last executing test programs:

56.555325441s ago: executing program 2 (id=10049):
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect$cdc_ecm(0x1, 0x56, &(0x7f0000000180)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x44, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}, {[{}], {{0x9, 0x5, 0x82, 0x2, 0x400}}}}}]}}]}}, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000280), 0x40, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_access\x00', &(0x7f00000002c0), 0x24, 0x0)
listxattr(&(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x52)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000002100), 0x80014, &(0x7f0000002140)=ANY=[])
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = syz_io_uring_setup(0x4024f9, &(0x7f0000000080)={0x0, 0xfffffffc, 0x0, 0x0, 0x51}, &(0x7f0000000280), &(0x7f0000000340))
flock(r3, 0x8)
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x56, 0x0, 0x2000000004, {0x0, 0x7}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
write$binfmt_elf32(r5, &(0x7f0000000d00)=ANY=[], 0x58)
io_setup(0x1fe, &(0x7f0000000200)=<r6=>0x0)
io_submit(r6, 0x1417, &(0x7f0000000700)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x1, 0x0, r5, &(0x7f0000000180)='\x00', 0x37000}])
ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000140)=@x={0x94, 0x3, "4450d9d9c729"})
dup3(r1, r2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r8, &(0x7f0000000900)={&(0x7f00000000c0)={0xa, 0x4e24, 0x0, @dev, 0x4}, 0x1c, 0x0, 0x0, &(0x7f0000000180)=[@rthdr_2292={{0x18, 0x29, 0x5, {0x0, 0x0, 0x2}}}], 0x18}, 0x1)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
socket$nl_xfrm(0x10, 0x3, 0x6)

54.335687078s ago: executing program 2 (id=10058):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000000000)=@framed={{}, [@snprintf={{0x7, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x8}}]}, 0x0}, 0x90)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012"], 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)

33.205648251s ago: executing program 2 (id=10058):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x0, 0x10, &(0x7f0000000000)=@framed={{}, [@snprintf={{0x7, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x8}}]}, 0x0}, 0x90)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012"], 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)

31.559151146s ago: executing program 1 (id=10092):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180), 0x640200, 0x0)
r6 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r6, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10, 0x0}, 0x300048c1)
getdents64(0xffffffffffffffff, &(0x7f000001c0c0)=""/56, 0x38)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VIDIOC_S_AUDIO(0xffffffffffffffff, 0xc0585604, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r7, &(0x7f00000001c0)=[{&(0x7f0000000640)=""/102383, 0x18fef}, {0x0}], 0x2, 0x0, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_emit_ethernet(0x8b, &(0x7f0000000340)=ANY=[], &(0x7f00000000c0)={0x1, 0x4, [0x200, 0xad9, 0x37b, 0xe21]})
pidfd_send_signal(r4, 0xc, 0x0, 0x4)
setsockopt$sock_attach_bpf(r6, 0x1, 0x3e, &(0x7f0000000100), 0x4)
sendmsg$inet(r6, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r3, @ANYRES8=r2], 0x21c}, 0x1, 0x0, 0x0, 0x20048000}, 0x20000001)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000034276d20402002c68e010000000109021200010000000009f70000007f107200"], 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'gre0\x00'})
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYRES16, @ANYRES64=r8, @ANYRESOCT=r0, @ANYRESHEX=r5], 0x40}}, 0x4004)
mmap$snddsp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2, 0x2032, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'netpci0\x00'})
write$UHID_INPUT(r5, &(0x7f0000019640)={0xfc, {"a2e3ad0e090d07f91b5e1a1887f70706d038e7ff7fc6e5539b0d3c0a8b089b3f3b3868030890e0879b0af8c6e70a9b334a959b669a240d0a090000007ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd1278248ebe4d9a4f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db2d8ffd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b98bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d907d9a7a508a15240525c6739ae2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe1312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c45419a30610880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80df649e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab653f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

31.172982428s ago: executing program 2 (id=10093):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x12000, 0x0)
ioctl$SNDCTL_TMR_TEMPO(r1, 0xc0045405, &(0x7f00000000c0)=0x42)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=@newlink={0x50, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_FLAGS={0xc, 0x3}]}}}, @IFLA_LINK={0x8, 0x5, r3}]}, 0x50}, 0x1, 0xba01}, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000040)={0x3}, 0x4)

31.006954012s ago: executing program 2 (id=10094):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="70000000180001000000000000000000020000000600ff"], 0x70}}, 0x0)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)

29.354986546s ago: executing program 1 (id=10103):
personality(0x400000) (async)
personality(0x400000)
memfd_secret(0x0) (async)
memfd_secret(0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6}]}, 0x10)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
capset(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000cc0)=ANY=[@ANYBLOB="b700000017000080bfa30000000000000703000028feffff7a0af0fff8ffffff61a4f0ff0000000015040000000002000f040000000000002504000001ed0a0065040000170000801f340000000000007b0a00fe000000002c04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efefb202ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff0c710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf1dbf6d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040bef29b66e3858d051c096e37c4f46010400000000c3da29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d0cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931481747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885769754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8269b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347932a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd23834a50d7eb8e327fb5db12cbd6a9efe8e671c4f251fe3bf440cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa2c910fb8de24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe91c921ac1476027772c87d1767e31a3446cd57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c828c02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007f00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d05d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b530500d8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bd9b075f1488d22230592a79000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462aa2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783fefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9be0bdd37220e316f2297743dd4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119d2a673bdae05779208409e6cf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8a9d3374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21d24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed9eed636338f1835fc957729d63dc1bfc7b772cbe536c2d3aff27c22f9a2f876512616a5bdaf22a16e19d1b5f52abb40b433983d0cf50234de659c1a397ce901000000caae1bcfdce33dae6adc260321702f239c25ab181390e7dc8c1e5b1cf3b4fef1cd5c44a89b5e5d8314e02f4673ded90bce9a4025b0232eec970f7aa17f175a14e8dc8de9bac0006b98a8283eee5665f3aede28228e0468dbcf8b776fe4c629d3af183a7cba5adf77f23d31f9d5a183c0da4e95f7"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f00000000c0)={0x0, 0x1, 0x20}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0x0, 0x0, &(0x7f0000000100)='syzkaller\x00'}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0x0, 0x0, &(0x7f0000000100)='syzkaller\x00'}, 0x90)
syz_open_dev$vim2m(0x0, 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
syz_emit_ethernet(0x22, &(0x7f0000000440)={@local, @empty, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @multicast2}}}}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$rds(0xffffffffffffffff, 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) (async)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)={0x50, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x9}, [@IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x50}}, 0x40080) (async)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)={0x50, 0x2, 0x6, 0x3, 0x0, 0x0, {0x0, 0x0, 0x9}, [@IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x50}}, 0x40080)
sendmsg$IPSET_CMD_DESTROY(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000006c0)={0x1c, 0x3, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
add_key$user(0x0, 0x0, &(0x7f0000000800)="00dd7c5764fcafe3c6c877d335cef7becf2957f01ed9ea3fc65fea2469a56ef35e", 0x21, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x20082, 0x0)
syz_io_uring_setup(0x5e2, &(0x7f0000000080), &(0x7f0000000180), &(0x7f0000000380)) (async)
syz_io_uring_setup(0x5e2, &(0x7f0000000080), &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000380))
syz_io_uring_submit(r4, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4}) (async)
syz_io_uring_submit(r4, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(0xffffffffffffffff, 0x381b, 0x0, 0x0, 0x0, 0x0)
write$sequencer(r3, &(0x7f0000000080)=[@t={0x81, 0x1, 0x0, 0x0, @generic=0x40005}], 0x8)

29.189009207s ago: executing program 1 (id=10104):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@local, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x0, 0x2b}, 0x0, @in=@local, 0x0, 0x1}}, 0xe8)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
r2 = syz_io_uring_setup(0x6d09, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000200), &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000100))
syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r2, 0x184c, 0x0, 0x0, 0x0, 0x0)
r5 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r5, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r5, 0x3)
r6 = accept4(r5, 0x0, 0x0, 0x0)
write$binfmt_elf64(r6, &(0x7f0000000240)=ANY=[], 0x78)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f0000000100)={0x3}, 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
sendto$inet(r6, &(0x7f0000000400)="a7", 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000001d40)={0x0, 0x0, 0x806}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000002b80)={0x0, 0x3, 0x803}, 0x8)
write$P9_RSTATu(r1, &(0x7f0000000580)={0x21e, 0x2, 0x0, {{0x500, 0xdd, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x38, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00+Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, '\b\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0x0, 0x0, 0xee01}}, 0x21e)
sendmmsg$inet6(r0, &(0x7f0000000a80)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c, 0x0}}, {{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @dev}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xe00}}], 0x2, 0x0)

29.072308524s ago: executing program 2 (id=10105):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@getqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24}, 0x24}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={r2, 0x0, 0x0}, 0x10)
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x80, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {0x4}, {}, {}, {0x7, 0x0}}}, &(0x7f0000000200)='syzkaller\x00', 0x6, 0x100b, &(0x7f0000001e40)=""/4107, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x90)
openat$nci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f0000000880)={'filter\x00', 0x11c, 0x4, 0x3f0, 0x100, 0x0, 0x100, 0x2f0, 0x2f0, 0x2f0, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local={0x2, 0x80, 0xc2, 0x7}}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0xc0, 0x108}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz0\x00'}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {@mac=@multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_vlan\x00', 'ipvlan1\x00'}, 0xc0, 0x100}, @unspec=@MARK}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x44e)
prlimit64(0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000780)=@getchain={0x16, 0x66, 0x54344af52948ef07}, 0x24}}, 0x0)
socket$inet(0x2, 0x4000000805, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)="1400000023000b03d25a806f8c6394e21f24fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r6, &(0x7f0000001680)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002080)=@newtfilter={0x49c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xd}, {}, {0x2}}, [@filter_kind_options=@f_route={{0xa}, {0x46c, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_POLICE={0x458, 0x5, [@TCA_POLICE_PEAKRATE={0x404}, @TCA_POLICE_PEAKRATE64={0xc}, @TCA_POLICE_RESULT={0x8}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x10001}}]}]}}]}, 0x49c}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x500, 0xc0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)

29.002945147s ago: executing program 1 (id=10106):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x3677, 0x650400)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r2, 0x1, 0x21, 0x0, 0x0)
io_setup(0xff, &(0x7f0000000380)=<r3=>0x0)
io_submit(r3, 0x27f, &(0x7f0000001440)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f0000000340), 0x41}])

28.77943163s ago: executing program 1 (id=10109):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000240)={0x0, 0x0, 0x20, 0x900}, &(0x7f00000002c0)=0x18)

28.634951198s ago: executing program 1 (id=10110):
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet(0x2b, 0x801, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
sendfile(r2, r1, 0x0, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000040)=<r3=>0x0)
sendmsg$AUDIT_SET(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, 0x3e9, 0x100, 0x70bd2a, 0x25dfdbff, {0x4, 0x0, 0x2, r3, 0x0, 0x4, 0x3, 0x6, 0x0, 0x690d44c8}, ["", "", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000810}, 0x20000000)
r4 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r4, 0x0, 0x48b, &(0x7f0000000080), 0x18)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r5, &(0x7f00000003c0)='blkio.bfq.dequeue\x00', 0x0, 0x0)
r6 = io_uring_setup(0x4822, 0x0)
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/devices\x00', 0x0, 0x0)
ppoll(&(0x7f0000000180)=[{r8}], 0x1, 0x0, 0x0, 0x0)
write$uinput_user_dev(r7, &(0x7f0000000c80)={'syz0\x00'}, 0x45c)
ioctl$UI_DEV_CREATE(r7, 0x5501)
close_range(r6, 0xffffffffffffffff, 0x0)
r9 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="e4e32dd2b696733552eca3e954943a18709f72fbd259a936c67ebe806ab21823f4a0c47bff45323c", 0x28}, {&(0x7f0000000100)="3a10bd003aba0c7026336b", 0xb}], 0x2, &(0x7f0000000740)=ANY=[@ANYBLOB="300000000000000017e2ffff010000001800000045f43a7ce45002bdb85e47ab3e39597e422ffab456dd963a00000000180000000000000017010000040000000602000000400000180000000000000017010000030000000100000000000079240809000000ac87448793609bd8299d6dfc465829b711ce28eb8f568438917ebd0699be96bd1485f6aaa8486e00000000e301f2e09aebda6eeb1c61f96b6d3f91c0f8c1ffbb85cfdd5b8b437a3720ba4cdfb681516c3a240207b6bbdfb37747cc7411886fdba55bcbfa68226644556e8117f9f9fc5be3b7095b2ab7c19b0c6fada03a7f9b9172f0cc960ee263e82e3232edea82b9736d65309e0ad2922ecbb7cde9ce78555fabb941d114e83b37255d6b43b2927696e4f4cf3b23086021fe4e33d049de5318ef3803ceacddc02734c96a9765486a9bf8d65791b000000000000000000000000000000000000000009d97cea3f950d55b265e480ff02c27bda4848c64ca7dcbcd060b9c0dea483c6069d2cdc473cfacc9052cc2c9e3ee037042fd329173c5e7c9ef8800a51332df5a08602a72a553035711cb9159757303a5e7d389786df44441dc82a9d32c56db8a8b3578cd0faabfa23fb46e22b45a464e35315d8c2dd3fae8b530cf8eb0d8dcb682772bed766be5208e61eab965c6c9a217a4e13f0085626c0408f381205251c18a8f6a44"], 0x60}], 0x1, 0x8001)
sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000f80)={&(0x7f0000000d40)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0], 0x14}}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000380), 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000001440)=[{{0x0, 0x0, &(0x7f0000000940)=[{&(0x7f00000001c0)=""/156, 0xff78}, {&(0x7f0000000300)=""/92, 0x33}], 0x2}}], 0x1, 0x0, 0x0)
preadv(r9, &(0x7f0000000000)=[{0x0}, {&(0x7f0000001240)=""/249, 0xf9}], 0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001140)=@base={0x0, 0x4, 0xf00, 0x8}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0}, 0x38)
write$rfkill(r9, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x4, 0xfc}, 0x8)

12.875059826s ago: executing program 4 (id=10227):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000280)=0x8)
setsockopt$CAIFSO_REQ_PARAM(0xffffffffffffffff, 0x116, 0x80, &(0x7f00000002c0)="9600ffd4031c5fcc72b00cb4a7afc9b7eb04150d7f23eb02563e7bb9fc1dcfda1138c3164fc1a3a1c99f4720ad00a766a5f1f597acf93b1464bb25115f93df667a45ff91853d3e8df165d91748e614ee19e37813358dcf0cbfd3661636a6c76394b9bdbb1c86588e64638f7ffc83897941730e970f7202a1ad7fe3b5d945ddf8c3220b5b59c01cc0d29327a2a511fa53ffe9f208624c07d6a2aaf3ae0ab4efb7114891ca7e4760bcc0e41d854a29e5bbab9a06b8efda2cbd90abfceb0eab1907ea393f4616d33a63d371b2a247a6a5b93a7b26ab", 0xd4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000180)={r5, 0x0, 0x1, '4'}, 0x9)
getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000040)={r5, 0x1}, &(0x7f00000000c0)=0x8)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FLAGS={0x8, 0x3, 0xc}]}, @IFLA_IFALIAS={0x14, 0x14, 'vlan0\x00'}]}, 0x40}}, 0x0)

12.867793448s ago: executing program 4 (id=10228):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x29, 0x4, 0x0, 0x0, 0xa4, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0x0, [{@private=0xa010102}, {@multicast1}, {@dev={0xac, 0x14, 0x14, 0x35}, 0x65c}, {@broadcast}, {@empty}, {@multicast1}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@broadcast}, {@private=0xa010100}, {@rand_addr=0x64010101}, {@multicast2}]}, @noop, @noop, @noop, @end, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

12.758980653s ago: executing program 4 (id=10230):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
munmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
r3 = socket(0x1e, 0x1, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x2f)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f00000003c0)={{{@in6=@mcast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x88}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x32}, 0x0, @in6=@empty}}, 0xe8)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_POWER_SAVE(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000318e00000008000300", @ANYRES32=r7], 0x24}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r9=>0x0})
socketpair(0x1, 0x80001, 0x0, &(0x7f0000000000)={<r10=>0xffffffffffffffff})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r10, 0x89f1, &(0x7f00000005c0)={'ip_vti0\x00', &(0x7f0000000040)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x15, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, {[@timestamp_addr={0x44, 0x2c, 0x0, 0x1, 0x0, [{@multicast1}, {@multicast1}, {@private}, {@loopback}, {@multicast2}]}, @generic={0x0, 0x10, "abefe2eaf82f271de3410eb34730"}, @noop]}}}}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r10, 0x89f2, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}})
sendmsg$NL80211_CMD_SET_BEACON(r3, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f00000004c0)={0xce4, r6, 0x10, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FTM_RESPONDER={0xa8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x78, 0x2, "0191fdb176587ad1003d1ebc33e986b6eebeed5988d60bdf833cef1828c5605cd51e20e7df4976d9da61fbfcbaee4fc5bc47eb29fe4520b4dda6bcdafb38eadd5a5d9d0ebb29e8bd0ba84541c35f8c18d24612f94faf26459095229acec0dd5af987f30c4556cde9210cb04332853485ca2ea9ee"}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x25, 0x3, "1587ef7983de068d996980ca21b8b6dc9151ace716875e3c6a5bc0a60a480da962"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}, @NL80211_ATTR_PROBE_RESP={0x693, 0x91, "26a21eac75abe28e6fb9e503446b698f786654251ec07ee4dedd5e7bcf38c0009fd51bf2e50d519107a286de51bfec2f9912c32c6f4eb71cbeddefe3906efee43e888c25008afba50f14f214f3be446b914aab92c00b7093703bffeaf2f792cee573002d200eacd7b15a98d37978139d6199c71c3a8a5188679bfac2b393663bbe57c4502b57a8bf407c9632b89aacc0450798518897b240e3a345fbbd5688f75868a1eeb04e46dd6a4caa9053d3320da7fdd9fa164b838074529f43afa614671269b753c2e9cb2bff958a9eaf1e5c212ed0a96bc8792ec700594c1a3604b7f0b860e4d966583eef1b0df9668f8efafabfd936344e04cb36317a3ee060b16a19f9830f8ecb086733e964ef71dad29f9a6eeac72d5f910a0c375ed70cf92832686885bf4a346834e0da53bbdb4348745ba12afa4ee080fc882f3742aa387eb71280ee1b744ae7dc88bae19e98bb2c91209d4654ea75de3b20a6bbc2c6c949dba5c135149a933343f12932223de7b6b4639306b40780e7bb8f66e96138870b5ddba2ecef323a2bca09a2b7ee3b2143ca978eadd504ab094abcc70910f650939b1ea5ad54d0241caeb7c5f605f1db01f8fc7bfcdda27fae00bd36e51eaace719065f62eb4c8b904a50c568032237f9ebe3d2d72c68d71e2d1aa75766e64ffab1a16107d9665b2b3a32d0d210d2ac1f2deb229a33e3f370467fa1804ca050fd5d0be5a4bf1097a61fe1be658c0cf76834b38d9d6dd0816bf15ac8ab74e107e8b15d120a370925b087f5e0daac3fe2d0fb022e2ec64c5d8cdd2b4aafc0b72b7d59a2143b7b2598b4bdcbd2f397f4f549b3e8f9bb27e6b55f076e585212f98db564db8c3bcf2ca95586caada8cbe073232d9540c165b325b111822cf87aef275a7b65439aff99915d179c331ecc8b3f7733af7ee66195e80f24889e6929a7eaa1f2708201ad3d68fa6af5ad0ba1e04b594fe2d69513f14db95af1ef3c5e1f7e86ed0de707b29feb12c85b117cfb89723e10ff2ffbe4aef520b8d0ca75142e5b6e6da7d95f2c2f1e41aa212270ba827ffab6b5f1da8ce1ffd65f386d0521ccb814ae9361bcb91ee8d7de1d247c2951dd941e277bc34460854fee1736e859c70758beb5ea1912aa0f2e1ea14421455fe2fdaac43a2c90f380b8ad080b85ac5f903e4006982c6c6ca1e17bdeec2a4639b00b2d059fa79ec005e57810e386e1ae001beb43812aa414a74bc23604975920a6b7af0bca28aea515ca064a409b298b82f649b41dacb608f9b8ff1f3758b62f23aea02587f34feda1a125aa8fa74970031af86bae60ada63465d7a036a852a56ab3b40c54e750548b4cac755159381e74d903ac0627decd2481f87d8511503c8ae9dd163e42483a9e66dbceb9b790740a280bdb1deeff0851a1d142fc4968c6428807e692a6bf66efa2fd76a1b3702f8bb9aca100d7179f33bab1db97dd644f8cd79476533f96e119c8d3a18b7656d638f69a7d9a570fcff0cfa0a38f3a0a91c0e34c919d0681e9b83c38c608bb07954a94af0bcc0392ec2ecaeb7dda1c58487ece197290cc005fdce8611d6f28ca97270d0702aa5ec8267615c726866f83d90634df68d0ff0b357098969ae1798861095804c1060121c465adbff724fccb0c5c8e0867d2d3e91385d6d449bef81fd1ac7d50c450f318d8925f7cf89e27ac4eb9c703e226d64753054bd4200249a1e06acf8f30382413f9aa02175a1e1d49ab31927e546d6bdaf47e460415760ff07787064f20b12debe987b5f30eed8632cffb3dc78ac18f84e717863a6fac15f14378450899e84fd428515a989a824393bb78db9c833624c865589ebca107f5ece2d679d57b7e05df81f3d223f52e770fd90459f5ca698f05f4e0a9906b28936855f02e9b15e0b935903b525d5b36b33d8780014aa0d658f582b27e0348830be9106d2d618b3f49dae927ab058599887aa83b453482c5eebf4d76543cfe0ed0368b31c4fab981e3990a539f49eabc26d96b5eb42c4eeda6f4a28d02b5cb7cd15c6b3aac8490843f309b04f1a5b0640521dfecc972f06bffc31ebe1a70507f7fd5bc5a950a850ccaeaeeaec771d8c75b7a489809db5968e6c929b3b04c57e53798dca17b468bf12374d4ad7d554b7e2c3f2426372bc713f11b8d9aad5082b626f645dae3a975eb6f35b94cef3661080ecb5bf72c516d8138946f750dcff9f3ba5208948c87a2ab04e1fce7410c41b2582277cca39003cdc6307de8cf90ddacbeeb09f1103513b9689757a6c1ec9cb48169aaee08052dbca020153328c8ff0eb6e2c9313ca24b77fdf8294d74499b15f74b75e7f1a3b4cad62ae4b1fb5c90fbe06ea3aec5b2ded9d5beb00d1707bc381971f77e7e568"}, @NL80211_ATTR_IE={0x54, 0x2a, [@channel_switch={0x25, 0x3, {0x1, 0x24, 0xc7}}, @ht={0x2d, 0x1a, {0x1000, 0x3, 0x0, 0x0, {0x16, 0x8, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1}, 0x6, 0x4}}, @random={0xe9, 0x2d, "714339e0ddb9176fb8cca2cc9addd0795eeba6275a00ceec5c04c22c23b05111f48baa9ef262b866c898195324"}]}, @NL80211_ATTR_PROBE_RESP={0x538, 0x91, "593ab02d0f51e86095032fb667241b2dfb97e1bd44131a9bfc823ebde8e63ef8ee647c89af6933e4faeddd12198a2a5d4d1fff6a1fd7d90c8816fdbb34b42a2725b94ddcfe860405340c80a25519102ea21efbd7d21ca9a582ec6d5f07b080bb9630d94902c5ddfcaaf69ad82204f907f72160994474105a408a393d79c05d35b4c254aae96414803459170b1139bc0e586f88adf5e7f377dc6c888fba89d43e6c79e2176921c0e718c9d71834fd6f68e8aa0dbe39fdf1d1253fac1202e8a3bbb1b37ccebb8885f3d38318d4f1442a11b8e91ef4a6768a0753bfc41322b19656dfa951467678c9d4b87c84d58156e801ed0451763d29b3711610286f9d6a424f2773ff6dfd5705acee5febde44d25b01a070ef19ed218835ab6cd8846d4ae80d6f5e0a9e2e8324d374a75746e94b55a2559c9e14e7655c8f78c8e144229a77df1dc0e4154232601f03d8f3fd5b705a4ab16e81c806afd523d4a81c44be7b9b38ab6c57fc13ae7fb0840fe67b39d39f305ba8332a84984e5376161463a36b1b93b5d8a2b3740e7612ae7317c92e652e89c9c88d7962694397150c9eb0bd71ae736cd789c4f9a34aa2c2fc21529f798fbf7859d40f05067cabe8ea3952dbb5948edfd08f763b3a3ac6e58e05003c5e2465fbb28f7b53e391b72aa90c22d26e96c7c44d2c114a6fbf7bdf8a21b561b69a5be4aee6131b68b92c6801d09341818b76c000a52f2e7fa9ba2989664ea4c2660b89313fad83a502b89a669a62f38fd69a574b0e21afebc5f8df638749c7a62ac5c787cec36ad150bfb14421b6318f72b0a32389fb19aa927f3fcad9d5cfcd386a42d527adae5c8585051c9e71decf46b385619b9119ef0f6a26045f8469d9a897cf8c2a9c0f2e497c33c2cdce6177cb8d94d831e293b77c494154282eeecec869b3b542c18a4e1aff29ac2f4c7d588c544317a48b00666e77a395aef4c9cd9f509268ae5be0a348cc8f2f5b29031f3526ef52a2d6d5e30226a182c25c57d4bc8bb04069d4ea4b947b501ecc7fc19994d8284f5d79df6864c51141b51d5b8e7dee364dfb21f83ee69ce76719db3e36f407d4c6c65034db50d2f53f190491b1e97420cebfdf2c2050cffad69c6836477d18bf0600fb360899d53bb33b8ba61da08e847640b5973af218b7a476aafb5dfd096f18ce443b33a6093c351aa20d1a915fb5f49ac724cd1ca88f6739773f121c60dd41432404b30974e5f1fae24339d1e724747b89b2a124bad6ff88cccf51e718f6d92a58203401be238b09b619b61a212a33ec1948f046f51222984bc866aee52998ca85f3eb6d1ed71ca98abcd8a33dc2c5dfab3ad58a4320c0da6c6f65054abdea64c20a6054ccdc76aa95fda34f91ce227d276f2436793cb6e665c77268726352f3dee2605d43ee68e7fae4f0225da1b6c9bfe2230079d2b0f2728f0a02eac6c011f5c442e1a89809bab855cef56d61a9d6cc56b08638bc2f92f5ba253fc944af44fa1967e6365effd7d8c75aad79ca4e8254dec7c0c47f48d50dfa3de564dcb0888b2457b5d1a2d859d86196b9e1b8562ce9adf4600e0a0cc95c23999051605a23c946ce874632f6b5dd3aa51da6911defc7ca076ca3db7f53ee711ad3283333952a747799041d5e495073fa17afa0c49c952971f4b20344413b468c67bd45b32e06c4da6f85bfecf7681801d0f0bb514579e17970733a768e875a038c289f5e56f89a4a3fb0487f45444618fcd5d7e78674f054dc878fa9440c0dc930e469000510deeb6d77cd65e5d4338fdc1c27a6147d2cfd6086ef1eb46553704466744541c926519aa40f80a4bc402e5b9452751cf1980d0f70d8f433bdd78af5e5bf0480abaf59d728bb7f8be9c977b1f009ae842e"}]}, 0xce4}, 0x1, 0x0, 0x0, 0x24040054}, 0x4040081)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$sock(r3, &(0x7f0000000100)=[{{&(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x5}}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x1000000}}, {{&(0x7f0000000180)=@pppol2tpv3={0x1e, 0x4, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, 0x80, 0x0}}], 0x2, 0x0)
accept$packet(r3, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="340000001000010400"/20, @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\f\x00+'], 0x34}}, 0x0)

12.630176922s ago: executing program 0 (id=10233):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
socket$vsock_stream(0x28, 0x1, 0x0)
accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x2710, @hyper}, 0x10, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000080)={r2, 0x1, 0x6, @multicast}, 0x10)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000140)={r2, 0x1, 0x6, @remote}, 0x10)
socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x6, @remote}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

12.600511155s ago: executing program 4 (id=10234):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/net\x00')
socket(0x200000000000011, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=@newlink={0x20, 0x10, 0x403}, 0x20}, 0x1, 0xba01}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1301000000000040cb06f573000000000001090224000100000000090400000003000000092100000001220b00090581030000000000"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f0000000000)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="02c8000c000800010002080400"], 0x11)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x12, 0xffffffffffffffff, 0x0)
socket(0x0, 0x2, 0x0)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000700)={0x1, "fa02c8098000", <r4=>0xffffffffffffffff})
r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000000)={0x2, "fa02c80a3a1e9d4b9aaf000000008d674fe69b5b7638dd031dd7504fe5809639", <r6=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r6, 0xc0303e03, &(0x7f0000000080)={"6739669f274d13b691ebe45b00e4f5b53e0ca34dd02acecdc67c5e3126628168", r4, <r7=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r7, 0xc0303e03, &(0x7f0000000080)={"000c00816800df00", r7, <r8=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r8, 0xc0383e04, &(0x7f0000000180)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f0000000100))
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

12.526125549s ago: executing program 0 (id=10235):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000000308010100000000000000000000000005000300ff0000000c0004804000014000000000060002"], 0x30}}, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x2, 0x6, 0xfaef})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32=0x0], 0x70}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000023c0)={'veth1_to_batadv\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000002540)={&(0x7f0000002400)={0x28, r2, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_FEATURES_WANTED={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x28}}, 0x0)
socket$kcm(0x29, 0x5, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r4 = open(&(0x7f0000000140)='./bus\x00', 0x400145042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x12, r4, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f0000000000)=@framed={{}, [@snprintf={{0x7, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {}, {0x85, 0x0, 0x0, 0x8}}]}, &(0x7f0000000300)='GPL\x00', 0x3}, 0x90)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='net/kcm\x00')
preadv(r6, &(0x7f0000000080)=[{&(0x7f0000000100)=""/68, 0x44}], 0x1, 0x95, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0x7)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=@ipmr_delroute={0x1c, 0x19, 0x1, 0x0, 0x0, {0x80, 0x20}}, 0x1c}}, 0x0)
write$cgroup_int(r7, &(0x7f0000000000)=0x710, 0x12)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
syz_usb_control_io$hid(r9, 0x0, 0x0)
renameat2(0xffffffffffffffff, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0)
syz_usb_control_io(r9, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)

10.084921254s ago: executing program 3 (id=10239):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
io_setup(0x6, &(0x7f0000000240))
preadv(r0, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0xfffffd6e}, {&(0x7f0000019740)=""/242}], 0x2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_open_dev$video4linux(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
gettid()
syz_emit_ethernet(0x7a, &(0x7f0000002080)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd609a618500442f00fe8000000000000000000000000000bbfc010000000000000000000000000000060000000000000000000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200000000000000000000000800655800000000"], 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7f, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000140)={0x1, @pix={0x66d}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
semop(0x0, &(0x7f0000000000)=[{0x0, 0xffff}], 0x1)
write$sysctl(0xffffffffffffffff, 0x0, 0x0)
ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, 0x0)
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x0, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r2, 0x80044d03, &(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
personality(0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000340)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
write$binfmt_script(r4, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)

9.514859346s ago: executing program 4 (id=10240):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
io_setup(0x6, &(0x7f0000000240))
preadv(r0, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0xfffffd6e}, {&(0x7f0000019740)=""/242}], 0x2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_open_dev$video4linux(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
gettid()
syz_emit_ethernet(0x7a, &(0x7f0000002080)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd609a618500442f00fe8000000000000000000000000000bbfc010000000000000000000000000000060000000000000000000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200000000000000000000000800655800000000"], 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7f, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000140)={0x1, @pix={0x66d}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
semop(0x0, &(0x7f0000000000)=[{0x0, 0xffff}], 0x1)
write$sysctl(0xffffffffffffffff, 0x0, 0x0)
ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, 0x0)
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x0, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r2, 0x80044d03, &(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
personality(0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)

9.473622793s ago: executing program 0 (id=10241):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e24, @remote}, 0xfffffffffffffd17)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x3}, 0x10)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=ANY=[@ANYBLOB="2c0000001600010000000000000000000a000000", @ANYBLOB="d8a8f682169ebbda1ba46233e2bb7eedc9499aa3fc1a9aadd905f1bb6daa0546b9ab47f9857a371ef69d0cf188269059757929e2e3fab72ff261cf289c87827ad9861de9535c4f949e7ca1b620fe9ad7642f388990a4ce3753ec27d0d05525e4a837004bccbf8c06f549ce07bcdf5cb13bfefeb6b836e0edc30e453ad9984e1b5c66c2b8fa8fd3a7948611d488d7322eea508b67ac87167bd532bb76c92828924d4a73f3bd", @ANYBLOB="140006000000000000003c000000000000000000ef276ef9d5f4a4cfd5cdc4708ad53f03b1186bccb6e5bf560ff4a35e3ace2974b859e9731f700ccacfd275875b7a18b1428bb130667990e0ad34af4142ef"], 0x2c}, 0x1, 0x0, 0x0, 0x40090}, 0x0)
setsockopt$inet_int(r1, 0x0, 0x17, &(0x7f0000000180)=0x45b, 0x4)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10)
syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000d0918108ac051582588f0000000109022d06010000000009040000030b08000009058d66c5002a0000090505"], 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000800)=ANY=[@ANYBLOB="2400000076001f18000000000000000008000000ffffffff0c000d"], 0x24}], 0x1}, 0x0)
syz_emit_ethernet(0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaabbbbbbbbbbbbbb8100240088f5446fe580499bcf963188b76351ec0de5502940b24c4eb4c3a431e6"], &(0x7f0000000400)={0x0, 0x1, [0x6cb, 0xa69, 0x2d6, 0x2be]})
syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), r2)
shutdown(0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000000c0)=[@in={0x2, 0x4e22, @local}]}, &(0x7f0000000180)=0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x11, 0x40, &(0x7f0000000800)=@raw={'raw\x00', 0x41, 0x3, 0x2b8, 0x0, 0x19, 0x0, 0x0, 0x0, 0x220, 0x1f0, 0x1f0, 0x220, 0x1f0, 0x3, 0x0, {[{{@ip={@private, @dev, 0x0, 0x0, 'wlan1\x00', 'veth1_to_bridge\x00'}, 0x0, 0xe0, 0x140, 0x0, {0x0, 0xffffffffa0028000}, [@common=@unspec=@limit={{0x48}, {0x0, 0x1}}, @common=@inet=@socket1={{0x28}, 0xc}]}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x318)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000680)={0x0, @in={{0x2, 0xfffe, @empty}}, 0x0, 0x0, 0x1, 0x0, 0xd4}, 0xffffffffffffff2b)
sendmsg$NFNL_MSG_CTHELPER_GET(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="38000000010903000000000000000000000000000c0004800800014000000001180002001400018008000100000000000800020000000000"], 0x38}}, 0x801)
sendmmsg(r0, &(0x7f0000007fc0), 0x2d, 0x0)
rt_sigsuspend(&(0x7f00000000c0)={[0x400000000001]}, 0x8)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000000)=0x2, 0x4)
prlimit64(0x0, 0x0, 0x0, 0x0)
socket(0x1e, 0x5, 0x0)
socket$alg(0x26, 0x5, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_io_uring_setup(0x2ddd, &(0x7f0000000080), 0x0, 0x0)
pipe2(&(0x7f0000000040), 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)

9.14194557s ago: executing program 3 (id=10242):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @sit={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x29}, @IFLA_IPTUN_ENCAP_FLAGS={0x6}, @IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x3}]}}}]}, 0x48}}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB="00000100000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000240)={0x0, 0x0, 0x49, "41489c22ad55d30e88e5def125fd7ef36d373d6294b36c8f173502ea17171ac8afa2ac5788a305a17caf7593d20937eb55992c196431e6bb82f244630723a653d1ce0d1d35ef38a8f2"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)

8.508393142s ago: executing program 4 (id=10243):
r0 = socket$packet(0x11, 0x0, 0x300)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xfffffffffffffed2, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03002a000b05d25a806c8c6f94f90424fc601000127a0a000600093582c137153e37080c188009ac0f000300", 0x33fe0}], 0x1}, 0x0)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000180)=@req3={0x8000, 0x7, 0x8000, 0x100}, 0x1c)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f00000010c0)={0x84, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000100000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="120100005994fe33af96db549cf375b24e1040200175ee02000003010902120001000000ed0904000000f6056600"], 0x0)
syz_usb_control_io$hid(r2, 0x0, &(0x7f0000000640)={0x2c, &(0x7f0000000240)=ANY=[@ANYBLOB="ca459e37109ecf9d72ff5c26a0d9d149d8ba248706ce1896fd4adb52f3d88f14623b707dd1"], &(0x7f00000004c0)={0x0, 0xa, 0x1}, &(0x7f0000000500)={0x0, 0x8, 0x1, 0x6}, 0x0, &(0x7f0000000600)={0x20, 0x3, 0x1}})
r3 = socket$inet_sctp(0x2, 0x4, 0x84)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
gettid()
getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0xc, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000180)={r5}, &(0x7f0000000300)=0x8)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000280)=ANY=[@ANYBLOB="1000000008140100000000000000000029f3071838079367f1cfa5e496f4f734be417da96597cc0873a2cb3058"], 0x10}}, 0x0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, 0x0, &(0x7f0000000100))
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="043e110b07"], 0xfc)
syz_usb_connect(0x0, 0x3f, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000954c53400d051b01a46f0000000109022d00010000000009040000000202ff00052406000005240000000d2402", @ANYRESHEX=0x0], 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r7=>r1, {0x1}}, './file0\x00'})
r8 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
ioctl$I2C_SMBUS(r8, 0x720, &(0x7f00000001c0)={0x0, 0x0, 0x1, 0x0})
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r7, 0x84, 0x19, &(0x7f0000000200)={0x0, 0x1}, 0x8)

7.418493437s ago: executing program 3 (id=10244):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000280)={'wg1\x00', &(0x7f0000000240)=@ethtool_pauseparam={0x1a}})

7.370274565s ago: executing program 3 (id=10245):
memfd_create(&(0x7f0000000000)='rootmode', 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000022c0)='./file0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
recvmmsg(r1, &(0x7f0000001100)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000010c0)=""/17, 0x11}}], 0x1, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
socket$tipc(0x1e, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @loopback, 0x0, 0x0, 'wrr\x00', 0x1}, 0x2c)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
sendmmsg$inet_sctp(r3, &(0x7f0000001680)=[{&(0x7f0000000000)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000380)="9eb6c2a63fb4edc901040a8b1951eb79dffb5987812de4aed9a157cf7762531dd2f096191208e5a4a8a7efb139f1f93a5b779df3f03ee199f55eb07d0354c27752e0bf779561b3912e2fbee83bd195ef4eb0", 0x52}], 0x1}], 0x1, 0xfc)
sendmmsg$inet6(r2, &(0x7f0000002b80)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x36}, 0x1}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000002c40)="f0", 0x1}], 0x1}}, {{&(0x7f0000000180)={0xa, 0x0, 0x0, @private0}, 0x1c, &(0x7f0000001640)=[{&(0x7f00000001c0)='g', 0x1}], 0x1}}], 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000280), &(0x7f0000000340)=0x8)
socket$inet6_sctp(0xa, 0x5, 0x84)

6.510310496s ago: executing program 3 (id=10246):
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9\x04@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VSA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000340)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x13, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x14, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0]}, @cipso={0x86, 0x20, 0x0, [{0x0, 0xb, "34a6caf58db76931cc"}, {0x0, 0xf, "e39335900f115624170e15dad0"}]}, @noop]}}}}})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000000), 0x182000)
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x77, 0x101301)
ioctl$USBDEVFS_BULK(r2, 0x80045515, &(0x7f0000000000)={{}, 0x0, 0x0, 0x0})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r5 = socket(0x1, 0x3, 0x0)
setsockopt$sock_int(r5, 0x1, 0x10, &(0x7f0000000540)=0xb5, 0x4)
bind$unix(r5, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
r6 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_STATISTICS(0xffffffffffffffff, 0x11b, 0x7, &(0x7f00000019c0), &(0x7f0000000000)=0x30)
bind$unix(r5, &(0x7f0000000300)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
listen(r6, 0xff)
sendmmsg$unix(r5, &(0x7f0000002100)=[{{&(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0)
syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f0000000cc0)=ANY=[], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000000000080b70400000000000085000000330000008500000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r7, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000240)="5b01ffffa0b6", 0x0, 0x0, 0x0, 0x0, 0x0})
writev(r4, &(0x7f0000000240)=[{&(0x7f0000000800)='9', 0x1}], 0x6)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
writev(r3, &(0x7f0000000580)=[{&(0x7f0000000080)="268292", 0xfff6}], 0x1)
write$binfmt_script(r1, &(0x7f0000000240), 0x208e24b)
syz_usb_control_io$hid(r0, 0x0, 0x0)
io_uring_setup(0x28aa, &(0x7f00000003c0)={0x0, 0x4854, 0x400, 0x3, 0x1c6, 0x0, r1})
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0)

6.414144789s ago: executing program 0 (id=10247):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'gre0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x29, 0x4, 0x0, 0x0, 0xa4, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x3c, 0xc0, 0x3, 0x0, [{@private=0xa010102}, {@multicast1}, {@dev={0xac, 0x14, 0x14, 0x35}, 0x65c}, {@broadcast}, {@empty}, {@multicast1}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@broadcast}, {@private=0xa010100}, {@rand_addr=0x64010101}, {@multicast2}]}, @noop, @noop, @noop, @end, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

6.293128024s ago: executing program 0 (id=10248):
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000000c0), 0x4)
set_mempolicy(0x3, &(0x7f0000000040)=0x10000000005, 0x7)
set_mempolicy(0x8000, &(0x7f0000000000)=0x1, 0x26d5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x0, 0x0)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000003680)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @ipv4={'\x00', '\xff\xff', @local}, @empty}}}}}}, 0x0)
setxattr$trusted_overlay_opaque(&(0x7f0000000140)='./file2\x00', &(0x7f0000000180), &(0x7f00000001c0), 0x2, 0x2)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r1, 0x0, 0x0)
sched_rr_get_interval(0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f00000083c0))
prlimit64(0x0, 0x0, 0x0, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x3)
ioctl$TCFLSH(r2, 0x540b, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000200))
syz_io_uring_setup(0x0, &(0x7f0000000200), 0x0, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x7, 0x2)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
pread64(r3, &(0x7f0000000180)=""/38, 0x26, 0x300000000000000)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000100)={0x0, 0x1, 0x2})
socket$netlink(0x10, 0x3, 0xb)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000280)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in=@remote, @in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x0, 0x0, 0x4e20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in=@broadcast, 0x4d3, 0x6c}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x4002}, 0x0)

5.254771941s ago: executing program 0 (id=10249):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000000308010100000000000000000000000005000300ff0000000c0004804000014000000000060002"], 0x30}}, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000280)={0x0, 0x2, 0x6, 0xfaef})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32=0x0], 0x70}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000023c0)={'veth1_to_batadv\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000002540)={&(0x7f0000002400)={0x28, r2, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_FEATURES_WANTED={0x8, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x28}}, 0x0)
socket$kcm(0x29, 0x5, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r4 = open(&(0x7f0000000140)='./bus\x00', 0x400145042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x12, r4, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x8, 0x10, &(0x7f0000000000)=@framed={{}, [@snprintf={{0x7, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {}, {0x85, 0x0, 0x0, 0x8}}]}, &(0x7f0000000300)='GPL\x00', 0x3}, 0x90)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='net/kcm\x00')
preadv(r6, &(0x7f0000000080)=[{&(0x7f0000000100)=""/68, 0x44}], 0x1, 0x95, 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB], 0x7)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=@ipmr_delroute={0x1c, 0x19, 0x1, 0x0, 0x0, {0x80, 0x20}}, 0x1c}}, 0x0)
write$cgroup_int(r7, &(0x7f0000000000)=0x710, 0x12)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x0)
r9 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010100000000105801000100000000000109022400010000002009040000010300000009210000000122dc01090589"], 0x0)
syz_usb_control_io$hid(r9, 0x0, 0x0)
renameat2(0xffffffffffffffff, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003000012002505a8a4f0"], 0x0)
syz_usb_control_io(r9, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)

0s ago: executing program 3 (id=10250):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
io_setup(0x6, &(0x7f0000000240))
preadv(r0, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0xfffffd6e}, {&(0x7f0000019740)=""/242}], 0x2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_open_dev$video4linux(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
gettid()
syz_emit_ethernet(0x7a, &(0x7f0000002080)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd609a618500442f00fe8000000000000000000000000000bbfc010000000000000000000000000000060000000000000000000800000086dd080088be00000000100000000100000000000000080022eb00000000200000000200000000000000000000000800655800000000"], 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7f, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000140)={0x1, @pix={0x66d}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
semop(0x0, &(0x7f0000000000)=[{0x0, 0xffff}], 0x1)
write$sysctl(0xffffffffffffffff, 0x0, 0x0)
ioctl$vim2m_VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, 0x0)
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x0, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r2, 0x80044d03, &(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
personality(0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000340)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90)
write$binfmt_script(r3, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)

kernel console output (not intermixed with test programs):

: failed to get vendor val 0x3711 size 2: -71
[ 2465.999236][T15938] cp210x 4-1:0.0: GPIO initialisation failed: -71
[ 2465.999898][T16199] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2466.014404][T15938] usb 4-1: cp210x converter now attached to ttyUSB0
[ 2466.032922][T16199] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2466.036751][T15938] usb 4-1: USB disconnect, device number 50
[ 2466.066845][T16199] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2466.079496][T15938] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 2466.088029][T16199] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2466.098496][T16199] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2466.126954][T15938] cp210x 4-1:0.0: device disconnected
[ 2466.157169][T16199] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2466.384072][T10276] Bluetooth: hci0: command tx timeout
[ 2466.457831][T16199] hsr_slave_0: entered promiscuous mode
[ 2466.486454][T16199] hsr_slave_1: entered promiscuous mode
[ 2466.493165][T16199] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2466.508001][T16199] Cannot create hsr debugfs directory
[ 2466.784666][T10276] Bluetooth: hci1: command tx timeout
[ 2466.818846][ T3714] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 2467.013152][T16469] chnl_net:caif_netlink_parms(): no params data found
[ 2467.024335][ T3714] usb 2-1: Using ep0 maxpacket: 8
[ 2467.042699][ T3714] usb 2-1: config 1 interface 0 altsetting 7 bulk endpoint 0x1 has invalid maxpacket 1024
[ 2467.070726][ T3714] usb 2-1: config 1 interface 0 altsetting 7 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 2467.108357][ T3714] usb 2-1: config 1 interface 0 has no altsetting 0
[ 2467.118602][ T3714] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 2467.155562][ T3714] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2467.175890][ T3714] usb 2-1: Product: syz
[ 2467.184954][ T3714] usb 2-1: Manufacturer: 瘢�Ꞽ�걔텈綣삃擇먊㌙ఆ�䢹�픭抿장㞠㈾뒛扣託塛涀ಥ潸��랗�ⱪ좾찓紹쮮�胲☇�꡽讅㣟�秊
[ 2467.185214][T10276] Bluetooth: hci3: command tx timeout
[ 2467.208605][ T3714] usb 2-1: SerialNumber: syz
[ 2467.237976][T16744] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 2467.248718][T16744] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 2467.342328][ T6076] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2467.551405][ T6076] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2467.656106][ T6076] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2467.685252][T16737] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2467.698521][T16737] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2467.712277][T16737] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2467.722208][T16737] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2467.754143][ T3714] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 40 if 0 alt 7 proto 1 vid 0x0525 pid 0xA4A8
[ 2467.769109][ T3714] usb 2-1: USB disconnect, device number 40
[ 2467.778381][ T3714] usblp0: removed
[ 2467.906911][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[ 2467.913526][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[ 2467.922372][T16513] chnl_net:caif_netlink_parms(): no params data found
[ 2467.978679][ T6076] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2468.001992][T16469] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2468.017066][T16469] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2468.028929][T16469] bridge_slave_0: entered allmulticast mode
[ 2468.047672][T16469] bridge_slave_0: entered promiscuous mode
[ 2468.062499][T16469] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2468.082369][T16469] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2468.092747][T16469] bridge_slave_1: entered allmulticast mode
[ 2468.106428][T16469] bridge_slave_1: entered promiscuous mode
[ 2468.452952][T16469] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2468.465923][T10276] Bluetooth: hci0: command tx timeout
[ 2468.479162][T16469] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2468.661371][T16469] team0: Port device team_slave_0 added
[ 2468.681278][T16513] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2468.694295][T16513] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2468.701748][T16513] bridge_slave_0: entered allmulticast mode
[ 2468.714870][T16513] bridge_slave_0: entered promiscuous mode
[ 2468.722947][T16513] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2468.733223][T16513] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2468.740600][T16513] bridge_slave_1: entered allmulticast mode
[ 2468.749961][T16513] bridge_slave_1: entered promiscuous mode
[ 2468.762687][T16469] team0: Port device team_slave_1 added
[ 2468.875536][T10276] Bluetooth: hci1: command tx timeout
[ 2468.938147][T16513] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2468.965308][T16469] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2468.972283][T16469] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2469.004413][T16469] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2469.053429][T16513] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2469.070421][T16469] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2469.083320][T16469] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2469.123880][T16469] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2469.227243][T17256] netlink: 'syz.3.9949': attribute type 10 has an invalid length.
[ 2469.264887][T10276] Bluetooth: hci3: command tx timeout
[ 2469.279012][T17256] team0: Failed to send options change via netlink (err -105)
[ 2469.298216][T17256] team0: Port device netdevsim0 added
[ 2469.380698][ T6076] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2469.551691][T16199] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 2469.643899][T15938] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[ 2469.644033][ T6076] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2469.678315][T16513] team0: Port device team_slave_0 added
[ 2469.691994][T16469] hsr_slave_0: entered promiscuous mode
[ 2469.700828][T16469] hsr_slave_1: entered promiscuous mode
[ 2469.708766][T16469] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2469.716569][T16469] Cannot create hsr debugfs directory
[ 2469.722303][T16199] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 2469.735463][T17331] netlink: 24 bytes leftover after parsing attributes in process `syz.1.9952'.
[ 2469.745594][T16199] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 2469.769739][T16513] team0: Port device team_slave_1 added
[ 2469.802252][ T6076] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2469.820515][T16199] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 2469.842014][T15938] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2469.855746][T15938] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 2469.880512][T15938] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2469.889835][T15938] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2469.899741][T15938] usb 4-1: Product: syz
[ 2469.905361][T15938] usb 4-1: Manufacturer: syz
[ 2469.909988][T15938] usb 4-1: SerialNumber: syz
[ 2469.981458][ T6076] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2469.999150][T16513] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2470.008248][T16513] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2470.034738][T16513] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2470.090932][T16513] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2470.098595][T16513] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2470.103772][ T3693] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[ 2470.126861][T16513] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2470.278285][T16513] hsr_slave_0: entered promiscuous mode
[ 2470.289317][T16513] hsr_slave_1: entered promiscuous mode
[ 2470.297355][T16513] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2470.305922][T16513] Cannot create hsr debugfs directory
[ 2470.333622][ T3693] usb 2-1: Using ep0 maxpacket: 16
[ 2470.347083][ T3693] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2470.376371][ T3693] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2470.394570][ T3693] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2470.413174][ T3693] usb 2-1: config 0 descriptor??
[ 2470.580092][ T6076] bridge_slave_1: left allmulticast mode
[ 2470.587664][ T6076] bridge_slave_1: left promiscuous mode
[ 2470.594565][ T6076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2470.609913][ T6076] bridge_slave_0: left allmulticast mode
[ 2470.616811][ T6076] bridge_slave_0: left promiscuous mode
[ 2470.622617][ T6076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2470.635329][ T6076] bridge_slave_1: left allmulticast mode
[ 2470.641052][ T6076] bridge_slave_1: left promiscuous mode
[ 2470.647207][ T6076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2470.658146][ T6076] bridge_slave_0: left allmulticast mode
[ 2470.664812][ T6076] bridge_slave_0: left promiscuous mode
[ 2470.670568][ T6076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2470.829293][T17336] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2470.844752][T17336] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2470.866392][ T3693] usbhid 2-1:0.0: can't add hid device: -71
[ 2470.891009][ T3693] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2470.903886][ T3693] usb 2-1: USB disconnect, device number 41
[ 2470.960390][T15938] cdc_ncm 4-1:1.0: bind() failure
[ 2470.966496][T10276] Bluetooth: hci1: command tx timeout
[ 2470.982499][T15938] cdc_ncm 4-1:1.1: probe with driver cdc_ncm failed with error -71
[ 2470.991458][T15938] cdc_mbim 4-1:1.1: probe with driver cdc_mbim failed with error -71
[ 2471.000613][T15938] usbtest 4-1:1.1: probe with driver usbtest failed with error -71
[ 2471.019842][T15938] usb 4-1: USB disconnect, device number 51
[ 2471.353916][T10276] Bluetooth: hci3: command tx timeout
[ 2471.710371][T17525] netlink: 36 bytes leftover after parsing attributes in process `syz.3.9959'.
[ 2471.811894][T17523] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9958'.
[ 2471.821654][ T6076] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2471.848584][ T6076] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2471.876597][ T6076] bond0 (unregistering): Released all slaves
[ 2471.943869][   T29] audit: type=1326 audit(1720382565.987:3133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17528 comm="syz.3.9960" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6624d75bd9 code=0x0
[ 2472.166969][ T6076] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2472.179846][ T6076] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2472.192644][ T6076] bond0 (unregistering): Released all slaves
[ 2472.251379][T17523] netlink: 'syz.1.9958': attribute type 10 has an invalid length.
[ 2472.274384][T17523] netlink: 55 bytes leftover after parsing attributes in process `syz.1.9958'.
[ 2472.338936][T17523] team0: Port device virt_wifi0 added
[ 2472.807732][T16199] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2473.019278][T15938] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 2473.078918][T16199] 8021q: adding VLAN 0 to HW filter on device team0
[ 2473.223627][T15938] usb 2-1: Using ep0 maxpacket: 16
[ 2473.231945][ T3693] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2473.239158][ T3693] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2473.252549][T15938] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2473.278205][T15938] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2473.308457][T15938] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2473.315014][ T3714] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2473.323739][ T3714] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2473.367184][T15938] usb 2-1: config 0 descriptor??
[ 2473.387252][T19730] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2473.398793][T19730] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2473.407597][T19730] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2473.429951][T19730] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2473.439506][T19730] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 2473.449093][T19730] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2473.483088][ T6076] hsr_slave_0: left promiscuous mode
[ 2473.510263][ T6076] hsr_slave_1: left promiscuous mode
[ 2473.517002][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2473.534048][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2473.542400][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2473.553922][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2473.579653][ T6076] hsr_slave_0: left promiscuous mode
[ 2473.594630][ T6076] hsr_slave_1: left promiscuous mode
[ 2473.605326][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2473.618217][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2473.638823][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2473.649829][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2473.736623][ T6076] veth1_macvtap: left promiscuous mode
[ 2473.742292][ T6076] veth0_macvtap: left promiscuous mode
[ 2473.756085][ T6076] veth1_vlan: left promiscuous mode
[ 2473.761455][ T6076] veth0_vlan: left promiscuous mode
[ 2473.768553][ T6076] veth1_macvtap: left promiscuous mode
[ 2473.781235][ T6076] veth0_macvtap: left promiscuous mode
[ 2473.787030][T17576] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2473.803867][ T6076] veth1_vlan: left promiscuous mode
[ 2473.804964][T17576] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2473.814175][ T6076] veth0_vlan: left promiscuous mode
[ 2473.832804][T15938] usbhid 2-1:0.0: can't add hid device: -71
[ 2473.839358][T15938] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2473.864019][T15938] usb 2-1: USB disconnect, device number 42
[ 2474.624874][ T6076] team0 (unregistering): Port device team_slave_1 removed
[ 2474.706787][ T6076] team0 (unregistering): Port device team_slave_0 removed
[ 2475.507194][T10276] Bluetooth: hci2: command tx timeout
[ 2475.949419][ T6076] team0 (unregistering): Port device team_slave_1 removed
[ 2476.015252][ T6076] team0 (unregistering): Port device team_slave_0 removed
[ 2476.838573][T17664] netlink: 36 bytes leftover after parsing attributes in process `syz.1.9967'.
[ 2476.882073][T16469] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2477.045880][T16469] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2477.081655][T16469] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2477.179906][T16469] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2477.457936][ T3693] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 2477.594200][T10276] Bluetooth: hci2: command tx timeout
[ 2477.705811][ T3693] usb 2-1: Using ep0 maxpacket: 16
[ 2477.724188][ T3693] usb 2-1: config 1 interface 0 altsetting 1 bulk endpoint 0x1 has invalid maxpacket 32
[ 2477.758195][ T3693] usb 2-1: config 1 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2477.779253][T16199] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2477.803784][ T3693] usb 2-1: config 1 interface 0 has no altsetting 0
[ 2477.863436][T17618] chnl_net:caif_netlink_parms(): no params data found
[ 2478.370165][ T6076] IPVS: stop unused estimator thread 0...
[ 2478.413031][T16469] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2478.492893][T17618] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2478.503200][T17618] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2478.514912][T17618] bridge_slave_0: entered allmulticast mode
[ 2478.530528][T17618] bridge_slave_0: entered promiscuous mode
[ 2478.560674][T17618] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2478.571438][T17618] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2478.584904][T17618] bridge_slave_1: entered allmulticast mode
[ 2478.610803][T17618] bridge_slave_1: entered promiscuous mode
[ 2478.662127][T16513] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2478.707757][T16469] 8021q: adding VLAN 0 to HW filter on device team0
[ 2478.767796][T17618] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2478.780299][T16513] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2478.827042][T16513] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2478.882511][T16199] veth0_vlan: entered promiscuous mode
[ 2478.907208][T17618] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2478.922428][T15979] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2478.931682][T15979] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2478.952169][T16513] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2479.087452][ T6076] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2479.151227][T16199] veth1_vlan: entered promiscuous mode
[ 2479.251736][T15979] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2479.258939][T15979] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2479.369327][ T6076] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2479.449118][T17618] team0: Port device team_slave_0 added
[ 2479.557803][ T6076] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2479.603376][T17618] team0: Port device team_slave_1 added
[ 2479.663830][T10276] Bluetooth: hci2: command tx timeout
[ 2479.727548][ T6076] team0: Port device netdevsim0 removed
[ 2479.737821][ T6076] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2479.887563][T17618] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2479.905817][T17618] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2479.939494][T17618] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2479.958638][T17618] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2479.971323][T17618] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2480.005610][T17618] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2480.122467][ T3693] usb 2-1: string descriptor 0 read error: -71
[ 2480.144585][ T3693] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 2480.166557][ T3693] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2480.197282][ T3693] usb 2-1: can't set config #1, error -71
[ 2480.228125][ T3693] usb 2-1: USB disconnect, device number 43
[ 2480.327614][T16199] veth0_macvtap: entered promiscuous mode
[ 2480.353237][T16199] veth1_macvtap: entered promiscuous mode
[ 2480.427691][T17618] hsr_slave_0: entered promiscuous mode
[ 2480.447428][T17618] hsr_slave_1: entered promiscuous mode
[ 2480.454748][T17618] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2480.462548][T17618] Cannot create hsr debugfs directory
[ 2480.717498][T16513] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2480.763945][T16199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2480.807150][T16199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2480.820025][T16199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2480.833819][T16199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2480.855943][T16199] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2480.866527][ T6076] bridge_slave_1: left allmulticast mode
[ 2480.872203][ T6076] bridge_slave_1: left promiscuous mode
[ 2480.885016][ T6076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2480.901947][ T6076] bridge_slave_0: left allmulticast mode
[ 2480.913542][ T6076] bridge_slave_0: left promiscuous mode
[ 2480.919330][ T6076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2481.656802][T15938] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 2481.743676][T10276] Bluetooth: hci2: command tx timeout
[ 2481.800533][ T6076] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2481.815340][ T6076] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2481.828268][ T6076] bond0 (unregistering): Released all slaves
[ 2481.861491][T16199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2481.876221][T15938] usb 2-1: Using ep0 maxpacket: 8
[ 2481.883667][T16199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2481.890900][T15938] usb 2-1: config 4 has an invalid interface number: 216 but max is 1
[ 2481.894120][T16199] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2481.908791][T15938] usb 2-1: config 4 has no interface number 1
[ 2481.921285][T15938] usb 2-1: config 4 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2481.924934][T16199] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2481.940123][T15938] usb 2-1: config 4 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2481.944733][T16199] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2481.969481][T15938] usb 2-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice=1d.68
[ 2481.984478][T15938] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2482.019041][T15938] usb 2-1: Product: syz
[ 2482.023224][T15938] usb 2-1: Manufacturer: syz
[ 2482.029899][T15938] usb 2-1: SerialNumber: syz
[ 2482.035622][T16199] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2482.045877][T16199] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2482.055212][T16199] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2482.057176][T15938] r8712u: register rtl8712_netdev_ops to netdev_ops
[ 2482.065973][T16199] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2482.081375][T15938] usb 2-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[ 2482.177683][T16513] 8021q: adding VLAN 0 to HW filter on device team0
[ 2482.277851][T15938] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed
[ 2482.291668][T15938] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[ 2482.300250][T15938] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[ 2482.325018][T15938] r8712u: register rtl8712_netdev_ops to netdev_ops
[ 2482.333418][T15938] usb 2-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[ 2482.345817][T15938] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed
[ 2482.360758][T15938] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[ 2482.371989][T15938] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[ 2482.432822][T15938] usb 2-1: USB disconnect, device number 44
[ 2482.458223][ T3689] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2482.465352][ T3689] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2482.554720][T16469] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2482.640047][ T3713] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2482.647252][ T3713] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2482.734688][ T6076] hsr_slave_0: left promiscuous mode
[ 2482.740750][ T6076] hsr_slave_1: left promiscuous mode
[ 2482.749729][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2482.759265][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2482.770776][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2482.778320][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2482.813462][ T6076] veth1_macvtap: left promiscuous mode
[ 2482.819139][ T6076] veth0_macvtap: left promiscuous mode
[ 2482.825538][ T6076] veth1_vlan: left promiscuous mode
[ 2482.830908][ T6076] veth0_vlan: left promiscuous mode
[ 2483.705928][ T6076] team0 (unregistering): Port device team_slave_1 removed
[ 2483.774132][ T6076] team0 (unregistering): Port device team_slave_0 removed
[ 2484.390350][T14705] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2484.423709][T14705] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2484.611647][T11843] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2484.624986][T16469] veth0_vlan: entered promiscuous mode
[ 2484.654609][T11843] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2484.708921][T16469] veth1_vlan: entered promiscuous mode
[ 2484.877627][T17618] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2484.952616][T17618] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2484.963012][T17618] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2484.987596][T17618] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2485.074229][T16469] veth0_macvtap: entered promiscuous mode
[ 2485.099553][T16469] veth1_macvtap: entered promiscuous mode
[ 2485.161308][T16513] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2485.287692][T16469] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2485.313197][T16469] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2485.327541][T16469] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2485.340650][T16469] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2485.358846][T18198] xt_limit: Overflow, try lower: 4294967295/4294966784
[ 2485.382734][T16469] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2485.409465][T16469] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2485.431756][T16469] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2485.447644][T16469] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2485.463870][T16469] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2485.478053][T16469] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2485.517289][T16469] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2485.533020][T16469] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2485.553416][T16469] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2485.565821][T16469] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2485.877357][T16513] veth0_vlan: entered promiscuous mode
[ 2485.957442][T16513] veth1_vlan: entered promiscuous mode
[ 2485.979699][T23582] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2486.000016][T23582] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2486.139147][T17618] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2486.225160][T14705] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2486.258191][T14705] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2486.274787][T17618] 8021q: adding VLAN 0 to HW filter on device team0
[ 2486.309766][T16513] veth0_macvtap: entered promiscuous mode
[ 2486.329441][ T3693] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2486.336567][ T3693] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2486.370645][T16513] veth1_macvtap: entered promiscuous mode
[ 2486.382056][T18227] xt_limit: Overflow, try lower: 4294967295/4294966784
[ 2486.465792][ T3693] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2486.472918][ T3693] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2486.600729][T16513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2486.634704][T16513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2486.665773][T16513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2486.693966][T16513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2486.725525][T16513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2486.749774][T16513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2486.770958][T16513] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2486.802066][T16513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2486.848982][T16513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2486.872769][T16513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2486.894762][T16513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2486.911972][T16513] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2486.947088][T16513] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2486.986090][T16513] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2487.041343][T17618] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 2487.095847][T16513] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2487.117200][T16513] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2487.136022][T16513] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2487.159336][T16513] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2487.378761][T17618] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2487.488692][T19026] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2487.530041][T19026] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2487.547039][T18262] xt_limit: Overflow, try lower: 4294967295/4294966784
[ 2487.661624][T32209] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2487.681742][T32209] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2487.730235][T17618] veth0_vlan: entered promiscuous mode
[ 2487.771801][T17618] veth1_vlan: entered promiscuous mode
[ 2487.852123][T17618] veth0_macvtap: entered promiscuous mode
[ 2487.882208][T17618] veth1_macvtap: entered promiscuous mode
[ 2487.905540][T18272] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9940'.
[ 2487.918309][T17618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2487.942592][T17618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2487.957530][T17618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2487.970205][T17618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2487.986008][T17618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2488.002020][T17618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2488.037792][T17618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2488.055172][T17618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2488.082948][T18276] syz.4.9940: attempt to access beyond end of device
[ 2488.082948][T18276] loop16: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2488.109217][T17618] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2488.139624][T17618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2488.159809][T17618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2488.173092][T17618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2488.184922][T17618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2488.212469][T17618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2488.271692][T17618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2488.304312][T17618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2488.322465][T17618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2488.349528][T17618] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2488.381751][T17618] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2488.413559][T17618] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2488.430276][T17618] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2488.442892][T17618] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2488.443652][T12677] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[ 2488.563426][T18291] netlink: 48 bytes leftover after parsing attributes in process `syz.1.9996'.
[ 2488.683583][T12677] usb 5-1: Using ep0 maxpacket: 16
[ 2488.696286][T12677] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2488.696946][T23582] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2488.733415][T23582] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2488.741405][T12677] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2488.741437][T12677] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2488.752958][T12677] usb 5-1: config 0 descriptor??
[ 2488.846820][ T2456] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2488.865710][ T2456] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2489.025798][T18313] xt_limit: Overflow, try lower: 4294967295/4294966784
[ 2489.213889][T18272] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2489.238041][T18272] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2489.261880][T12677] hid (null): unknown global tag 0xd
[ 2489.280115][T12677] hid (null): unknown global tag 0xd
[ 2489.290742][T12677] hid (null): unknown global tag 0xe
[ 2489.325931][T12677] hid-generic 0003:0158:0100.00D3: unknown main item tag 0x1
[ 2489.368136][T12677] hid-generic 0003:0158:0100.00D3: unexpected long global item
[ 2489.376847][T12677] hid-generic 0003:0158:0100.00D3: probe with driver hid-generic failed with error -22
[ 2489.479910][ T3693] usb 5-1: USB disconnect, device number 72
[ 2489.653350][ T6076] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2489.851133][ T6076] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2490.050967][ T6076] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2490.162009][ T6076] netdevsim netdevsim1 jÊb (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2490.245875][T19730] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2490.267165][T19730] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2490.270289][T18367] netlink: 104 bytes leftover after parsing attributes in process `syz.4.10006'.
[ 2490.285683][T19730] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2490.301604][T19730] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2490.317669][T19730] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 2490.326913][T19730] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2490.523136][T18383] netlink: 'syz.4.10008': attribute type 6 has an invalid length.
[ 2490.615696][T18383] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.10008'.
[ 2490.639378][ T6076] bridge_slave_1: left allmulticast mode
[ 2490.650210][ T6076] bridge_slave_1: left promiscuous mode
[ 2490.663254][ T6076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2490.694807][ T6076] bridge_slave_0: left allmulticast mode
[ 2490.700703][ T6076] bridge_slave_0: left promiscuous mode
[ 2490.722159][ T6076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2491.991385][ T6076] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2492.021051][ T6076] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2492.058550][ T6076] bond0 (unregistering): Released all slaves
[ 2492.233099][T18455] FAULT_INJECTION: forcing a failure.
[ 2492.233099][T18455] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2492.303056][T18455] CPU: 0 PID: 18455 Comm: syz.4.10014 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0
[ 2492.313332][T18455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2492.323402][T18455] Call Trace:
[ 2492.326694][T18455]  <TASK>
[ 2492.329647][T18455]  dump_stack_lvl+0x241/0x360
[ 2492.334326][T18455]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2492.339536][T18455]  ? __pfx__printk+0x10/0x10
[ 2492.344137][T18455]  ? __pfx_lock_release+0x10/0x10
[ 2492.349184][T18455]  should_fail_ex+0x3b0/0x4e0
[ 2492.353859][T18455]  _copy_to_user+0x2f/0xb0
[ 2492.358267][T18455]  put_sg_io_hdr+0x120/0xb10
[ 2492.362903][T18455]  ? __pfx_put_sg_io_hdr+0x10/0x10
[ 2492.368089][T18455]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2492.374057][T18455]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2492.380369][T18455]  ? _raw_write_lock_irq+0xdf/0x120
[ 2492.385571][T18455]  sg_new_read+0x422/0x5c0
[ 2492.390040][T18455]  ? lockdep_hardirqs_on+0x99/0x150
[ 2492.395238][T18455]  sg_ioctl+0x27e6/0x2e80
[ 2492.399611][T18455]  ? __pfx_sg_ioctl+0x10/0x10
[ 2492.404287][T18455]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 2492.410350][T18455]  ? __fget_files+0x3f6/0x470
[ 2492.415019][T18455]  ? __fget_files+0x29/0x470
[ 2492.419603][T18455]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 2492.424538][T18455]  ? security_file_ioctl+0x87/0xb0
[ 2492.429644][T18455]  ? __pfx_sg_ioctl+0x10/0x10
[ 2492.434323][T18455]  __se_sys_ioctl+0xfc/0x170
[ 2492.438912][T18455]  do_syscall_64+0xf3/0x230
[ 2492.443446][T18455]  ? clear_bhb_loop+0x35/0x90
[ 2492.448117][T18455]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2492.454009][T18455] RIP: 0033:0x7f966eb75bd9
[ 2492.458415][T18455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2492.478021][T18455] RSP: 002b:00007f966f9ed048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2492.486434][T18455] RAX: ffffffffffffffda RBX: 00007f966ed03f60 RCX: 00007f966eb75bd9
[ 2492.494424][T18455] RDX: 00000000200005c0 RSI: 0000000000002285 RDI: 0000000000000003
[ 2492.502410][T18455] RBP: 00007f966f9ed0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2492.510383][T18455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2492.518347][T18455] R13: 000000000000000b R14: 00007f966ed03f60 R15: 00007f966ee2fa68
[ 2492.526322][T18455]  </TASK>
[ 2492.618407][T19730] Bluetooth: hci4: command tx timeout
[ 2492.711855][T18442] netlink: 4552 bytes leftover after parsing attributes in process `syz.2.10013'.
[ 2492.805177][T18442] netlink: 4552 bytes leftover after parsing attributes in process `syz.2.10013'.
[ 2493.020045][T18528] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10017'.
[ 2493.095333][T18370] chnl_net:caif_netlink_parms(): no params data found
[ 2493.102317][ T3713] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[ 2493.182770][ T6076] hsr_slave_0: left promiscuous mode
[ 2493.199837][ T6076] hsr_slave_1: left promiscuous mode
[ 2493.223984][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2493.231484][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2493.265232][ T3713] usb 3-1: device descriptor read/64, error -71
[ 2493.273079][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2493.273614][ T3689] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[ 2493.288978][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2493.329642][ T6076] veth1_macvtap: left promiscuous mode
[ 2493.339927][ T6076] veth0_macvtap: left promiscuous mode
[ 2493.346222][T15938] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[ 2493.362724][ T6076] veth1_vlan: left promiscuous mode
[ 2493.369547][ T6076] veth0_vlan: left promiscuous mode
[ 2493.483585][ T3689] usb 5-1: Using ep0 maxpacket: 16
[ 2493.490775][ T3689] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2493.529179][ T3689] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2493.539698][ T3713] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[ 2493.555348][T15938] usb 4-1: Using ep0 maxpacket: 16
[ 2493.562787][T15938] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2493.569128][ T3689] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2493.582524][T15938] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2493.613611][T15938] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2493.614740][ T3689] usb 5-1: config 0 descriptor??
[ 2493.626664][T15938] usb 4-1: config 0 descriptor??
[ 2493.733888][ T3713] usb 3-1: device descriptor read/64, error -71
[ 2493.854068][ T3713] usb usb3-port1: attempt power cycle
[ 2493.936716][ T6076] team0 (unregistering): Port device virt_wifi0 removed
[ 2494.052719][T18555] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2494.071403][T18555] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2494.078230][T18563] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2494.092944][T18563] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2494.121382][T15938] hid (null): global environment stack underflow
[ 2494.131076][T15938] hid (null): unknown global tag 0x83
[ 2494.155061][T15938] hid (null): unknown global tag 0xc
[ 2494.160428][T15938] hid (null): global environment stack underflow
[ 2494.171884][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x1
[ 2494.179824][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x0
[ 2494.188150][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x0
[ 2494.198371][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x0
[ 2494.206420][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x0
[ 2494.218431][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x0
[ 2494.226393][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x0
[ 2494.234334][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x0
[ 2494.241772][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x0
[ 2494.249933][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x0
[ 2494.257937][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x0
[ 2494.265969][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x0
[ 2494.275118][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x0
[ 2494.282695][ T3713] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[ 2494.282725][T15938] hid-generic 0003:0158:0100.00D4: unknown main item tag 0x0
[ 2494.298602][T15938] hid-generic 0003:0158:0100.00D4: global environment stack underflow
[ 2494.309625][T15938] hid-generic 0003:0158:0100.00D4: item 0 1 1 11 parsing failed
[ 2494.318451][T15938] hid-generic 0003:0158:0100.00D4: probe with driver hid-generic failed with error -22
[ 2494.340572][ T3689] usbhid 5-1:0.0: can't add hid device: -71
[ 2494.344937][T15938] usb 4-1: USB disconnect, device number 52
[ 2494.349780][ T3713] usb 3-1: device descriptor read/8, error -71
[ 2494.366767][ T3689] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 2494.400913][ T3689] usb 5-1: USB disconnect, device number 73
[ 2494.531623][ T6076] team0 (unregistering): Port device team_slave_1 removed
[ 2494.596184][ T6076] team0 (unregistering): Port device team_slave_0 removed
[ 2494.658465][ T3713] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[ 2494.695669][ T3713] usb 3-1: device descriptor read/8, error -71
[ 2494.703931][T19730] Bluetooth: hci4: command tx timeout
[ 2494.816251][ T3713] usb usb3-port1: unable to enumerate USB device
[ 2495.008139][   T29] audit: type=1326 audit(1720382589.047:3134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18627 comm="syz.4.10024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f966eb75bd9 code=0x7ffc0000
[ 2495.045798][   T29] audit: type=1326 audit(1720382589.047:3135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18627 comm="syz.4.10024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f966eb75bd9 code=0x7ffc0000
[ 2495.079330][   T29] audit: type=1326 audit(1720382589.047:3136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18627 comm="syz.4.10024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7f966eb75bd9 code=0x7ffc0000
[ 2495.112800][   T29] audit: type=1326 audit(1720382589.107:3137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18627 comm="syz.4.10024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f966eb75bd9 code=0x7ffc0000
[ 2495.164234][   T29] audit: type=1326 audit(1720382589.107:3138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18627 comm="syz.4.10024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f966eb75bd9 code=0x7ffc0000
[ 2495.193806][T18629] netlink: 12 bytes leftover after parsing attributes in process `syz.4.10024'.
[ 2495.212346][   T29] audit: type=1326 audit(1720382589.117:3139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18627 comm="syz.4.10024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f966eb75bd9 code=0x7ffc0000
[ 2495.251763][   T29] audit: type=1326 audit(1720382589.117:3140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18627 comm="syz.4.10024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f966eb75bd9 code=0x7ffc0000
[ 2495.276091][   T29] audit: type=1326 audit(1720382589.117:3141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18627 comm="syz.4.10024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f966eb75bd9 code=0x7ffc0000
[ 2495.311539][T18638] input: syz0 as /devices/virtual/input/input211
[ 2495.403888][   T29] audit: type=1326 audit(1720382589.147:3142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18627 comm="syz.4.10024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f966eb779f7 code=0x7ffc0000
[ 2495.487548][   T29] audit: type=1326 audit(1720382589.147:3143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18627 comm="syz.4.10024" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f966eb7796c code=0x7ffc0000
[ 2495.625570][ T3693] usb 5-1: new full-speed USB device number 74 using dummy_hcd
[ 2495.753635][ T3689] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[ 2495.825459][ T3693] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2495.844566][ T3693] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2495.882902][ T3693] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 65535, setting to 64
[ 2495.911761][ T3693] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2495.933605][ T3689] usb 3-1: Using ep0 maxpacket: 32
[ 2495.946063][ T3689] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 2495.986983][ T3693] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2496.023838][ T3689] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[ 2496.051298][T18642] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 2496.060566][ T3689] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 2496.082128][T18642] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 2496.094374][ T3689] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2496.131868][ T3689] usb 3-1: config 0 descriptor??
[ 2496.147656][T18629] pimreg: entered allmulticast mode
[ 2496.159473][T18649] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 2496.184973][ T3689] hub 3-1:0.0: USB hub found
[ 2496.186195][T18632] pimreg: left allmulticast mode
[ 2496.394960][ T3689] hub 3-1:0.0: 2 ports detected
[ 2496.552073][T18629] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10024'.
[ 2496.653399][T18733] xt_limit: Overflow, try lower: 4294967295/4294966784
[ 2496.699338][T18370] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2496.774949][T18370] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2496.783985][T19730] Bluetooth: hci4: command tx timeout
[ 2496.813146][T15981] usb 5-1: USB disconnect, device number 74
[ 2496.824118][T18370] bridge_slave_0: entered allmulticast mode
[ 2496.870459][T18370] bridge_slave_0: entered promiscuous mode
[ 2496.887715][T18370] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2496.895402][T18370] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2496.903105][T18370] bridge_slave_1: entered allmulticast mode
[ 2496.922815][T18370] bridge_slave_1: entered promiscuous mode
[ 2497.231508][T18370] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2497.301149][T18370] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2497.488952][ T6076] IPVS: stop unused estimator thread 0...
[ 2497.548155][T18370] team0: Port device team_slave_0 added
[ 2497.587966][T18370] team0: Port device team_slave_1 added
[ 2497.728202][T18370] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2497.771906][T18370] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2497.846263][T18370] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2498.030070][ T6076] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2498.098287][T18370] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2498.118729][T18370] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2498.159001][T12677] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[ 2498.194829][T18370] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2498.242682][T10276] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2498.261161][T10276] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2498.273905][T10276] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2498.286166][T10276] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2498.296278][T10276] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 2498.307856][T10276] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2498.309720][ T6076] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2498.366701][ T3716] hub 3-1:0.0: hub_ext_port_status failed (err = 0)
[ 2498.417896][T12677] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 2498.462172][T12677] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2498.530233][T12677] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2498.548331][ T3716] usb 3-1: reset high-speed USB device number 70 using dummy_hcd
[ 2498.554405][T12677] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 2498.576364][ T6076] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2498.594490][T12677] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 2498.606280][T12677] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 2498.639376][T12677] usb 5-1: Manufacturer: syz
[ 2498.658597][T12677] usb 5-1: config 0 descriptor??
[ 2498.782826][ T6076] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2498.870634][T10276] Bluetooth: hci4: command tx timeout
[ 2498.980230][T18370] hsr_slave_0: entered promiscuous mode
[ 2499.002368][T18370] hsr_slave_1: entered promiscuous mode
[ 2499.489226][T18860] IPVS: dh: SCTP 172.20.20.187:0 - no destination available
[ 2499.514723][ T3714] IPVS: starting estimator thread 0...
[ 2499.537858][T12677] usbhid 5-1:0.0: can't add hid device: -32
[ 2499.594770][T12677] usbhid 5-1:0.0: probe with driver usbhid failed with error -32
[ 2499.613632][T18978] IPVS: using max 21 ests per chain, 50400 per kthread
[ 2499.701118][T19008] FAULT_INJECTION: forcing a failure.
[ 2499.701118][T19008] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2499.717305][T19008] CPU: 0 PID: 19008 Comm: syz.3.10038 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0
[ 2499.727769][T19008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2499.737848][T19008] Call Trace:
[ 2499.741150][T19008]  <TASK>
[ 2499.744108][T19008]  dump_stack_lvl+0x241/0x360
[ 2499.748821][T19008]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2499.754049][T19008]  ? __pfx__printk+0x10/0x10
[ 2499.758672][T19008]  ? __pfx_lock_release+0x10/0x10
[ 2499.763745][T19008]  should_fail_ex+0x3b0/0x4e0
[ 2499.768462][T19008]  _copy_from_user+0x2f/0xe0
[ 2499.773080][T19008]  dev_ethtool+0xea/0x1bc0
[ 2499.777537][T19008]  ? dev_load+0x21/0x1f0
[ 2499.781808][T19008]  ? __pfx_dev_ethtool+0x10/0x10
[ 2499.786795][T19008]  ? dev_load+0x21/0x1f0
[ 2499.791062][T19008]  dev_ioctl+0x785/0x1340
[ 2499.795420][T19008]  sock_do_ioctl+0x240/0x460
[ 2499.800051][T19008]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 2499.805215][T19008]  sock_ioctl+0x629/0x8e0
[ 2499.809578][T19008]  ? __pfx_sock_ioctl+0x10/0x10
[ 2499.814456][T19008]  ? __fget_files+0x29/0x470
[ 2499.819078][T19008]  ? __fget_files+0x3f6/0x470
[ 2499.823785][T19008]  ? __fget_files+0x29/0x470
[ 2499.828407][T19008]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 2499.833348][T19008]  ? security_file_ioctl+0x87/0xb0
[ 2499.838473][T19008]  ? __pfx_sock_ioctl+0x10/0x10
[ 2499.843326][T19008]  __se_sys_ioctl+0xfc/0x170
[ 2499.847912][T19008]  do_syscall_64+0xf3/0x230
[ 2499.852419][T19008]  ? clear_bhb_loop+0x35/0x90
[ 2499.857098][T19008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2499.862993][T19008] RIP: 0033:0x7fef54375bd9
[ 2499.867405][T19008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2499.887004][T19008] RSP: 002b:00007fef5506f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2499.895422][T19008] RAX: ffffffffffffffda RBX: 00007fef54503f60 RCX: 00007fef54375bd9
[ 2499.903393][T19008] RDX: 0000000020000f80 RSI: 0000000000008946 RDI: 0000000000000005
[ 2499.911376][T19008] RBP: 00007fef5506f0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2499.919353][T19008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2499.927317][T19008] R13: 000000000000000b R14: 00007fef54503f60 R15: 00007fef5462fa68
[ 2499.935293][T19008]  </TASK>
[ 2500.172726][ T6076] bridge_slave_1: left allmulticast mode
[ 2500.191459][ T6076] bridge_slave_1: left promiscuous mode
[ 2500.207301][ T6076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2500.230325][ T6076] bridge_slave_0: left allmulticast mode
[ 2500.238931][ T6076] bridge_slave_0: left promiscuous mode
[ 2500.253952][ T6076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2500.384476][T10276] Bluetooth: hci0: command tx timeout
[ 2500.862047][ T3693] usb 5-1: USB disconnect, device number 75
[ 2501.546239][ T6076] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2501.557510][T15981] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[ 2501.578869][ T6076] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2501.587549][T19132] xt_limit: Overflow, try lower: 4294967295/4294966784
[ 2501.609033][ T6076] bond0 (unregistering): Released all slaves
[ 2501.794105][T15981] usb 4-1: Using ep0 maxpacket: 16
[ 2501.804400][T15981] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2501.829353][T15981] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2501.840432][T15981] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2501.881871][T15981] usb 4-1: config 0 descriptor??
[ 2502.106470][T18872] chnl_net:caif_netlink_parms(): no params data found
[ 2502.175576][ T3716] hub 3-1:0.0: set hub depth failed
[ 2502.181392][ T3689] usb 3-1: USB disconnect, device number 70
[ 2502.323057][T19122] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2502.334119][T19122] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2502.351987][T15981] usbhid 4-1:0.0: can't add hid device: -71
[ 2502.393218][T15981] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 2502.453612][T15981] usb 4-1: USB disconnect, device number 53
[ 2502.464021][T10276] Bluetooth: hci0: command tx timeout
[ 2503.328747][ T6076] hsr_slave_0: left promiscuous mode
[ 2503.336135][T15981] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[ 2503.379588][ T6076] hsr_slave_1: left promiscuous mode
[ 2503.432588][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2503.450001][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2503.469681][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2503.481983][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2503.520329][ T6076] veth1_macvtap: left promiscuous mode
[ 2503.528762][ T6076] veth0_macvtap: left promiscuous mode
[ 2503.535375][ T6076] veth1_vlan: left promiscuous mode
[ 2503.542045][ T6076] veth0_vlan: left promiscuous mode
[ 2503.584021][T15981] usb 4-1: Using ep0 maxpacket: 16
[ 2503.609418][T15981] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2503.632605][T15981] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2503.653157][T15981] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2503.672121][T15981] usb 4-1: config 0 descriptor??
[ 2504.105945][T19248] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2504.127084][T19248] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2504.149055][T15981] hid (null): global environment stack underflow
[ 2504.156339][T15981] hid (null): unknown global tag 0x83
[ 2504.163118][T15981] hid (null): unknown global tag 0xc
[ 2504.173673][T15981] hid (null): global environment stack underflow
[ 2504.183322][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x1
[ 2504.194626][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x0
[ 2504.204916][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x0
[ 2504.224950][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x0
[ 2504.239091][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x0
[ 2504.249088][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x0
[ 2504.261444][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x0
[ 2504.269221][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x0
[ 2504.280815][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x0
[ 2504.289656][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x0
[ 2504.298438][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x0
[ 2504.327057][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x0
[ 2504.335137][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x0
[ 2504.352825][T15981] hid-generic 0003:0158:0100.00D5: unknown main item tag 0x0
[ 2504.378509][T15981] hid-generic 0003:0158:0100.00D5: global environment stack underflow
[ 2504.395836][T15981] hid-generic 0003:0158:0100.00D5: item 0 1 1 11 parsing failed
[ 2504.404854][T15981] hid-generic 0003:0158:0100.00D5: probe with driver hid-generic failed with error -22
[ 2504.421930][T15981] usb 4-1: USB disconnect, device number 54
[ 2504.553819][T10276] Bluetooth: hci0: command tx timeout
[ 2504.658464][ T6076] team0 (unregistering): Port device team_slave_1 removed
[ 2504.708958][ T3689] usb 3-1: new low-speed USB device number 71 using dummy_hcd
[ 2504.742183][ T6076] team0 (unregistering): Port device team_slave_0 removed
[ 2504.906005][ T3689] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 2504.959616][ T3689] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 2504.980494][ T3689] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2504.990621][ T3689] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[ 2505.009216][ T3689] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 2505.064025][ T3689] usb 3-1: string descriptor 0 read error: -22
[ 2505.070351][ T3689] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2505.079981][ T3689] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2505.095925][T19311] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 2505.105999][ T3689] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[ 2505.560174][T18872] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2505.567983][T18872] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2505.575593][T18872] bridge_slave_0: entered allmulticast mode
[ 2505.582698][T18872] bridge_slave_0: entered promiscuous mode
[ 2505.591730][T18872] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2505.601671][T18872] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2505.609191][T18872] bridge_slave_1: entered allmulticast mode
[ 2505.617289][T18872] bridge_slave_1: entered promiscuous mode
[ 2505.716925][T18872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2505.759123][T18872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2505.949757][T18872] team0: Port device team_slave_0 added
[ 2506.020498][ T3689] usb 3-1: USB disconnect, device number 71
[ 2506.022529][T18872] team0: Port device team_slave_1 added
[ 2506.193215][T18370] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 2506.216710][T18370] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 2506.308466][T18872] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2506.324919][T18872] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2506.370892][T10276] Bluetooth: hci3: unexpected cc 0x100c length: 11 > 3
[ 2506.373632][T18872] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2506.414551][T18370] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 2506.429424][T18872] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2506.445539][T18872] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2506.482904][T18872] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2506.504202][T18370] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 2506.633846][T10276] Bluetooth: hci0: command tx timeout
[ 2506.670171][T18872] hsr_slave_0: entered promiscuous mode
[ 2506.728205][T18872] hsr_slave_1: entered promiscuous mode
[ 2506.735440][T18872] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2506.743056][T18872] Cannot create hsr debugfs directory
[ 2507.179716][ T6076] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2507.450464][T19730] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2507.464502][T19730] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2507.477226][T19730] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2507.490155][T19730] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2507.500508][T19730] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 2507.509762][T19730] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2507.641541][ T6076] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2507.787192][ T6076] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2507.965566][ T6076] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2508.487815][T18370] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2508.655721][T19528] chnl_net:caif_netlink_parms(): no params data found
[ 2508.713355][T18370] 8021q: adding VLAN 0 to HW filter on device team0
[ 2508.838492][T19709] tipc: Failed to remove unknown binding: 65,0,0/0:4134724329/4134724330
[ 2508.845670][ T6076] bridge_slave_1: left allmulticast mode
[ 2508.852611][ T6076] bridge_slave_1: left promiscuous mode
[ 2508.861539][ T6076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2508.871829][ T6076] bridge_slave_0: left allmulticast mode
[ 2508.878133][ T6076] bridge_slave_0: left promiscuous mode
[ 2508.884579][ T6076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2509.125074][T15938] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[ 2509.328147][T15938] usb 4-1: Using ep0 maxpacket: 8
[ 2509.345752][T15938] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 2509.354074][T15938] usb 4-1: config 0 has no interface number 0
[ 2509.360214][T15938] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 2509.370014][T15938] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 2509.380045][T15938] usb 4-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[ 2509.389231][T15938] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2509.416852][T15938] usb 4-1: config 0 descriptor??
[ 2509.440562][T15938] hso 4-1:0.1: Failed to find BULK IN ep
[ 2509.527618][ T6076] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2509.538741][ T6076] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2509.549618][ T6076] bond0 (unregistering): Released all slaves
[ 2509.567331][ T3693] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2509.574562][ T3693] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2509.584209][T10276] Bluetooth: hci1: command tx timeout
[ 2509.716084][T18872] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 2509.738685][T18872] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 2509.756308][T18872] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 2509.782330][T18872] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 2509.902820][T15938] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2509.909967][T15938] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2510.017670][T19528] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2510.026118][T19528] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2510.033413][T19528] bridge_slave_0: entered allmulticast mode
[ 2510.049449][T19528] bridge_slave_0: entered promiscuous mode
[ 2510.061163][T19528] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2510.076456][T19528] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2510.090063][T19528] bridge_slave_1: entered allmulticast mode
[ 2510.100347][T19528] bridge_slave_1: entered promiscuous mode
[ 2510.167515][T15953] usb 4-1: USB disconnect, device number 55
[ 2510.261652][T19528] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2510.279043][T19528] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2510.346652][ T6076] hsr_slave_0: left promiscuous mode
[ 2510.352592][ T6076] hsr_slave_1: left promiscuous mode
[ 2510.360679][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2510.369294][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2510.377620][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2510.385660][T10276] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 2510.396329][T10276] Bluetooth: hci3: Injecting HCI hardware error event
[ 2510.407320][T19730] Bluetooth: hci3: hardware error 0x00
[ 2510.417385][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2510.470087][ T6076] veth1_macvtap: left promiscuous mode
[ 2510.476311][ T6076] veth0_macvtap: left promiscuous mode
[ 2510.481988][ T6076] veth1_vlan: left promiscuous mode
[ 2510.491458][ T6076] veth0_vlan: left promiscuous mode
[ 2511.175145][ T6076] team0 (unregistering): Port device team_slave_1 removed
[ 2511.231960][ T6076] team0 (unregistering): Port device team_slave_0 removed
[ 2511.674067][T10276] Bluetooth: hci1: command tx timeout
[ 2511.949522][T19528] team0: Port device team_slave_0 added
[ 2512.039932][T19528] team0: Port device team_slave_1 added
[ 2512.159218][T18370] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2512.174572][T19528] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2512.181555][T19528] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2512.217410][T19528] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2512.275908][T19528] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2512.282890][T19528] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2512.374759][T19528] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2512.464533][T19730] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 2512.749458][T19528] hsr_slave_0: entered promiscuous mode
[ 2512.777763][T19528] hsr_slave_1: entered promiscuous mode
[ 2512.809411][T19528] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2512.845586][T19528] Cannot create hsr debugfs directory
[ 2512.891125][T18370] veth0_vlan: entered promiscuous mode
[ 2512.906974][T10276] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2512.919300][T10276] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2512.932299][T10276] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2512.940877][T10276] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2512.950752][T10276] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 2512.962100][T10276] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2513.010621][T18872] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2513.140053][T10276] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2513.153850][T10276] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2513.163397][T10276] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2513.174731][T10276] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2513.182516][T10276] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 2513.191768][T10276] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2513.216875][T18370] veth1_vlan: entered promiscuous mode
[ 2513.295304][T18872] 8021q: adding VLAN 0 to HW filter on device team0
[ 2513.527145][T18370] veth0_macvtap: entered promiscuous mode
[ 2513.625902][ T3693] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2513.633096][ T3693] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2513.743713][T10276] Bluetooth: hci1: command tx timeout
[ 2513.771806][T18370] veth1_macvtap: entered promiscuous mode
[ 2513.867903][ T6076] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2513.911824][ T3693] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2513.919041][ T3693] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2514.058485][ T6076] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2514.181401][T18370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2514.192207][T18370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2514.210537][T18370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2514.221646][T18370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2514.240558][T18370] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2514.385380][ T6076] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2514.435993][T19937] chnl_net:caif_netlink_parms(): no params data found
[ 2514.523860][T18370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2514.535906][T18370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2514.554153][T18370] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2514.572514][T18370] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2514.591326][T18370] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2514.678709][ T6076] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2514.717873][T18370] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2514.743554][T18370] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2514.752646][T18370] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2514.763584][T18370] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2515.028237][T10276] Bluetooth: hci2: command tx timeout
[ 2515.038828][T19937] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2515.056306][T19937] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2515.072247][T19937] bridge_slave_0: entered allmulticast mode
[ 2515.082806][T19937] bridge_slave_0: entered promiscuous mode
[ 2515.256670][T19937] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2515.266457][T10276] Bluetooth: hci3: command tx timeout
[ 2515.266839][T19937] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2515.284604][T19937] bridge_slave_1: entered allmulticast mode
[ 2515.292054][T19937] bridge_slave_1: entered promiscuous mode
[ 2515.522624][T19937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2515.538161][T19937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2515.720669][ T6076] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2515.763641][T19964] chnl_net:caif_netlink_parms(): no params data found
[ 2515.821487][T19937] team0: Port device team_slave_0 added
[ 2515.828161][T10276] Bluetooth: hci1: command tx timeout
[ 2515.865579][T19528] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 2515.874402][T14705] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2515.898610][T19528] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 2515.912450][T14705] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2515.933332][T19528] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 2516.010733][ T6076] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2516.031368][T19937] team0: Port device team_slave_1 added
[ 2516.111343][T14705] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2516.122623][T19528] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 2516.129902][T14705] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2516.154143][T18872] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2516.205762][ T6076] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2516.280622][ T6076] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2516.366464][T19937] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2516.373456][T19937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2516.408707][T19937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2516.456761][T19937] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2516.473832][T19937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2516.553828][T19937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2516.817778][T19964] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2516.830128][T19964] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2516.855258][T19964] bridge_slave_0: entered allmulticast mode
[ 2516.862069][T19964] bridge_slave_0: entered promiscuous mode
[ 2516.875258][T19964] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2516.882405][T19964] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2516.898461][T19964] bridge_slave_1: entered allmulticast mode
[ 2516.910139][T19964] bridge_slave_1: entered promiscuous mode
[ 2517.037009][T19937] hsr_slave_0: entered promiscuous mode
[ 2517.045093][T19937] hsr_slave_1: entered promiscuous mode
[ 2517.063634][T19937] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2517.064608][T10276] Bluetooth: hci4: unknown advertising packet type: 0xbc
[ 2517.071214][T19937] Cannot create hsr debugfs directory
[ 2517.085185][T10276] Bluetooth: hci4: unknown advertising packet type: 0xf3
[ 2517.085210][T10276] Bluetooth: hci4: unknown advertising packet type: 0xad
[ 2517.092263][T10276] Bluetooth: hci4: unknown advertising packet type: 0xb5
[ 2517.099426][T10276] Bluetooth: hci4: unknown advertising packet type: 0x4e
[ 2517.107007][T19730] Bluetooth: hci2: command tx timeout
[ 2517.163296][T19964] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2517.187055][T19964] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2517.344905][T10276] Bluetooth: hci3: command tx timeout
[ 2517.478233][ T6076] bridge_slave_1: left allmulticast mode
[ 2517.488300][ T6076] bridge_slave_1: left promiscuous mode
[ 2517.500894][ T6076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2517.519397][ T6076] bridge_slave_0: left allmulticast mode
[ 2517.533514][ T6076] bridge_slave_0: left promiscuous mode
[ 2517.539298][ T6076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2517.552752][ T6076] bridge_slave_1: left allmulticast mode
[ 2517.563369][ T6076] bridge_slave_1: left promiscuous mode
[ 2517.569963][ T6076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2517.579946][ T6076] bridge_slave_0: left allmulticast mode
[ 2517.588284][ T6076] bridge_slave_0: left promiscuous mode
[ 2517.594779][ T6076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2518.714655][ T6076] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2518.728436][ T6076] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2518.751381][ T6076] bond0 (unregistering): Released all slaves
[ 2519.007882][ T6076] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2519.028419][ T6076] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2519.046363][ T6076] bond0 (unregistering): Released all slaves
[ 2519.088984][T19964] team0: Port device team_slave_0 added
[ 2519.169826][T18872] veth0_vlan: entered promiscuous mode
[ 2519.190895][T10276] Bluetooth: hci2: command tx timeout
[ 2519.283768][T19964] team0: Port device team_slave_1 added
[ 2519.366855][T19528] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2519.444340][T10276] Bluetooth: hci3: command tx timeout
[ 2519.534236][T19964] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2519.541210][T19964] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2519.575464][T19964] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2519.607392][T19964] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2519.616301][T19964] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2519.664583][T19964] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2519.711322][T18872] veth1_vlan: entered promiscuous mode
[ 2519.866031][T19964] hsr_slave_0: entered promiscuous mode
[ 2519.885859][T19964] hsr_slave_1: entered promiscuous mode
[ 2519.904159][T19964] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2519.911767][T19964] Cannot create hsr debugfs directory
[ 2520.268113][T18872] veth0_macvtap: entered promiscuous mode
[ 2520.369493][T19528] 8021q: adding VLAN 0 to HW filter on device team0
[ 2520.387550][T18872] veth1_macvtap: entered promiscuous mode
[ 2520.546512][ T2051] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2520.553730][ T2051] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2520.585156][T10276] Bluetooth: hci4: unknown advertising packet type: 0xbc
[ 2520.585187][T10276] Bluetooth: hci4: unknown advertising packet type: 0xf3
[ 2520.592263][T10276] Bluetooth: hci4: unknown advertising packet type: 0xad
[ 2520.601059][T10276] Bluetooth: hci4: unknown advertising packet type: 0xb5
[ 2520.608326][T10276] Bluetooth: hci4: unknown advertising packet type: 0x4e
[ 2520.705132][ T2051] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2520.719353][ T2051] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2520.805444][ T6076] hsr_slave_0: left promiscuous mode
[ 2520.823730][ T6076] hsr_slave_1: left promiscuous mode
[ 2520.849416][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2520.867532][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2520.887928][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2520.901447][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2520.926480][ T6076] hsr_slave_0: left promiscuous mode
[ 2520.932384][ T6076] hsr_slave_1: left promiscuous mode
[ 2520.951306][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2520.965077][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2520.994503][ T6076] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2521.002440][ T6076] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2521.092420][ T6076] veth1_macvtap: left promiscuous mode
[ 2521.100074][ T6076] veth0_macvtap: left promiscuous mode
[ 2521.107153][ T6076] veth1_vlan: left promiscuous mode
[ 2521.112509][ T6076] veth0_vlan: left promiscuous mode
[ 2521.125529][ T6076] veth1_macvtap: left promiscuous mode
[ 2521.131101][ T6076] veth0_macvtap: left promiscuous mode
[ 2521.139560][ T6076] veth1_vlan: left promiscuous mode
[ 2521.145146][ T6076] veth0_vlan: left promiscuous mode
[ 2521.278475][T10276] Bluetooth: hci2: command tx timeout
[ 2521.506142][T10276] Bluetooth: hci3: command tx timeout
[ 2522.058641][ T6076] team0 (unregistering): Port device team_slave_1 removed
[ 2522.120345][ T6076] team0 (unregistering): Port device team_slave_0 removed
[ 2523.189480][ T6076] team0 (unregistering): Port device team_slave_1 removed
[ 2523.267727][ T6076] team0 (unregistering): Port device team_slave_0 removed
[ 2523.932378][T20846] tun0: tun_chr_ioctl cmd 35108
[ 2523.960095][T18872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2523.976200][T18872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2523.991051][T18872] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2524.099261][T18872] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2524.124054][T18872] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2524.153921][T18872] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2524.190592][T18872] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2524.225408][T18872] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2524.234704][T18872] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2524.243429][T18872] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2524.470630][T19937] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2524.654628][T19937] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2524.727222][T19937] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2524.768167][T19937] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2524.884716][T19528] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2525.322153][T14705] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2525.348598][T14705] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2525.390049][T19528] veth0_vlan: entered promiscuous mode
[ 2525.443150][ T6076] IPVS: stop unused estimator thread 0...
[ 2525.461254][T19528] veth1_vlan: entered promiscuous mode
[ 2525.537224][T18474] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2525.562622][T18474] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2525.688084][T19937] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2525.750062][T19937] 8021q: adding VLAN 0 to HW filter on device team0
[ 2525.940782][T15939] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2525.948038][T15939] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2525.982894][T15939] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2525.990109][T15939] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2526.026448][T19528] veth0_macvtap: entered promiscuous mode
[ 2526.097655][T19964] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2526.176920][T19964] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2526.202115][T19964] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2526.306294][T19528] veth1_macvtap: entered promiscuous mode
[ 2526.335412][T19964] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2526.400430][T20969] FAULT_INJECTION: forcing a failure.
[ 2526.400430][T20969] name failslab, interval 1, probability 0, space 0, times 0
[ 2526.434417][T20969] CPU: 1 PID: 20969 Comm: syz.1.10087 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0
[ 2526.439936][T19528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2526.444676][T20969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2526.444691][T20969] Call Trace:
[ 2526.444700][T20969]  <TASK>
[ 2526.444708][T20969]  dump_stack_lvl+0x241/0x360
[ 2526.444741][T20969]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2526.444765][T20969]  ? __pfx__printk+0x10/0x10
[ 2526.444792][T20969]  ? __pfx___might_resched+0x10/0x10
[ 2526.444824][T20969]  should_fail_ex+0x3b0/0x4e0
[ 2526.444853][T20969]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 2526.444875][T20969]  should_failslab+0x9/0x20
[ 2526.444898][T20969]  __kmalloc_noprof+0xd8/0x400
[ 2526.444920][T20969]  ? kfree+0x4e/0x360
[ 2526.444948][T20969]  tomoyo_realpath_from_path+0xcf/0x5e0
[ 2526.444984][T20969]  tomoyo_path_number_perm+0x23a/0x880
[ 2526.445014][T20969]  ? tomoyo_path_number_perm+0x208/0x880
[ 2526.445038][T20969]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2526.445102][T20969]  ? __fget_files+0x29/0x470
[ 2526.445127][T20969]  ? __fget_files+0x3f6/0x470
[ 2526.445148][T20969]  ? __fget_files+0x29/0x470
[ 2526.445177][T20969]  security_file_ioctl+0x75/0xb0
[ 2526.445204][T20969]  __se_sys_ioctl+0x47/0x170
[ 2526.445229][T20969]  do_syscall_64+0xf3/0x230
[ 2526.445254][T20969]  ? clear_bhb_loop+0x35/0x90
[ 2526.445275][T20969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2526.445301][T20969] RIP: 0033:0x7fec79f75bd9
[ 2526.445321][T20969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2526.445337][T20969] RSP: 002b:00007fec7ad53048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2526.463248][T19528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2526.465770][T20969] RAX: ffffffffffffffda RBX: 00007fec7a103f60 RCX: 00007fec79f75bd9
[ 2526.465789][T20969] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 2526.465801][T20969] RBP: 00007fec7ad530a0 R08: 0000000000000000 R09: 0000000000000000
[ 2526.465813][T20969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2526.465824][T20969] R13: 000000000000000b R14: 00007fec7a103f60 R15: 00007fec7a22fa68
[ 2526.465850][T20969]  </TASK>
[ 2526.497481][T20969] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2526.682976][T19528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2526.694652][T19528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2526.719402][T19528] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2526.780233][T19528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2526.811351][T19528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2526.821617][T19528] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2526.843571][T19528] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2526.883338][T19528] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2526.918759][T19528] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2526.939308][T19528] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2526.971075][T19528] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2526.990589][T19528] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2527.211076][T19937] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2527.319617][T11843] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2527.358697][T11843] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2527.546065][T19964] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2527.600822][T32209] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2527.627390][T32209] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2527.680859][T19964] 8021q: adding VLAN 0 to HW filter on device team0
[ 2527.729513][T19937] veth0_vlan: entered promiscuous mode
[ 2527.808119][T19937] veth1_vlan: entered promiscuous mode
[ 2527.827406][ T3693] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2527.834739][ T3693] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2527.871576][ T3693] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2527.878950][ T3693] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2528.049470][T19937] veth0_macvtap: entered promiscuous mode
[ 2528.079863][T19937] veth1_macvtap: entered promiscuous mode
[ 2528.155190][ T3693] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[ 2528.192749][T19964] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2528.211045][T19937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2528.229589][T19937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2528.242826][T19937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2528.259824][T19937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2528.272814][T19937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2528.290222][T19937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2528.307024][T19937] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2528.319651][T19937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2528.358469][T19937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2528.369269][ T3693] usb 3-1: Using ep0 maxpacket: 16
[ 2528.385597][T19937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2528.398616][T19937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2528.409432][ T3693] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2528.424002][T19937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2528.436591][ T3693] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2528.446696][T19937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2528.457141][ T3693] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2528.468775][T19937] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2528.491055][ T3693] usb 3-1: config 0 descriptor??
[ 2528.517133][T19937] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2528.531722][T19937] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2528.541285][T19937] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2528.555927][T19937] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2528.790916][T19964] veth0_vlan: entered promiscuous mode
[ 2528.807638][T19964] veth1_vlan: entered promiscuous mode
[ 2528.860960][T19964] veth0_macvtap: entered promiscuous mode
[ 2528.908228][T21005] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2528.929538][T21005] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2528.965234][ T3693] hid (null): global environment stack underflow
[ 2528.972062][T19964] veth1_macvtap: entered promiscuous mode
[ 2528.978103][T32209] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2528.978743][ T3693] hid (null): unknown global tag 0x83
[ 2528.995830][T32209] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2529.025953][ T3693] hid (null): unknown global tag 0xc
[ 2529.034325][ T3693] hid (null): global environment stack underflow
[ 2529.045718][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x1
[ 2529.057978][T19964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2529.068959][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x0
[ 2529.071507][T19964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2529.079177][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x0
[ 2529.090467][T19964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2529.101569][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x0
[ 2529.107905][T19964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2529.112895][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x0
[ 2529.123067][T19964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2529.130521][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x0
[ 2529.148153][T19964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2529.148183][T19964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2529.159403][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x0
[ 2529.182791][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x0
[ 2529.193214][T19964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2529.195874][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x0
[ 2529.206869][T19964] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2529.215884][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x0
[ 2529.248439][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x0
[ 2529.256861][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x0
[ 2529.268182][T19964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2529.301472][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x0
[ 2529.308941][T19964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2529.308973][T19964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2529.308991][T19964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2529.309011][T19964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2529.309024][T19964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2529.309046][T19964] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2529.309059][T19964] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2529.310809][T19964] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2529.320211][ T3693] hid-generic 0003:0158:0100.00D6: unknown main item tag 0x0
[ 2529.377732][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[ 2529.387575][ T3693] hid-generic 0003:0158:0100.00D6: global environment stack underflow
[ 2529.397809][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[ 2529.399529][ T3693] hid-generic 0003:0158:0100.00D6: item 0 1 1 11 parsing failed
[ 2529.458424][T19964] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2529.469394][ T3693] hid-generic 0003:0158:0100.00D6: probe with driver hid-generic failed with error -22
[ 2529.496204][ T3693] usb 3-1: USB disconnect, device number 72
[ 2529.507966][T19964] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2529.526545][T19964] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2529.545047][T19964] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2529.612746][ T6076] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2529.626384][ T6076] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2529.808566][T21049] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10093'.
[ 2529.943915][T12677] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 2530.038078][T19026] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2530.052310][T19026] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2530.149456][ T6076] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2530.163335][ T6076] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2530.173716][T12677] usb 2-1: Using ep0 maxpacket: 32
[ 2530.185353][T12677] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2530.218455][T12677] usb 2-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[ 2530.234180][ T2061] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[ 2530.264411][T12677] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2530.296312][T12677] usb 2-1: config 0 descriptor??
[ 2530.447229][ T2061] usb 3-1: Using ep0 maxpacket: 16
[ 2530.460323][ T2061] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2530.486227][ T2061] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2530.500857][ T2061] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2530.528447][ T2061] usb 3-1: config 0 descriptor??
[ 2530.774115][ T3714] usb 2-1: USB disconnect, device number 45
[ 2530.962439][T21058] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2531.003382][T21058] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2531.037220][ T2061] hid (null): unknown global tag 0x83
[ 2531.049611][ T2061] hid (null): unknown global tag 0xc
[ 2531.061025][ T2061] hid-generic 0003:0158:0100.00D7: unknown main item tag 0x1
[ 2531.079804][ T2061] hid-generic 0003:0158:0100.00D7: unexpected long global item
[ 2531.095237][ T2061] hid-generic 0003:0158:0100.00D7: probe with driver hid-generic failed with error -22
[ 2531.271530][ T2061] usb 3-1: USB disconnect, device number 73
[ 2531.443613][T21117] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10100'.
[ 2531.661834][ T3714] IPVS: starting estimator thread 0...
[ 2531.679593][T21142] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[ 2531.694403][T12677] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[ 2531.803860][T21143] IPVS: using max 22 ests per chain, 52800 per kthread
[ 2531.883779][T12677] usb 5-1: Using ep0 maxpacket: 16
[ 2531.898079][T12677] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2531.938086][T12677] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2531.962783][T12677] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2532.002916][T12677] usb 5-1: config 0 descriptor??
[ 2532.455736][T21119] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2532.484336][T21173] input: syz0 as /devices/virtual/input/input212
[ 2532.486958][T21119] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2532.590859][T12677] hid (null): global environment stack underflow
[ 2532.626035][T12677] hid (null): unknown global tag 0x83
[ 2532.637135][T12677] hid (null): unknown global tag 0xc
[ 2532.652573][T12677] hid (null): global environment stack underflow
[ 2532.675792][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x1
[ 2532.693968][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x0
[ 2532.702367][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x0
[ 2532.722928][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x0
[ 2532.733424][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x0
[ 2532.752307][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x0
[ 2532.764999][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x0
[ 2532.774454][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x0
[ 2532.787106][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x0
[ 2532.804534][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x0
[ 2532.816785][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x0
[ 2532.842437][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x0
[ 2532.872157][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x0
[ 2532.895654][T12677] hid-generic 0003:0158:0100.00D8: unknown main item tag 0x0
[ 2532.905038][T12677] hid-generic 0003:0158:0100.00D8: global environment stack underflow
[ 2532.915632][T12677] hid-generic 0003:0158:0100.00D8: item 0 1 1 11 parsing failed
[ 2532.950684][T12677] hid-generic 0003:0158:0100.00D8: probe with driver hid-generic failed with error -22
[ 2533.004759][T12677] usb 5-1: USB disconnect, device number 76
[ 2533.238843][T21173] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 2533.247026][T21173] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 2533.311038][T21173] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 2533.318770][T21173] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 2533.365824][T21173] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2533.390138][T21173] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 2533.425677][T21173] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2533.431752][T21173] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 2533.451785][T21173] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 2533.460075][T21173] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 2534.504264][ T2061] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[ 2534.734012][ T2061] usb 4-1: New USB device found, idVendor=0b05, idProduct=1786, bcdDevice=9f.90
[ 2534.757945][ T2061] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2534.788356][ T2061] usb 4-1: Product: syz
[ 2534.792556][ T2061] usb 4-1: Manufacturer: syz
[ 2534.821592][ T2061] usb 4-1: SerialNumber: syz
[ 2534.845443][ T2061] usb 4-1: config 0 descriptor??
[ 2534.863257][ T2061] r8712u: register rtl8712_netdev_ops to netdev_ops
[ 2534.876199][ T2061] usb 4-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[ 2535.072458][ T2061] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed
[ 2535.099094][ T2061] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[ 2535.109413][ T2061] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[ 2535.140972][ T2061] usb 4-1: USB disconnect, device number 56
[ 2536.415840][T21323] netlink: 24 bytes leftover after parsing attributes in process `syz.4.10135'.
[ 2536.483766][T15953] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[ 2536.704037][T15953] usb 4-1: Using ep0 maxpacket: 32
[ 2536.718588][T15953] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2536.730145][T15953] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2536.747487][T15953] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 2536.757263][T15953] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[ 2536.767809][T15953] usb 4-1: Product: syz
[ 2536.772640][T15953] usb 4-1: Manufacturer: syz
[ 2536.793193][T15953] hub 4-1:4.0: USB hub found
[ 2537.000052][T15953] hub 4-1:4.0: 2 ports detected
[ 2538.067876][T15953] hub 4-1:4.0: hub_hub_status failed (err = -32)
[ 2538.075448][T15953] hub 4-1:4.0: config failed, can't get hub status (err -32)
[ 2539.726138][T21367] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 2539.942566][T21379] netlink: 'syz.0.10147': attribute type 4 has an invalid length.
[ 2539.954027][T12677] usb 4-1: USB disconnect, device number 57
[ 2539.982130][T21379] netlink: 'syz.0.10147': attribute type 4 has an invalid length.
[ 2540.924168][T21416] netlink: 204 bytes leftover after parsing attributes in process `syz.0.10158'.
[ 2541.003042][T21420] fuse: Bad value for 'fd'
[ 2541.143814][T21430] FAULT_INJECTION: forcing a failure.
[ 2541.143814][T21430] name failslab, interval 1, probability 0, space 0, times 0
[ 2541.159742][T21430] CPU: 1 PID: 21430 Comm: syz.4.10162 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0
[ 2541.169984][T21430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2541.180043][T21430] Call Trace:
[ 2541.183339][T21430]  <TASK>
[ 2541.186316][T21430]  dump_stack_lvl+0x241/0x360
[ 2541.191030][T21430]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2541.196254][T21430]  ? __pfx__printk+0x10/0x10
[ 2541.200874][T21430]  ? __pfx___might_resched+0x10/0x10
[ 2541.206191][T21430]  should_fail_ex+0x3b0/0x4e0
[ 2541.210895][T21430]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 2541.216628][T21430]  should_failslab+0x9/0x20
[ 2541.221126][T21430]  __kmalloc_noprof+0xd8/0x400
[ 2541.225882][T21430]  ? kfree+0x4e/0x360
[ 2541.229867][T21430]  tomoyo_realpath_from_path+0xcf/0x5e0
[ 2541.235411][T21430]  tomoyo_path_number_perm+0x23a/0x880
[ 2541.240874][T21430]  ? tomoyo_path_number_perm+0x208/0x880
[ 2541.246494][T21430]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2541.252494][T21430]  ? __fget_files+0x29/0x470
[ 2541.257070][T21430]  ? __fget_files+0x3f6/0x470
[ 2541.261744][T21430]  ? __fget_files+0x29/0x470
[ 2541.266360][T21430]  security_file_ioctl+0x75/0xb0
[ 2541.271313][T21430]  __se_sys_ioctl+0x47/0x170
[ 2541.275895][T21430]  do_syscall_64+0xf3/0x230
[ 2541.280387][T21430]  ? clear_bhb_loop+0x35/0x90
[ 2541.285046][T21430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2541.290942][T21430] RIP: 0033:0x7f9d16975bd9
[ 2541.295359][T21430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2541.315564][T21430] RSP: 002b:00007f9d163ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2541.323964][T21430] RAX: ffffffffffffffda RBX: 00007f9d16b03f60 RCX: 00007f9d16975bd9
[ 2541.331919][T21430] RDX: 00000000200000c0 RSI: 00000000c0045516 RDI: 0000000000000003
[ 2541.339872][T21430] RBP: 00007f9d163ff0a0 R08: 0000000000000000 R09: 0000000000000000
[ 2541.347832][T21430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2541.355787][T21430] R13: 000000000000000b R14: 00007f9d16b03f60 R15: 00007f9d16c2fa68
[ 2541.363768][T21430]  </TASK>
[ 2541.368141][T21430] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2541.723078][T21453] binder_alloc: binder_alloc_mmap_handler: 21452 20ffd000-20fff000 already mapped failed -16
[ 2541.857671][T21460] team0: entered promiscuous mode
[ 2541.862884][T21460] team_slave_0: entered promiscuous mode
[ 2541.874853][T21460] team_slave_1: entered promiscuous mode
[ 2541.887455][T21460] syz_tun: entered promiscuous mode
[ 2541.897750][T21460] syz_tun: left promiscuous mode
[ 2541.903007][T21460] team0: left promiscuous mode
[ 2541.911814][T21460] team_slave_0: left promiscuous mode
[ 2541.923914][T21460] team_slave_1: left promiscuous mode
[ 2542.877287][T21496] team0: entered promiscuous mode
[ 2542.893722][T21496] team_slave_0: entered promiscuous mode
[ 2542.899588][T21496] team_slave_1: entered promiscuous mode
[ 2542.911727][T21496] team0: left promiscuous mode
[ 2542.920526][T21496] team_slave_0: left promiscuous mode
[ 2542.930794][T21496] team_slave_1: left promiscuous mode
[ 2543.346820][T21527] team0: entered promiscuous mode
[ 2543.352022][T21527] team_slave_0: entered promiscuous mode
[ 2543.358035][T21527] team_slave_1: entered promiscuous mode
[ 2543.366422][T21527] team0: left promiscuous mode
[ 2543.371246][T21527] team_slave_0: left promiscuous mode
[ 2543.378876][T21527] team_slave_1: left promiscuous mode
[ 2543.412578][T21529] team0: entered promiscuous mode
[ 2543.418050][T21529] team_slave_0: entered promiscuous mode
[ 2543.427281][T21529] team_slave_1: entered promiscuous mode
[ 2543.441958][T21529] team0: left promiscuous mode
[ 2543.447318][T21529] team_slave_0: left promiscuous mode
[ 2543.452968][T21529] team_slave_1: left promiscuous mode
[ 2544.040448][T21541] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[ 2544.047079][T21541] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 2544.055180][T21541] vhci_hcd vhci_hcd.0: Device attached
[ 2544.213804][T21542] vhci_hcd: connection closed
[ 2544.215019][T32209] vhci_hcd: stop threads
[ 2544.225984][T32209] vhci_hcd: release socket
[ 2544.230660][T32209] vhci_hcd: disconnect device
[ 2544.263761][T15979] vhci_hcd: vhci_device speed not set
[ 2544.791794][T21558] team0: entered promiscuous mode
[ 2544.797519][T21558] team_slave_0: entered promiscuous mode
[ 2544.803456][T21558] team_slave_1: entered promiscuous mode
[ 2544.810783][T21560] team0: entered promiscuous mode
[ 2544.816366][T21560] team_slave_0: entered promiscuous mode
[ 2544.822126][T21560] team_slave_1: entered promiscuous mode
[ 2544.832147][T21558] team0: left promiscuous mode
[ 2544.837282][T21558] team_slave_0: left promiscuous mode
[ 2544.842822][T21558] team_slave_1: left promiscuous mode
[ 2544.851349][T21560] team0: left promiscuous mode
[ 2544.865019][T21560] team_slave_0: left promiscuous mode
[ 2544.870625][T21560] team_slave_1: left promiscuous mode
[ 2544.888052][T21562] tipc: Started in network mode
[ 2544.893199][T21562] tipc: Node identity ac14142a, cluster identity 4711
[ 2544.904720][T21562] tipc: Enabled bearer <udp:s>, priority 10
[ 2545.070056][T21574] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[ 2545.081327][T21574] FAULT_INJECTION: forcing a failure.
[ 2545.081327][T21574] name failslab, interval 1, probability 0, space 0, times 0
[ 2545.097921][T21574] CPU: 0 PID: 21574 Comm: syz.4.10211 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0
[ 2545.108199][T21574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2545.118262][T21574] Call Trace:
[ 2545.121560][T21574]  <TASK>
[ 2545.124496][T21574]  dump_stack_lvl+0x241/0x360
[ 2545.129179][T21574]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2545.134386][T21574]  ? __pfx__printk+0x10/0x10
[ 2545.139014][T21574]  should_fail_ex+0x3b0/0x4e0
[ 2545.143691][T21574]  ? __alloc_skb+0x1c3/0x440
[ 2545.148274][T21574]  should_failslab+0x9/0x20
[ 2545.152768][T21574]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 2545.158582][T21574]  ? br_get_link_af_size_filtered+0xdb/0xd30
[ 2545.164588][T21574]  __alloc_skb+0x1c3/0x440
[ 2545.169019][T21574]  ? __pfx___alloc_skb+0x10/0x10
[ 2545.173966][T21574]  ? if_nlmsg_size+0x744/0x7a0
[ 2545.178740][T21574]  ? if_nlmsg_size+0x53a/0x7a0
[ 2545.183505][T21574]  rtmsg_ifinfo_build_skb+0x84/0x260
[ 2545.188802][T21574]  ? kasan_save_track+0x3f/0x80
[ 2545.193667][T21574]  ? packet_mc_add+0x12a/0x950
[ 2545.198438][T21574]  ? __sys_setsockopt+0x1ae/0x250
[ 2545.203499][T21574]  rtmsg_ifinfo+0x91/0x1b0
[ 2545.207930][T21574]  __dev_notify_flags+0xf7/0x400
[ 2545.212877][T21574]  ? __pfx___dev_notify_flags+0x10/0x10
[ 2545.218444][T21574]  ? __pfx_netdev_info+0x10/0x10
[ 2545.223401][T21574]  __dev_set_promiscuity+0x152/0x5a0
[ 2545.228685][T21574]  ? __kasan_kmalloc+0x98/0xb0
[ 2545.233467][T21574]  dev_set_promiscuity+0x51/0xe0
[ 2545.238423][T21574]  packet_mc_add+0x55b/0x950
[ 2545.243035][T21574]  packet_setsockopt+0x104f/0x1970
[ 2545.248149][T21574]  ? __pfx___might_resched+0x10/0x10
[ 2545.253431][T21574]  ? __pfx_packet_setsockopt+0x10/0x10
[ 2545.258892][T21574]  ? rcu_read_lock_any_held+0xb7/0x160
[ 2545.264364][T21574]  ? aa_sk_perm+0x967/0xab0
[ 2545.268883][T21574]  ? sb_end_write+0xe9/0x1c0
[ 2545.273482][T21574]  ? __pfx_aa_sk_perm+0x10/0x10
[ 2545.278351][T21574]  ? vfs_write+0x7c4/0xc90
[ 2545.282778][T21574]  ? aa_sock_opt_perm+0x79/0x120
[ 2545.287798][T21574]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[ 2545.293334][T21574]  ? security_socket_setsockopt+0x87/0xb0
[ 2545.299060][T21574]  ? __pfx_packet_setsockopt+0x10/0x10
[ 2545.304525][T21574]  do_sock_setsockopt+0x3af/0x720
[ 2545.309564][T21574]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 2545.315155][T21574]  __sys_setsockopt+0x1ae/0x250
[ 2545.320025][T21574]  __x64_sys_setsockopt+0xb5/0xd0
[ 2545.325080][T21574]  do_syscall_64+0xf3/0x230
[ 2545.329603][T21574]  ? clear_bhb_loop+0x35/0x90
[ 2545.334301][T21574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2545.340243][T21574] RIP: 0033:0x7f9d16975bd9
[ 2545.344677][T21574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2545.364277][T21574] RSP: 002b:00007f9d163ff048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 2545.372686][T21574] RAX: ffffffffffffffda RBX: 00007f9d16b03f60 RCX: 00007f9d16975bd9
[ 2545.380667][T21574] RDX: 0000000000000001 RSI: 0000000000000107 RDI: 0000000000000003
[ 2545.388647][T21574] RBP: 00007f9d163ff0a0 R08: 0000000000000010 R09: 0000000000000000
[ 2545.396623][T21574] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001
[ 2545.404601][T21574] R13: 000000000000000b R14: 00007f9d16b03f60 R15: 00007f9d16c2fa68
[ 2545.412672][T21574]  </TASK>
[ 2545.440463][T21574] netdevsim netdevsim4 netdevsim0: left promiscuous mode
[ 2545.817861][T21584] team0: entered promiscuous mode
[ 2545.822924][T21584] team_slave_0: entered promiscuous mode
[ 2545.829089][T21584] team_slave_1: entered promiscuous mode
[ 2545.851477][T21584] team0: left promiscuous mode
[ 2545.859485][T21584] team_slave_0: left promiscuous mode
[ 2545.865191][T21584] team_slave_1: left promiscuous mode
[ 2545.995107][T15979] tipc: Node number set to 2886997034
[ 2546.233611][ T2060] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[ 2546.354484][T21594] team0: entered promiscuous mode
[ 2546.359592][T21594] team_slave_0: entered promiscuous mode
[ 2546.368443][T21594] team_slave_1: entered promiscuous mode
[ 2546.377943][T21594] team0: left promiscuous mode
[ 2546.387655][T21594] team_slave_0: left promiscuous mode
[ 2546.393189][T21594] team_slave_1: left promiscuous mode
[ 2546.415299][ T2060] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2546.433953][ T2060] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 2546.446678][ T2060] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2546.456546][ T2060] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2546.468949][T21589] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 2546.751659][T15938] usb 4-1: USB disconnect, device number 58
[ 2546.990466][T21586] netlink: 'syz.3.10216': attribute type 29 has an invalid length.
[ 2547.004028][T21586] netlink: 'syz.3.10216': attribute type 29 has an invalid length.
[ 2547.028103][T21586] netlink: 'syz.3.10216': attribute type 29 has an invalid length.
[ 2547.068251][T21639] (unnamed net_device) (uninitialized): option updelay: invalid value (18446744073709551612)
[ 2547.078884][T21639] (unnamed net_device) (uninitialized): option updelay: allowed values 0 - 2147483647
[ 2547.100777][T21639] netlink: 40 bytes leftover after parsing attributes in process `syz.4.10222'.
[ 2547.181767][T21646] team0: entered promiscuous mode
[ 2547.187536][T21646] team_slave_0: entered promiscuous mode
[ 2547.193315][T21646] team_slave_1: entered promiscuous mode
[ 2547.209357][T21646] team0: left promiscuous mode
[ 2547.216358][T21646] team_slave_0: left promiscuous mode
[ 2547.223382][T21646] team_slave_1: left promiscuous mode
[ 2548.032695][T21656] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 2548.150682][T21663] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2548.203438][T21667] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10230'.
[ 2548.290631][T21676] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10230'.
[ 2548.304545][T21676] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10230'.
[ 2548.350277][T21678] team0: entered promiscuous mode
[ 2548.355538][T21678] team_slave_0: entered promiscuous mode
[ 2548.361459][T21678] team_slave_1: entered promiscuous mode
[ 2548.370002][T21678] team0: left promiscuous mode
[ 2548.382815][T21678] team_slave_0: left promiscuous mode
[ 2548.388504][T21678] team_slave_1: left promiscuous mode
[ 2548.423128][T21685] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10235'.
[ 2548.441503][T21685] syz.0.10235: attempt to access beyond end of device
[ 2548.441503][T21685] loop16: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2548.636535][T15953] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[ 2548.832049][T15953] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 2548.845063][T15953] usb 5-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00
[ 2548.854657][T15953] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2548.865565][T15953] usb 5-1: config 0 descriptor??
[ 2548.872991][T15953] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 2549.147557][T21696] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[ 2551.365280][T15953] usb 5-1: USB disconnect, device number 77
[ 2551.509448][T21723] netlink: 20 bytes leftover after parsing attributes in process `syz.0.10241'.
[ 2552.073601][T15938] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[ 2552.290183][T15938] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 2552.302472][T15938] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2552.319553][T15938] usb 4-1: config 0 descriptor??
[ 2552.326368][T15938] cp210x 4-1:0.0: cp210x converter detected
[ 2552.446827][T21736] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.10243'.
[ 2552.740162][T15938] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32
[ 2552.752987][T15938] usb 4-1: cp210x converter now attached to ttyUSB0
[ 2552.774897][ T2060] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[ 2552.952406][T15979] usb 4-1: USB disconnect, device number 59
[ 2552.966602][ T2060] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 2552.967843][T15979] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 2552.981211][ T2060] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2552.991025][T15979] cp210x 4-1:0.0: device disconnected
[ 2553.017039][ T2060] usb 5-1: config 0 descriptor??
[ 2553.026482][ T2060] cp210x 5-1:0.0: cp210x converter detected
[ 2553.429126][T21739] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2553.440450][T21739] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2553.450317][ T2060] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -121
[ 2553.661752][T21772] IPVS: wrr: SCTP 127.0.0.1:0 - no destination available
[ 2553.732097][T21774] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2553.760579][T21774] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2554.713794][T15979] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 2554.903641][T15979] usb 4-1: Using ep0 maxpacket: 16
[ 2554.910794][T15979] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[ 2554.922881][T15979] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 2554.932622][T15979] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2554.970382][T15979] usb 4-1: config 0 descriptor??
[ 2555.239125][T21780] random: crng reseeded on system resumption
[ 2555.697490][T21801] netlink: 8 bytes leftover after parsing attributes in process `syz.0.10249'.
[ 2555.789668][T21802] syz.0.10249: attempt to access beyond end of device
[ 2555.789668][T21802] loop16: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2556.052708][T21806] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2556.066213][T21806] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2558.464078][ T2060] cp210x 5-1:0.0: failed to get vendor val 0x3711 size 2: -110
[ 2558.471688][ T2060] cp210x 5-1:0.0: GPIO initialisation failed: -110
[ 2558.483460][ T2060] usb 5-1: cp210x converter now attached to ttyUSB0
[ 2560.876918][T15979] usbhid 4-1:0.0: can't add hid device: -32
[ 2560.882923][T15979] usbhid 4-1:0.0: probe with driver usbhid failed with error -32
[ 2560.919451][ T3716] usb 4-1: USB disconnect, device number 60
[ 2590.786512][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[ 2590.792867][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[ 2652.235998][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[ 2652.242352][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[ 2693.823966][   T30] INFO: task kworker/1:6:3714 blocked for more than 143 seconds.
[ 2693.831918][   T30]       Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0
[ 2693.842408][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2693.863535][   T30] task:kworker/1:6     state:D stack:22416 pid:3714  tgid:3714  ppid:2      flags:0x00004000
[ 2693.874043][   T30] Workqueue: events rfkill_global_led_trigger_worker
[ 2693.880764][   T30] Call Trace:
[ 2693.884129][   T30]  <TASK>
[ 2693.887087][   T30]  __schedule+0x17e8/0x4a20
[ 2693.891632][   T30]  ? __pfx___schedule+0x10/0x10
[ 2693.896560][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2693.902564][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2693.907773][   T30]  ? kick_pool+0x1bd/0x620
[ 2693.912225][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2693.917483][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[ 2693.922705][   T30]  ? schedule+0x90/0x320
[ 2693.926998][   T30]  schedule+0x14b/0x320
[ 2693.931175][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2693.936715][   T30]  __mutex_lock+0x6a4/0xd70
[ 2693.941251][   T30]  ? __mutex_lock+0x527/0xd70
[ 2693.946001][   T30]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[ 2693.952263][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2693.957340][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2693.963332][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2693.969773][   T30]  ? process_scheduled_works+0x945/0x1830
[ 2693.975863][   T30]  rfkill_global_led_trigger_worker+0x27/0xd0
[ 2693.981947][   T30]  ? process_scheduled_works+0x945/0x1830
[ 2693.987713][   T30]  process_scheduled_works+0xa2c/0x1830
[ 2693.993284][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2693.999427][   T30]  ? assign_work+0x364/0x3d0
[ 2694.004074][   T30]  worker_thread+0x86d/0xd50
[ 2694.008678][   T30]  ? __kthread_parkme+0x169/0x1d0
[ 2694.013753][   T30]  ? __pfx_worker_thread+0x10/0x10
[ 2694.018871][   T30]  kthread+0x2f0/0x390
[ 2694.022928][   T30]  ? __pfx_worker_thread+0x10/0x10
[ 2694.028073][   T30]  ? __pfx_kthread+0x10/0x10
[ 2694.032680][   T30]  ret_from_fork+0x4b/0x80
[ 2694.037164][   T30]  ? __pfx_kthread+0x10/0x10
[ 2694.041773][   T30]  ret_from_fork_asm+0x1a/0x30
[ 2694.046703][   T30]  </TASK>
[ 2694.049744][   T30] INFO: task syz.2.10105:21149 blocked for more than 143 seconds.
[ 2694.057618][   T30]       Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0
[ 2694.065288][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2694.074006][   T30] task:syz.2.10105     state:D stack:26544 pid:21149 tgid:21149 ppid:19528  flags:0x00004004
[ 2694.084473][   T30] Call Trace:
[ 2694.087756][   T30]  <TASK>
[ 2694.090675][   T30]  __schedule+0x17e8/0x4a20
[ 2694.095247][   T30]  ? __pfx___schedule+0x10/0x10
[ 2694.100116][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2694.105214][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 2694.110703][   T30]  ? schedule+0x90/0x320
[ 2694.115036][   T30]  schedule+0x14b/0x320
[ 2694.119204][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2694.124691][   T30]  __mutex_lock+0x6a4/0xd70
[ 2694.129200][   T30]  ? kobject_put+0x443/0x480
[ 2694.133841][   T30]  ? __mutex_lock+0x527/0xd70
[ 2694.138527][   T30]  ? rfkill_unregister+0xd0/0x230
[ 2694.149506][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2694.154616][   T30]  ? __pfx_device_del+0x10/0x10
[ 2694.159484][   T30]  ? __pfx_nfc_genl_device_removed+0x10/0x10
[ 2694.165582][   T30]  rfkill_unregister+0xd0/0x230
[ 2694.170452][   T30]  nfc_unregister_device+0x96/0x2a0
[ 2694.175708][   T30]  virtual_ncidev_close+0x59/0x90
[ 2694.180810][   T30]  ? __pfx_virtual_ncidev_close+0x10/0x10
[ 2694.186560][   T30]  __fput+0x24a/0x8a0
[ 2694.190581][   T30]  task_work_run+0x24f/0x310
[ 2694.195268][   T30]  ? __pfx_task_work_run+0x10/0x10
[ 2694.200392][   T30]  ? syscall_exit_to_user_mode+0xa3/0x360
[ 2694.206172][   T30]  syscall_exit_to_user_mode+0x168/0x360
[ 2694.211819][   T30]  do_syscall_64+0x100/0x230
[ 2694.216526][   T30]  ? clear_bhb_loop+0x35/0x90
[ 2694.221219][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2694.227311][   T30] RIP: 0033:0x7f8dcdf75bd9
[ 2694.231749][   T30] RSP: 002b:00007f8dce22fb48 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 2694.240256][   T30] RAX: 0000000000000000 RBX: 00007f8dce105a60 RCX: 00007f8dcdf75bd9
[ 2694.248279][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 2694.256312][   T30] RBP: 00007f8dce105a60 R08: 0000000000000006 R09: 00000018ce22fe7f
[ 2694.264328][   T30] R10: 00000000005f2a08 R11: 0000000000000246 R12: 000000000026a578
[ 2694.272329][   T30] R13: 0000000000000032 R14: 00007f8dce105a60 R15: 00007f8dce104038
[ 2694.280375][   T30]  </TASK>
[ 2694.283402][   T30] INFO: task syz.1.10110:21173 blocked for more than 143 seconds.
[ 2694.291238][   T30]       Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0
[ 2694.298938][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2694.307995][   T30] task:syz.1.10110     state:D stack:23632 pid:21173 tgid:21168 ppid:18370  flags:0x00004006
[ 2694.318389][   T30] Call Trace:
[ 2694.321741][   T30]  <TASK>
[ 2694.324850][   T30]  __schedule+0x17e8/0x4a20
[ 2694.329377][   T30]  ? __pfx___schedule+0x10/0x10
[ 2694.334374][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2694.339417][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 2694.344954][   T30]  ? schedule+0x90/0x320
[ 2694.349209][   T30]  schedule+0x14b/0x320
[ 2694.353389][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2694.358926][   T30]  __mutex_lock+0x6a4/0xd70
[ 2694.363506][   T30]  ? __mutex_lock+0x527/0xd70
[ 2694.368191][   T30]  ? nfc_rfkill_set_block+0x50/0x310
[ 2694.373522][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2694.378559][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[ 2694.383896][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2694.389813][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2694.396239][   T30]  nfc_rfkill_set_block+0x50/0x310
[ 2694.401365][   T30]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 2694.407135][   T30]  rfkill_set_block+0x1f1/0x440
[ 2694.412276][   T30]  rfkill_fop_write+0x5bb/0x790
[ 2694.417186][   T30]  ? common_file_perm+0x1a6/0x210
[ 2694.422232][   T30]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 2694.427662][   T30]  ? bpf_lsm_file_permission+0x9/0x10
[ 2694.433044][   T30]  ? rw_verify_area+0x1d2/0x6b0
[ 2694.437931][   T30]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 2694.443308][   T30]  vfs_write+0x2a2/0xc90
[ 2694.447597][   T30]  ? __fdget+0x184/0x1e0
[ 2694.451848][   T30]  ? __pfx_vfs_write+0x10/0x10
[ 2694.456685][   T30]  ? do_futex+0x33b/0x560
[ 2694.461043][   T30]  ? __fget_files+0x29/0x470
[ 2694.466036][   T30]  ? __fget_files+0x3f6/0x470
[ 2694.470737][   T30]  ? __fget_files+0x29/0x470
[ 2694.475394][   T30]  ksys_write+0x1a0/0x2c0
[ 2694.479740][   T30]  ? __pfx_ksys_write+0x10/0x10
[ 2694.484727][   T30]  ? do_syscall_64+0x100/0x230
[ 2694.489500][   T30]  ? do_syscall_64+0xb6/0x230
[ 2694.494242][   T30]  do_syscall_64+0xf3/0x230
[ 2694.498774][   T30]  ? clear_bhb_loop+0x35/0x90
[ 2694.503529][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2694.509437][   T30] RIP: 0033:0x7fec79f75bd9
[ 2694.513922][   T30] RSP: 002b:00007fec7ad32048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2694.522364][   T30] RAX: ffffffffffffffda RBX: 00007fec7a104038 RCX: 00007fec79f75bd9
[ 2694.530371][   T30] RDX: 0000000000000008 RSI: 0000000020000080 RDI: 000000000000000b
[ 2694.538425][   T30] RBP: 00007fec79fe4aa1 R08: 0000000000000000 R09: 0000000000000000
[ 2694.546536][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2694.554575][   T30] R13: 000000000000006e R14: 00007fec7a104038 R15: 00007fec7a22fa68
[ 2694.562561][   T30]  </TASK>
[ 2694.565643][   T30] INFO: task syz-executor:21463 blocked for more than 144 seconds.
[ 2694.573604][   T30]       Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0
[ 2694.581236][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2694.589962][   T30] task:syz-executor    state:D stack:24672 pid:21463 tgid:21463 ppid:5081   flags:0x00004004
[ 2694.600274][   T30] Call Trace:
[ 2694.603833][   T30]  <TASK>
[ 2694.606783][   T30]  __schedule+0x17e8/0x4a20
[ 2694.611329][   T30]  ? __pfx___schedule+0x10/0x10
[ 2694.616259][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2694.621379][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 2694.627046][   T30]  ? schedule+0x90/0x320
[ 2694.631299][   T30]  schedule+0x14b/0x320
[ 2694.635694][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2694.641179][   T30]  __mutex_lock+0x6a4/0xd70
[ 2694.646019][   T30]  ? __mutex_lock+0x527/0xd70
[ 2694.650726][   T30]  ? rfkill_register+0x34/0x8c0
[ 2694.655667][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2694.660798][   T30]  ? __init_waitqueue_head+0xae/0x150
[ 2694.666235][   T30]  ? device_initialize+0x266/0x460
[ 2694.671362][   T30]  rfkill_register+0x34/0x8c0
[ 2694.676097][   T30]  hci_register_dev+0x407/0x8b0
[ 2694.680970][   T30]  vhci_create_device+0x389/0x6d0
[ 2694.686165][   T30]  vhci_write+0x3cb/0x480
[ 2694.690524][   T30]  vfs_write+0xa72/0xc90
[ 2694.694860][   T30]  ? __pfx_vhci_write+0x10/0x10
[ 2694.700162][   T30]  ? __pfx_vfs_write+0x10/0x10
[ 2694.705065][   T30]  ksys_write+0x1a0/0x2c0
[ 2694.709411][   T30]  ? __pfx_ksys_write+0x10/0x10
[ 2694.714349][   T30]  ? do_syscall_64+0x100/0x230
[ 2694.719146][   T30]  ? do_syscall_64+0xb6/0x230
[ 2694.723929][   T30]  do_syscall_64+0xf3/0x230
[ 2694.728455][   T30]  ? clear_bhb_loop+0x35/0x90
[ 2694.733153][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2694.739126][   T30] RIP: 0033:0x7f3fd0b74720
[ 2694.743616][   T30] RSP: 002b:00007ffc79aa45f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 2694.752040][   T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f3fd0b74720
[ 2694.760052][   T30] RDX: 0000000000000002 RSI: 00007ffc79aa460a RDI: 00000000000000ca
[ 2694.768103][   T30] RBP: 00007f3fd0d04a18 R08: 0000000000000000 R09: 0000000000000000
[ 2694.776129][   T30] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[ 2694.784604][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000009
[ 2694.792599][   T30]  </TASK>
[ 2694.795672][   T30] INFO: task syz-executor:21479 blocked for more than 144 seconds.
[ 2694.803608][   T30]       Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0
[ 2694.811234][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2694.819930][   T30] task:syz-executor    state:D stack:24672 pid:21479 tgid:21479 ppid:5081   flags:0x00004000
[ 2694.830194][   T30] Call Trace:
[ 2694.833533][   T30]  <TASK>
[ 2694.836469][   T30]  __schedule+0x17e8/0x4a20
[ 2694.841019][   T30]  ? __pfx___schedule+0x10/0x10
[ 2694.845964][   T30]  ? __pfx_lock_release+0x10/0x10
[ 2694.851003][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 2694.856525][   T30]  ? schedule+0x90/0x320
[ 2694.860789][   T30]  schedule+0x14b/0x320
[ 2694.865162][   T30]  schedule_preempt_disabled+0x13/0x30
[ 2694.870635][   T30]  __mutex_lock+0x6a4/0xd70
[ 2694.875294][   T30]  ? __mutex_lock+0x527/0xd70
[ 2694.879966][   T30]  ? rfkill_register+0x34/0x8c0
[ 2694.884871][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 2694.889912][   T30]  ? __init_waitqueue_head+0xae/0x150
[ 2694.895348][   T30]  ? device_initialize+0x266/0x460
[ 2694.900486][   T30]  rfkill_register+0x34/0x8c0
[ 2694.905246][   T30]  hci_register_dev+0x407/0x8b0
[ 2694.910121][   T30]  vhci_create_device+0x389/0x6d0
[ 2694.915219][   T30]  vhci_write+0x3cb/0x480
[ 2694.919559][   T30]  vfs_write+0xa72/0xc90
[ 2694.923862][   T30]  ? __pfx_vhci_write+0x10/0x10
[ 2694.928727][   T30]  ? __pfx_vfs_write+0x10/0x10
[ 2694.933577][   T30]  ksys_write+0x1a0/0x2c0
[ 2694.937955][   T30]  ? __pfx_ksys_write+0x10/0x10
[ 2694.942805][   T30]  ? do_syscall_64+0x100/0x230
[ 2694.947635][   T30]  ? do_syscall_64+0xb6/0x230
[ 2694.952325][   T30]  do_syscall_64+0xf3/0x230
[ 2694.956884][   T30]  ? clear_bhb_loop+0x35/0x90
[ 2694.961567][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2694.967517][   T30] RIP: 0033:0x7f579af74720
[ 2694.971963][   T30] RSP: 002b:00007ffede9c9a58 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 2694.980544][   T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f579af74720
[ 2694.988577][   T30] RDX: 0000000000000002 RSI: 00007ffede9c9a6a RDI: 00000000000000ca
[ 2694.996620][   T30] RBP: 00007f579b104a18 R08: 0000000000000000 R09: 0000000000000000
[ 2695.004661][   T30] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[ 2695.012649][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000009
[ 2695.020810][   T30]  </TASK>
[ 2695.023881][   T30] 
[ 2695.023881][   T30] Showing all locks held in the system:
[ 2695.031583][   T30] 1 lock held by khungtaskd/30:
[ 2695.036478][   T30]  #0: ffffffff8e333f20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 2695.046473][   T30] 2 locks held by getty/4847:
[ 2695.051152][   T30]  #0: ffff88807c0680a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 2695.061027][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[ 2695.071389][   T30] 3 locks held by kworker/1:6/3714:
[ 2695.076641][   T30]  #0: ffff888015080948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 2695.087670][   T30]  #1: ffffc900047dfd00 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 2695.101822][   T30]  #2: ffffffff8f8bb5e8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[ 2695.113539][   T30] 2 locks held by syz.2.10105/21149:
[ 2695.118838][   T30]  #0: ffff8880696bf100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x63/0x2a0
[ 2695.128721][   T30]  #1: ffffffff8f8bb5e8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xd0/0x230
[ 2695.138962][   T30] 2 locks held by syz.1.10110/21173:
[ 2695.144322][   T30]  #0: ffffffff8f8bb5e8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x1a9/0x790
[ 2695.154484][   T30]  #1: ffff8880696bf100 (&dev->mutex){....}-{3:3}, at: nfc_rfkill_set_block+0x50/0x310
[ 2695.164211][   T30] 2 locks held by syz-executor/21463:
[ 2695.169586][   T30]  #0: ffff888011138918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6d0
[ 2695.179639][   T30]  #1: ffffffff8f8bb5e8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[ 2695.194122][   T30] 2 locks held by syz-executor/21479:
[ 2695.199637][   T30]  #0: ffff888048a6b118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6d0
[ 2695.210138][   T30]  #1: ffffffff8f8bb5e8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[ 2695.220170][   T30] 3 locks held by syz.4.10243/21736:
[ 2695.225513][   T30]  #0: ffffffff8f64d230 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[ 2695.233782][   T30]  #1: ffffffff8f64d0e8 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0
[ 2695.242733][   T30]  #2: ffffffff8f8bb5e8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[ 2695.252718][   T30] 2 locks held by syz.0.10249/21801:
[ 2695.258104][   T30]  #0: ffffffff8f64d230 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[ 2695.266546][   T30]  #1: ffffffff8f64d0e8 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0
[ 2695.275606][   T30] 2 locks held by syz.3.10250/21823:
[ 2695.280889][   T30]  #0: ffffffff8f64d230 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[ 2695.289152][   T30]  #1: ffffffff8f64d0e8 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0
[ 2695.298207][   T30] 2 locks held by syz-executor/21825:
[ 2695.303770][   T30]  #0: ffff88806b0ae918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6d0
[ 2695.313949][   T30]  #1: ffffffff8f8bb5e8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[ 2695.324050][   T30] 2 locks held by syz-executor/21827:
[ 2695.329424][   T30]  #0: ffff888065c62118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6d0
[ 2695.339502][   T30]  #1: ffffffff8f8bb5e8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[ 2695.349970][   T30] 2 locks held by syz-executor/21830:
[ 2695.355555][   T30]  #0: ffff888064a1e918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x6d0
[ 2695.365673][   T30]  #1: ffffffff8f8bb5e8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x34/0x8c0
[ 2695.375828][   T30] 
[ 2695.378170][   T30] =============================================
[ 2695.378170][   T30] 
[ 2695.386678][   T30] NMI backtrace for cpu 0
[ 2695.391003][   T30] CPU: 0 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0
[ 2695.400886][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2695.410938][   T30] Call Trace:
[ 2695.414211][   T30]  <TASK>
[ 2695.417132][   T30]  dump_stack_lvl+0x241/0x360
[ 2695.421813][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2695.427012][   T30]  ? __pfx__printk+0x10/0x10
[ 2695.431591][   T30]  ? vprintk_emit+0x631/0x770
[ 2695.436260][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[ 2695.441279][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[ 2695.446299][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2695.451747][   T30]  ? _printk+0xd5/0x120
[ 2695.455895][   T30]  ? __pfx__printk+0x10/0x10
[ 2695.460475][   T30]  ? __wake_up_klogd+0xcc/0x110
[ 2695.465316][   T30]  ? __pfx__printk+0x10/0x10
[ 2695.469920][   T30]  ? __rcu_read_unlock+0xa1/0x110
[ 2695.474939][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2695.480927][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[ 2695.486916][   T30]  watchdog+0xfde/0x1020
[ 2695.491161][   T30]  ? watchdog+0x1ea/0x1020
[ 2695.495582][   T30]  ? __pfx_watchdog+0x10/0x10
[ 2695.500254][   T30]  kthread+0x2f0/0x390
[ 2695.504406][   T30]  ? __pfx_watchdog+0x10/0x10
[ 2695.509076][   T30]  ? __pfx_kthread+0x10/0x10
[ 2695.513757][   T30]  ret_from_fork+0x4b/0x80
[ 2695.518170][   T30]  ? __pfx_kthread+0x10/0x10
[ 2695.522750][   T30]  ret_from_fork_asm+0x1a/0x30
[ 2695.527516][   T30]  </TASK>
[ 2695.530776][   T30] Sending NMI from CPU 0 to CPUs 1:
[ 2695.536105][    C1] NMI backtrace for cpu 1
[ 2695.536119][    C1] CPU: 1 PID: 6076 Comm: kworker/u8:3 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0
[ 2695.536139][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2695.536150][    C1] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
[ 2695.536179][    C1] RIP: 0010:preempt_count_add+0x6f/0x190
[ 2695.536205][    C1] Code: c7 c0 e0 f6 79 94 48 c1 e8 03 42 0f b6 04 38 84 c0 0f 85 e4 00 00 00 83 3d 6d 5a 14 13 00 75 11 65 8b 05 4c 38 9e 7e 0f b6 c0 <3d> f5 00 00 00 73 5e 65 8b 05 3b 38 9e 7e 25 ff ff ff 7f 39 d8 75
[ 2695.536219][    C1] RSP: 0018:ffffc9000c0973c8 EFLAGS: 00000246
[ 2695.536234][    C1] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff9479f603
[ 2695.536246][    C1] RDX: ffff888029bb5a00 RSI: 0000000000000001 RDI: 0000000000000001
[ 2695.536257][    C1] RBP: ffffc9000c0974c0 R08: ffffffff8140f091 R09: ffffc9000c0975b0
[ 2695.536270][    C1] R10: 0000000000000003 R11: ffffffff8181dd90 R12: ffff888029bb5a00
[ 2695.536282][    C1] R13: dffffc0000000000 R14: 0000000000000001 R15: dffffc0000000000
[ 2695.536295][    C1] FS:  0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[ 2695.536310][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2695.536322][    C1] CR2: 000055f389abd680 CR3: 000000000e132000 CR4: 00000000003506f0
[ 2695.536337][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2695.536348][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2695.536359][    C1] Call Trace:
[ 2695.536365][    C1]  <NMI>
[ 2695.536374][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 2695.536391][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 2695.536410][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2695.536427][    C1]  ? nmi_handle+0x2a/0x5a0
[ 2695.536456][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 2695.536473][    C1]  ? nmi_handle+0x14f/0x5a0
[ 2695.536493][    C1]  ? nmi_handle+0x2a/0x5a0
[ 2695.536525][    C1]  ? preempt_count_add+0x6f/0x190
[ 2695.536545][    C1]  ? default_do_nmi+0x63/0x160
[ 2695.536563][    C1]  ? exc_nmi+0x123/0x1f0
[ 2695.536579][    C1]  ? end_repeat_nmi+0xf/0x53
[ 2695.536603][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2695.536626][    C1]  ? unwind_next_frame+0xa1/0x2a00
[ 2695.536647][    C1]  ? preempt_count_add+0x6f/0x190
[ 2695.536668][    C1]  ? preempt_count_add+0x6f/0x190
[ 2695.536690][    C1]  ? preempt_count_add+0x6f/0x190
[ 2695.536711][    C1]  </NMI>
[ 2695.536717][    C1]  <TASK>
[ 2695.536724][    C1]  ? batadv_skb_head_push+0x164/0x200
[ 2695.536741][    C1]  unwind_next_frame+0xc1/0x2a00
[ 2695.536766][    C1]  ? pskb_expand_head+0x202/0x1390
[ 2695.536786][    C1]  ? batadv_skb_head_push+0x164/0x200
[ 2695.536803][    C1]  ? __kernel_text_address+0xd/0x40
[ 2695.536822][    C1]  ? batadv_skb_head_push+0x164/0x200
[ 2695.536838][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2695.536860][    C1]  arch_stack_walk+0x151/0x1b0
[ 2695.536889][    C1]  ? batadv_skb_head_push+0x164/0x200
[ 2695.536909][    C1]  stack_trace_save+0x118/0x1d0
[ 2695.536931][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 2695.536954][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2695.536971][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2695.536989][    C1]  kasan_save_track+0x3f/0x80
[ 2695.537017][    C1]  ? kasan_save_track+0x3f/0x80
[ 2695.537033][    C1]  ? __kasan_kmalloc+0x98/0xb0
[ 2695.537049][    C1]  ? kmalloc_node_track_caller_noprof+0x225/0x440
[ 2695.537072][    C1]  ? kmalloc_reserve+0x111/0x2a0
[ 2695.537088][    C1]  ? pskb_expand_head+0x202/0x1390
[ 2695.537106][    C1]  ? batadv_skb_head_push+0x164/0x200
[ 2695.537145][    C1]  ? kmalloc_node_track_caller_noprof+0x376/0x440
[ 2695.537168][    C1]  __kasan_kmalloc+0x98/0xb0
[ 2695.537186][    C1]  kmalloc_node_track_caller_noprof+0x225/0x440
[ 2695.537208][    C1]  ? pskb_expand_head+0x202/0x1390
[ 2695.537228][    C1]  ? pskb_expand_head+0x202/0x1390
[ 2695.537247][    C1]  kmalloc_reserve+0x111/0x2a0
[ 2695.537265][    C1]  pskb_expand_head+0x202/0x1390
[ 2695.537290][    C1]  ? __copy_skb_header+0x437/0x5b0
[ 2695.537308][    C1]  ? __pfx_pskb_expand_head+0x10/0x10
[ 2695.537329][    C1]  ? __copy_skb_header+0x437/0x5b0
[ 2695.537349][    C1]  batadv_skb_head_push+0x164/0x200
[ 2695.537368][    C1]  batadv_send_skb_packet+0xee/0x670
[ 2695.537386][    C1]  ? skb_clone+0x240/0x390
[ 2695.537406][    C1]  batadv_iv_send_outstanding_bat_ogm_packet+0x673/0x810
[ 2695.537435][    C1]  ? process_scheduled_works+0x945/0x1830
[ 2695.537451][    C1]  process_scheduled_works+0xa2c/0x1830
[ 2695.537481][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2695.537502][    C1]  ? assign_work+0x364/0x3d0
[ 2695.537521][    C1]  worker_thread+0x86d/0xd50
[ 2695.537542][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2695.537560][    C1]  ? __kthread_parkme+0x169/0x1d0
[ 2695.537579][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 2695.537607][    C1]  kthread+0x2f0/0x390
[ 2695.537624][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 2695.537640][    C1]  ? __pfx_kthread+0x10/0x10
[ 2695.537659][    C1]  ret_from_fork+0x4b/0x80
[ 2695.537677][    C1]  ? __pfx_kthread+0x10/0x10
[ 2695.537694][    C1]  ret_from_fork_asm+0x1a/0x30
[ 2695.537722][    C1]  </TASK>
[ 2695.538205][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[ 2696.031325][   T30] CPU: 0 PID: 30 Comm: khungtaskd Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0
[ 2696.041213][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 2696.051255][   T30] Call Trace:
[ 2696.054535][   T30]  <TASK>
[ 2696.057456][   T30]  dump_stack_lvl+0x241/0x360
[ 2696.062228][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2696.067422][   T30]  ? __pfx__printk+0x10/0x10
[ 2696.072003][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2696.077995][   T30]  ? vscnprintf+0x5d/0x90
[ 2696.082312][   T30]  panic+0x349/0x860
[ 2696.086198][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 2696.092340][   T30]  ? __pfx_panic+0x10/0x10
[ 2696.096746][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[ 2696.102112][   T30]  ? __irq_work_queue_local+0x137/0x410
[ 2696.107658][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[ 2696.113017][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 2696.119159][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[ 2696.125305][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[ 2696.131446][   T30]  watchdog+0x101d/0x1020
[ 2696.135770][   T30]  ? watchdog+0x1ea/0x1020
[ 2696.140177][   T30]  ? __pfx_watchdog+0x10/0x10
[ 2696.144845][   T30]  kthread+0x2f0/0x390
[ 2696.148909][   T30]  ? __pfx_watchdog+0x10/0x10
[ 2696.153574][   T30]  ? __pfx_kthread+0x10/0x10
[ 2696.158158][   T30]  ret_from_fork+0x4b/0x80
[ 2696.162564][   T30]  ? __pfx_kthread+0x10/0x10
[ 2696.167146][   T30]  ret_from_fork_asm+0x1a/0x30
[ 2696.171914][   T30]  </TASK>
[ 2696.175165][   T30] Kernel Offset: disabled
[ 2696.179482][   T30] Rebooting in 86400 seconds..