last executing test programs:

7.636482432s ago: executing program 2 (id=2454):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x3b, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = eventfd2(0x0, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
accept4(r3, 0x0, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

7.582326855s ago: executing program 2 (id=2459):
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
capget(&(0x7f0000000380)={0x19980330, r0}, &(0x7f00000003c0)={0x380000, 0x8, 0x100, 0x9, 0x8})
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = inotify_init1(0x0)
fcntl$setown(r4, 0x8, 0xffffffffffffffff)
fcntl$getownex(r4, 0x10, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
r5 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r5, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000340)='ex')
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0)=0x20001, 0x4)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
setsockopt$inet_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000100)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x49, 0x0, "99aed94cb0b35c64fb781b79363b6fb8a279443e8522854bec7fabec4372cd962a8f57216a5d981041890c6fdb1fd901c2a073dbe6dbc04a3f122251b9ca5327885f62686ff3857d13997543ff74265e"}, 0xd8)
setsockopt$inet_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000600)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x0, 0x35, 0x0, "679f672c00b69e65b0934066fc7c3406caf2c09e33bd50116312e2b00fee650af69b2150ccaa762a3db7ad752fe616e085e991c0436e7e7111238865d27b4e82dcc94700ddd1878b088736009d15f1fa"}, 0xd8)
setsockopt$inet_tcp_int(r6, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6)
sendto$inet(r7, 0x0, 0x0, 0x20000010, &(0x7f0000000540)={0x2, 0x0, @empty}, 0x10)
keyctl$describe(0x6, r5, &(0x7f0000000080)=""/72, 0x48)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000080)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "e5231296f5880856cfb591151cebcb3c130e574e0912fc5261cbe89b56860676f63ffd2a5c60e7dc92673d761aa2da81a8b43ddd019e9180e9f00518d131dd3d", 0x19}, 0x48, r5)

6.426588581s ago: executing program 1 (id=2463):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000cd0b000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x14, r2, 0x6a98047402e98331}, 0x14}}, 0x0)

6.375824382s ago: executing program 2 (id=2464):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00B\x00', "006e34e400"}, 0x28)
sendto$inet6(r6, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)
setsockopt$inet6_tcp_int(r6, 0x6, 0x16, &(0x7f0000000040), 0x4)
bind$bt_sco(r5, 0x0, 0x0)
bind$bt_sco(0xffffffffffffffff, 0x0, 0x0)
listen(r5, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000040)=0xb7, 0x4)
ioperm(0x0, 0x2, 0x2)
ioperm(0x0, 0x9da9, 0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
open(&(0x7f0000000180)='./bus\x00', 0x109241, 0x0)

6.375459195s ago: executing program 3 (id=2465):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x16, 0x0, 0x0)
sendmsg$inet6(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000010c0)="a6dd10154eae5588333a0309e91cc5e16af5c44251b2", 0x16}], 0x1}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

6.290134808s ago: executing program 4 (id=2466):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r0, 0x0, &(0x7f0000000040))
r1 = socket(0x11, 0x800000003, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r4, 0x5)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r5, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001600)="4ad1ff49ca613b35c12b8bb8475c8e54bea495ec5746b2dd1fa94347faf077cfaf8cb654dcc1e9178075265e1d450f52d3642c7cb01ce8adff2cd2df5ebab60627b9b27b3a00a0412e248d51b3265ab1f5c3b1e9c605fc66326381d582e829dbddb3c18fda82b21862200d94cc16ecc0ca6f", 0x72}, {&(0x7f0000003100)="b891190f9bf31537fedfa44ecf1a6e10b276f6e8c5fa0f7ada030ae6c4408911425e5f407da87c9f7ea5aa335ed5b64005c7745de96d67da9bfd59cb39173fa78cea4e9d7a4273d008fd62da9afff29548d7897fea69178eefc7f9f87bc7c5e760fce89606c51b1ce4bbe5ebcf9396159b0006c57b252c42930d845b1cf8173efbd429c0f94b6b7608180770500eb2c886366dd152caff97a503ce61c03273ab0002d6ce93cb2f40dfe499148155f470521884011a5205fc314c4b73f6d93e82f6b9c83113e69f137ab0b6500f8f82bcf68c649b3e145c824b9f1fad93c35771e03d908fec7e1139448c5484d70439b875a0709b20e47bf06b8a95f1707000321241ff69062face15b5ff4b38062ce16eed43663d39859d9e2bc21cb7104bc7cd078fe2446ac8864e49d7654ff0fdfbfbd1ec356816c5a0a8883fab12ff0e8e03ed7e3c47f00b82b27908f1651d0c377b984e9d222347eff426b90065e00f79e5c282db213d76979a218dd0eb601710e22ea441d48668ac83fc62824c64ae1212069c8bfe22498fe5d4cc91b989397322e4f78d7a3e563c513b20f85e629c9e1d65eedfe48510cded3ae35e7a76f7c44aa4acc370ac88d5acb982bf6a3d61498053e70cab3f871ae4079463beac688cb384b968a1a2b67143ad9cdfb606263e7e9733c8083eb1389542bfed96499eb11235c78912f2ead36c696407bdf89f9fd695e6676978717de71410d7d1a4b4eb4f4a11b811c1f92cdeef02c0b9f402c3e975dddb917c9e49afcc5d16d5d640fec330f89f625a18736e2e72ce4ad73e83dbc582c6bb28eb964e7cae31149684168b14f59ca0f47ce41848df5d013f6e47b09d39384c6376b7cdee6ba6021cd11a9145210f3ac2352447dacffa24f4012b36c812ac2c5c505096ee9f986f97d8ae6e994c6b22c49ff34fbb7180233d73b231d7cecf31916b66bc3768ca984d9bf11b960ddd8675fdffca6cda6b0ae6c56dd4193e0d3fd25e57116b183fa8a39ebaf980c04ebf0df3a04bcc5d463340204849f610b8fd686a1702c424a1e0a122aea1e57448e4b8383b98c238cbe0cd745eb13f92a0b5d5f6e8c1b60aac2d0d3f94b16ee6080c89d84482abcb4035759cd446dbcd32f68bb330d7da5403c9a22fd22cafcf81ccd744c303a1c736431b4d6f02ac39f767436dbcbc2376b03e8e72c5dde2df34d4f2d7f25ef7cbb53814a9b53aab1b860fabc2929a078407532e20dd2504037661c1f114e39ffb22b64de49e222137757a0358837e2f300ffb22effd0d230d7ac2f1fcf8e8c699a2976e25ec9becc5946b2e57527c48ace6ad2f64ff5a8074f0e289715f8d7547cebaa7c781b39e712f1b0d1d8811583dc5cb2207a78c786b0293987ee25383ed64a456b5b0b1861cbe61088dd985186e16cf6cb3433d31838af75394bb5233cc73147d3f400480c558ce058615767c20a342d891cf036e03135d4eab93a2446564d98e56cff8a86b91379394cc4c270f89fcadf2406900347ee5ad0d06de64ba1a09efe0ae796067d7c08e1fda05c38f6d7fd1cc5f94da255cfa4226da26203b24b8ce2e495bc44a48bd5670bf166fcfad69fd0fe8ff5c532d47f8c89181acd83e0b65f21a42f2ef94e3001ba0d130a6d0f9074ca7cf1ab099cf9276b6a1e0ed8ae729a6bbc29ff9b8a3ae884b758707ae491b84b10181797688e8126fab5ba5be261b77159c83b8c15469314f4df92b49eb8bb258c6d4adabf150315552e14262b9cc5d4e7faf24976ee3e915c0e32c4cfc7cf5245a0df13f72f0fbdd9506a88144432ef52b0bf0c52c52ba50f2bb0e64b0a06e5ae6026e4bdebbf5408250d72b9a083665e8316b32f5aba5cd0eca841e1878394050b8e71a9f3b43e088996d42ca1cf63c4679b931d75fc40fdaf3169acb3c8e8283fda95c8ff8b9a8ac4e8f702af4208d9f377aeb22e13ae88020cc5831e862dfb841cc56c2959b036ae1b00522f6c156c4cc9f49b90b29907be5b091e03b482eba0284ac7c27c32f42a866e9ec36664f44091227ed3d4f32ea28a11c1959ef849e91d4debb7ba0d743413c4fc2e2d0cf5c1d1789124b8abc772f52f8ec56e89c29900a2a83557e14ef391bd187c019d47a0e4a27bf49d3af8492f13d8599c96a618d29e7895becd1dc5a95b3bb226981012f926c6dda53781641fd45b0a94279759ffcd34eadb237d63a89b90c782221f957317958fc441698c016a25d91bfc2ee5333fedb748df940ec2f3864de38fad66d7748132d14c8f8e6a03cbf8d60236dda04a0857c1b163397762b17fa8c931359466752161e3024ccf1d248ccc323eba25ad839ce84dd3ce595a5d688b86b7813d303ea6751e72a7a6bacb315472a57094b74f6b6020805260fba81d0e9b18f21ea453a9bf1d8e2d205e6cba8960b2979560c6a04076553155d69da37a34b48e8da92252c3ab74712eea63cd2dbd02bbf4a5f71eaed0c594f6d6e6ede613b9f0934ed3aaef65f55861a04e8c467e8ff3aa819ba35f08590622dd8673c558bfa5b45cd9611a75258e408dedf4fd36b128a961b547039fec3bbf0135127cedf0d3e51514c8ffcf020f1746544ced0f8f6970322d98a41a707eb22d07eaae03f7212ea92e2c48a5eec6d392bb569f282f8c79cfa491efab9df9177f47fde729b2f6e9f21033fdd0dc131fc26db865562a571952523576690810bf88bda8f22ab6556e54073df8b83a7c103ae2e0fd909146f3e724f2e57ea7087bd35c9a9518da4003b22c4bab5dd0b1bc0caf700536daf288e6a3df4449e27724230eafc363542a45488fda4fc97862f6d8f524d075b9d154fad27b03fa598f728019d0e29909cbb08f36aab7b58f209e15d99a6fd1b4e23a5b1150dde48f7bc7ff63b5f13abe2015285470968daae418e373256b0f42dcf29f14946f8fa939523dbb1a00f3f782a03b866df2ca12e26b4ec6a49c3e87f0758e4b6ba94dc393cd2fc255e935b0740cec27cad29c649f928a87a380541bc9c0a73fecf9666a97220e44e1efb03a28b23fac49c9710fbcce7289db257e82b2c31eddeb567a3385afb08aefda84ec9d6faee11777e0f50a7ae462d9a52110e9945b0c501d8dc6fc6f9687c56faaf669ba7519f53f740c120c46cb339cccf57b8b0c09edfd0f9747146d8c583a366b6f59fd0805c24696b19449afdae2011d79d7c8e577272297d2bc534180aa88f6f60193a1479a75a100493db26d43870a9d83fffa96ca3808ef1c4632e83588c4d2868d04d06d6b11b0da33baed15a3d25481dcc995e6ecbfffbab586ed5a209ed08515f2d83fe400d823b60ae9d702aeeb289859343eb75f09b9513bacb7562e1a3f49393bd19ea624331bbc09d479295af5a88f87d22ca3867d19fd4dfb3ffacf259a095a621ff4ab240f024217a0d9e48a6787afe9b6adcfbe048506c9155168c8d7e6dcbb59894acb03fc77ff69ee5cd09c468631e75ea73881ce10dc9c423e93c38854f50b54998e2bed27ee9f3670385f0708a1dd6e24925344b35c4fc2df6e9b4007beda22b6098125f1ae648e85c2ac337e6ecb56553a52f1a20598568bcede06de30619fa80c9e343f103cceeade258686c5427e1dd4a6d748861ec80d4fb04ba6f49be9c4fbccb7381e107a4cb82a6c481a4fe336d4e8e27d506acd189d10b7185e5f4eb5d8afda566213f1f2ca5891f5d2997373593d86ed82e1ce5e7a5e4211e9cdd8fd1f93ebab7e6b38697550991620611a6d2497d0ad4493993f824a1825157d10bb69f03f695c3e1ced6f392e79e90c5847e8e02903360f23792010d57979fb99181d85a821445006c7f613438f297fec577a8e59e6acafddfa48f86619239687f132bf244f65f76502e6d2b082bb60a276a8d30cdcd829c8e9b0e4a9d17ab09a3c971b2f6931de0286fd4b879781f15fd1669371ff759b02fd34a3c3ab5e64d6d1399d2b96c31581ebe7db2f236bf75e0f3f9464a4e906a5895ff71bc6fbd2548a63a0d974147b99541a599e48b58be2fe328724f26f8a80d44ac02f2f8eb001777f83c3c57e6ee4a4e18288df3bf6320b081a2f84df590af2856c9f2b6b7499bdb00cabca748d7e515e75f50d49f1bcf444517b2134423dbef7792006813111f4a1de84e65016e81b1c4bdfff11d47ccb71f0de9989fb0ea20262126d5deae47cfef3c90105e4fa4b1279451331d804526a59315f78736a45102f4f142ed0a3207236972d5fd509d3a3d77f3946c61d040b300d208e5fc78a9cf02c12a1b00bc785ab16247db10d525137939287277f58411c21f87e8347ca5de32742f00b3c2bd4630b706963f7d3997b2af592bd0c0e5208ad0833065415af6f2f242ebf90ed3a2cbc52432077dde86700bca36af6e7dda75335c3d65a07ef5a615c23d741eb7f5778d356fd1042807d3f9efae5063cc97125c85dd5f9b383e760b841da9e3eaa3d5940c0ae44e8180cf2656de9916e63885431e83d9ace02a91be9a933b6b7c0fc8a9a32ae8ff6e963c23b566468e5dd845bd5501e2e852bd3643d5f60", 0xc87}], 0x2}}], 0x1, 0x9200000004004880)
r7 = dup3(r3, r2, 0x0)
recvmmsg$unix(r7, &(0x7f0000001780)=[{{&(0x7f0000001800)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1, &(0x7f0000001880)}}], 0x1, 0x74a081c1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x18, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME_EXTENSION={0x0, 0x9, 0x2}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x6}]}}]}, 0x48}}, 0x0)
epoll_create1(0x0)
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000), &(0x7f0000000000))

6.21615496s ago: executing program 1 (id=2468):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00B\x00', "006e34e400"}, 0x28)
sendto$inet6(r6, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)
setsockopt$inet6_tcp_int(r6, 0x6, 0x16, &(0x7f0000000040), 0x4)
bind$bt_sco(r5, 0x0, 0x0)
bind$bt_sco(0xffffffffffffffff, 0x0, 0x0)
listen(r5, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000040)=0xb7, 0x4)
ioperm(0x0, 0x2, 0x2)
ioperm(0x0, 0x9da9, 0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
open(&(0x7f0000000180)='./bus\x00', 0x109241, 0x0)

5.367831384s ago: executing program 3 (id=2470):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
r1 = socket(0x11, 0x800000003, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r4, 0x5)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r5, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001600)="4ad1ff49ca613b35c12b8bb8475c8e54bea495ec5746b2dd1fa94347faf077cfaf8cb654dcc1e9178075265e1d450f52d3642c7cb01ce8adff2cd2df5ebab60627b9b27b3a00a0412e248d51b3265ab1f5c3b1e9c605fc66326381d582e829dbddb3c18fda82b21862200d94cc16ecc0ca6f", 0x72}, {&(0x7f0000003100)="b891190f9bf31537fedfa44ecf1a6e10b276f6e8c5fa0f7ada030ae6c4408911425e5f407da87c9f7ea5aa335ed5b64005c7745de96d67da9bfd59cb39173fa78cea4e9d7a4273d008fd62da9afff29548d7897fea69178eefc7f9f87bc7c5e760fce89606c51b1ce4bbe5ebcf9396159b0006c57b252c42930d845b1cf8173efbd429c0f94b6b7608180770500eb2c886366dd152caff97a503ce61c03273ab0002d6ce93cb2f40dfe499148155f470521884011a5205fc314c4b73f6d93e82f6b9c83113e69f137ab0b6500f8f82bcf68c649b3e145c824b9f1fad93c35771e03d908fec7e1139448c5484d70439b875a0709b20e47bf06b8a95f1707000321241ff69062face15b5ff4b38062ce16eed43663d39859d9e2bc21cb7104bc7cd078fe2446ac8864e49d7654ff0fdfbfbd1ec356816c5a0a8883fab12ff0e8e03ed7e3c47f00b82b27908f1651d0c377b984e9d222347eff426b90065e00f79e5c282db213d76979a218dd0eb601710e22ea441d48668ac83fc62824c64ae1212069c8bfe22498fe5d4cc91b989397322e4f78d7a3e563c513b20f85e629c9e1d65eedfe48510cded3ae35e7a76f7c44aa4acc370ac88d5acb982bf6a3d61498053e70cab3f871ae4079463beac688cb384b968a1a2b67143ad9cdfb606263e7e9733c8083eb1389542bfed96499eb11235c78912f2ead36c696407bdf89f9fd695e6676978717de71410d7d1a4b4eb4f4a11b811c1f92cdeef02c0b9f402c3e975dddb917c9e49afcc5d16d5d640fec330f89f625a18736e2e72ce4ad73e83dbc582c6bb28eb964e7cae31149684168b14f59ca0f47ce41848df5d013f6e47b09d39384c6376b7cdee6ba6021cd11a9145210f3ac2352447dacffa24f4012b36c812ac2c5c505096ee9f986f97d8ae6e994c6b22c49ff34fbb7180233d73b231d7cecf31916b66bc3768ca984d9bf11b960ddd8675fdffca6cda6b0ae6c56dd4193e0d3fd25e57116b183fa8a39ebaf980c04ebf0df3a04bcc5d463340204849f610b8fd686a1702c424a1e0a122aea1e57448e4b8383b98c238cbe0cd745eb13f92a0b5d5f6e8c1b60aac2d0d3f94b16ee6080c89d84482abcb4035759cd446dbcd32f68bb330d7da5403c9a22fd22cafcf81ccd744c303a1c736431b4d6f02ac39f767436dbcbc2376b03e8e72c5dde2df34d4f2d7f25ef7cbb53814a9b53aab1b860fabc2929a078407532e20dd2504037661c1f114e39ffb22b64de49e222137757a0358837e2f300ffb22effd0d230d7ac2f1fcf8e8c699a2976e25ec9becc5946b2e57527c48ace6ad2f64ff5a8074f0e289715f8d7547cebaa7c781b39e712f1b0d1d8811583dc5cb2207a78c786b0293987ee25383ed64a456b5b0b1861cbe61088dd985186e16cf6cb3433d31838af75394bb5233cc73147d3f400480c558ce058615767c20a342d891cf036e03135d4eab93a2446564d98e56cff8a86b91379394cc4c270f89fcadf2406900347ee5ad0d06de64ba1a09efe0ae796067d7c08e1fda05c38f6d7fd1cc5f94da255cfa4226da26203b24b8ce2e495bc44a48bd5670bf166fcfad69fd0fe8ff5c532d47f8c89181acd83e0b65f21a42f2ef94e3001ba0d130a6d0f9074ca7cf1ab099cf9276b6a1e0ed8ae729a6bbc29ff9b8a3ae884b758707ae491b84b10181797688e8126fab5ba5be261b77159c83b8c15469314f4df92b49eb8bb258c6d4adabf150315552e14262b9cc5d4e7faf24976ee3e915c0e32c4cfc7cf5245a0df13f72f0fbdd9506a88144432ef52b0bf0c52c52ba50f2bb0e64b0a06e5ae6026e4bdebbf5408250d72b9a083665e8316b32f5aba5cd0eca841e1878394050b8e71a9f3b43e088996d42ca1cf63c4679b931d75fc40fdaf3169acb3c8e8283fda95c8ff8b9a8ac4e8f702af4208d9f377aeb22e13ae88020cc5831e862dfb841cc56c2959b036ae1b00522f6c156c4cc9f49b90b29907be5b091e03b482eba0284ac7c27c32f42a866e9ec36664f44091227ed3d4f32ea28a11c1959ef849e91d4debb7ba0d743413c4fc2e2d0cf5c1d1789124b8abc772f52f8ec56e89c29900a2a83557e14ef391bd187c019d47a0e4a27bf49d3af8492f13d8599c96a618d29e7895becd1dc5a95b3bb226981012f926c6dda53781641fd45b0a94279759ffcd34eadb237d63a89b90c782221f957317958fc441698c016a25d91bfc2ee5333fedb748df940ec2f3864de38fad66d7748132d14c8f8e6a03cbf8d60236dda04a0857c1b163397762b17fa8c931359466752161e3024ccf1d248ccc323eba25ad839ce84dd3ce595a5d688b86b7813d303ea6751e72a7a6bacb315472a57094b74f6b6020805260fba81d0e9b18f21ea453a9bf1d8e2d205e6cba8960b2979560c6a04076553155d69da37a34b48e8da92252c3ab74712eea63cd2dbd02bbf4a5f71eaed0c594f6d6e6ede613b9f0934ed3aaef65f55861a04e8c467e8ff3aa819ba35f08590622dd8673c558bfa5b45cd9611a75258e408dedf4fd36b128a961b547039fec3bbf0135127cedf0d3e51514c8ffcf020f1746544ced0f8f6970322d98a41a707eb22d07eaae03f7212ea92e2c48a5eec6d392bb569f282f8c79cfa491efab9df9177f47fde729b2f6e9f21033fdd0dc131fc26db865562a571952523576690810bf88bda8f22ab6556e54073df8b83a7c103ae2e0fd909146f3e724f2e57ea7087bd35c9a9518da4003b22c4bab5dd0b1bc0caf700536daf288e6a3df4449e27724230eafc363542a45488fda4fc97862f6d8f524d075b9d154fad27b03fa598f728019d0e29909cbb08f36aab7b58f209e15d99a6fd1b4e23a5b1150dde48f7bc7ff63b5f13abe2015285470968daae418e373256b0f42dcf29f14946f8fa939523dbb1a00f3f782a03b866df2ca12e26b4ec6a49c3e87f0758e4b6ba94dc393cd2fc255e935b0740cec27cad29c649f928a87a380541bc9c0a73fecf9666a97220e44e1efb03a28b23fac49c9710fbcce7289db257e82b2c31eddeb567a3385afb08aefda84ec9d6faee11777e0f50a7ae462d9a52110e9945b0c501d8dc6fc6f9687c56faaf669ba7519f53f740c120c46cb339cccf57b8b0c09edfd0f9747146d8c583a366b6f59fd0805c24696b19449afdae2011d79d7c8e577272297d2bc534180aa88f6f60193a1479a75a100493db26d43870a9d83fffa96ca3808ef1c4632e83588c4d2868d04d06d6b11b0da33baed15a3d25481dcc995e6ecbfffbab586ed5a209ed08515f2d83fe400d823b60ae9d702aeeb289859343eb75f09b9513bacb7562e1a3f49393bd19ea624331bbc09d479295af5a88f87d22ca3867d19fd4dfb3ffacf259a095a621ff4ab240f024217a0d9e48a6787afe9b6adcfbe048506c9155168c8d7e6dcbb59894acb03fc77ff69ee5cd09c468631e75ea73881ce10dc9c423e93c38854f50b54998e2bed27ee9f3670385f0708a1dd6e24925344b35c4fc2df6e9b4007beda22b6098125f1ae648e85c2ac337e6ecb56553a52f1a20598568bcede06de30619fa80c9e343f103cceeade258686c5427e1dd4a6d748861ec80d4fb04ba6f49be9c4fbccb7381e107a4cb82a6c481a4fe336d4e8e27d506acd189d10b7185e5f4eb5d8afda566213f1f2ca5891f5d2997373593d86ed82e1ce5e7a5e4211e9cdd8fd1f93ebab7e6b38697550991620611a6d2497d0ad4493993f824a1825157d10bb69f03f695c3e1ced6f392e79e90c5847e8e02903360f23792010d57979fb99181d85a821445006c7f613438f297fec577a8e59e6acafddfa48f86619239687f132bf244f65f76502e6d2b082bb60a276a8d30cdcd829c8e9b0e4a9d17ab09a3c971b2f6931de0286fd4b879781f15fd1669371ff759b02fd34a3c3ab5e64d6d1399d2b96c31581ebe7db2f236bf75e0f3f9464a4e906a5895ff71bc6fbd2548a63a0d974147b99541a599e48b58be2fe328724f26f8a80d44ac02f2f8eb001777f83c3c57e6ee4a4e18288df3bf6320b081a2f84df590af2856c9f2b6b7499bdb00cabca748d7e515e75f50d49f1bcf444517b2134423dbef7792006813111f4a1de84e65016e81b1c4bdfff11d47ccb71f0de9989fb0ea20262126d5deae47cfef3c90105e4fa4b1279451331d804526a59315f78736a45102f4f142ed0a3207236972d5fd509d3a3d77f3946c61d040b300d208e5fc78a9cf02c12a1b00bc785ab16247db10d525137939287277f58411c21f87e8347ca5de32742f00b3c2bd4630b706963f7d3997b2af592bd0c0e5208ad0833065415af6f2f242ebf90ed3a2cbc52432077dde86700bca36af6e7dda75335c3d65a07ef5a615c23d741eb7f5778d356fd1042807d3f9efae5063cc97125c85dd5f9b383e760b841da9e3eaa3d5940c0ae44e8180cf2656de9916e63885431e83d9ace02a91be9a933b6b7c0fc8a9a32ae8ff6e963c23b566468e5dd845bd5501e2e852bd3643d5f60", 0xc87}], 0x2}}], 0x1, 0x9200000004004880)
r7 = dup3(r3, r2, 0x0)
recvmmsg$unix(r7, &(0x7f0000001780)=[{{&(0x7f0000001800)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1, &(0x7f0000001880)}}], 0x1, 0x74a081c1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x18, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME_EXTENSION={0x0, 0x9, 0x2}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x6}]}}]}, 0x48}}, 0x0)
epoll_create1(0x0)
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000), &(0x7f0000000000))

5.337511034s ago: executing program 4 (id=2471):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x400)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)="c370", 0x2}], 0x1}}], 0x1, 0x1)
close(r1)
accept$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev}, 0x0)

4.590862944s ago: executing program 4 (id=2472):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
r2 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1000001000104)
ioctl$NBD_DO_IT(r0, 0xab03)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)

4.413730744s ago: executing program 3 (id=2474):
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
capget(&(0x7f0000000380)={0x19980330, r0}, &(0x7f00000003c0)={0x380000, 0x8, 0x100, 0x9, 0x8})
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = inotify_init1(0x0)
fcntl$setown(r4, 0x8, 0xffffffffffffffff)
fcntl$getownex(r4, 0x10, &(0x7f0000000040))
socket$nl_route(0x10, 0x3, 0x0)
r5 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r5, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000340)='ex')
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0)=0x20001, 0x4)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
setsockopt$inet_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000100)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x49, 0x0, "99aed94cb0b35c64fb781b79363b6fb8a279443e8522854bec7fabec4372cd962a8f57216a5d981041890c6fdb1fd901c2a073dbe6dbc04a3f122251b9ca5327885f62686ff3857d13997543ff74265e"}, 0xd8)
setsockopt$inet_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000600)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x0, 0x35, 0x0, "679f672c00b69e65b0934066fc7c3406caf2c09e33bd50116312e2b00fee650af69b2150ccaa762a3db7ad752fe616e085e991c0436e7e7111238865d27b4e82dcc94700ddd1878b088736009d15f1fa"}, 0xd8)
setsockopt$inet_tcp_int(r6, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6)
sendto$inet(r7, 0x0, 0x0, 0x20000010, &(0x7f0000000540)={0x2, 0x0, @empty}, 0x10)
keyctl$describe(0x6, r5, &(0x7f0000000080)=""/72, 0x48)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000080)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "e5231296f5880856cfb591151cebcb3c130e574e0912fc5261cbe89b56860676f63ffd2a5c60e7dc92673d761aa2da81a8b43ddd019e9180e9f00518d131dd3d", 0x19}, 0x48, r5)

3.133402619s ago: executing program 0 (id=2475):
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = open(&(0x7f0000000000)='./bus\x00', 0x141b42, 0x0)
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$binfmt_script(r1, 0x0, 0xb)
splice(r3, 0x0, r2, 0x0, 0x1000, 0x0)
write$binfmt_misc(r4, 0x0, 0xfdef)
splice(r0, 0x0, r4, 0x0, 0x80, 0x0)
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0x20)

3.092096863s ago: executing program 3 (id=2476):
syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000000)={0x4, "f3c492eb0165203d36bec7080089b42c000004002231a110000000005900", <r1=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000100)={"9fcaa0504b38d5004b9277c079417ff857dc9b7ac770169aed764b4d2ada8bde", r1, <r2=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r1, 0xc0303e03, &(0x7f0000000080)={"fe0d1acce4a37ef94acd000200", r2, <r3=>0xffffffffffffffff})
r4 = dup(r3)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})

3.002066616s ago: executing program 4 (id=2477):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

2.908954374s ago: executing program 0 (id=2478):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r0}, 0x18)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x1)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x5)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000480)={{0x0, 0x3, 0x0, 0x3}, 'syz0\x00', 0x2})
ioctl$UI_SET_KEYBIT(r1, 0x40045565, 0xee)
ioctl$UI_DEV_CREATE(r1, 0x5501)

2.832033094s ago: executing program 4 (id=2479):
r0 = syz_io_uring_setup(0x4e40, &(0x7f0000000280)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000240)=<r2=>0x0)
r3 = io_uring_setup(0x1de0, &(0x7f0000000440))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000400)=0x7)
setuid(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x40, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r4}})
io_uring_enter(r0, 0x1be6, 0x0, 0x0, 0x0, 0x0)

2.755280831s ago: executing program 0 (id=2480):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8000, 0x6, 0x300, 0xfc}, 0x1c)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000440)={@val={0x6, 0xf5}, @void, @eth={@local, @broadcast, @val, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x39, 0x24, 0x68, 0x0, 0x9, 0x11, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @local}, {0x4e21, 0x4e22, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x5}}}}}}}}, 0x3e)

2.626325361s ago: executing program 4 (id=2481):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000140), 0x4)
sendto$inet(r0, &(0x7f00000000c0)='+', 0xffffffffffffff60, 0xf405, 0x0, 0xf06)
mremap(&(0x7f0000000000/0x9000)=nil, 0x200003, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

2.49429937s ago: executing program 1 (id=2482):
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000340)=""/50, 0x32)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = dup(r3)
ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r3, 0x4068aea3, &(0x7f0000000080)={0xa3, 0x0, 0x0})
ioctl$KVM_SET_MSRS(r4, 0xc008aec1, &(0x7f0000000340)=ANY=[])

2.452783276s ago: executing program 2 (id=2483):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00B\x00', "006e34e400"}, 0x28)
sendto$inet6(r6, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)
setsockopt$inet6_tcp_int(r6, 0x6, 0x16, &(0x7f0000000040), 0x4)
bind$bt_sco(r5, 0x0, 0x0)
bind$bt_sco(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000040)=0xb7, 0x4)
ioperm(0x0, 0x2, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
open(&(0x7f0000000180)='./bus\x00', 0x109241, 0x0)

2.446190666s ago: executing program 0 (id=2484):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
r1 = socket(0x11, 0x800000003, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x0)
flock(r4, 0x5)
r5 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r5, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001600)="4ad1ff49ca613b35c12b8bb8475c8e54bea495ec5746b2dd1fa94347faf077cfaf8cb654dcc1e9178075265e1d450f52d3642c7cb01ce8adff2cd2df5ebab60627b9b27b3a00a0412e248d51b3265ab1f5c3b1e9c605fc66326381d582e829dbddb3c18fda82b21862200d94cc16ecc0ca6f", 0x72}, {&(0x7f0000003100)="b891190f9bf31537fedfa44ecf1a6e10b276f6e8c5fa0f7ada030ae6c4408911425e5f407da87c9f7ea5aa335ed5b64005c7745de96d67da9bfd59cb39173fa78cea4e9d7a4273d008fd62da9afff29548d7897fea69178eefc7f9f87bc7c5e760fce89606c51b1ce4bbe5ebcf9396159b0006c57b252c42930d845b1cf8173efbd429c0f94b6b7608180770500eb2c886366dd152caff97a503ce61c03273ab0002d6ce93cb2f40dfe499148155f470521884011a5205fc314c4b73f6d93e82f6b9c83113e69f137ab0b6500f8f82bcf68c649b3e145c824b9f1fad93c35771e03d908fec7e1139448c5484d70439b875a0709b20e47bf06b8a95f1707000321241ff69062face15b5ff4b38062ce16eed43663d39859d9e2bc21cb7104bc7cd078fe2446ac8864e49d7654ff0fdfbfbd1ec356816c5a0a8883fab12ff0e8e03ed7e3c47f00b82b27908f1651d0c377b984e9d222347eff426b90065e00f79e5c282db213d76979a218dd0eb601710e22ea441d48668ac83fc62824c64ae1212069c8bfe22498fe5d4cc91b989397322e4f78d7a3e563c513b20f85e629c9e1d65eedfe48510cded3ae35e7a76f7c44aa4acc370ac88d5acb982bf6a3d61498053e70cab3f871ae4079463beac688cb384b968a1a2b67143ad9cdfb606263e7e9733c8083eb1389542bfed96499eb11235c78912f2ead36c696407bdf89f9fd695e6676978717de71410d7d1a4b4eb4f4a11b811c1f92cdeef02c0b9f402c3e975dddb917c9e49afcc5d16d5d640fec330f89f625a18736e2e72ce4ad73e83dbc582c6bb28eb964e7cae31149684168b14f59ca0f47ce41848df5d013f6e47b09d39384c6376b7cdee6ba6021cd11a9145210f3ac2352447dacffa24f4012b36c812ac2c5c505096ee9f986f97d8ae6e994c6b22c49ff34fbb7180233d73b231d7cecf31916b66bc3768ca984d9bf11b960ddd8675fdffca6cda6b0ae6c56dd4193e0d3fd25e57116b183fa8a39ebaf980c04ebf0df3a04bcc5d463340204849f610b8fd686a1702c424a1e0a122aea1e57448e4b8383b98c238cbe0cd745eb13f92a0b5d5f6e8c1b60aac2d0d3f94b16ee6080c89d84482abcb4035759cd446dbcd32f68bb330d7da5403c9a22fd22cafcf81ccd744c303a1c736431b4d6f02ac39f767436dbcbc2376b03e8e72c5dde2df34d4f2d7f25ef7cbb53814a9b53aab1b860fabc2929a078407532e20dd2504037661c1f114e39ffb22b64de49e222137757a0358837e2f300ffb22effd0d230d7ac2f1fcf8e8c699a2976e25ec9becc5946b2e57527c48ace6ad2f64ff5a8074f0e289715f8d7547cebaa7c781b39e712f1b0d1d8811583dc5cb2207a78c786b0293987ee25383ed64a456b5b0b1861cbe61088dd985186e16cf6cb3433d31838af75394bb5233cc73147d3f400480c558ce058615767c20a342d891cf036e03135d4eab93a2446564d98e56cff8a86b91379394cc4c270f89fcadf2406900347ee5ad0d06de64ba1a09efe0ae796067d7c08e1fda05c38f6d7fd1cc5f94da255cfa4226da26203b24b8ce2e495bc44a48bd5670bf166fcfad69fd0fe8ff5c532d47f8c89181acd83e0b65f21a42f2ef94e3001ba0d130a6d0f9074ca7cf1ab099cf9276b6a1e0ed8ae729a6bbc29ff9b8a3ae884b758707ae491b84b10181797688e8126fab5ba5be261b77159c83b8c15469314f4df92b49eb8bb258c6d4adabf150315552e14262b9cc5d4e7faf24976ee3e915c0e32c4cfc7cf5245a0df13f72f0fbdd9506a88144432ef52b0bf0c52c52ba50f2bb0e64b0a06e5ae6026e4bdebbf5408250d72b9a083665e8316b32f5aba5cd0eca841e1878394050b8e71a9f3b43e088996d42ca1cf63c4679b931d75fc40fdaf3169acb3c8e8283fda95c8ff8b9a8ac4e8f702af4208d9f377aeb22e13ae88020cc5831e862dfb841cc56c2959b036ae1b00522f6c156c4cc9f49b90b29907be5b091e03b482eba0284ac7c27c32f42a866e9ec36664f44091227ed3d4f32ea28a11c1959ef849e91d4debb7ba0d743413c4fc2e2d0cf5c1d1789124b8abc772f52f8ec56e89c29900a2a83557e14ef391bd187c019d47a0e4a27bf49d3af8492f13d8599c96a618d29e7895becd1dc5a95b3bb226981012f926c6dda53781641fd45b0a94279759ffcd34eadb237d63a89b90c782221f957317958fc441698c016a25d91bfc2ee5333fedb748df940ec2f3864de38fad66d7748132d14c8f8e6a03cbf8d60236dda04a0857c1b163397762b17fa8c931359466752161e3024ccf1d248ccc323eba25ad839ce84dd3ce595a5d688b86b7813d303ea6751e72a7a6bacb315472a57094b74f6b6020805260fba81d0e9b18f21ea453a9bf1d8e2d205e6cba8960b2979560c6a04076553155d69da37a34b48e8da92252c3ab74712eea63cd2dbd02bbf4a5f71eaed0c594f6d6e6ede613b9f0934ed3aaef65f55861a04e8c467e8ff3aa819ba35f08590622dd8673c558bfa5b45cd9611a75258e408dedf4fd36b128a961b547039fec3bbf0135127cedf0d3e51514c8ffcf020f1746544ced0f8f6970322d98a41a707eb22d07eaae03f7212ea92e2c48a5eec6d392bb569f282f8c79cfa491efab9df9177f47fde729b2f6e9f21033fdd0dc131fc26db865562a571952523576690810bf88bda8f22ab6556e54073df8b83a7c103ae2e0fd909146f3e724f2e57ea7087bd35c9a9518da4003b22c4bab5dd0b1bc0caf700536daf288e6a3df4449e27724230eafc363542a45488fda4fc97862f6d8f524d075b9d154fad27b03fa598f728019d0e29909cbb08f36aab7b58f209e15d99a6fd1b4e23a5b1150dde48f7bc7ff63b5f13abe2015285470968daae418e373256b0f42dcf29f14946f8fa939523dbb1a00f3f782a03b866df2ca12e26b4ec6a49c3e87f0758e4b6ba94dc393cd2fc255e935b0740cec27cad29c649f928a87a380541bc9c0a73fecf9666a97220e44e1efb03a28b23fac49c9710fbcce7289db257e82b2c31eddeb567a3385afb08aefda84ec9d6faee11777e0f50a7ae462d9a52110e9945b0c501d8dc6fc6f9687c56faaf669ba7519f53f740c120c46cb339cccf57b8b0c09edfd0f9747146d8c583a366b6f59fd0805c24696b19449afdae2011d79d7c8e577272297d2bc534180aa88f6f60193a1479a75a100493db26d43870a9d83fffa96ca3808ef1c4632e83588c4d2868d04d06d6b11b0da33baed15a3d25481dcc995e6ecbfffbab586ed5a209ed08515f2d83fe400d823b60ae9d702aeeb289859343eb75f09b9513bacb7562e1a3f49393bd19ea624331bbc09d479295af5a88f87d22ca3867d19fd4dfb3ffacf259a095a621ff4ab240f024217a0d9e48a6787afe9b6adcfbe048506c9155168c8d7e6dcbb59894acb03fc77ff69ee5cd09c468631e75ea73881ce10dc9c423e93c38854f50b54998e2bed27ee9f3670385f0708a1dd6e24925344b35c4fc2df6e9b4007beda22b6098125f1ae648e85c2ac337e6ecb56553a52f1a20598568bcede06de30619fa80c9e343f103cceeade258686c5427e1dd4a6d748861ec80d4fb04ba6f49be9c4fbccb7381e107a4cb82a6c481a4fe336d4e8e27d506acd189d10b7185e5f4eb5d8afda566213f1f2ca5891f5d2997373593d86ed82e1ce5e7a5e4211e9cdd8fd1f93ebab7e6b38697550991620611a6d2497d0ad4493993f824a1825157d10bb69f03f695c3e1ced6f392e79e90c5847e8e02903360f23792010d57979fb99181d85a821445006c7f613438f297fec577a8e59e6acafddfa48f86619239687f132bf244f65f76502e6d2b082bb60a276a8d30cdcd829c8e9b0e4a9d17ab09a3c971b2f6931de0286fd4b879781f15fd1669371ff759b02fd34a3c3ab5e64d6d1399d2b96c31581ebe7db2f236bf75e0f3f9464a4e906a5895ff71bc6fbd2548a63a0d974147b99541a599e48b58be2fe328724f26f8a80d44ac02f2f8eb001777f83c3c57e6ee4a4e18288df3bf6320b081a2f84df590af2856c9f2b6b7499bdb00cabca748d7e515e75f50d49f1bcf444517b2134423dbef7792006813111f4a1de84e65016e81b1c4bdfff11d47ccb71f0de9989fb0ea20262126d5deae47cfef3c90105e4fa4b1279451331d804526a59315f78736a45102f4f142ed0a3207236972d5fd509d3a3d77f3946c61d040b300d208e5fc78a9cf02c12a1b00bc785ab16247db10d525137939287277f58411c21f87e8347ca5de32742f00b3c2bd4630b706963f7d3997b2af592bd0c0e5208ad0833065415af6f2f242ebf90ed3a2cbc52432077dde86700bca36af6e7dda75335c3d65a07ef5a615c23d741eb7f5778d356fd1042807d3f9efae5063cc97125c85dd5f9b383e760b841da9e3eaa3d5940c0ae44e8180cf2656de9916e63885431e83d9ace02a91be9a933b6b7c0fc8a9a32ae8ff6e963c23b566468e5dd845bd5501e2e852bd3643d5f60", 0xc87}], 0x2}}], 0x1, 0x9200000004004880)
r7 = dup3(r3, r2, 0x0)
recvmmsg$unix(r7, &(0x7f0000001780)=[{{&(0x7f0000001800)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1, &(0x7f0000001880)}}], 0x1, 0x74a081c1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r8=>0x0})
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x18, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME_EXTENSION={0x0, 0x9, 0x2}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x6}]}}]}, 0x48}}, 0x0)
epoll_create1(0x0)
syz_io_uring_setup(0x5ad, &(0x7f0000000100), &(0x7f0000000000), &(0x7f0000000000))

1.463428322s ago: executing program 2 (id=2485):
socket(0x840000000002, 0x3, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x62)
sched_setaffinity(0x0, 0x5, &(0x7f0000000540)=0x40000000010001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000200)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x70)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, &(0x7f0000000980))
r3 = dup2(r2, r1)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e23, 0x9, @private1={0xfc, 0x1, '\x00', 0x1}, 0x2}}}, &(0x7f0000000340)=0x90)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, &(0x7f0000000140))
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000007c0), &(0x7f0000000880)=0x8)
epoll_create1(0x80000)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r4, 0x6, 0x21, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_buf(r5, 0x6, 0x1f, &(0x7f0000000380)='>', 0x1)
setsockopt$inet6_int(r5, 0x29, 0x38, 0x0, 0x0)
ppoll(&(0x7f00000000c0)=[{r4}], 0x1, 0x0, 0x0, 0x0)
shutdown(r4, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000006900)=[{{0x0, 0x0, &(0x7f0000000ec0)=[{0x0}], 0x1}}], 0x1, 0x0, 0x0)

1.258694803s ago: executing program 1 (id=2486):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
preadv(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket(0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x28, r5, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x79)

1.137205532s ago: executing program 3 (id=2487):
sendmsg$key(0xffffffffffffffff, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="020d0300100000000000000000000000080012000200000000000000000000000600320003000000000000000000000010003300000000000000000000000000fc020000000000000000000000000000030005000000000002000000ac1414aa0000000000000000030006"], 0x52}}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001bae9ee14d4284d73c826d8bce62cb84c8b765cbac71c46bc4718"], 0x398}}, 0x0)

633.434412ms ago: executing program 0 (id=2488):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c4000001a00fbbe00000000000000000a00000000000000000000004947ee29c853495c38b05458f51d1edd6b0b4174dfcada22896121e58c384614294ea4af831613d51c08c872c424b83845ee582c51b4899a4e15fe86401a48ca0900000000000000aba6a109c47f85258ea00a2d47def9c78a99b1ceb7b90a5c7f7c0923"], 0x1c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffad, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet_smc(0x2b, 0x1, 0x0)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="0e00010002"], 0x8)

196.041136ms ago: executing program 0 (id=2489):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
pread64(r0, &(0x7f0000004200)=""/236, 0xec, 0x0)
write$FUSE_INIT(r0, &(0x7f0000004300)={0x50, 0x0, r1}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000004380)='./file0/file0\x00', 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f00000043c0)={0x29, 0x3, 0x0, {0x1, 0x8, 0x0, 'group_id'}}, 0x29)

191.66513ms ago: executing program 1 (id=2490):
r0 = socket(0x10, 0x803, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aec010000060a010100000000000000000a000001ff000740641cd133432e7e18354e5631b216fc2f0e69f60e2eb374bd0296a519d8c63d7322bf9e8916d36144b452ff226be98ec04d122ad1edc38c4c207d42adc4d889fdfe9d251786bd8e63f10de455881520ac1bb5f95dbcbdd88d4486dfee5c68631c253f4f26beed35d91cf75d6673b3008499691e4157f46dcf78ac1a73557ea5796f09a2c99039f5b53360ec50408e03ac68bf2251b0434e09d9e03ec2bd70c20bf4b9d476cc86fb812c852a201ba6b09033a4bfc7f980e22347769a61208cd17187777c2e14b04a39d4bb089db999007c81ba0e9817b1c2e28d9bd8f1eebccfb73342684d6c0fae08ea499c3fe71b87851ca3989a2ad441ccdc75cf00340005800800014000000011080001400000003408000240000000030800014000000032080001400000002108000240000000021c00058008000140000022eb0800014000000000080001400000001686000740b4be7f35875d001a1f8bd713e16fd498ddd2207ee506949a2f100da0c6fd92ce96020825ee4d46e116e25682d6289937cb568e2e7882159c1b9a719cc89e872a7a8d50aebc66044093021c6d1f1465039e393346499aedaa01da32721f2ddd0a269d1f499a45aeff896c4261d6911d3964fe60e2b6bd9816756cb9da4820d30dbe1d000014010000020a01020000000000000000030000080900010073797a3100000000080002400000000108000240000000000900010073797a31000000000c00044000000000000000025a000600537e38e4acdede45a6e166b07acba6234cdea5e74eda519014c2eb87f389b8f5abb5773547b364620c851fcb74eacf55b69d1fe71cc9e9b32501043f3388f547a9ccca92e1793cafff3c8a7465d42f81fe6aca96acca00006d0006009ec49bb7e61dc09789e05a2e379ef7762ff1de9294881366bbbd09f48b7802d4b9eeded651387a8588d85e61a607b61df1b97e8444f62da115c247081d5658d8ec8f367fd4b7d615fecea59a4fc9fb450d3f513f8a1442afec909ed7d833dd7ce53cd9a8838aa40f3100000030000000090a0500"], 0x358}, 0x1, 0x0, 0x0, 0x4040015}, 0x20000044)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x7e}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41, 0xb00}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

136.215391ms ago: executing program 3 (id=2491):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
bind$pptp(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @random="652df64d26a2", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9644", 0x14, 0x6, 0xff, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}}}}}}}, 0x0)

74.72053ms ago: executing program 2 (id=2492):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00B\x00', "006e34e400"}, 0x28)
sendto$inet6(r6, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)
setsockopt$inet6_tcp_int(r6, 0x6, 0x16, &(0x7f0000000040), 0x4)
bind$bt_sco(r5, 0x0, 0x0)
bind$bt_sco(0xffffffffffffffff, 0x0, 0x0)
listen(r5, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000040)=0xb7, 0x4)
ioperm(0x0, 0x2, 0x2)
ioperm(0x0, 0x9da9, 0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
open(&(0x7f0000000180)='./bus\x00', 0x109241, 0x0)

0s ago: executing program 1 (id=2493):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r6, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00B\x00', "006e34e400"}, 0x28)
sendto$inet6(r6, &(0x7f00000001c0), 0xfffffffffffffede, 0x0, 0x0, 0x3000137)
setsockopt$inet6_tcp_int(r6, 0x6, 0x16, &(0x7f0000000040), 0x4)
bind$bt_sco(r5, 0x0, 0x0)
bind$bt_sco(0xffffffffffffffff, 0x0, 0x0)
listen(r5, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000040)=0xb7, 0x4)
ioperm(0x0, 0x2, 0x2)
ioperm(0x0, 0x9da9, 0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
open(&(0x7f0000000180)='./bus\x00', 0x109241, 0x0)

kernel console output (not intermixed with test programs):

lave_0: left promiscuous mode
[ 1038.999383][ T2914] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1039.011466][ T8771] Bluetooth: hci0: command tx timeout
[ 1040.029234][   T29] audit: type=1400 audit(1726819713.030:1193): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=13783 comm="syz.4.1820" daddr=::ffff:172.20.20.170
[ 1040.057011][T13784] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1820'.
[ 1040.066794][T13784] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1820'.
[ 1040.077350][T13784] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1820'.
[ 1040.093447][T13784] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1820'.
[ 1041.264139][T13789] can: request_module (can-proto-0) failed.
[ 1041.755584][ T2914] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1041.795356][ T2914] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1041.826463][ T2914] bond0 (unregistering): Released all slaves
[ 1042.842264][ T2914] hsr_slave_0: left promiscuous mode
[ 1042.874809][ T2914] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1042.901459][ T2914] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1042.932415][ T2914] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1042.955912][ T2914] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1043.037326][ T2914] veth1_macvtap: left promiscuous mode
[ 1043.056610][ T2914] veth0_macvtap: left promiscuous mode
[ 1043.076643][ T2914] veth1_vlan: left promiscuous mode
[ 1043.090976][ T2914] veth0_vlan: left promiscuous mode
[ 1044.510231][ T2914] team0 (unregistering): Port device team_slave_1 removed
[ 1044.736789][ T2914] team0 (unregistering): Port device team_slave_0 removed
[ 1046.735624][T13681] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1046.775296][T13681] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1046.820818][T13681] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1046.850934][T13681] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1047.048206][T13681] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1047.095586][T13681] 8021q: adding VLAN 0 to HW filter on device team0
[ 1047.110994][ T2914] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1047.118195][ T2914] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1047.171458][ T2914] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1047.178652][ T2914] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1047.229417][T13681] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1047.243747][T13681] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1047.491819][T13681] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1047.599130][T13681] veth0_vlan: entered promiscuous mode
[ 1047.609580][T13681] veth1_vlan: entered promiscuous mode
[ 1047.694897][T13681] veth0_macvtap: entered promiscuous mode
[ 1047.711107][T13681] veth1_macvtap: entered promiscuous mode
[ 1047.741618][T13681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1047.788642][T13681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1047.830188][T13681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1047.840859][T13681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1047.862399][T13681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1047.875895][T13681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1047.886242][T13681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1047.912205][T13681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1047.934045][T13681] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1048.007583][T13681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1048.022390][T13681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1048.032452][T13681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1048.042929][T13681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1048.052868][T13681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1048.063459][T13681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1048.073604][T13681] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1048.084259][T13681] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1048.104415][T13681] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1048.140811][T13681] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1048.152754][T13681] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1048.161472][T13681] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1048.183580][T13681] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1048.360593][ T3100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1048.382553][ T3100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1048.466801][ T2914] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1048.501324][ T2914] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1048.690394][T13853] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1795'.
[ 1048.898307][T13853] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1795'.
[ 1049.123203][    T8] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[ 1049.422670][    T8] usb 5-1: Using ep0 maxpacket: 16
[ 1049.432077][    T8] usb 5-1: config 0 has an invalid interface number: 161 but max is 0
[ 1049.440847][    T8] usb 5-1: config 0 has no interface number 0
[ 1049.454184][    T8] usb 5-1: config 0 interface 161 has no altsetting 0
[ 1049.485507][    T8] usb 5-1: New USB device found, idVendor=13d3, idProduct=3336, bcdDevice= 5.f5
[ 1050.698441][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1050.756297][    T8] usb 5-1: Product: syz
[ 1050.805917][    T8] usb 5-1: Manufacturer: syz
[ 1050.810556][    T8] usb 5-1: SerialNumber: syz
[ 1050.928309][    T8] usb 5-1: config 0 descriptor??
[ 1055.869937][    T8] r8712u: register rtl8712_netdev_ops to netdev_ops
[ 1055.876823][    T8] usb 5-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[ 1055.895298][    T8] usb 5-1: r8712u: Boot from EFUSE: Autoload Failed
[ 1055.902072][    T8] usb 5-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[ 1056.915006][    T8] usb 5-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[ 1056.925245][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[ 1056.931615][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[ 1057.019658][    T8] usb 5-1: USB disconnect, device number 33
[ 1057.094362][ T8772] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1057.106350][ T8772] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1057.131141][ T8772] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1057.165686][ T8772] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1057.185832][ T8772] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1057.201647][ T8772] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1057.793289][T13888] chnl_net:caif_netlink_parms(): no params data found
[ 1057.833896][T13907] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1058.104192][T13888] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1058.111392][T13888] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1058.118807][T13888] bridge_slave_0: entered allmulticast mode
[ 1058.233849][   T29] audit: type=1400 audit(1726819731.218:1194): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=13912 comm="syz.1.1839" daddr=fe80::bb
[ 1058.925547][T13888] bridge_slave_0: entered promiscuous mode
[ 1058.948763][T13901] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1059.129010][T13901] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1059.146946][T13888] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1059.154354][T13888] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1059.211230][T13888] bridge_slave_1: entered allmulticast mode
[ 1059.256594][ T8772] Bluetooth: hci3: command tx timeout
[ 1059.326429][T13888] bridge_slave_1: entered promiscuous mode
[ 1059.736765][ T8772] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1059.935143][T13901] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1059.941146][T13901] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1059.975798][T13901] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1060.012165][T13901] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1060.029683][T13901] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1062.587280][ T8772] Bluetooth: hci3: command tx timeout
[ 1062.592829][ T8772] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1062.599036][ T8772] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1062.605357][ T8772] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1062.669885][T13901] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1062.699315][T13888] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1062.712024][T13888] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1062.732624][T13901] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1062.740525][T13901] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1062.776255][T13901] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1062.948191][T13888] team0: Port device team_slave_0 added
[ 1062.964374][T13901] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1062.969626][T13888] team0: Port device team_slave_1 added
[ 1063.001417][T13901] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1063.015973][T13901] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1063.160951][T13888] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1063.168398][T13888] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1063.194648][T13888] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1063.210572][T13888] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1063.218156][T13888] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1063.244452][T13888] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1063.303950][T13888] hsr_slave_0: entered promiscuous mode
[ 1063.315165][T13888] hsr_slave_1: entered promiscuous mode
[ 1063.333749][T13888] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1063.351063][T13888] Cannot create hsr debugfs directory
[ 1063.630388][T13888] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1063.777469][T13888] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.000301][T13888] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.150143][T13888] netdevsim netdevsim2 netdevsim0 (unregistering): left promiscuous mode
[ 1064.181777][T13888] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.487868][T13888] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1064.507359][T13888] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1064.517371][T13888] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1064.554667][T13888] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1064.694708][ T8771] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1064.695335][ T8772] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1064.774493][ T8772] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1064.870950][T13888] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1065.025084][ T8772] Bluetooth: hci3: command 0x0419 tx timeout
[ 1065.110561][T13888] 8021q: adding VLAN 0 to HW filter on device team0
[ 1065.188339][T13033] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1065.195617][T13033] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1065.308522][T13033] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1065.315697][T13033] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1065.675763][T13888] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1065.739841][T13888] veth0_vlan: entered promiscuous mode
[ 1065.752909][T13888] veth1_vlan: entered promiscuous mode
[ 1065.796683][T13888] veth0_macvtap: entered promiscuous mode
[ 1065.808772][T13888] veth1_macvtap: entered promiscuous mode
[ 1065.834567][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1065.845414][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1065.856057][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1065.874413][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1065.885949][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1065.904622][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1065.916751][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1065.927764][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1065.938103][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1065.948902][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1065.980067][T13888] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1065.990720][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1066.003664][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.013885][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1066.038672][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.048953][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1066.078756][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.090171][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1066.114420][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.138708][T13888] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1066.149383][T13888] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.205018][T13888] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1066.284803][T13888] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.293580][T13888] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.302697][T13888] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.314664][T13888] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.460049][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1066.470538][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1066.535546][ T2914] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1066.543632][ T2914] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1066.784993][ T8772] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1066.791174][ T8772] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1067.693793][ T8771] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1067.700294][ T8771] Bluetooth: hci3: command 0x0419 tx timeout
[ 1072.072202][ T8772] Bluetooth: hci3: command 0x0419 tx timeout
[ 1072.078422][ T8772] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1072.922095][   T29] audit: type=1400 audit(1726819745.926:1195): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="," object="_" requested=w pid=13971 comm="syz.4.1847" saddr=9e9a:ce00::21:0:2 daddr=ff02::1 netif=wpan0
[ 1073.647331][   T29] audit: type=1400 audit(1726819746.166:1196): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=13973 comm="syz.2.1846" daddr=ff02::1
[ 1074.137241][ T8771] Bluetooth: hci3: command 0x0419 tx timeout
[ 1075.947505][   T29] audit: type=1400 audit(1726819746.166:1197): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=13973 comm="syz.2.1846" daddr=::ffff:224.0.0.2 dest=20005
[ 1080.886367][T10746] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 1081.386870][    C1] raw-gadget.0 gadget.2: ignoring, device is not running
[ 1081.680541][T14012] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 63 (only 8 groups)
[ 1082.561249][ T8772] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1082.586453][T10746] usb 3-1: device descriptor read/64, error -32
[ 1082.710800][ T8772] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1082.750528][ T8772] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1082.811561][ T8772] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1082.822252][ T8772] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1082.832385][ T8772] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1082.840053][T10746] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 1083.997017][T12925] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1084.079635][T10746] usb 3-1: unable to read config index 0 descriptor/all
[ 1084.089634][T10746] usb 3-1: can't read configurations, error -71
[ 1084.098071][T10746] usb usb3-port1: attempt power cycle
[ 1084.107783][T14030] Cannot find add_set index 0 as target
[ 1084.533774][T12925] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1085.766431][T12925] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1085.979118][ T8772] Bluetooth: hci4: command tx timeout
[ 1088.098842][ T8772] Bluetooth: hci4: command tx timeout
[ 1091.137404][ T8771] Bluetooth: hci4: command tx timeout
[ 1091.157493][T12925] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1092.879113][T14013] chnl_net:caif_netlink_parms(): no params data found
[ 1093.178387][ T8771] Bluetooth: hci4: command tx timeout
[ 1095.169716][T14013] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1095.200665][T14013] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1095.209304][T14013] bridge_slave_0: entered allmulticast mode
[ 1095.216221][T14013] bridge_slave_0: entered promiscuous mode
[ 1095.229665][T14013] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1095.247430][T14013] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1095.282064][T14013] bridge_slave_1: entered allmulticast mode
[ 1095.299781][T14013] bridge_slave_1: entered promiscuous mode
[ 1095.322224][T12925] bridge_slave_0: left allmulticast mode
[ 1095.343869][T12925] bridge_slave_0: left promiscuous mode
[ 1095.356421][T12925] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1095.487441][   T29] audit: type=1326 audit(1726819768.484:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14078 comm="syz.4.1875" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0ffc17def9 code=0x0
[ 1095.583023][T12925] bond0: left promiscuous mode
[ 1095.596498][T12925] bond_slave_0: left promiscuous mode
[ 1095.602890][T12925] bond_slave_1: left promiscuous mode
[ 1096.173667][ T8195] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[ 1096.275168][T14090] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1096.295673][T14090] vimc vimc.0: first entity in the pipe 'Scaler' is not a source
[ 1096.758843][ T8195] usb 1-1: Using ep0 maxpacket: 32
[ 1096.808081][ T8195] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[ 1096.837069][ T8195] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[ 1096.862768][ T8195] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1096.940172][ T8195] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[ 1097.318150][ T8195] usb 1-1: config 1 has no interface number 0
[ 1097.339871][ T8195] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[ 1097.368140][ T8195] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1097.407067][ T8195] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[ 1097.646559][ T8195] snd_usb_pod 1-1:1.1: endpoint not available, using fallback values
[ 1097.655076][ T8195] snd_usb_pod 1-1:1.1: invalid control EP
[ 1097.687774][ T8195] snd_usb_pod 1-1:1.1: cannot start listening: -22
[ 1098.748526][ T8195] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[ 1099.488609][ T8195] snd_usb_pod 1-1:1.1: probe with driver snd_usb_pod failed with error -22
[ 1101.241232][T14104] coredump: 36(syz.2.1879): interrupted: fatal signal pending
[ 1102.207261][T14104] coredump: 36(syz.2.1879): written to core: VMAs: 35, size 99573760; core: 3265534 bytes, pos 3780608
[ 1102.457601][T12925] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1102.514367][T12925] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1102.531254][T12925] bond0 (unregistering): Released all slaves
[ 1102.627926][ T8195] usb 1-1: USB disconnect, device number 31
[ 1102.717804][T14123] netlink: 'syz.1.1884': attribute type 1 has an invalid length.
[ 1103.103910][T14013] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1103.142895][T14013] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1104.606746][ T8771] Bluetooth: hci2: unexpected event 0x04 length: 14 > 10
[ 1104.642556][T14124] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1883'.
[ 1105.924381][T14124] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1105.937231][ T8772] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1105.966169][ T8772] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1105.976971][ T8772] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1105.987526][T14124] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1106.002840][ T8772] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1106.016408][T14124] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1106.024873][ T8772] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1106.032381][ T8772] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1106.041890][T14124] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1106.626158][ T8772] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1107.581490][T14013] team0: Port device team_slave_0 added
[ 1107.805690][T14152] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1889'.
[ 1107.917865][T14013] team0: Port device team_slave_1 added
[ 1108.114322][T12925] hsr_slave_0: left promiscuous mode
[ 1108.120468][T12925] hsr_slave_1: left promiscuous mode
[ 1108.134556][T12925] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1108.142601][ T8772] Bluetooth: hci1: command tx timeout
[ 1108.165711][T12925] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1108.295022][T12925] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1108.302624][T12925] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1108.385827][T12925] veth1_macvtap: left promiscuous mode
[ 1108.398951][T12925] veth0_macvtap: left promiscuous mode
[ 1108.405532][T12925] veth1_vlan: left promiscuous mode
[ 1108.426866][T12925] veth0_vlan: left promiscuous mode
[ 1110.219159][ T8772] Bluetooth: hci1: command tx timeout
[ 1110.344740][T12925] team0 (unregistering): Port device team_slave_1 removed
[ 1110.467681][T12925] team0 (unregistering): Port device team_slave_0 removed
[ 1111.850303][T14013] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1111.863485][T14013] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1111.932595][T14013] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1111.956877][T14013] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1112.142524][T14013] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1112.372708][ T8772] Bluetooth: hci1: command tx timeout
[ 1113.045737][T14013] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1114.486634][ T8771] Bluetooth: hci1: command tx timeout
[ 1114.498961][ T8771] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1114.787971][T14013] hsr_slave_0: entered promiscuous mode
[ 1114.796432][ T8771] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1114.814104][ T8771] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1114.825001][ T8771] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1114.840865][ T8771] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1114.848607][ T8771] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1114.856400][ T8771] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1114.869398][T14013] hsr_slave_1: entered promiscuous mode
[ 1114.899680][T14013] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1114.923867][T14013] Cannot create hsr debugfs directory
[ 1116.305359][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.311844][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.433740][T14193] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1895'.
[ 1116.443240][T14193] netlink: 272 bytes leftover after parsing attributes in process `syz.0.1895'.
[ 1116.452656][T14193] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1895'.
[ 1117.174346][ T8772] Bluetooth: hci0: command tx timeout
[ 1117.873198][T14140] chnl_net:caif_netlink_parms(): no params data found
[ 1118.389678][ T8771] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1118.402491][ T8771] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1118.417283][ T8771] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1118.468543][ T8771] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1118.481692][ T8771] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1118.489304][ T8771] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1118.724177][T12925] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1119.259343][ T8772] Bluetooth: hci0: command tx timeout
[ 1119.499409][   T29] audit: type=1804 audit(1726819793.402:1199): pid=14215 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.1898" name="/newroot/44/bus/file0" dev="overlay" ino=260 res=1 errno=0
[ 1120.294690][T14140] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1120.329014][T14140] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1120.336368][T14140] bridge_slave_0: entered allmulticast mode
[ 1120.369578][T14140] bridge_slave_0: entered promiscuous mode
[ 1120.539270][ T8772] Bluetooth: hci5: command tx timeout
[ 1120.605570][T12925] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1120.664781][T14140] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1120.674785][T14140] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1120.692459][T14140] bridge_slave_1: entered allmulticast mode
[ 1120.760221][T14140] bridge_slave_1: entered promiscuous mode
[ 1121.369030][ T8772] Bluetooth: hci0: command tx timeout
[ 1121.877562][T12925] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1121.938631][T14140] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1121.951145][T14140] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1122.000872][T14182] chnl_net:caif_netlink_parms(): no params data found
[ 1122.318240][T14140] team0: Port device team_slave_0 added
[ 1122.452187][T12925] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1122.629278][ T8772] Bluetooth: hci5: command tx timeout
[ 1122.871929][T14140] team0: Port device team_slave_1 added
[ 1123.290149][T14013] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1123.419829][ T8772] Bluetooth: hci0: command tx timeout
[ 1123.445412][T14140] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1123.452688][T14140] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1123.479591][T14140] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1123.500710][T14140] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1123.529662][T14140] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1123.566321][T14140] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1123.624395][T14182] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1123.631626][T14182] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1123.639161][T14182] bridge_slave_0: entered allmulticast mode
[ 1123.646050][T14182] bridge_slave_0: entered promiscuous mode
[ 1123.675609][T14013] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1123.809310][T14013] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1123.842867][T14013] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1123.868923][ T7713] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[ 1123.884781][T14182] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1123.899751][T14182] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1123.909432][T14182] bridge_slave_1: entered allmulticast mode
[ 1123.916209][T14182] bridge_slave_1: entered promiscuous mode
[ 1124.027320][T14206] chnl_net:caif_netlink_parms(): no params data found
[ 1124.034395][ T7713] usb 1-1: Using ep0 maxpacket: 8
[ 1124.088139][ T7713] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1124.089233][T14140] hsr_slave_0: entered promiscuous mode
[ 1124.122466][ T7713] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1124.133277][T14140] hsr_slave_1: entered promiscuous mode
[ 1124.159318][ T7713] usb 1-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 1124.168418][ T7713] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1124.178329][T14140] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1124.196396][T14140] Cannot create hsr debugfs directory
[ 1124.218448][T12925] bridge_slave_1: left allmulticast mode
[ 1124.236605][T12925] bridge_slave_1: left promiscuous mode
[ 1124.243261][ T7713] usb 1-1: config 0 descriptor??
[ 1124.268151][T12925] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1124.324236][T12925] bridge_slave_0: left allmulticast mode
[ 1124.336240][T12925] bridge_slave_0: left promiscuous mode
[ 1124.349153][T12925] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1124.702771][ T8772] Bluetooth: hci5: command tx timeout
[ 1125.895508][T12925] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1125.939803][T12925] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1125.958200][T12925] bond0 (unregistering): Released all slaves
[ 1125.977258][T14182] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1125.995674][T14182] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1126.124324][ T5277] usb 1-1: USB disconnect, device number 32
[ 1126.493579][T14182] team0: Port device team_slave_0 added
[ 1126.673518][T14013] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1126.687552][T14013] 8021q: adding VLAN 0 to HW filter on device team0
[ 1126.701176][ T9312] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1126.708299][ T9312] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1126.769164][ T5280] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[ 1126.789045][ T8772] Bluetooth: hci5: command tx timeout
[ 1126.906232][T14182] team0: Port device team_slave_1 added
[ 1126.928944][ T5280] usb 1-1: Using ep0 maxpacket: 8
[ 1126.940137][ T9312] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1126.947426][ T9312] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1126.969675][ T5280] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[ 1126.981311][ T5280] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1127.029260][ T5280] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1127.038380][ T5280] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1127.046645][ T5280] usb 1-1: Product: syz
[ 1127.050956][ T5280] usb 1-1: Manufacturer: syz
[ 1127.059151][ T5280] usb 1-1: SerialNumber: syz
[ 1127.073575][ T5280] usb 1-1: config 0 descriptor??
[ 1127.090333][ T5280] streamzap 1-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0204
[ 1127.316657][T14182] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1127.323969][T14182] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1127.358977][T14182] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1127.388294][T14206] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1127.396537][T14206] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1127.412798][T14206] bridge_slave_0: entered allmulticast mode
[ 1127.447247][T14206] bridge_slave_0: entered promiscuous mode
[ 1127.545116][T14182] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1127.559596][T14182] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1127.606786][T14182] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1127.669622][T14206] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1127.676756][T14206] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1127.709096][T14206] bridge_slave_1: entered allmulticast mode
[ 1127.716097][T14206] bridge_slave_1: entered promiscuous mode
[ 1128.046898][T14265] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1902'.
[ 1128.074102][T12925] hsr_slave_0: left promiscuous mode
[ 1128.099401][T12925] hsr_slave_1: left promiscuous mode
[ 1128.117652][T12925] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1128.135390][T12925] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1128.277039][T12925] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1128.329022][T12925] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1128.559893][T12925] veth1_macvtap: left promiscuous mode
[ 1128.565513][T12925] veth0_macvtap: left promiscuous mode
[ 1128.571209][T12925] veth1_vlan: left promiscuous mode
[ 1128.576580][T12925] veth0_vlan: left promiscuous mode
[ 1130.602855][T12925] team0 (unregistering): Port device team_slave_1 removed
[ 1130.767070][T12925] team0 (unregistering): Port device team_slave_0 removed
[ 1133.552320][T14140] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1133.605404][T14206] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1133.678355][T14182] hsr_slave_0: entered promiscuous mode
[ 1133.712821][T14182] hsr_slave_1: entered promiscuous mode
[ 1133.823246][T14140] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1133.888317][T14206] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1134.061510][T14140] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1134.096936][ T9130] usb 1-1: USB disconnect, device number 33
[ 1134.217131][T14206] team0: Port device team_slave_0 added
[ 1134.281226][T14206] team0: Port device team_slave_1 added
[ 1134.410990][T14140] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1134.458100][T14206] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1134.481984][T14206] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1134.535625][T14206] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1134.603510][T14206] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1134.632356][T14206] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1134.671672][T14206] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1134.688977][   T29] audit: type=1400 audit(1726819808.692:1200): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=14275 comm="syz.0.1903"
[ 1134.867145][T14013] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1135.303904][T12925] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1135.360387][T14206] hsr_slave_0: entered promiscuous mode
[ 1135.376953][T14206] hsr_slave_1: entered promiscuous mode
[ 1135.413620][T14206] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1135.439112][T14206] Cannot create hsr debugfs directory
[ 1135.565835][T12925] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1135.699270][T14140] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1135.731912][T14140] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1135.863905][T12925] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1135.912460][T14140] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1135.946546][T14140] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1136.114849][   T29] audit: type=1400 audit(1726819810.112:1201): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=14280 comm="syz.0.1904" daddr=ff02::1 dest=20000
[ 1138.474849][T12925] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1138.578135][ T8771] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1138.637529][ T8771] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1138.709512][ T8771] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1138.759927][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1138.794981][ T8771] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1138.802890][ T8771] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1138.810519][ T8771] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1139.705378][T12925] bridge_slave_1: left allmulticast mode
[ 1139.728345][T12925] bridge_slave_1: left promiscuous mode
[ 1139.929097][T12925] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1139.941690][T12925] bridge_slave_0: left allmulticast mode
[ 1139.947369][T12925] bridge_slave_0: left promiscuous mode
[ 1139.994122][T12925] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1140.942986][ T8771] Bluetooth: hci3: command tx timeout
[ 1141.378658][T12925] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1141.412103][T12925] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1141.436060][T12925] bond0 (unregistering): Released all slaves
[ 1141.723697][T14287] chnl_net:caif_netlink_parms(): no params data found
[ 1142.054671][T12925] hsr_slave_0: left promiscuous mode
[ 1142.066076][T12925] hsr_slave_1: left promiscuous mode
[ 1142.160753][T12925] veth1_macvtap: left promiscuous mode
[ 1142.171801][T12925] veth0_macvtap: left promiscuous mode
[ 1142.180782][T12925] veth1_vlan: left promiscuous mode
[ 1142.192505][T12925] veth0_vlan: left promiscuous mode
[ 1143.143212][ T8771] Bluetooth: hci3: command tx timeout
[ 1145.188930][ T8772] Bluetooth: hci3: command tx timeout
[ 1145.622293][T14308] syz.0.1909: attempt to access beyond end of device
[ 1145.622293][T14308] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0
[ 1146.429954][T12925] team0 (unregistering): Port device team_slave_1 removed
[ 1146.601583][T12925] team0 (unregistering): Port device team_slave_0 removed
[ 1147.264143][ T8772] Bluetooth: hci3: command tx timeout
[ 1148.303798][T14140] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1148.443274][T14140] 8021q: adding VLAN 0 to HW filter on device team0
[ 1148.722411][T14287] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1148.739028][T14287] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1148.763263][T14287] bridge_slave_0: entered allmulticast mode
[ 1148.793734][T14287] bridge_slave_0: entered promiscuous mode
[ 1148.834494][T14285] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1148.841735][T14285] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1148.865871][T14285] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1148.873074][T14285] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1148.956526][T14287] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1148.969008][T14287] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1148.976411][T14287] bridge_slave_1: entered allmulticast mode
[ 1149.000228][T14287] bridge_slave_1: entered promiscuous mode
[ 1149.144291][T14287] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1149.202636][T14287] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1149.265401][T14206] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1149.363378][T14287] team0: Port device team_slave_0 added
[ 1149.377709][T14206] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1149.431363][T14206] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1149.501627][T14287] team0: Port device team_slave_1 added
[ 1149.508275][T14206] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1149.711685][T14287] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1149.751005][T14287] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1149.805205][T14287] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1149.863172][T14287] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1149.863197][T14287] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1149.863228][T14287] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1149.898103][ T8772] Bluetooth: hci2: unexpected event for opcode 0x2041
[ 1150.020145][T14182] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1150.081381][T14182] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1150.283145][T14287] hsr_slave_0: entered promiscuous mode
[ 1150.297881][T14287] hsr_slave_1: entered promiscuous mode
[ 1150.307075][T14287] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1150.325514][T14287] Cannot create hsr debugfs directory
[ 1150.428314][T14182] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1150.975963][T14206] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1151.016756][T14206] 8021q: adding VLAN 0 to HW filter on device team0
[ 1151.118706][   T29] audit: type=1326 audit(1726819825.082:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14336 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1151.145841][T14140] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1151.153834][T14182] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1151.488970][   T29] audit: type=1326 audit(1726819825.082:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14336 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1151.545238][   T29] audit: type=1326 audit(1726819825.082:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14336 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1151.606292][   T29] audit: type=1326 audit(1726819825.082:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14336 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1151.683361][   T29] audit: type=1326 audit(1726819825.082:1206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14336 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1151.705389][   T29] audit: type=1326 audit(1726819825.082:1207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14336 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1151.727234][   T29] audit: type=1326 audit(1726819825.102:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14336 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1151.749724][   T29] audit: type=1326 audit(1726819825.102:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14336 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1151.772062][   T29] audit: type=1326 audit(1726819825.102:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14336 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1151.793929][   T29] audit: type=1326 audit(1726819825.112:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14336 comm="syz.0.1912" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1152.333867][T14346] loop0: detected capacity change from 0 to 127
[ 1152.708615][T14206] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1152.719374][T14206] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1153.047133][ T2914] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1153.054440][ T2914] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1153.076185][ T2914] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1153.083431][ T2914] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1154.450307][T14182] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1154.572489][T14182] 8021q: adding VLAN 0 to HW filter on device team0
[ 1154.615732][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1154.622943][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1154.668968][ T5277] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[ 1154.693869][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1154.701075][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1154.746403][T14206] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1154.831178][ T5277] usb 1-1: config 0 has an invalid interface number: 47 but max is 0
[ 1154.839664][ T5277] usb 1-1: config 0 has an invalid interface association descriptor of length 2, skipping
[ 1154.898568][ T5277] usb 1-1: config 0 has no interface number 0
[ 1154.917030][ T5277] usb 1-1: config 0 interface 47 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1154.956739][ T5277] usb 1-1: New USB device found, idVendor=1519, idProduct=0443, bcdDevice=15.97
[ 1154.974721][ T5277] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1155.006248][ T5277] usb 1-1: Product: syz
[ 1155.021777][ T5277] usb 1-1: Manufacturer: syz
[ 1155.026553][ T5277] usb 1-1: SerialNumber: syz
[ 1155.044043][ T5277] usb 1-1: config 0 descriptor??
[ 1155.059846][ T5277] cdc_ncm 1-1:0.47: CDC Union missing and no IAD found
[ 1155.067066][T12925] bridge_slave_1: left allmulticast mode
[ 1155.078911][ T5277] cdc_ncm 1-1:0.47: bind() failure
[ 1155.111387][T12925] bridge_slave_1: left promiscuous mode
[ 1155.119372][T12925] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1155.145236][T12925] bridge_slave_0: left allmulticast mode
[ 1155.153107][T12925] bridge_slave_0: left promiscuous mode
[ 1155.163317][T12925] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1156.365594][T12925] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1156.418563][T12925] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1156.426039][ T9130] usb 1-1: USB disconnect, device number 34
[ 1156.441761][T12925] bond0 (unregistering): Released all slaves
[ 1156.531092][T14140] veth0_vlan: entered promiscuous mode
[ 1156.546291][T14140] veth1_vlan: entered promiscuous mode
[ 1156.652135][T14206] veth0_vlan: entered promiscuous mode
[ 1156.939166][T12925] hsr_slave_0: left promiscuous mode
[ 1156.969104][T12925] hsr_slave_1: left promiscuous mode
[ 1156.974996][T12925] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1156.985349][T12925] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1156.992889][ T8772] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1159.447536][T12925] team0 (unregistering): Port device team_slave_1 removed
[ 1159.532481][T12925] team0 (unregistering): Port device team_slave_0 removed
[ 1160.432133][T14206] veth1_vlan: entered promiscuous mode
[ 1160.928979][T14375] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1917'.
[ 1161.175195][T14140] veth0_macvtap: entered promiscuous mode
[ 1161.403100][T14140] veth1_macvtap: entered promiscuous mode
[ 1161.474848][T14206] veth0_macvtap: entered promiscuous mode
[ 1161.526752][T14182] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1161.547267][T14287] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1161.557486][T14287] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1161.572141][T14206] veth1_macvtap: entered promiscuous mode
[ 1161.581939][T14140] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1161.593730][T14140] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1161.603695][T14140] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1161.614329][T14140] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1161.624941][T14140] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1161.635715][T14140] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1161.647541][T14140] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1161.669356][T14287] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1161.692155][T14287] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1161.725530][T14140] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1161.737749][T14140] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1161.748016][T14140] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1161.749147][    T8] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[ 1161.759271][T14140] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1161.776659][T14140] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1161.787712][T14140] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1161.800402][T14140] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1161.808075][T12925] bridge_slave_1: left allmulticast mode
[ 1161.814184][T12925] bridge_slave_1: left promiscuous mode
[ 1161.820350][T12925] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1161.829178][T12925] bridge_slave_0: left allmulticast mode
[ 1161.834908][T12925] bridge_slave_0: left promiscuous mode
[ 1161.840864][T12925] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1161.928922][    T8] usb 1-1: Using ep0 maxpacket: 16
[ 1161.970892][    T8] usb 1-1: New USB device found, idVendor=0b05, idProduct=1786, bcdDevice=8d.4d
[ 1161.981428][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1161.991533][    T8] usb 1-1: Product: syz
[ 1161.995776][    T8] usb 1-1: Manufacturer: syz
[ 1162.001185][    T8] usb 1-1: SerialNumber: syz
[ 1162.007838][    T8] usb 1-1: config 0 descriptor??
[ 1162.016955][    T8] r8712u: register rtl8712_netdev_ops to netdev_ops
[ 1162.024107][    T8] usb 1-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[ 1162.227255][    T8] usb 1-1: r8712u: Boot from EFUSE: Autoload Failed
[ 1162.247799][    T8] usb 1-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[ 1162.256131][    T8] usb 1-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[ 1162.276206][    T8] usb 1-1: USB disconnect, device number 35
[ 1162.292986][T12925] bridge0 (unregistering): left promiscuous mode
[ 1162.420666][T12925] bond1 (unregistering): (slave bridge1): Removing an active aggregator
[ 1162.430642][T12925] bond1 (unregistering): (slave bridge1): Releasing backup interface
[ 1162.781035][T12925] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1162.807769][T12925] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1162.830445][T12925] bond0 (unregistering): Released all slaves
[ 1164.013882][T12925] bond1 (unregistering): Released all slaves
[ 1164.225673][T12925] tipc: Left network mode
[ 1164.241659][T14206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1164.272908][T14206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.319070][T14206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1164.331854][ T8771] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1164.358091][ T8771] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1164.362154][T14206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.378385][ T8771] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1164.394729][T14206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1164.405443][ T8771] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1164.415236][T14206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.425729][T14206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1164.437248][T14206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.447277][ T8771] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1164.466236][ T8771] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1164.471022][T14206] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1164.509390][    T8] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 1164.578309][T14182] veth0_vlan: entered promiscuous mode
[ 1164.640240][T14182] veth1_vlan: entered promiscuous mode
[ 1164.662708][T14206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1164.676922][T14206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.679872][    T8] usb 1-1: Using ep0 maxpacket: 8
[ 1164.688979][T14206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1164.703366][T14206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.712844][    T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1164.713784][T14206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1164.730698][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1164.736146][T14206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.748951][    T8] usb 1-1: Product: syz
[ 1164.751862][T14206] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1164.758019][    T8] usb 1-1: Manufacturer: syz
[ 1164.766143][T14206] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1164.782505][T14206] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1164.789756][    T8] usb 1-1: SerialNumber: syz
[ 1164.795856][    T8] usb 1-1: config 0 descriptor??
[ 1164.801747][T14206] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1164.811371][T14206] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1164.820804][T14206] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1164.830267][T14206] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1164.997139][T12925] hsr_slave_0: left promiscuous mode
[ 1165.004082][T12925] hsr_slave_1: left promiscuous mode
[ 1165.020599][T12925] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1165.029199][T12925] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1165.035787][    T8] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1165.047037][T12925] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1165.054902][T12925] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1165.091411][T12925] veth1_macvtap: left promiscuous mode
[ 1165.097000][T12925] veth0_macvtap: left promiscuous mode
[ 1165.103820][T12925] veth1_vlan: left promiscuous mode
[ 1165.109345][T12925] veth0_vlan: left promiscuous mode
[ 1165.898205][T12925] team0 (unregistering): Port device team_slave_1 removed
[ 1165.985259][T12925] team0 (unregistering): Port device team_slave_0 removed
[ 1166.547744][ T8771] Bluetooth: hci4: command tx timeout
[ 1166.911762][T14287] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1166.932446][T14182] veth0_macvtap: entered promiscuous mode
[ 1166.952428][T14182] veth1_macvtap: entered promiscuous mode
[ 1167.045928][T14285] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1167.079493][T14285] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1167.139219][T14182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1167.152953][T14182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1167.164123][T14182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1167.174769][T14182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1167.185126][T14182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1167.196118][T14182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1167.206245][T14182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1167.217102][T14182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1167.242634][T14182] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1167.285028][T14287] 8021q: adding VLAN 0 to HW filter on device team0
[ 1167.307763][T14182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1167.319475][T14182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1167.331045][T14182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1167.341902][T14182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1167.351961][T14182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1167.362532][T14182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1167.372558][T14182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1167.384108][T14182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1167.395372][T14182] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1167.431105][T13033] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1167.438291][T13033] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1167.456309][T14182] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1167.465512][T14182] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1167.475366][T14182] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1167.484959][T14182] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1167.502706][T13033] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1167.508611][ T2498] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1167.509874][T13033] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1167.536670][ T2498] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1167.568090][T14389] chnl_net:caif_netlink_parms(): no params data found
[ 1168.050325][T14389] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1168.057680][T14389] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1168.068181][T14389] bridge_slave_0: entered allmulticast mode
[ 1168.080989][T14389] bridge_slave_0: entered promiscuous mode
[ 1168.113158][T14389] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1168.142450][T14389] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1168.147799][    T8] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1168.170113][T14389] bridge_slave_1: entered allmulticast mode
[ 1168.177414][T14389] bridge_slave_1: entered promiscuous mode
[ 1168.187694][    T8] usb 1-1: USB disconnect, device number 36
[ 1168.289885][T14285] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1168.311200][T14285] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1168.470871][T14389] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1168.498101][T14287] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1168.525232][T14389] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1168.621851][ T8771] Bluetooth: hci4: command tx timeout
[ 1168.647525][ T3022] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1168.676092][ T3022] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1168.830586][T14389] team0: Port device team_slave_0 added
[ 1168.856111][T14389] team0: Port device team_slave_1 added
[ 1169.054799][T14389] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1169.068028][T14389] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1169.148150][T14389] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1169.193785][T14419] netlink: 'syz.0.1922': attribute type 1 has an invalid length.
[ 1169.208400][T14419] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1922'.
[ 1169.421010][T14422] netlink: 'syz.0.1922': attribute type 5 has an invalid length.
[ 1169.470023][T14389] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1169.500182][T14389] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1169.618515][T14389] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1169.858647][T12925] bridge_slave_1: left allmulticast mode
[ 1169.868382][T12925] bridge_slave_1: left promiscuous mode
[ 1169.879515][T12925] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1169.913219][T12925] bridge_slave_0: left allmulticast mode
[ 1169.929738][T12925] bridge_slave_0: left promiscuous mode
[ 1169.935575][T12925] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1170.709010][ T8771] Bluetooth: hci4: command tx timeout
[ 1171.153302][T14437] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[ 1171.168399][   T29] kauditd_printk_skb: 4 callbacks suppressed
[ 1171.168421][   T29] audit: type=1400 audit(1726819845.162:1216): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=14429 comm="syz.1.1924" daddr=::1c9a:e7ff:fe9a:6f34
[ 1172.798559][ T8771] Bluetooth: hci4: command tx timeout
[ 1173.876944][T12925] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1173.890574][T12925] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1173.901687][T12925] bond0 (unregistering): Released all slaves
[ 1173.918570][T14389] hsr_slave_0: entered promiscuous mode
[ 1173.925042][T14389] hsr_slave_1: entered promiscuous mode
[ 1173.936033][T14389] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1173.943862][T14389] Cannot create hsr debugfs directory
[ 1174.126310][T14287] veth0_vlan: entered promiscuous mode
[ 1174.265464][T12925] hsr_slave_0: left promiscuous mode
[ 1174.272439][T12925] hsr_slave_1: left promiscuous mode
[ 1174.289700][T12925] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1174.297198][T12925] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1175.576476][T12925] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1175.584280][T12925] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1175.607195][   T29] audit: type=1400 audit(1726819849.592:1217): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=14461 comm="syz.2.1929" daddr=ff02::1 dest=52768
[ 1175.722987][T12925] veth1_macvtap: left promiscuous mode
[ 1175.864223][T12925] veth0_macvtap: left promiscuous mode
[ 1175.875111][T12925] veth1_vlan: left promiscuous mode
[ 1177.043969][T12925] veth0_vlan: left promiscuous mode
[ 1177.660869][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.667537][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.941199][T12925] team0 (unregistering): Port device team_slave_1 removed
[ 1178.028518][T12925] team0 (unregistering): Port device team_slave_0 removed
[ 1178.796765][T14287] veth1_vlan: entered promiscuous mode
[ 1179.280675][T14287] veth0_macvtap: entered promiscuous mode
[ 1179.427014][T14287] veth1_macvtap: entered promiscuous mode
[ 1180.321370][T14287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1180.359110][T14287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1180.388560][T14287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1180.463807][T14287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1180.495890][T14287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1180.548080][T14287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1180.588951][T14287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1180.632181][T14287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1180.990415][T14287] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1181.015515][T14287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1181.350499][T14496] coredump: 296(syz.0.1934): written to core: VMAs: 44, size 102006784; core: 76001633 bytes, pos 102023168
[ 1181.379719][   T29] audit: type=1400 audit(1726819855.152:1218): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=14485 comm="syz.2.1932" daddr=fe80::1b
[ 1181.396739][   T29] audit: type=1326 audit(1726819855.152:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14485 comm="syz.2.1932" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc0a557def9 code=0x0
[ 1181.442022][T14287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1181.459176][T14287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1181.479688][T14287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1181.533274][T14287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1181.565561][T14287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1181.579181][T14287] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1181.600363][T14287] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1181.650283][T14287] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1181.681270][T14287] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1181.707254][T14287] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1181.730873][T14287] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1181.745517][T14287] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1182.181057][ T3022] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1182.195441][ T3022] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1182.550623][ T5277] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 1182.632849][ T3022] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1182.644286][ T3022] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1182.669436][T14389] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1182.709028][ T5277] usb 2-1: Using ep0 maxpacket: 32
[ 1182.732397][T14389] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1182.901118][ T5277] usb 2-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[ 1182.919783][ T5277] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1182.933471][T14389] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1182.953478][    T9] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[ 1182.970679][ T5277] usb 2-1: config 0 descriptor??
[ 1182.976315][T14389] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1182.998568][ T5277] gspca_main: sunplus-2.14.0 probing 041e:400b
[ 1183.041716][   T29] audit: type=1326 audit(1726819857.032:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14516 comm="syz.0.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7fc00000
[ 1183.072994][   T29] audit: type=1326 audit(1726819857.032:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14516 comm="syz.0.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f6bb3d7def9 code=0x7fc00000
[ 1183.199117][    T9] usb 3-1: Using ep0 maxpacket: 32
[ 1183.224559][    T9] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1183.251015][ T5277] gspca_sunplus: reg_w_riv err -71
[ 1183.261109][    T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1183.281656][ T5277] sunplus 2-1:0.0: probe with driver sunplus failed with error -71
[ 1183.308574][    T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1183.337614][ T5277] usb 2-1: USB disconnect, device number 36
[ 1183.353952][    T9] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1183.420980][    T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1183.449422][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1183.477220][T14389] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1183.484361][    T9] usb 3-1: Product: syz
[ 1183.492365][    T9] usb 3-1: Manufacturer: syz
[ 1183.502843][   T29] audit: type=1326 audit(1726819857.492:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14516 comm="syz.0.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7fc00000
[ 1183.538410][    T9] usb 3-1: SerialNumber: syz
[ 1183.587548][   T29] audit: type=1326 audit(1726819857.492:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14516 comm="syz.0.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7fc00000
[ 1183.617455][T14389] 8021q: adding VLAN 0 to HW filter on device team0
[ 1183.655185][   T29] audit: type=1326 audit(1726819857.492:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14516 comm="syz.0.1940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7fc00000
[ 1183.718663][ T3100] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1183.725899][ T3100] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1183.765742][ T3100] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1183.772988][ T3100] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1183.818714][    T9] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[ 1183.838482][    T9] cdc_ncm 3-1:1.0: bind() failure
[ 1183.869920][    T9] usb 3-1: USB disconnect, device number 38
[ 1185.417174][T14545] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1945'.
[ 1188.069132][ T1180] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[ 1188.286128][T14389] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1188.294631][ T1180] usb 3-1: Using ep0 maxpacket: 32
[ 1188.326910][ T1180] usb 3-1: New USB device found, idVendor=093a, idProduct=2476, bcdDevice=7a.f3
[ 1188.347087][ T1180] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1188.428933][ T1180] usb 3-1: Product: syz
[ 1188.433180][ T1180] usb 3-1: Manufacturer: syz
[ 1188.437813][ T1180] usb 3-1: SerialNumber: syz
[ 1188.500338][ T1180] usb 3-1: config 0 descriptor??
[ 1188.539818][ T1180] usb 3-1: can't set config #0, error -71
[ 1188.569136][ T1180] usb 3-1: USB disconnect, device number 39
[ 1188.576621][T14554] lo speed is unknown, defaulting to 1000
[ 1188.577681][T14554] lo speed is unknown, defaulting to 1000
[ 1188.578056][T14554] lo speed is unknown, defaulting to 1000
[ 1191.015031][T14389] veth0_vlan: entered promiscuous mode
[ 1191.045714][T14389] veth1_vlan: entered promiscuous mode
[ 1191.162712][T14570] netlink: 'syz.3.1951': attribute type 4 has an invalid length.
[ 1191.162762][T14570] netlink: 'syz.3.1951': attribute type 4 has an invalid length.
[ 1191.162777][T14570] netlink: 126012 bytes leftover after parsing attributes in process `syz.3.1951'.
[ 1191.170957][T14389] veth0_macvtap: entered promiscuous mode
[ 1191.173397][T14389] veth1_macvtap: entered promiscuous mode
[ 1191.180770][T14389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1191.180791][T14389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1191.180801][T14389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1191.180813][T14389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1191.180824][T14389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1191.180836][T14389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1191.180846][T14389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1191.180866][T14389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1191.180876][T14389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1191.180888][T14389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1191.181765][T14389] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1191.183312][T14389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1191.183330][T14389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1191.183340][T14389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1191.183352][T14389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1191.183364][T14389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1191.183375][T14389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1191.183386][T14389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1191.183397][T14389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1191.183408][T14389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1191.183419][T14389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1191.184187][T14389] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1191.186027][T14389] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1191.186056][T14389] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1191.186079][T14389] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1191.186102][T14389] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1191.267973][T14554] infiniband syz1: set active
[ 1191.268028][T14554] infiniband syz1: added lo
[ 1191.269177][T14554] syz1: rxe_create_cq: returned err = -12
[ 1191.269275][T14554] infiniband syz1: Couldn't create ib_mad CQ
[ 1191.302263][T14554] infiniband syz1: Couldn't open port 1
[ 1191.311699][T14554] RDS/IB: syz1: added
[ 1191.311744][T14554] smc: adding ib device syz1 with port count 1
[ 1191.311760][T14554] smc:    ib device syz1 port 1 has pnetid 
[ 1191.324302][    T8] lo speed is unknown, defaulting to 1000
[ 1191.325129][T14554] lo speed is unknown, defaulting to 1000
[ 1191.329015][    T9] lo speed is unknown, defaulting to 1000
[ 1191.612945][T12925] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1191.612965][T12925] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1191.613288][T12925] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1191.613303][T12925] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1191.623851][T14582] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1954'.
[ 1191.623896][T14582] bridge_slave_1: left allmulticast mode
[ 1191.623912][T14582] bridge_slave_1: left promiscuous mode
[ 1191.624031][T14582] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1191.649126][T14582] bridge_slave_0: left allmulticast mode
[ 1191.649157][T14582] bridge_slave_0: left promiscuous mode
[ 1191.649326][T14582] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1193.014826][T14554] lo speed is unknown, defaulting to 1000
[ 1193.179720][T14588] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1194.227426][T14554] lo speed is unknown, defaulting to 1000
[ 1194.594894][T14588] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1957'.
[ 1194.594941][T14588] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1957'.
[ 1194.689816][T14554] lo speed is unknown, defaulting to 1000
[ 1194.778969][ T1180] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[ 1194.882334][T10746] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[ 1194.935768][ T1180] usb 5-1: Using ep0 maxpacket: 16
[ 1195.070222][T10746] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1195.070255][T10746] usb 4-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 4, skipping
[ 1195.070274][T10746] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1195.072264][T10746] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1195.072289][T10746] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1195.072313][T10746] usb 4-1: SerialNumber: syz
[ 1195.090777][ T1180] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 1195.090804][ T1180] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1195.090827][ T1180] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1195.092528][ T1180] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1195.092572][ T1180] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1195.092589][ T1180] usb 5-1: Product: syz
[ 1195.092603][ T1180] usb 5-1: Manufacturer: syz
[ 1195.092615][ T1180] usb 5-1: SerialNumber: syz
[ 1195.203256][T14554] lo speed is unknown, defaulting to 1000
[ 1195.381250][ T1180] usb 5-1: 2:1 : UAC_AS_GENERAL descriptor not found
[ 1195.391868][T10746] usb 4-1: 0:2 : does not exist
[ 1195.391912][T10746] usb 4-1: unit 5 not found!
[ 1195.396220][T10746] usb 4-1: USB disconnect, device number 38
[ 1195.409655][ T1180] usb 5-1: USB disconnect, device number 34
[ 1195.610998][T14554] lo speed is unknown, defaulting to 1000
[ 1198.874537][T14610] 9pnet: Could not find request transport: ãŠ
[ 1199.359373][T14624] dvmrp0: entered allmulticast mode
[ 1200.189963][ T7713] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 1201.000307][ T7713] usb 1-1: Using ep0 maxpacket: 16
[ 1201.035716][T14642] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1973'.
[ 1201.050774][T14637] xt_hashlimit: invalid interval
[ 1201.107391][ T7713] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1201.127753][ T7713] usb 1-1: config 1 has an invalid interface number: 26 but max is 1
[ 1201.136369][ T7713] usb 1-1: config 1 has an invalid interface number: 89 but max is 1
[ 1201.151761][ T7713] usb 1-1: config 1 has an invalid descriptor of length 11, skipping remainder of the config
[ 1201.163582][ T7713] usb 1-1: config 1 has no interface number 0
[ 1201.172904][ T7713] usb 1-1: config 1 has no interface number 1
[ 1201.187968][ T7713] usb 1-1: config 1 interface 26 altsetting 213 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1201.233369][ T7713] usb 1-1: config 1 interface 89 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1201.268197][ T7713] usb 1-1: config 1 interface 26 has no altsetting 0
[ 1201.294334][ T7713] usb 1-1: config 1 interface 89 has no altsetting 0
[ 1201.326254][ T7713] usb 1-1: New USB device found, idVendor=1f38, idProduct=0001, bcdDevice=29.ec
[ 1201.348922][ T1180] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[ 1201.358709][ T7713] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1201.378223][ T7713] usb 1-1: Product: syz
[ 1201.384622][ T7713] usb 1-1: Manufacturer: syz
[ 1201.393634][ T7713] usb 1-1: SerialNumber: syz
[ 1202.347884][ T7713] usb 1-1: unknown interface protocol 0x7d, assuming v1
[ 1202.355137][ T7713] usb 1-1: 26:2 : does not exist
[ 1202.360292][ T1180] usb 4-1: Using ep0 maxpacket: 16
[ 1202.367218][ T1180] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1202.379529][ T1180] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1202.390746][ T1180] usb 4-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[ 1202.404933][ T7713] usb 1-1: unknown interface protocol 0x13, assuming v1
[ 1202.419147][ T1180] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1202.429850][ T7713] usb 1-1: 89:2 : does not exist
[ 1202.446618][ T1180] usb 4-1: config 0 descriptor??
[ 1202.460374][ T7713] usb 1-1: USB disconnect, device number 37
[ 1202.533814][T14660] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1202.768051][T14670] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1984'.
[ 1202.884217][ T1180] hid-led 0003:1294:1320.0018: hidraw0: USB HID v0.00 Device [HID 1294:1320] on usb-dummy_hcd.3-1/input0
[ 1202.909752][T14674] Cannot find add_set index 0 as target
[ 1202.928059][ T1180] hid-led 0003:1294:1320.0018: Riso Kagaku Webmail Notifier initialized
[ 1203.989043][ T1180] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 1204.128958][ T1180] usb 1-1: device descriptor read/64, error -71
[ 1204.479042][ T1180] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 1205.326245][ T1180] usb 1-1: device descriptor read/64, error -71
[ 1205.439653][ T1180] usb usb1-port1: attempt power cycle
[ 1205.799493][ T1180] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 1205.832321][ T1180] usb 1-1: device descriptor read/8, error -71
[ 1206.198992][ T1180] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[ 1206.220130][ T1180] usb 1-1: device descriptor read/8, error -71
[ 1206.329301][ T1180] usb usb1-port1: unable to enumerate USB device
[ 1206.616959][ T1180] usb 4-1: USB disconnect, device number 39
[ 1206.663206][T10746] leds riso_kagaku0:blue: Setting an LED's brightness failed (-38)
[ 1206.685335][T14709] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1206.699115][   T25] leds riso_kagaku0:green: Setting an LED's brightness failed (-38)
[ 1206.725297][   T25] leds riso_kagaku0:red: Setting an LED's brightness failed (-38)
[ 1207.087347][T14720] lo speed is unknown, defaulting to 1000
[ 1208.269616][T14711] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1999'.
[ 1209.299699][T14738] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2010'.
[ 1210.022525][T14760] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2018'.
[ 1210.129153][   T29] audit: type=1400 audit(1726819884.122:1225): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=14754 comm="syz.1.2017"
[ 1210.147744][T14761] netlink: 'syz.1.2017': attribute type 25 has an invalid length.
[ 1210.337617][T14761] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2017'.
[ 1212.046981][T14786] fuse: Bad value for 'fd'
[ 1212.820592][T14788] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2025'.
[ 1212.820618][T14788] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2025'.
[ 1212.820645][T14788] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2025'.
[ 1213.552682][T14810] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2034'.
[ 1214.318076][T14782] lo speed is unknown, defaulting to 1000
[ 1214.438375][T14838] A link change request failed with some changes committed already. Interface veth0_to_bond may have been left with an inconsistent configuration, please check.
[ 1214.619150][T14835] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2046'.
[ 1214.931771][T14839] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2044'.
[ 1215.913197][T14862] netlink: 'syz.4.2054': attribute type 7 has an invalid length.
[ 1215.924687][T14862] netlink: 'syz.4.2054': attribute type 1 has an invalid length.
[ 1215.983549][T14862] netlink: 199820 bytes leftover after parsing attributes in process `syz.4.2054'.
[ 1216.595911][T14864] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2052'.
[ 1216.899046][ T1180] usb 1-1: new full-speed USB device number 42 using dummy_hcd
[ 1217.010125][   T29] audit: type=1400 audit(1726819891.012:1226): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=14882 comm="syz.1.2062" daddr=fe80::
[ 1217.101314][ T1180] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[ 1217.127309][ T1180] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1217.158091][ T1180] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1217.175455][ T1180] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1217.286443][T14890] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2063'.
[ 1217.342433][ T1180] usb 1-1: Product: syz
[ 1217.441325][ T1180] usb 1-1: Manufacturer: syz
[ 1217.649259][ T1180] usb 1-1: SerialNumber: syz
[ 1217.793528][ T1180] usb 1-1: config 0 descriptor??
[ 1217.801154][T14868] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1217.812916][ T1180] usb 1-1: ucan: probing device on interface #0
[ 1217.819508][ T1180] usb 1-1: ucan: invalid in_ep MaxPacketSize
[ 1217.829024][ T1180] usb 1-1: ucan: probe failed; try to update the device firmware
[ 1218.117219][ T1180] usb 1-1: USB disconnect, device number 42
[ 1218.730375][T14908] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2069'.
[ 1219.597849][T14929] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2077'.
[ 1220.009574][   T25] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[ 1220.128499][T14946] netlink: 'syz.3.2085': attribute type 29 has an invalid length.
[ 1220.148217][T14946] netlink: 'syz.3.2085': attribute type 29 has an invalid length.
[ 1220.171175][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1220.187207][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1220.198020][   T25] usb 1-1: New USB device found, idVendor=056e, idProduct=011c, bcdDevice= 0.00
[ 1220.210460][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1220.245694][   T25] usb 1-1: config 0 descriptor??
[ 1220.674317][   T25] elecom 0003:056E:011C.0019: unknown main item tag 0x0
[ 1220.685974][   T29] audit: type=1400 audit(1726819894.682:1227): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=14949 comm="syz.4.2087" daddr=::ffff:172.20.20.187
[ 1220.708231][   T25] elecom 0003:056E:011C.0019: unknown main item tag 0xe
[ 1220.730810][   T25] elecom 0003:056E:011C.0019: unknown main item tag 0x5
[ 1220.756884][   T25] elecom 0003:056E:011C.0019: unknown main item tag 0x4
[ 1220.799106][   T25] elecom 0003:056E:011C.0019: ignoring exceeding usage max
[ 1220.808176][   T25] elecom 0003:056E:011C.0019: usage index exceeded
[ 1220.828870][   T25] elecom 0003:056E:011C.0019: item 0 0 2 0 parsing failed
[ 1220.836690][   T25] elecom 0003:056E:011C.0019: probe with driver elecom failed with error -22
[ 1220.874661][   T25] usb 1-1: USB disconnect, device number 43
[ 1221.519703][   T25] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[ 1221.670023][   T25] usb 5-1: Using ep0 maxpacket: 32
[ 1221.700357][   T25] usb 5-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=82.d5
[ 1221.710183][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1221.739747][   T25] usb 5-1: Product: syz
[ 1221.743992][   T25] usb 5-1: Manufacturer: syz
[ 1221.748672][   T25] usb 5-1: SerialNumber: syz
[ 1221.765409][   T25] usb 5-1: config 0 descriptor??
[ 1221.776731][   T25] hub 5-1:0.0: bad descriptor, ignoring hub
[ 1221.785306][   T25] hub 5-1:0.0: probe with driver hub failed with error -5
[ 1222.044253][   T25] gspca_main: vc032x-2.14.0 probing 0ac8:c301
[ 1223.042144][   T25] gspca_vc032x: reg_w err -110
[ 1223.047037][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1223.052933][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1223.058258][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1223.063866][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1223.069426][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1223.074778][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1223.858131][ T8771] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1224.038200][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1224.043754][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1224.049211][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1224.056922][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1224.063072][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1224.068457][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1224.074222][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1224.079847][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1224.085248][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1224.267159][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1224.411910][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1224.417246][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1224.423038][   T25] gspca_vc032x: I2c Bus Busy Wait 00
[ 1224.428925][   T25] gspca_vc032x: Unknown sensor...
[ 1224.435200][   T25] vc032x 5-1:0.0: probe with driver vc032x failed with error -22
[ 1224.692023][T15019] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2118'.
[ 1225.989031][    T9] usb 5-1: USB disconnect, device number 35
[ 1227.198258][   T29] audit: type=1326 audit(1726819901.182:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15053 comm="syz.0.2133" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x0
[ 1227.397342][   T29] audit: type=1326 audit(1726819901.232:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15053 comm="syz.0.2133" exe="/root/syz-executor" sig=31 arch=c000003e syscall=436 compat=0 ip=0x7f6bb3d7def9 code=0x0
[ 1227.476640][   T29] audit: type=1400 audit(1726819901.472:1230): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=15062 comm="syz.4.2136" daddr=ff01::1 dest=20000
[ 1228.230024][T15053] coredump: 411(syz.0.2133): written to core: VMAs: 34, size 97419264; core: 60023750 bytes, pos 97427456
[ 1229.899242][T15099] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2148'.
[ 1229.987397][T15105] netlink: 'syz.3.2153': attribute type 4 has an invalid length.
[ 1230.019554][T15105] netlink: 'syz.3.2153': attribute type 2 has an invalid length.
[ 1230.235179][T15115] nbd: must specify an index to disconnect
[ 1231.479174][   T29] audit: type=1326 audit(1726819905.422:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15129 comm="syz.1.2164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2697def9 code=0x7ffc0000
[ 1231.516492][   T29] audit: type=1326 audit(1726819905.422:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15129 comm="syz.1.2164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2697def9 code=0x7ffc0000
[ 1231.643161][   T29] audit: type=1326 audit(1726819905.422:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15129 comm="syz.1.2164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3c2697def9 code=0x7ffc0000
[ 1231.664737][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1231.740186][   T29] audit: type=1326 audit(1726819905.422:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15129 comm="syz.1.2164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2697def9 code=0x7ffc0000
[ 1231.761844][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1231.814528][   T29] audit: type=1326 audit(1726819905.422:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15129 comm="syz.1.2164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2697def9 code=0x7ffc0000
[ 1231.869358][T10746] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 1231.898128][   T29] audit: type=1326 audit(1726819905.432:1236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15129 comm="syz.1.2164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f3c2697def9 code=0x7ffc0000
[ 1231.928933][   T25] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[ 1231.998408][   T29] audit: type=1326 audit(1726819905.432:1237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15129 comm="syz.1.2164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c2697def9 code=0x7ffc0000
[ 1232.041253][T10746] usb 2-1: Using ep0 maxpacket: 32
[ 1232.072155][T10746] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1232.085738][T10746] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1232.100405][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1232.121759][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1232.132099][T10746] usb 2-1: Product: syz
[ 1232.136273][T10746] usb 2-1: Manufacturer: syz
[ 1232.155269][T10746] usb 2-1: SerialNumber: syz
[ 1232.162356][   T25] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[ 1232.188456][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1232.207723][T10746] usb 2-1: config 0 descriptor??
[ 1232.227526][T10746] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 1232.248110][   T25] usb 5-1: config 0 descriptor??
[ 1232.536243][T15148] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2171'.
[ 1232.663876][   T29] kauditd_printk_skb: 3 callbacks suppressed
[ 1232.663896][   T29] audit: type=1400 audit(1726819906.662:1241): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=15150 comm="syz.3.2172"
[ 1232.689387][   T25] lenovo 0003:17EF:6047.001A: unknown main item tag 0x0
[ 1232.698374][   T25] lenovo 0003:17EF:6047.001A: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.4-1/input0
[ 1232.868493][T15156] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2175'.
[ 1232.918001][   T25] usb 5-1: USB disconnect, device number 36
[ 1233.597290][T10746] gspca_ov534_9: reg_w failed -110
[ 1233.638611][T15157] ieee802154 phy0 wpan0: encryption failed: -22
[ 1233.870095][T15166] debugfs: Directory 'ptm0' with parent 'caif_serial' already present!
[ 1233.888892][T10746] gspca_ov534_9: Unknown sensor 0000
[ 1233.888975][T10746] ov534_9 2-1:0.0: probe with driver ov534_9 failed with error -22
[ 1233.904380][T10746] usb 2-1: USB disconnect, device number 37
[ 1234.182881][   T29] audit: type=1326 audit(1726819908.182:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15173 comm="syz.3.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73e2d7def9 code=0x7ffc0000
[ 1234.252523][   T29] audit: type=1326 audit(1726819908.182:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15173 comm="syz.3.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73e2d7def9 code=0x7ffc0000
[ 1234.345550][   T29] audit: type=1326 audit(1726819908.212:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15173 comm="syz.3.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f73e2d7def9 code=0x7ffc0000
[ 1234.352494][T15180] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2182'.
[ 1234.468872][   T29] audit: type=1326 audit(1726819908.212:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15173 comm="syz.3.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73e2d7def9 code=0x7ffc0000
[ 1234.533648][   T29] audit: type=1326 audit(1726819908.222:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15173 comm="syz.3.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73e2d7def9 code=0x7ffc0000
[ 1234.616098][   T29] audit: type=1326 audit(1726819908.222:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15173 comm="syz.3.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f73e2d7def9 code=0x7ffc0000
[ 1234.724216][   T29] audit: type=1326 audit(1726819908.222:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15173 comm="syz.3.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73e2d7def9 code=0x7ffc0000
[ 1234.817405][   T29] audit: type=1326 audit(1726819908.222:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15173 comm="syz.3.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73e2d7def9 code=0x7ffc0000
[ 1234.915035][   T29] audit: type=1326 audit(1726819908.222:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15173 comm="syz.3.2181" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f73e2d7def9 code=0x7ffc0000
[ 1235.995884][T15203] syz_tun: entered promiscuous mode
[ 1236.026431][T15203] syz_tun: left promiscuous mode
[ 1236.660238][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.667930][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.675722][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.683397][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.691097][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.698874][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.706579][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.714336][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.721997][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.729909][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.737755][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.745442][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.753827][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.762274][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.769963][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.777605][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.785336][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.793099][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.800890][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.808583][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.816285][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.823989][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.832056][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.840040][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.847624][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.856081][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.865110][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.872803][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.880495][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.888139][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.895872][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.903677][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.911653][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.919364][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.927043][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.934976][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.945871][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.954347][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.962659][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.970348][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.978059][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.985754][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1236.993415][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.001166][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.011891][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.019784][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.027434][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.035298][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.043184][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.050865][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.059026][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.066459][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.074638][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.082154][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.089735][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.097350][T10746] hid-generic 0001:0000:0000.001B: unknown main item tag 0x0
[ 1237.121115][T10746] hid-generic 0001:0000:0000.001B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[ 1239.054721][   T29] kauditd_printk_skb: 34 callbacks suppressed
[ 1239.054744][   T29] audit: type=1326 audit(1726819913.052:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15274 comm="syz.0.2217" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x0
[ 1239.112672][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.125246][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[ 1241.184441][ T8771] Bluetooth: hci5: command 0x0406 tx timeout
[ 1241.340954][ T1180] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1241.499296][ T1180] usb 2-1: Using ep0 maxpacket: 8
[ 1241.524754][ T1180] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1241.603161][T15311] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2227'.
[ 1241.612377][ T1180] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1241.612447][ T1180] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1241.612474][ T1180] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1241.612593][ T1180] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1242.598515][ T1180] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1242.951504][ T1180] usb 2-1: GET_CAPABILITIES returned 0
[ 1242.989368][ T1180] usbtmc 2-1:16.0: can't read capabilities
[ 1243.364460][    T8] usb 2-1: USB disconnect, device number 38
[ 1246.119170][T15369] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2246'.
[ 1246.374136][    T8] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1246.674712][    T8] usb 2-1: Using ep0 maxpacket: 8
[ 1246.729458][    T8] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1246.739473][    T8] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1246.804977][    T8] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1246.822066][    T8] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1246.835815][    T8] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1246.873397][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1248.280572][    T8] usb 2-1: GET_CAPABILITIES returned 0
[ 1248.286255][    T8] usbtmc 2-1:16.0: can't read capabilities
[ 1248.466606][   T29] audit: type=1326 audit(1726819922.462:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15410 comm="syz.4.2263" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f34e917def9 code=0x0
[ 1248.989280][T10746] usb 2-1: USB disconnect, device number 39
[ 1249.147217][   T29] audit: type=1400 audit(1726819923.142:1287): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=15419 comm="syz.3.2264" daddr=fe80::bb
[ 1249.494039][   T29] audit: type=1400 audit(1726819923.492:1288): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=15432 comm="syz.2.2269" daddr=::1c9a:e7ff:fe9a:6f34
[ 1249.528594][   T29] audit: type=1400 audit(1726819923.512:1289): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=15432 comm="syz.2.2269" daddr=2001::1
[ 1250.129031][ T5277] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[ 1251.839099][ T5277] usb 3-1: Using ep0 maxpacket: 8
[ 1251.842794][ T5277] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1251.864999][ T5277] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1251.916201][ T5277] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1251.935082][ T5277] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1252.010072][ T5277] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1252.125842][ T5277] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1252.209085][    T8] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[ 1252.382171][ T5277] usb 3-1: GET_CAPABILITIES returned 0
[ 1252.387804][ T5277] usbtmc 3-1:16.0: can't read capabilities
[ 1252.396160][    T8] usb 1-1: Using ep0 maxpacket: 8
[ 1252.409309][    T8] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1252.448171][    T8] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1252.493056][    T8] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1252.521776][    T8] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1252.614587][    T8] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1252.633184][ T5277] usb 3-1: USB disconnect, device number 40
[ 1252.700881][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1252.955392][    T8] usb 1-1: usb_control_msg returned -32
[ 1253.159016][    T8] usbtmc 1-1:16.0: can't read capabilities
[ 1253.172155][T15449] lo speed is unknown, defaulting to 1000
[ 1254.577353][   T29] audit: type=1400 audit(1726819928.572:1290): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=15493 comm="syz.4.2291" daddr=fe88::5
[ 1254.704772][   T29] audit: type=1400 audit(1726819928.582:1291): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=15493 comm="syz.4.2291" daddr=2001::2
[ 1255.084124][    T8] usb 1-1: USB disconnect, device number 44
[ 1255.465133][T15511] 9pnet_fd: Insufficient options for proto=fd
[ 1255.942428][T15519] Bluetooth: MGMT ver 1.23
[ 1257.191889][   T29] audit: type=1326 audit(1726819931.192:1292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15527 comm="syz.0.2301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1257.279334][   T29] audit: type=1326 audit(1726819931.192:1293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15527 comm="syz.0.2301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1257.338659][   T29] audit: type=1326 audit(1726819931.192:1294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15527 comm="syz.0.2301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1257.381167][   T29] audit: type=1326 audit(1726819931.192:1295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15527 comm="syz.0.2301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1257.438283][   T29] audit: type=1326 audit(1726819931.192:1296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15527 comm="syz.0.2301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1257.486254][   T29] audit: type=1326 audit(1726819931.192:1297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15527 comm="syz.0.2301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1257.607456][   T29] audit: type=1326 audit(1726819931.192:1298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15527 comm="syz.0.2301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1257.692521][   T29] audit: type=1326 audit(1726819931.192:1299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15527 comm="syz.0.2301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bb3d7def9 code=0x7ffc0000
[ 1260.033558][T15512] coredump: 518(syz.0.2295): written to core: VMAs: 38, size 99778560; core: 62133414 bytes, pos 99786752
[ 1260.239225][    T8] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[ 1260.424376][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1260.449793][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1260.450000][   T25] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[ 1260.482546][    T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1260.523015][    T8] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1260.549922][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1260.578190][    T8] usb 5-1: config 0 descriptor??
[ 1260.618831][   T25] usb 1-1: Using ep0 maxpacket: 8
[ 1260.625853][   T25] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1260.638917][   T25] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1260.654580][   T25] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1260.671143][   T25] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1260.691153][   T25] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1260.734625][   T25] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1260.764130][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1260.795675][   T25] usb 1-1: can't set config #16, error -71
[ 1260.819185][   T25] usb 1-1: USB disconnect, device number 45
[ 1261.104592][T15586] could not allocate digest TFM handle 
[ 1261.212120][    T8] usbhid 5-1:0.0: can't add hid device: -71
[ 1261.219040][    T8] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1261.237187][    T8] usb 5-1: USB disconnect, device number 37
[ 1262.544538][ T8771] Bluetooth: hci3: command 0x0406 tx timeout
[ 1263.146952][ T8772] Bluetooth: hci4: unexpected cc 0x042f length: 181 > 7
[ 1263.543255][T15632] netlink: 'syz.1.2336': attribute type 7 has an invalid length.
[ 1263.558878][T15632] netlink: 'syz.1.2336': attribute type 39 has an invalid length.
[ 1263.598970][   T25] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[ 1263.650889][T15637] 9pnet: p9_errstr2errno: server reported unknown error I
[ 1263.758819][   T25] usb 5-1: Using ep0 maxpacket: 32
[ 1263.775838][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1263.798477][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1263.816342][   T25] usb 5-1: New USB device found, idVendor=046d, idProduct=c714, bcdDevice= 0.00
[ 1263.838983][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1263.868277][   T25] usb 5-1: config 0 descriptor??
[ 1265.406971][   T25] usb 5-1: USB disconnect, device number 38
[ 1265.493275][T15659] tipc: Started in network mode
[ 1265.510822][T15659] tipc: Node identity 9ca6, cluster identity 4711
[ 1265.517441][T15659] tipc: Node number set to 40102
[ 1265.655691][T15663] input: syz1 as /devices/virtual/input/input27
[ 1265.705304][   T29] kauditd_printk_skb: 1 callbacks suppressed
[ 1265.705326][   T29] audit: type=1400 audit(1726819939.702:1301): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=15662 comm="syz.0.2348" daddr=fe80::1b dest=16385
[ 1265.729160][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1266.124925][T15673] vlan2: entered promiscuous mode
[ 1266.142869][T15673] vlan2: entered allmulticast mode
[ 1266.148339][T15673] vlan0: entered allmulticast mode
[ 1266.172852][T15673] veth0_vlan: entered allmulticast mode
[ 1266.199136][T15673] vlan0: entered promiscuous mode
[ 1266.218525][T15673] team0: Port device vlan2 added
[ 1266.278930][ T8195] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[ 1266.668839][ T8195] usb 4-1: Using ep0 maxpacket: 8
[ 1266.680677][ T8195] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1266.690704][ T8195] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1266.722210][ T8195] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1267.683330][ T8195] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1267.696517][ T8195] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1267.705727][ T8195] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1267.936203][ T8195] usb 4-1: GET_CAPABILITIES returned 0
[ 1267.942126][ T8195] usbtmc 4-1:16.0: can't read capabilities
[ 1268.155339][ T8195] usb 4-1: USB disconnect, device number 40
[ 1268.464949][T15710] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2364'.
[ 1268.712368][T15719] 9pnet: p9_errstr2errno: server reported unknown error /kernel/yama/ptrace_scope
[ 1269.435423][   T29] audit: type=1400 audit(1726819943.432:1302): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=15743 comm="syz.2.2378" daddr=::ffff:127.0.0.1
[ 1270.263919][T15758] lo speed is unknown, defaulting to 1000
[ 1271.211416][T15784] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2390'.
[ 1271.938590][T15785] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2392'.
[ 1272.935861][T15810] trusted_key: syz.3.2400 sent an empty control message without MSG_MORE.
[ 1273.062080][T15811] PM: Enabling pm_trace changes system date and time during resume.
[ 1273.062080][T15811] PM: Correct system time has to be restored manually after resume.
[ 1273.114690][T15811] PM: Enabling pm_trace changes system date and time during resume.
[ 1273.114690][T15811] PM: Correct system time has to be restored manually after resume.
[ 1273.250526][T15819] syzkaller0: entered promiscuous mode
[ 1273.256200][T15819] syzkaller0: entered allmulticast mode
[ 1273.629113][T15823] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2404'.
[ 1274.850819][T15840] [U] 
[ 1274.856497][T15840] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2411'.
[ 1275.521466][T15856] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2416'.
[ 1275.541335][T15856] bridge_slave_1: left allmulticast mode
[ 1275.553730][T15856] bridge_slave_1: left promiscuous mode
[ 1275.567657][T15856] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1275.586963][T15856] bridge_slave_0: left allmulticast mode
[ 1275.602958][T15856] bridge_slave_0: left promiscuous mode
[ 1275.612789][T15856] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1275.869342][T10746] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[ 1276.028244][T15875] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2421'.
[ 1276.030819][T10746] usb 3-1: Using ep0 maxpacket: 8
[ 1276.101721][T10746] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1276.225620][T10746] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1276.303442][T10746] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1276.379855][T10746] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1276.474454][T10746] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1276.623376][T10746] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1276.644788][T10746] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1277.031165][T10746] usb 3-1: usb_control_msg returned -32
[ 1277.036830][T10746] usbtmc 3-1:16.0: can't read capabilities
[ 1278.571446][ T8195] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[ 1278.715376][T15924] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2437'.
[ 1278.897703][ T8195] usb 5-1: Using ep0 maxpacket: 32
[ 1278.974766][ T8195] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1279.288596][ T8195] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1279.310004][T14404] usb 3-1: USB disconnect, device number 41
[ 1279.319027][ T8195] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1279.371338][ T8195] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1279.398017][ T8195] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1279.418292][ T8195] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1279.457691][ T8195] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1279.477100][ T8195] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1279.496074][ T8195] usb 5-1: config 0 descriptor??
[ 1279.806414][ T8195] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 39 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1279.809780][T15915] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1280.408123][T15915] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1280.453553][ T8195] usb 5-1: USB disconnect, device number 39
[ 1280.462188][ T8195] usblp0: removed
[ 1280.767506][T15952] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2445'.
[ 1281.739094][T15957] bridge: RTM_NEWNEIGH with invalid ether address
[ 1281.760169][T15957] bridge: RTM_NEWNEIGH with invalid ether address
[ 1282.111468][T15965] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2449'.
[ 1282.605093][T15967] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2451'.
[ 1282.914348][   T29] audit: type=1400 audit(1726819956.912:1303): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="," requested=w pid=15968 comm="syz.1.2452" daddr=fe80::bb
[ 1282.923469][T15975] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2453'.
[ 1284.776905][T16021] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2466'.
[ 1285.503423][T16032] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2469'.
[ 1285.609609][T16034] dccp_close: ABORT with 4 bytes unread
[ 1286.071059][T16031] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2470'.
[ 1286.586589][T16041] block nbd4: shutting down sockets
[ 1287.548167][T15601] Bluetooth: hci4: command 0x0406 tx timeout
[ 1287.729589][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1287.852659][T16061] input: syz0 as /devices/virtual/input/input28
[ 1288.309081][ T8772] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[ 1288.320244][ T8772] Bluetooth: hci4: Injecting HCI hardware error event
[ 1288.330779][ T8772] Bluetooth: hci4: hardware error 0x00
[ 1289.308765][T16078] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2484'.
[ 1290.023470][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1290.049780][T16085] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2487'.
[ 1290.464864][ T8772] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[ 1294.928841][   T29] audit: type=1400 audit(1726819968.922:1304): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="," object="_" requested=w pid=16100 comm="syz.3.2491" daddr=fe80::aa dest=20002 netif=wpan0
[ 1300.278774][   T29] audit: type=1400 audit(1726819974.272:1305): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="," object="_" requested=w pid=16100 comm="syz.3.2491" daddr=fe80::aa dest=20002 netif=wpan0
[ 1300.629252][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.635633][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.070105][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.076470][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.499190][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.505866][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[ 1451.168853][   T30] INFO: task syz.0.2489:16101 blocked for more than 153 seconds.
[ 1451.177160][   T30]       Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0
[ 1451.298698][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1451.307432][   T30] task:syz.0.2489      state:D stack:26768 pid:16101 tgid:16095 ppid:12956  flags:0x00000004
[ 1451.458720][   T30] Call Trace:
[ 1451.462159][   T30]  <TASK>
[ 1451.465128][   T30]  __schedule+0x1843/0x4b00
[ 1451.548758][   T30]  ? __pfx___schedule+0x10/0x10
[ 1451.553705][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1451.638713][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1451.644795][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1451.728734][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[ 1451.733941][   T30]  ? schedule+0x90/0x320
[ 1451.738231][   T30]  schedule+0x14b/0x320
[ 1451.828726][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1451.834288][   T30]  rwsem_down_write_slowpath+0xeee/0x13b0
[ 1451.898695][   T30]  ? rwsem_down_write_slowpath+0xa09/0x13b0
[ 1451.904695][   T30]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[ 1451.988736][   T30]  ? __pfx_lock_acquire+0x10/0x10
[ 1451.994325][   T30]  ? __pfx_fuse_inode_eq+0x10/0x10
[ 1452.068725][   T30]  ? ilookup5+0x131/0x160
[ 1452.073472][   T30]  down_write_nested+0x1e0/0x220
[ 1452.078458][   T30]  ? __pfx_down_write_nested+0x10/0x10
[ 1452.168736][   T30]  fuse_reverse_inval_entry+0x62/0x730
[ 1452.174587][   T30]  fuse_dev_do_write+0x4164/0x6210
[ 1452.268760][   T30]  ? __pfx_validate_chain+0x10/0x10
[ 1452.274050][   T30]  ? __pfx_fuse_dev_do_write+0x10/0x10
[ 1452.308738][   T30]  ? __pfx_validate_chain+0x10/0x10
[ 1452.314030][   T30]  ? cgroup_rstat_updated+0x13b/0xc60
[ 1452.348765][   T30]  ? __pfx_validate_chain+0x10/0x10
[ 1452.354048][   T30]  ? mark_lock+0x9a/0x360
[ 1452.358409][   T30]  ? count_memcg_event_mm+0x94/0x420
[ 1453.148791][   T30]  ? __lock_acquire+0x1384/0x2050
[ 1453.153939][   T30]  fuse_dev_write+0x148/0x1d0
[ 1453.275427][   T30]  ? __pfx_fuse_dev_write+0x10/0x10
[ 1453.318754][   T30]  ? bpf_lsm_file_permission+0x9/0x10
[ 1453.324587][   T30]  ? security_file_permission+0x74/0x280
[ 1453.468848][   T30]  vfs_write+0xa6d/0xc90
[ 1453.473286][   T30]  ? __pfx_fuse_dev_write+0x10/0x10
[ 1453.478624][   T30]  ? __pfx_vfs_write+0x10/0x10
[ 1453.637785][   T30]  ? __fdget_pos+0x19a/0x320
[ 1453.688791][   T30]  ksys_write+0x1a0/0x2c0
[ 1453.693215][   T30]  ? __pfx_ksys_write+0x10/0x10
[ 1453.698106][   T30]  ? exc_page_fault+0x590/0x8c0
[ 1453.859057][   T30]  ? do_syscall_64+0xb6/0x230
[ 1453.863843][   T30]  do_syscall_64+0xf3/0x230
[ 1453.868409][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1454.017012][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1454.108820][   T30] RIP: 0033:0x7f6bb3d7def9
[ 1454.113339][   T30] RSP: 002b:00007f6bb4c0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1454.262787][   T30] RAX: ffffffffffffffda RBX: 00007f6bb3f36058 RCX: 00007f6bb3d7def9
[ 1454.360635][   T30] RDX: 0000000000000029 RSI: 00000000200043c0 RDI: 0000000000000003
[ 1454.478706][   T30] RBP: 00007f6bb3df0b76 R08: 0000000000000000 R09: 0000000000000000
[ 1454.486756][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1454.616653][   T30] R13: 0000000000000001 R14: 00007f6bb3f36058 R15: 00007ffe924eb158
[ 1454.725570][   T30]  </TASK>
[ 1454.748874][   T30] 
[ 1454.748874][   T30] Showing all locks held in the system:
[ 1454.756677][   T30] 1 lock held by khungtaskd/30:
[ 1454.962636][   T30]  #0: ffffffff8e9389e0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 1455.088245][   T30] 1 lock held by klogd/4663:
[ 1455.108813][   T30] 4 locks held by dhcpcd/4888:
[ 1455.113658][   T30] 2 locks held by getty/4986:
[ 1455.118387][   T30]  #0: ffff88802e32f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1455.340941][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[ 1455.470674][   T30] 1 lock held by syz-executor/5218:
[ 1455.476317][   T30] 3 locks held by syz.0.2489/16097:
[ 1455.588714][   T30]  #0: ffff88805020e420 (sb_writers#20){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90
[ 1455.598093][   T30]  #1: ffff88807a629708 (&type->i_mutex_dir_key#8/1){+.+.}-{3:3}, at: filename_create+0x260/0x540
[ 1455.818886][   T30]  #2: ffff88807a629bd0 (&fi->mutex){+.+.}-{3:3}, at: fuse_lock_inode+0xd3/0x120
[ 1455.828236][   T30] 2 locks held by syz.0.2489/16101:
[ 1455.998477][   T30]  #0: ffff88805e319338 (&fc->killsb){++++}-{3:3}, at: fuse_dev_do_write+0x4107/0x6210
[ 1456.128835][   T30]  #1: ffff88807a629708 (&type->i_mutex_dir_key#8/1){+.+.}-{3:3}, at: fuse_reverse_inval_entry+0x62/0x730
[ 1456.248968][   T30] 1 lock held by syz.3.2491/16100:
[ 1456.340063][   T30] 
[ 1456.342455][   T30] =============================================
[ 1456.342455][   T30] 
[ 1456.448815][   T30] NMI backtrace for cpu 0
[ 1456.453234][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0
[ 1456.463503][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1456.473699][   T30] Call Trace:
[ 1456.477006][   T30]  <TASK>
[ 1456.479965][   T30]  dump_stack_lvl+0x241/0x360
[ 1456.484693][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1456.489933][   T30]  ? __pfx__printk+0x10/0x10
[ 1456.494575][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[ 1456.499560][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1456.505063][   T30]  ? _printk+0xd5/0x120
[ 1456.509273][   T30]  ? __pfx__printk+0x10/0x10
[ 1456.513901][   T30]  ? __wake_up_klogd+0xcc/0x110
[ 1456.518788][   T30]  ? __pfx__printk+0x10/0x10
[ 1456.523413][   T30]  ? __rcu_read_unlock+0xa1/0x110
[ 1456.528480][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1456.534499][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[ 1456.540518][   T30]  watchdog+0xff4/0x1040
[ 1456.544800][   T30]  ? watchdog+0x1ea/0x1040
[ 1456.549256][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1456.553961][   T30]  kthread+0x2f0/0x390
[ 1456.558230][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1456.562941][   T30]  ? __pfx_kthread+0x10/0x10
[ 1456.567562][   T30]  ret_from_fork+0x4b/0x80
[ 1456.572021][   T30]  ? __pfx_kthread+0x10/0x10
[ 1456.576633][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1456.581441][   T30]  </TASK>
[ 1456.585251][   T30] Sending NMI from CPU 0 to CPUs 1:
[ 1456.590854][    C1] NMI backtrace for cpu 1
[ 1456.590868][    C1] CPU: 1 UID: 101 PID: 5015 Comm: dhcpcd Not tainted 6.11.0-syzkaller-07337-g2004cef11ea0 #0
[ 1456.590890][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1456.590901][    C1] RIP: 0010:lock_acquire+0x120/0x550
[ 1456.590931][    C1] Code: c0 ec 60 1b 90 48 c1 e8 03 42 0f b6 04 28 84 c0 0f 85 ff 02 00 00 83 3d 89 36 ab 0e 00 0f 84 42 01 00 00 65 8b 05 10 60 92 7e <85> c0 0f 85 8f 01 00 00 65 48 8b 1c 25 80 d6 03 00 48 81 c3 dc 0a
[ 1456.590946][    C1] RSP: 0018:ffffc90002d5f540 EFLAGS: 00000002
[ 1456.590963][    C1] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff81702a24
[ 1456.590975][    C1] RDX: 0000000000000000 RSI: ffffffff8c6008e0 RDI: ffffffff8c6008a0
[ 1456.590988][    C1] RBP: ffffc90002d5f690 R08: ffffffff901b2eaf R09: 1ffffffff20365d5
[ 1456.591002][    C1] R10: dffffc0000000000 R11: fffffbfff20365d6 R12: 1ffff920005abeb0
[ 1456.591016][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffffffa0001fcc
[ 1456.591029][    C1] FS:  00007fc0218de740(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000
[ 1456.591045][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1456.591058][    C1] CR2: 00007f73e3b85040 CR3: 000000002eeec000 CR4: 00000000003506f0
[ 1456.591074][    C1] Call Trace:
[ 1456.591080][    C1]  <NMI>
[ 1456.591087][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 1456.591109][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1456.591135][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1456.591155][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1456.591191][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1456.591213][    C1]  ? nmi_handle+0x14f/0x5a0
[ 1456.591228][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1456.591245][    C1]  ? lock_acquire+0x120/0x550
[ 1456.591268][    C1]  ? default_do_nmi+0x63/0x160
[ 1456.591287][    C1]  ? exc_nmi+0x123/0x1f0
[ 1456.591313][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1456.591336][    C1]  ? bpf_prog_7ba5217f62dcd359+0x40/0x44
[ 1456.591353][    C1]  ? lock_acquire+0xd4/0x550
[ 1456.591376][    C1]  ? lock_acquire+0x120/0x550
[ 1456.591399][    C1]  ? lock_acquire+0x120/0x550
[ 1456.591422][    C1]  ? lock_acquire+0x120/0x550
[ 1456.591445][    C1]  </NMI>
[ 1456.591451][    C1]  <TASK>
[ 1456.591461][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1456.591483][    C1]  ? unwind_next_frame+0x18e6/0x22d0
[ 1456.591508][    C1]  ? deref_stack_reg+0x17c/0x210
[ 1456.591534][    C1]  ? stack_trace_save+0x118/0x1d0
[ 1456.591553][    C1]  ? unwind_next_frame+0x18e6/0x22d0
[ 1456.591576][    C1]  ? deref_stack_reg+0x17c/0x210
[ 1456.591603][    C1]  ? __asan_memset+0x23/0x50
[ 1456.591628][    C1]  ? bpf_prog_7ba5217f62dcd359+0x40/0x44
[ 1456.591641][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1456.591661][    C1]  ? bpf_prog_7ba5217f62dcd359+0x40/0x44
[ 1456.591692][    C1]  is_bpf_text_address+0x46/0x2a0
[ 1456.591715][    C1]  ? is_bpf_text_address+0x26/0x2a0
[ 1456.591737][    C1]  ? is_bpf_text_address+0x26/0x2a0
[ 1456.591758][    C1]  ? bpf_prog_7ba5217f62dcd359+0x40/0x44
[ 1456.591772][    C1]  ? bpf_prog_7ba5217f62dcd359+0x40/0x44
[ 1456.591797][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1456.591817][    C1]  kernel_text_address+0xa7/0xe0
[ 1456.591835][    C1]  ? bpf_prog_7ba5217f62dcd359+0x40/0x44
[ 1456.591853][    C1]  __kernel_text_address+0xd/0x40
[ 1456.591871][    C1]  unwind_get_return_address+0x4d/0x90
[ 1456.591896][    C1]  arch_stack_walk+0xfd/0x150
[ 1456.591916][    C1]  ? bpf_prog_7ba5217f62dcd359+0x40/0x44
[ 1456.591931][    C1]  stack_trace_save+0x118/0x1d0
[ 1456.591951][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1456.591988][    C1]  ? mark_lock+0x9a/0x360
[ 1456.592003][    C1]  ? __might_fault+0xaa/0x120
[ 1456.592025][    C1]  kasan_save_track+0x3f/0x80
[ 1456.592041][    C1]  ? kasan_save_track+0x3f/0x80
[ 1456.592057][    C1]  ? __kasan_slab_alloc+0x66/0x80
[ 1456.592074][    C1]  ? kmem_cache_alloc_noprof+0x135/0x2a0
[ 1456.592096][    C1]  ? __sigqueue_alloc+0x42e/0x540
[ 1456.592116][    C1]  ? __send_signal_locked+0x22f/0xdc0
[ 1456.592133][    C1]  ? group_send_sig_info+0x292/0x310
[ 1456.592150][    C1]  ? bpf_send_signal_common+0x2dd/0x430
[ 1456.592170][    C1]  ? bpf_send_signal+0x19/0x30
[ 1456.592218][    C1]  __kasan_slab_alloc+0x66/0x80
[ 1456.592235][    C1]  ? __sigqueue_alloc+0x42e/0x540
[ 1456.592255][    C1]  kmem_cache_alloc_noprof+0x135/0x2a0
[ 1456.592280][    C1]  __sigqueue_alloc+0x42e/0x540
[ 1456.592302][    C1]  __send_signal_locked+0x22f/0xdc0
[ 1456.592321][    C1]  ? __lock_task_sighand+0x29/0x2d0
[ 1456.592341][    C1]  group_send_sig_info+0x292/0x310
[ 1456.592360][    C1]  ? __pfx_group_send_sig_info+0x10/0x10
[ 1456.592384][    C1]  bpf_send_signal_common+0x2dd/0x430
[ 1456.592406][    C1]  ? __pfx_bpf_send_signal_common+0x10/0x10
[ 1456.592427][    C1]  ? __pfx___cant_migrate+0x10/0x10
[ 1456.592454][    C1]  ? bpf_trace_run2+0x1fc/0x540
[ 1456.592471][    C1]  bpf_send_signal+0x19/0x30
[ 1456.592494][    C1]  bpf_prog_7ba5217f62dcd359+0x40/0x44
[ 1456.592509][    C1]  bpf_trace_run2+0x2ec/0x540
[ 1456.592530][    C1]  ? __pfx_bpf_trace_run2+0x10/0x10
[ 1456.592550][    C1]  ? __secure_computing+0x125/0x370
[ 1456.592579][    C1]  trace_sys_enter+0x93/0xd0
[ 1456.592604][    C1]  syscall_trace_enter+0xf8/0x150
[ 1456.592631][    C1]  do_syscall_64+0xcc/0x230
[ 1456.592657][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1456.592682][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1456.592706][    C1] RIP: 0033:0x7fc021918ad9
[ 1456.592720][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <48> 81 ec b8 00 00 00 41 89 f9 48 89 f0 49 89 d0 48 85 f6 0f 84 be
[ 1456.592735][    C1] RSP: 002b:00007fffb0e73fc0 EFLAGS: 00000293 ORIG_RAX: 000000000000000f
[ 1456.592752][    C1] RAX: ffffffffffffffda RBX: 0000556c4ef04e20 RCX: 00007fc021918ad9
[ 1456.592766][    C1] RDX: 0000556c4231f610 RSI: 00007fffb0e740f0 RDI: 0000000000000011
[ 1456.592778][    C1] RBP: 00007fffb0e748d0 R08: 0000000000000008 R09: 0000000000000000
[ 1456.592790][    C1] R10: 00007fffb0e748d0 R11: 0000000000000293 R12: 0000000000000000
[ 1456.592802][    C1] R13: 0000556c4231f610 R14: 00000000ffffffff R15: 0000000000000000
[ 1456.592822][    C1]  </TASK>