]  ret_from_fork+0x4b/0x80
[  337.581117][   T31]  ? __pfx_kthread+0x10/0x10
[  337.585743][   T31]  ret_from_fork_asm+0x1a/0x30
[  337.590573][   T31]  </TASK>
[  337.593959][   T31] Kernel Offset: disabled
[  337.598296][   T31] Rebooting in 86400 seconds..