last executing test programs:

18m33.231951713s ago: executing program 32 (id=700):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x800000, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
pivot_root(&(0x7f0000000240)='./file0/../file0\x00', 0x0)

16m23.745978287s ago: executing program 4 (id=1089):
unshare(0x20000400)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/pm_wakeup_irq', 0x40, 0x101)
io_setup(0x6, &(0x7f0000003b80)=<r1=>0x0)
io_submit(r1, 0x2, &(0x7f0000000280)=[&(0x7f0000003cc0)={0x0, 0x0, 0x0, 0x0, 0xa, r0, 0x0, 0x0, 0x800, 0x0, 0x0, r0}, 0x0])

16m23.446015094s ago: executing program 4 (id=1092):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xe, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe000000008500000063000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbf91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340)={0x0, 0x2}, 0xfffffffffffffe34}, 0x42)

16m23.265907922s ago: executing program 4 (id=1093):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
r3 = syz_io_uring_setup(0x111, &(0x7f0000000b00)={0x0, 0x35da, 0x2, 0x7, 0x87}, &(0x7f0000000140), &(0x7f0000000400))
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000240)=ANY=[@ANYBLOB="611404"], 0xa8)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x24, &(0x7f0000000080)=0xcd6, 0x4)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
io_uring_enter(r3, 0x66a8, 0x4000, 0xf, 0x0, 0x18)

16m22.300456446s ago: executing program 4 (id=1101):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='sysfs\x00', 0x800000, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
pivot_root(&(0x7f0000000240)='./file0/../file0\x00', 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

16m22.115045702s ago: executing program 4 (id=1104):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0x6, 0xf, 0x8, 0x41}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

16m16.817770037s ago: executing program 4 (id=1119):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha1)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$sock(r1, &(0x7f0000006cc0)=[{{0x0, 0x0, &(0x7f00000028c0)=[{0x0}, {&(0x7f0000001200)="f8", 0x1}], 0x2}}], 0x1, 0x4)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x153)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3a, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/psched\x00')

16m16.600115286s ago: executing program 33 (id=1119):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha1)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$sock(r1, &(0x7f0000006cc0)=[{{0x0, 0x0, &(0x7f00000028c0)=[{0x0}, {&(0x7f0000001200)="f8", 0x1}], 0x2}}], 0x1, 0x4)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x153)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3a, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/psched\x00')

15m27.965515051s ago: executing program 0 (id=1343):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

15m27.782340927s ago: executing program 0 (id=1344):
r0 = socket(0x10, 0x3, 0xc)
write(r0, &(0x7f0000000040)="ef", 0x1)

15m27.376437496s ago: executing program 0 (id=1345):
socket(0x2, 0x2, 0x4)

15m26.525710156s ago: executing program 0 (id=1348):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
ptrace$ARCH_GET_FS(0x1e, r0, &(0x7f0000000040), 0x1003)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, 0x0)
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000280)=0x1, 0x4)
syz_emit_ethernet(0x3e, &(0x7f0000000200)={@link_local={0x1, 0x80, 0xc2, 0x3}, @dev, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x8, 0x11, 0x0, @private2, @mcast2, {[], {0x0, 0xe22, 0x8}}}}}}, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x0, 0x0, 0x13}]}}, 0x0, 0x26}, 0x20)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x9, 0x4, 0x4, 0x2, 0x80, 0x1, 0x0, '\x00', 0x0, r4, 0x1, 0x1}, 0x50)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xd, 0x4, 0x4, 0xa8, 0x0, r5, 0x0, '\x00', 0x0, r4, 0x0, 0x1}, 0x50)

15m25.29147202s ago: executing program 0 (id=1350):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x3ff, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1, 0x5}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b702000000000080bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000008e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8877a6db61d69f2ffcaa10350e11cb97ce8df1bc9a0c4eeceb9971e43405d621ffbc9b0d8ca56b50f0c010d631f6dbc8486bc5d5bf2ca8285056892db03cf1c62d57c08a90b189d190c341035de53a9a53608c10556e5734eb84049761451ce540c772e069f80cb201b2de17dfdb4b60939d5d6aed4062049b87e03e2cd18a77dda613e0c64497fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231a2d73148be4248cdc138408ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600daded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286ccca37db965d9dd366598f5ec993cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100bd5828954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e113e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6fc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3eeec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e01506471e897bced7798509e64df360d95f9a4099f86438ac2bbcbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2b93aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c590bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03444471c1dd660c87acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b90106248f81d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10ea52f1018527f4aa39cdafa3eff63de2a7f50d042667820f6f86f276afb2b8134301e031351ee13013137e9d5cec0c84d7e3f82c6fd12eb98f9ea654bcb9ce59a2015183c6e65bb"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r0, 0x0, 0xd, 0x0, &(0x7f0000000080)="3a173357f297c605804ab38284", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0x17, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}, {}, {0x85, 0x0, 0x0, 0x8}}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0xfca804a0, 0x0, 0x8, &(0x7f00000002c0), &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x3, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000080)='syzkaller\x00'}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={r4, 0x58, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000040)=r5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r8}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast})
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r11}, &(0x7f0000000a00), &(0x7f0000000a40)=r10}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r11}, &(0x7f0000000880), &(0x7f00000008c0)=r10}, 0x20)

15m23.421899615s ago: executing program 1 (id=1354):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)="2c919d116ffd0013acd7f64596abbf722626578c1d01af2820b300c0edb5f5684f64316398d1d7069ebd7dc8a231a85abe21255fa1b602e32d6c9811", &(0x7f00000008c0), 0x1003, r0}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f0000000b80)={r0, &(0x7f00000014c0), &(0x7f0000000b40)=""/31}, 0x20)

15m22.469861876s ago: executing program 1 (id=1356):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x6, @remote, 0xfffffffc}}, 0x0, 0x0, 0x6, 0x0, "3f114438efdaca16d374b49a365be44d5e860ea3ba676c0b5047b80e2c3535d5bd9db3c8572560f4d1be5cd41f7716082ee3589f099942e6f1c395ddb8160381baadf27900"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x20000000, @remote}}, 0x0, 0x0, 0x0, 0x0, "ddfd3b7ed7c6a1c172a987ae5ce3cafd64c9a736831a5912d606798fb75c9981c4b3ac0e06891ff18bc5543ed57215a3c45f9154dfa319e52a15a2b9acf80c07fb1a854dad742eef6187f2304844c296"}, 0xd8)
r4 = socket$inet6(0x10, 0x2, 0x4)
sendto$inet6(r4, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x4a, 0x0, 0x0)

15m22.381138234s ago: executing program 0 (id=1357):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r2}, &(0x7f0000000040), &(0x7f0000000080)='%pB    \x00'}, 0x20)
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[], 0xffbf)

15m20.853610314s ago: executing program 1 (id=1359):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
ptrace$ARCH_GET_FS(0x1e, r0, &(0x7f0000000040), 0x1003)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sched_setscheduler(0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000280)=0x1, 0x4)
syz_emit_ethernet(0x3e, &(0x7f0000000200)={@link_local={0x1, 0x80, 0xc2, 0x3}, @dev, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x8, 0x11, 0x0, @private2, @mcast2, {[], {0x0, 0xe22, 0x8}}}}}}, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x0, 0x0, 0x13}]}}, 0x0, 0x26}, 0x20)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x9, 0x4, 0x4, 0x2, 0x80, 0x1, 0x0, '\x00', 0x0, r3, 0x1, 0x1}, 0x50)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xd, 0x4, 0x4, 0xa8, 0x0, r4, 0x0, '\x00', 0x0, r3, 0x0, 0x1}, 0x50)

15m19.499963131s ago: executing program 1 (id=1362):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x16, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)

15m18.445869908s ago: executing program 1 (id=1365):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, [@printk={@ld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x17}}, @call={0x85, 0x0, 0x0, 0x23}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xe, 0x0, &(0x7f0000000300)="0101000071a78326c799dbe888a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

15m18.177489806s ago: executing program 1 (id=1366):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x2400}, 0xa5, 0x4, 0x10100000}}, @TCA_TBF_BURST={0x8, 0x6, 0x3ff}]}}]}, 0x60}}, 0x44080)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000008c0)=@newqdisc={0x70, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xfff2, 0xa}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x44, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x0, 0x3ff, 0x6, 0x4, 0x5}, {0xff, 0x1, 0x401, 0xf64a, 0x1, 0x9}, 0xf97, 0x6, 0xb70}}, @TCA_TBF_PRATE64={0xc, 0x5, 0x592f3ca27be3fa98}, @TCA_TBF_RATE64={0xc, 0x4, 0x2e27b565961173ac}]}}]}, 0x70}}, 0x800)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_udp_int(r1, 0x11, 0x67, &(0x7f0000000040)=0x4, 0x4)
sendmmsg$inet6(r1, &(0x7f0000005c00)=[{{&(0x7f00000022c0)={0xa, 0x4e23, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, 0x6}, 0x1c, &(0x7f0000003a40)=[{&(0x7f00000037c0)="1049456d5c", 0x5}], 0x1}}], 0x1, 0x20000080)

15m7.051765357s ago: executing program 34 (id=1357):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r2}, &(0x7f0000000040), &(0x7f0000000080)='%pB    \x00'}, 0x20)
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[], 0xffbf)

15m3.113224735s ago: executing program 35 (id=1366):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = dup(r0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x2400}, 0xa5, 0x4, 0x10100000}}, @TCA_TBF_BURST={0x8, 0x6, 0x3ff}]}}]}, 0x60}}, 0x44080)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000008c0)=@newqdisc={0x70, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xfff2, 0xa}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x44, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x0, 0x3ff, 0x6, 0x4, 0x5}, {0xff, 0x1, 0x401, 0xf64a, 0x1, 0x9}, 0xf97, 0x6, 0xb70}}, @TCA_TBF_PRATE64={0xc, 0x5, 0x592f3ca27be3fa98}, @TCA_TBF_RATE64={0xc, 0x4, 0x2e27b565961173ac}]}}]}, 0x70}}, 0x800)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_udp_int(r1, 0x11, 0x67, &(0x7f0000000040)=0x4, 0x4)
sendmmsg$inet6(r1, &(0x7f0000005c00)=[{{&(0x7f00000022c0)={0xa, 0x4e23, 0x1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, 0x6}, 0x1c, &(0x7f0000003a40)=[{&(0x7f00000037c0)="1049456d5c", 0x5}], 0x1}}], 0x1, 0x20000080)

13m19.468048558s ago: executing program 5 (id=1594):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000060000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000180), &(0x7f0000000240)=r1}, 0x20)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)

13m19.32630865s ago: executing program 5 (id=1596):
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x8000c61)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000340)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(0xffffffffffffffff, 0xc1004110, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000a40)=ANY=[@ANYBLOB="fc0000001b00010000000000fedbdf2500000000000000000000000000000001fe8000000000000000000000000000bb0000fffd4e2000000a00000000000000202b32bef0936e1bcc71414692cc6a3db882d0ab400269d59d7905e0b4f400c9f1387dfb865edeebb9be9d842dd7a71e2ef2068d3647e982f985a15791475a8c7bdf1906e9f82cb54c1bc3a87a23d17e", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="f8ffffffffffffff0000000000000000000000001000"/55], 0xfc}}, 0x4040000)

13m18.887508386s ago: executing program 5 (id=1597):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0xa, 0x3, 0xfc)
setsockopt$inet6_opts(r3, 0x29, 0x39, 0x0, 0xa8)

13m17.801859704s ago: executing program 5 (id=1598):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet(0x2, 0x3, 0x6)
semget$private(0x0, 0x5, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={0xffffffffffffffff, &(0x7f0000000400), 0x0, 0x2}, 0x20)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
setresuid(0xee01, 0xee01, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
writev(r4, &(0x7f0000001240)=[{&(0x7f0000000500)='*', 0x1}], 0x1)

13m16.781584849s ago: executing program 5 (id=1604):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="09000000060000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000180), &(0x7f0000000240)=r1}, 0x20)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)

13m16.64203171s ago: executing program 5 (id=1606):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff7)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x6}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, 0x0, &(0x7f00000002c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0x4004743d, 0x110e22fff6)
write$cgroup_type(r3, &(0x7f0000000280), 0xfffffeed)

13m1.466271355s ago: executing program 36 (id=1606):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff7)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x6}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, 0x0, &(0x7f00000002c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0x4004743d, 0x110e22fff6)
write$cgroup_type(r3, &(0x7f0000000280), 0xfffffeed)

10m9.493470534s ago: executing program 6 (id=2131):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, &(0x7f0000000140)='GPL\x00'}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000900)={'bridge0\x00', @remote})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00'}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})

10m4.54654951s ago: executing program 6 (id=2150):
setfsgid(0xee00)
r0 = syz_clone(0x80080100, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x800000, 0x0)
syz_open_procfs$namespace(r0, &(0x7f0000000100)='ns/ipc\x00')

10m4.225696442s ago: executing program 6 (id=2156):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x24, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6}]}, 0x10)
sendmmsg(r3, 0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)

10m2.674002524s ago: executing program 6 (id=2162):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x1, 0x42, 0x40, 0xc2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r0, 0x0, 0x0}, 0x20)

10m2.60302097s ago: executing program 6 (id=2163):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, 0x0, &(0x7f0000001700)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r1)
userfaultfd(0x1)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x4898, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

10m2.381448016s ago: executing program 6 (id=2167):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x800)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)

9m46.97517999s ago: executing program 37 (id=2167):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x800)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)

4m36.254516885s ago: executing program 2 (id=4794):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000180), 0xa8043, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000340)={0x28, 0x5, r1, 0x0, &(0x7f00000003c0)='a', 0x1, 0x100000001})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x5, r1, 0x0, &(0x7f0000000a40)="7f", 0x1, 0x4})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000002c0)={0x28, 0x5, r1, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x9})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x2, r1, 0x0, 0x0, 0x0, 0x5})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000080)={0x28, 0x2, r1, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000100)={0x28, 0x4, r1, 0x0, &(0x7f0000000400)="8250", 0x2, 0xfffffffffffffffb})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000001c0)={0x28, 0x4, r1, 0x0, &(0x7f00000004c0)="87", 0x1, 0x304f601a})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x4, r1, 0x0, &(0x7f0000000840)="fc", 0x1, 0x80000000000})

4m35.967669606s ago: executing program 2 (id=4797):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
getsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, 0x0, 0x0)

4m35.785916517s ago: executing program 2 (id=4798):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0xa2e03, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x143041, 0x2)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000380)=ANY=[@ANYBLOB="00000100ff"])
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000004c0)={'syzkaller0\x00', @link_local})
r4 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r4, 0x0, 0x0, 0x80, &(0x7f0000000300)={0x11, 0xd, r2, 0x1, 0x5}, 0x14)

4m33.717842205s ago: executing program 2 (id=4809):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x6, 0x4, 0x8, 0x8}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000181500", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000200850000001500000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0xfeff, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

4m33.483953161s ago: executing program 2 (id=4812):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x80102, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
setregid(0xffffffffffffffff, 0x0)
socket$inet(0x2, 0x2, 0x1)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000006c0)={'syzkaller0\x00', @broadcast})

4m28.755149403s ago: executing program 2 (id=4819):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0xa2e03, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x143041, 0x2)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000380)=ANY=[@ANYBLOB="00000100ff"])
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000004c0)={'syzkaller0\x00', @link_local})
r4 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r4, 0x0, 0x0, 0x80, &(0x7f0000000300)={0x11, 0xd, r2, 0x1, 0x5}, 0x14)

4m13.45896619s ago: executing program 38 (id=4819):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0xa2e03, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x143041, 0x2)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000380)=ANY=[@ANYBLOB="00000100ff"])
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000004c0)={'syzkaller0\x00', @link_local})
r4 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r4, 0x0, 0x0, 0x80, &(0x7f0000000300)={0x11, 0xd, r2, 0x1, 0x5}, 0x14)

3m27.063599535s ago: executing program 9 (id=5038):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000c80)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@ipv4_newaddr={0x48, 0x14, 0x509, 0x0, 0x25dfdbfd, {0x2, 0x18, 0x53, 0xcb, r2}, [@IFA_LOCAL={0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, @IFA_FLAGS={0x8, 0x8, 0x10}, @IFA_RT_PRIORITY={0x8, 0x9, 0x40}, @IFA_LOCAL={0x8, 0x2, @multicast2}, @IFA_BROADCAST={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IFA_RT_PRIORITY={0x8, 0x9, 0x4}]}, 0x48}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x70}}, 0x0)

3m25.513823169s ago: executing program 9 (id=5045):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000180), 0xa8043, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000340)={0x28, 0x5, r1, 0x0, &(0x7f00000003c0)='a', 0x1, 0x100000001})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x5, r1, 0x0, &(0x7f0000000a40)="7f", 0x1, 0x4})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000002c0)={0x28, 0x5, r1, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x9})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x2, r1, 0x0, &(0x7f0000000380)="ee", 0x1, 0x5})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000080)={0x28, 0x2, r1, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000100)={0x28, 0x4, r1, 0x0, &(0x7f0000000400)="82", 0x1, 0xfffffffffffffffb})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000001c0)={0x28, 0x4, r1, 0x0, &(0x7f00000004c0)="87", 0x1, 0x304f601a})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, 0x0)

3m25.387977817s ago: executing program 9 (id=5048):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x301, 0x0, 0x0, 0x1, 0x0})

3m25.249753099s ago: executing program 9 (id=5051):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, 0x0, 0x0)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000000)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x50, 0x1}, {0x6, 0x80, 0xfd}]}, 0x10)

3m25.035593182s ago: executing program 9 (id=5053):
r0 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(r0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$netlink(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, 0x0, 0x0)

3m24.004490361s ago: executing program 9 (id=5061):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
clock_nanosleep(0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)

3m8.261973882s ago: executing program 39 (id=5061):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
clock_nanosleep(0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, 0x0)
syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0)

19.052302926s ago: executing program 8 (id=5510):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000140))
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x1c)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/unix\x00')
pread64(r2, &(0x7f0000000480)=""/177, 0xb1, 0xe0)

18.96304989s ago: executing program 8 (id=5512):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)="fba5b6ff2b3cf5d691cf2c9230434623dd29a7b7d0ba667485922366a1e1bc356945d1a1a09bce680d2f5a30305a845ca3f0d58b3de95f47db8e2b7a80200cfec3e9edd90ca6e293a017953f422e9f1bbc92713c0e4036ea965e1b813d97db693d7235ff983f100d4137c972e851405278dafccbb5c91a4e86a5d51195f47a49f0d287ddb0d78fcc5ac1565015312c", 0x8f}], 0x1, 0x0, 0x128}}], 0x1, 0x60cd894)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x202, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f0000000380)={0x21, 0x0, [{0x298, 0x0, 0x100}]})

18.757667735s ago: executing program 8 (id=5515):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@dev={0xfe, 0x80, '\x00', 0x37}, 0x100300, 0x0, 0x3, 0x9, 0x9, 0x7}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@local, 0x0, 0x0, 0x2, 0x1, 0x5, 0xb}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, 0x0, 0x0)

18.639676974s ago: executing program 8 (id=5516):
r0 = socket(0x2, 0x80805, 0x0)
shutdown(0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000200)={<r1=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e22, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000100)={r1, 0x7, 0x5, 0x1}, 0x10)

18.517586387s ago: executing program 8 (id=5518):
socket$nl_sock_diag(0x10, 0x3, 0x4)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[], 0xfffffe3e)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x18800000000000, 0x4, 0xfffffffffffffffd, 0x0, 0x0, 0x7, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x1000004, 0x2800000000000, 0x8, 0x7, 0x0, 0x7fffffff}, 0x0, 0x0)

17.594064224s ago: executing program 8 (id=5525):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x7, 0x4)
sendmsg$netlink(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000017c0)={0x24, 0x12, 0x1, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x0, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}, @nested={0x4, 0x31}]}, 0x24}], 0x1}, 0x4000800)

4.3620008s ago: executing program 7 (id=5575):
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x3})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000140))

3.531789373s ago: executing program 7 (id=5576):
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x129c81, 0x0)
unshare(0x400)
write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x7f, 0x4000006, 0x3, "42341f9b1000007e4f00"})
ioprio_set$pid(0x2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r2 = syz_open_pts(r1, 0x103100)
dup3(r2, r1, 0x0)
splice(r1, 0x0, r0, 0x0, 0x7ffff000, 0x0)

3.289746717s ago: executing program 7 (id=5577):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
socket(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f00000000c0)={@multicast2=0xe0004000, @private=0xa010100}, 0xc)

2.578728466s ago: executing program 40 (id=5525):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x7, 0x4)
sendmsg$netlink(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000017c0)={0x24, 0x12, 0x1, 0x0, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x0, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}, @nested={0x4, 0x31}]}, 0x24}], 0x1}, 0x4000800)

1.805364391s ago: executing program 7 (id=5579):
socket$inet6(0xa, 0x80002, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r4 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000640)=ANY=[@ANYBLOB='-', @ANYRESHEX=r4], 0x8b)
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x7ff)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000340)="fb", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r6 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x200)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r6, 0xc008551a, &(0x7f00000001c0)=ANY=[@ANYBLOB='\b\x00\x00\x00\b'])

1.735924497s ago: executing program 3 (id=5580):
pselect6(0x2000, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x300}, 0x0, &(0x7f0000000100)={0x8}, 0x0, 0x0)

1.528846053s ago: executing program 3 (id=5581):
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

612.857007ms ago: executing program 3 (id=5582):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000002240)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0af0ff0020000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd8445974b26ffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129daa7a6b2f91af50342115e17392ac627c87867c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1ef0900094fa737c28b99938512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804da4f86bb47a4a69bf9bc5fa96ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad91935a6ddfa8f90e79321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c1f860d050d694cc7806d294d3665016a7b29da0fde4745db06753a7ac74a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d40887c58559b7dcb98a6273b8c651e57f727041c62cea5b7bd24d9f679e4fbe948dfb4cc4a389469608241630459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554df26236ebced9390cb6941b83720eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb89872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000000000000000000000928ee53595a779d243a48cea769470424d28804c04b2c4324ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebed161980f2fde4f9ef679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da202274f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e9338c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada201bcbb5c252b28a60ca770663da451790cc3600040543a34b195c6a8fc054282cd41b264906d5a9fad98c308e39bd5ffb6151d79c1cee1cd102e3c8e63e9fba05e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2b485185cc92fe7f791e8f6429309d6adab4b7e508e4bf024ed8f8a005f2bbf96c89739f5cf1e750d50517a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d7fcd116bce9c764c714c9402c21d181aac59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af41000000000000007f5ab0d534b8d63e4ca3be71f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0be61e58c79d497247d278888901d442ad7f8536607a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733097f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000001000027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd52ae84c1bb0c8a6c769f952283a1f4e3842edb3d42c0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76bea3858f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c030931651dd315003b7a6a5433a2bb560ae99e85b227eda2e63a1c31a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7141d5e221509342bfe7d294d1eb3de6a50ca0301f89c2ee627e949c68b3a4a426a996d503a26e9a714ee5f72d8805dd1bfbd081f6a5359dbdfbf31a562395020becaf3fd1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6eab34000000000000000000000000c4426344ec1a3366515dee221e747f55d7dd02534bc503b9b28277c253e410986bef2111a99cc448d652929f8a67a6a1d3f00dcad91aff428aade3f85714a1d3ef29acd4d49b62339c10c2ec0dac4b28288e78980c1184d8223edbc4bf9258b7374e79a1f8bf3fb73c8c6dbb7bbdfc399847a11921f97eba0ea14c4fed9a71eedb97c02461792e3a49dac16c60c3fcaab222025d78963c3ac899fa8b63f58a30212c9b2d7fe751e2046b78f86e22861b6504c667350244dd6d9189a8b9c45f8aaff9db694811ca86ed978f23eed7459c0382074170cf1e25b0e9ba3d1cc309353eea4cd8ab96bafda393276bdd8d32ead8db9e1b54d2d3d50e2815268fc1a6ec566981bc8ca2a4583f3d40e817433d0f4f25cfe6cc1897449ba5f26a9d66ac73e6f5c401376f23a314e0b9ff997d22f3e34b5524642c248aa813edaa626f0000000000000000000000000000000003ba5bac34b611569a451564d3a5400f9097ffe7a37e765bc652be71ee24250d6d9cf19878dd62c53062d6000c409de6a6135eae8a00000000008d797190a26c933f933aff5c521eeb7a84a62d148a846e74e76b515b6b8be29e8b69310fa130cf6d6b74f33205d3cc218ca554ed8085ae044f5bf2e89ad07963acbd4dd4dc5b4552591edde7a22ad06f7567e6fec2f65011b579bf609d61a3ff4d6f490824bb035995449fc34106ae6889f036d67b6aaee784f855ebc746ac871b5d2031ac0a252ac1f86e93e245f3793cea80b6de773899d49d11d3b1ed79163b111c976cf840a2ef6214a43338fba8c9edb6be26e68fcc5d47ed74a66ce8aba726ab955b9b32ab1890e84a5e2d7476252af25e5c95c5a8b2b1b5c8a2645b017d23c0f169d6ab529cc889bb07889d9e155114cf3e26a50c527ec6d4021cd2cacfea6d7e41e39e26b3967cad65c648b170f12ea9cc69dcee64be0c27b1f4f7f5ce3e62c35602c9d2921326891901661c85b9ee4a0a0b9636bef4c23788494f094abb91ed813b42828aa93105896e0aee851a8087e169a1d69e841257d9053d0cdc3a6ac4f12084cc6470abebe8b344b1f56690a2687b428686c854c21831da277e8b8a21b7b91a46d22ba083eca7b1f8268048cde7d6f237dca42035881b29ca9c8c2937971821b613894297ff6f7796053a4de1fd77e180cc22b205d43bb4a1b59962c1f605ea1b74587100e8d579f157cb45561c357f9976cec6a43388b3049a0d9c171ff6145266ba119d00000000001ef3794a930eb12f3a6215c510bf0bca70c127e9c70cc7bef921249a7f18a0034ce3264a9e96656b47233e2ed7c76520e649c3fd550bdafd77c5cd72b4446d3e157ddd97e7622a6891fb739acd3b2cdaf65ac78490f0641be6e8c6f55bf3d228786895ff5fd5970faacd8a5025aca0aa1931f477ba06aa60051298c8bf7f3b399194f98dc3f4e8513ad06da09dc393c1284515986b8c70ac69512f6c0c04f42edb3a097a11f2ab480e3e391abffae097752300576337c6dd24c4a98280684aa1fe8c7b43ee8bce05fe979b34da18cdb44dbb030b8009cd3b3b44fd8e7b534acd3f1839cb54817668ab446d3d47848429ea831a57f26c8b05dedddceb24483f8f998b05c3ddf85c3799c9000000000000000000000000001e57cf839eb3150d6a076fb7b86fae98dbb46014f483aecb4ec4f0877371bcae8912c78aff857c669760f0e55041563c5c3e8ee4a0eef885fd43fe34a1febc82370d1d07fdfe705ada4764320889000000000000000000000000000000a790af4fc17872b55b10db99e212d18193235659df45627da300959eafc8bfb44f70d250f8f2e86532700254c9a8b14999f59c8b9034c4bb2448eaeff5db21d4a7f3d974790d4c3cba7c402f50585b9289d86400679e5c2bcacb2841ca074d51fdb4a29e84d72b6c996cfbee06aa52cd632e82ba068e8e1572ef2eb414ba5fccfc3c03e64df6a9cc3936c604aa2c0e2ec7b777475023f29b146af003472ce146a5ff997ba53c51026c0096154f9280a34bbf21d66f57a250b5397766122fc86950ce5252e96868cd04df54764cf2082153d6cedd8aaf9700c734aa4a1cb33a2e0a13c5687be4de327511bff9816d13c3219dac1c1535f10243db6f96960ea6a621f5e1b7babbedf0a6bf0cf74123d2e78d01be2b048883a2459eec630fb0293d28d9799fd3a792caff693fd9f002f14c43fb5a1051cc686b7f114d7927eed559bdf2e8ddea3e61d5d942b63fe90230b2e1948fc563ef94d437281671d2fe5032d2a091fa842b0af2e116ba"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r0, 0xe0, &(0x7f0000000580)={0x0, <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000840)={r1}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x2f00020b, 0x0, 0x0, 0x0, 0x0, 0xae5b, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

515.882958ms ago: executing program 7 (id=5583):
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x40001}, 0x1)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x10, 0x1418, 0x1, 0x0, 0x3}, 0x10}, 0x1, 0x0, 0x0, 0x8}, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[], 0x28}}, 0x0)
r0 = socket(0x1000000010, 0x80802, 0x0)
sendmmsg$alg(r0, &(0x7f0000000200), 0x4924924924926d3, 0x0)

321.433359ms ago: executing program 7 (id=5584):
futex(&(0x7f0000000000)=0x1, 0xd, 0x0, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc)=0x4, 0x9, 0x4, 0x0, 0x0, 0x400000)
futex(&(0x7f000000cffc), 0x3, 0x40, 0x0, &(0x7f0000000000)=0x2, 0x4ffffff)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[], 0x3c}}, 0x40000)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r1=>0x0}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r1, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, &(0x7f00000001c0)=0x9c)

245.238119ms ago: executing program 3 (id=5585):
request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000080)=']\x00', 0x0)

79.088206ms ago: executing program 3 (id=5586):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
socket(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f00000000c0)={@multicast2=0xe0004000, @private=0xa010100}, 0xc)

0s ago: executing program 3 (id=5587):
r0 = semget$private(0x0, 0x1, 0x100)
semctl$SEM_STAT(r0, 0x0, 0x12, &(0x7f0000000080)=""/192)

kernel console output (not intermixed with test programs):

AN 0 to HW filter on device bond0
[  976.683097][T14767] 8021q: adding VLAN 0 to HW filter on device team0
[  976.703805][  T142] bridge0: port 1(bridge_slave_0) entered blocking state
[  976.704060][  T142] bridge0: port 1(bridge_slave_0) entered forwarding state
[  976.746888][   T68] bridge0: port 2(bridge_slave_1) entered blocking state
[  976.747233][   T68] bridge0: port 2(bridge_slave_1) entered forwarding state
[  977.388479][T14998] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  977.634223][T14998] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  977.743761][T14998] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  977.794376][T14998] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  978.428702][T14767] 8021q: adding VLAN 0 to HW filter on device batadv0
[  978.640302][T15553] fuse: Unknown parameter 'fd0x0000000000000006'
[  978.844351][T14998] 8021q: adding VLAN 0 to HW filter on device bond0
[  978.847369][T14767] veth0_vlan: entered promiscuous mode
[  978.903063][T14767] veth1_vlan: entered promiscuous mode
[  979.227988][T14998] 8021q: adding VLAN 0 to HW filter on device team0
[  979.270517][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  979.270719][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  979.287635][ T6230] bridge0: port 2(bridge_slave_1) entered blocking state
[  979.288031][ T6230] bridge0: port 2(bridge_slave_1) entered forwarding state
[  979.366501][T14767] veth0_macvtap: entered promiscuous mode
[  979.404957][T14767] veth1_macvtap: entered promiscuous mode
[  979.521256][T14767] batman_adv: batadv0: Interface activated: batadv_slave_0
[  979.578426][T14767] batman_adv: batadv0: Interface activated: batadv_slave_1
[  979.622623][ T6230] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  979.622677][ T6230] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  979.622711][ T6230] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  979.622745][ T6230] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  980.225805][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  980.225825][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  980.357098][T14998] 8021q: adding VLAN 0 to HW filter on device batadv0
[  980.567192][ T3888] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  980.567206][ T3888] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  980.931138][T14998] veth0_vlan: entered promiscuous mode
[  981.539432][T14998] veth1_vlan: entered promiscuous mode
[  981.804887][T14998] veth0_macvtap: entered promiscuous mode
[  981.812837][T14998] veth1_macvtap: entered promiscuous mode
[  981.849013][T14998] batman_adv: batadv0: Interface activated: batadv_slave_0
[  981.867170][T14998] batman_adv: batadv0: Interface activated: batadv_slave_1
[  981.883860][   T58] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  981.883904][   T58] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  981.883939][   T58] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  981.883974][   T58] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  982.555510][T15618] 9pnet_fd: Insufficient options for proto=fd
[  983.893708][  T158] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  983.893722][  T158] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  984.133288][T15635] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2941'.
[  984.221232][ T6230] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  984.221252][ T6230] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  984.660928][T15644] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2944'.
[  985.084755][T15646] 9pnet_fd: Insufficient options for proto=fd
[  985.315293][T15652] fuse: Unknown parameter 'fd0x0000000000000006'
[  986.934941][T15685] netlink: 60 bytes leftover after parsing attributes in process `syz.8.2958'.
[  989.029561][T15724] netlink: 60 bytes leftover after parsing attributes in process `syz.8.2976'.
[  989.458694][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  992.015464][T15776] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2998'.
[  992.015488][T15776] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2998'.
[  994.458305][T15842] netlink: 60 bytes leftover after parsing attributes in process `syz.7.3023'.
[  999.431223][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  999.431295][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1003.201439][T15972] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3079'.
[ 1005.596515][T16027] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3102'.
[ 1012.518634][T16242] sctp: [Deprecated]: syz.7.3202 (pid 16242) Use of int in max_burst socket option.
[ 1012.518634][T16242] Use struct sctp_assoc_value instead
[ 1013.504747][T16252] netlink: 16 bytes leftover after parsing attributes in process `syz.9.3206'.
[ 1014.796991][T16280] netlink: 88 bytes leftover after parsing attributes in process `syz.7.3218'.
[ 1016.225490][T16294] netlink: 16 bytes leftover after parsing attributes in process `syz.9.3222'.
[ 1018.189843][T16327] netlink: 44 bytes leftover after parsing attributes in process `syz.8.3239'.
[ 1018.409377][T16330] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3237'.
[ 1019.114655][T16358] netlink: 44 bytes leftover after parsing attributes in process `syz.8.3251'.
[ 1019.241484][T16364] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3253'.
[ 1020.398679][T16387] netlink: 'syz.8.3263': attribute type 17 has an invalid length.
[ 1020.436936][T16380] team0: No ports can be present during mode change
[ 1020.611493][T16394] netlink: 44 bytes leftover after parsing attributes in process `syz.9.3266'.
[ 1020.765442][T16397] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3267'.
[ 1020.793701][T16398] gretap1: entered promiscuous mode
[ 1022.422167][T16439] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3283'.
[ 1022.615363][T16447] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3286'.
[ 1023.047710][T16465] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3296'.
[ 1023.351092][T16470] FAT-fs (loop19): unable to read boot sector
[ 1024.118876][T16488] netlink: 'syz.3.3306': attribute type 4 has an invalid length.
[ 1024.435191][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1024.863822][T16526] netlink: 3 bytes leftover after parsing attributes in process `syz.8.3321'.
[ 1024.863845][T16526] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3321'.
[ 1024.863864][T16526] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3321'.
[ 1025.059426][T16496] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1025.059634][T16496] block device autoloading is deprecated and will be removed.
[ 1025.783620][T16549] FAT-fs (loop19): unable to read boot sector
[ 1026.436331][T16563] process 'syz.3.3336' launched './file0' with NULL argv: empty string added
[ 1026.724618][T16579] FAT-fs (loop5): unable to read boot sector
[ 1029.799381][T16685] FAT-fs (loop7): unable to read boot sector
[ 1030.130183][T16698] netlink: 36 bytes leftover after parsing attributes in process `syz.9.3395'.
[ 1031.643238][T16731] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3406'.
[ 1032.785158][T16760] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3420'.
[ 1033.656233][T16796] netlink: 7 bytes leftover after parsing attributes in process `syz.2.3436'.
[ 1033.848353][T16802] FAT-fs (loop15): unable to read boot sector
[ 1035.738174][T16883] netlink: 7 bytes leftover after parsing attributes in process `syz.3.3479'.
[ 1038.729089][T16975] usb usb8: usbfs: process 16975 (syz.2.3518) did not claim interface 0 before use
[ 1039.074732][T16996] netlink: 64 bytes leftover after parsing attributes in process `syz.9.3529'.
[ 1040.135625][T17028] netlink: 64 bytes leftover after parsing attributes in process `syz.7.3542'.
[ 1041.712717][ T5890] kernel read not supported for file /newroot/489/file0 (pid: 5890 comm: kworker/0:5)
[ 1043.730100][T17096] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3571'.
[ 1044.740691][T17076] netlink: 220 bytes leftover after parsing attributes in process `syz.8.3563'.
[ 1044.740717][T17076] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3563'.
[ 1044.740733][T17076] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3563'.
[ 1044.741706][T17076] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3563'.
[ 1044.741876][T17076] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3563'.
[ 1045.191772][T17146] FAT-fs (loop7): unable to read boot sector
[ 1046.832887][T17178] FAT-fs (loop17): unable to read boot sector
[ 1048.247850][T17211] netlink: 44 bytes leftover after parsing attributes in process `syz.9.3621'.
[ 1049.330747][T17256] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3635'.
[ 1050.989586][T17294] netlink: 60 bytes leftover after parsing attributes in process `syz.9.3654'.
[ 1051.798034][T10946] Bluetooth: hci5: command 0x0406 tx timeout
[ 1051.957753][T17302] netlink: 'syz.9.3658': attribute type 4 has an invalid length.
[ 1053.057070][T17331] netlink: 60 bytes leftover after parsing attributes in process `syz.9.3669'.
[ 1055.319794][T17358] syz.2.3682 (17358) used greatest stack depth: 15888 bytes left
[ 1056.378926][T17391] 9pnet_fd: Insufficient options for proto=fd
[ 1058.899489][T17473] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3730'.
[ 1059.649064][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1059.649135][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1060.743264][T17509] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3742'.
[ 1061.715141][ T5810] Bluetooth: hci1: command 0x0406 tx timeout
[ 1062.813072][T17580] 9pnet_fd: Insufficient options for proto=fd
[ 1063.672054][T17625] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3797'.
[ 1064.034010][T17642] netlink: 'syz.2.3804': attribute type 4 has an invalid length.
[ 1064.599349][T17660] FAT-fs (loop7): unable to read boot sector
[ 1064.705655][T17662] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3812'.
[ 1066.777466][T17727] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3842'.
[ 1067.930314][T17759] netlink: 40 bytes leftover after parsing attributes in process `syz.7.3856'.
[ 1067.950387][T17760] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3855'.
[ 1068.791238][T17789] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3872'.
[ 1072.306099][T17854] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1077.809515][T18001] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3965'.
[ 1077.949109][T18005] netlink: 40 bytes leftover after parsing attributes in process `syz.7.3967'.
[ 1077.977225][T18006] FAT-fs (loop17): unable to read boot sector
[ 1078.914504][T18031] bond0: entered allmulticast mode
[ 1078.914527][T18031] bond_slave_0: entered allmulticast mode
[ 1078.914546][T18031] bond_slave_1: entered allmulticast mode
[ 1078.961165][T18038] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3983'.
[ 1079.555954][T18049] bond0: (slave bond_slave_0): Releasing backup interface
[ 1079.647668][T18049] bond0: (slave bond_slave_1): Releasing backup interface
[ 1079.755198][T18049] team0: Port device team_slave_0 removed
[ 1079.786456][T18049] team0: Port device team_slave_1 removed
[ 1079.786875][T18049] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1079.845148][T18049] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1079.886553][T18049] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1079.887643][T18057] team0: Mode changed to "activebackup"
[ 1080.855256][T18104] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4009'.
[ 1083.145365][T18153] veth0_to_bridge: entered promiscuous mode
[ 1083.149690][T18153] A link change request failed with some changes committed already. Interface veth0_to_bridge may have been left with an inconsistent configuration, please check.
[ 1083.422948][T18158] FAT-fs (loop5): unable to read boot sector
[ 1083.720167][T18175] 9pnet_fd: Insufficient options for proto=fd
[ 1086.262043][T18241] FAT-fs (loop15): unable to read boot sector
[ 1088.861694][ T5810] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1088.880523][ T5810] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1088.882414][ T5810] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1088.883514][ T5810] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1088.884248][ T5810] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1090.956444][ T5810] Bluetooth: hci0: command tx timeout
[ 1092.061628][T18301] chnl_net:caif_netlink_parms(): no params data found
[ 1092.421237][T18363] fuse: Bad value for 'group_id'
[ 1092.421255][T18363] fuse: Bad value for 'group_id'
[ 1092.995172][ T5810] Bluetooth: hci0: command tx timeout
[ 1093.667124][T18301] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1093.682540][T18301] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1093.682760][T18301] bridge_slave_0: entered allmulticast mode
[ 1093.702586][T18301] bridge_slave_0: entered promiscuous mode
[ 1093.716515][T18301] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1093.716647][T18301] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1093.716846][T18301] bridge_slave_1: entered allmulticast mode
[ 1093.766785][T18301] bridge_slave_1: entered promiscuous mode
[ 1094.193435][T18301] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1094.222245][T18301] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1094.568782][T18301] team0: Port device team_slave_0 added
[ 1094.573757][T18301] team0: Port device team_slave_1 added
[ 1095.078428][ T5810] Bluetooth: hci0: command tx timeout
[ 1095.207379][T18301] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1095.207395][T18301] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1095.207420][T18301] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1095.477015][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1095.560108][T18301] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1095.560124][T18301] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1095.560267][T18301] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1095.940403][T18301] hsr_slave_0: entered promiscuous mode
[ 1095.943387][T18301] hsr_slave_1: entered promiscuous mode
[ 1097.028771][T18301] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.155189][ T5810] Bluetooth: hci0: command tx timeout
[ 1097.514312][T18301] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.565532][T18512] fuse: Bad value for 'fd'
[ 1098.158295][T18523] Bluetooth: MGMT ver 1.23
[ 1098.987877][T18542] fuse: Bad value for 'fd'
[ 1099.142211][T18301] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1099.540295][T18301] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1099.595701][T18565] fuse: Bad value for 'fd'
[ 1100.436756][ T5810] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 1100.456578][ T5810] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1101.202989][T18584] fuse: Unknown parameter 'grou00000000000000000000'
[ 1101.275278][T18301] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1101.426167][T18301] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1101.483168][T18301] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1101.529630][T18301] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1101.741933][T18301] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1101.946425][T18611] fuse: Unknown parameter 'grou00000000000000000000'
[ 1101.974275][T18301] 8021q: adding VLAN 0 to HW filter on device team0
[ 1102.368354][ T4227] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1102.369109][ T4227] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1102.494436][ T4227] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1102.503780][ T4227] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1103.000769][T18622] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4230'.
[ 1103.061832][T18301] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1103.682430][T18645] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4238'.
[ 1104.262639][T18301] veth0_vlan: entered promiscuous mode
[ 1104.275226][T10946] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 1104.275634][ T5810] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1104.282197][T18301] veth1_vlan: entered promiscuous mode
[ 1105.911715][T18301] veth0_macvtap: entered promiscuous mode
[ 1105.936084][T18301] veth1_macvtap: entered promiscuous mode
[ 1105.972548][T18301] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1106.042330][T18301] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1106.101112][  T142] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1106.107098][  T142] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1106.107341][  T142] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1106.107564][  T142] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1106.186254][T18681] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1106.571401][ T6232] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1106.571421][ T6232] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1106.769707][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1106.769727][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1107.740111][T10946] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 1107.741400][T10946] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1107.953840][T18713] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1108.536475][T18733] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4272'.
[ 1108.788801][ T5810] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1108.815571][ T5810] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1108.817080][ T5810] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1108.824908][ T5810] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1108.857109][ T5810] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1109.874249][T18738] chnl_net:caif_netlink_parms(): no params data found
[ 1110.450919][T18738] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1110.451122][T18738] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1110.451332][T18738] bridge_slave_0: entered allmulticast mode
[ 1110.457218][T18738] bridge_slave_0: entered promiscuous mode
[ 1110.466616][T18738] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1110.466843][T18738] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1110.467035][T18738] bridge_slave_1: entered allmulticast mode
[ 1110.469679][T18738] bridge_slave_1: entered promiscuous mode
[ 1110.760842][T18738] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1110.780393][T18738] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1110.997399][T10946] Bluetooth: hci4: command tx timeout
[ 1111.030795][T18738] team0: Port device team_slave_0 added
[ 1111.060746][T18738] team0: Port device team_slave_1 added
[ 1111.372398][T18738] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1111.372477][T18738] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1111.372556][T18738] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1111.422800][T18738] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1111.422815][T18738] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1111.422842][T18738] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1113.034748][T18738] hsr_slave_0: entered promiscuous mode
[ 1113.041003][T18738] hsr_slave_1: entered promiscuous mode
[ 1113.041980][T18738] debugfs: 'hsr0' already exists in 'hsr'
[ 1113.042004][T18738] Cannot create hsr debugfs directory
[ 1113.085928][T10946] Bluetooth: hci4: command tx timeout
[ 1113.565103][ T5876] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 1113.865057][ T5876] usb 4-1: Using ep0 maxpacket: 16
[ 1113.867038][ T5876] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1113.868014][ T5876] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1113.868029][ T5876] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1113.868057][ T5876] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1113.870922][ T5876] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1113.870937][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1113.870948][ T5876] usb 4-1: Product: syz
[ 1113.870955][ T5876] usb 4-1: Manufacturer: syz
[ 1113.870962][ T5876] usb 4-1: SerialNumber: syz
[ 1114.498741][T18858] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1115.094629][T18738] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1115.155197][T10946] Bluetooth: hci4: command tx timeout
[ 1115.255016][ T5876] usb 4-1: 0:2 : does not exist
[ 1115.357250][ T5876] usb 4-1: USB disconnect, device number 5
[ 1115.416986][T18894] fuse: Bad value for 'user_id'
[ 1115.416998][T18894] fuse: Bad value for 'user_id'
[ 1115.419454][T18895] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4337'.
[ 1115.449886][T17868] udevd[17868]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1115.593130][T18738] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1115.879638][T18738] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1115.946725][T18909] veth0_to_bridge: entered promiscuous mode
[ 1115.949493][T18909] A link change request failed with some changes committed already. Interface veth0_to_bridge may have been left with an inconsistent configuration, please check.
[ 1116.249951][T18738] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1116.455230][ T5804] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[ 1116.522918][T18926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4349'.
[ 1116.645111][ T5804] usb 4-1: Using ep0 maxpacket: 16
[ 1116.647387][ T5804] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1116.648641][ T5804] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1116.648662][ T5804] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1116.648698][ T5804] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1116.659283][ T5804] usb 4-1: Dual-Role OTG device on HNP port
[ 1116.659702][ T5804] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1116.659725][ T5804] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1116.659744][ T5804] usb 4-1: Product: syz
[ 1116.659757][ T5804] usb 4-1: Manufacturer: syz
[ 1116.659770][ T5804] usb 4-1: SerialNumber: syz
[ 1116.679872][T18917] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1116.871006][T18934] veth0_to_bridge: entered promiscuous mode
[ 1116.872382][T18934] A link change request failed with some changes committed already. Interface veth0_to_bridge may have been left with an inconsistent configuration, please check.
[ 1116.919802][ T5804] usb 4-1: 0:2 : does not exist
[ 1117.027114][ T5804] usb 4-1: USB disconnect, device number 6
[ 1117.182383][T18943] netlink: 76 bytes leftover after parsing attributes in process `syz.7.4358'.
[ 1117.236791][T10946] Bluetooth: hci4: command tx timeout
[ 1117.284609][T18738] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1117.352060][T18738] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1117.381671][T18950] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4360'.
[ 1117.404282][T18738] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1117.449072][T18738] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1117.839579][T18738] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1117.866858][T18971] netlink: 76 bytes leftover after parsing attributes in process `syz.9.4368'.
[ 1117.870744][T18738] 8021q: adding VLAN 0 to HW filter on device team0
[ 1117.921405][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1117.921568][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1117.949334][ T6230] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1117.951945][ T6230] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1118.519110][T18738] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1119.940093][T18738] veth0_vlan: entered promiscuous mode
[ 1119.984447][T18738] veth1_vlan: entered promiscuous mode
[ 1120.095813][T18738] veth0_macvtap: entered promiscuous mode
[ 1120.142222][T19035] fuse: Bad value for 'fd'
[ 1120.142546][T18738] veth1_macvtap: entered promiscuous mode
[ 1120.244467][T18738] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1120.309405][T18738] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1120.393452][ T6230] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1120.394874][ T6230] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1120.394915][ T6230] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1120.402150][   T12] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1121.037948][ T4227] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1121.037979][ T4227] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1121.088264][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1121.088333][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1121.159534][ T4227] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1121.159553][ T4227] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1122.587070][T19072] bond0: entered allmulticast mode
[ 1122.587092][T19072] bond_slave_0: entered allmulticast mode
[ 1122.587111][T19072] bond_slave_1: entered allmulticast mode
[ 1123.804661][ T5810] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1123.875591][ T5810] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1123.885449][ T5810] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1123.893627][ T5810] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1123.897337][ T5810] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1124.671476][T19106] chnl_net:caif_netlink_parms(): no params data found
[ 1126.095354][ T5810] Bluetooth: hci2: command tx timeout
[ 1126.478859][T19106] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1126.478996][T19106] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1126.479251][T19106] bridge_slave_0: entered allmulticast mode
[ 1126.489144][T19106] bridge_slave_0: entered promiscuous mode
[ 1126.510138][T19106] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1126.518288][T19106] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1126.518496][T19106] bridge_slave_1: entered allmulticast mode
[ 1126.526329][T19106] bridge_slave_1: entered promiscuous mode
[ 1126.990048][T19106] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1127.032546][T19106] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1127.307340][T19188] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4450'.
[ 1127.389503][T19106] team0: Port device team_slave_0 added
[ 1127.409805][T19106] team0: Port device team_slave_1 added
[ 1127.909839][T19106] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1127.909856][T19106] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1127.909881][T19106] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1127.935775][T19194] bond0: entered allmulticast mode
[ 1127.935797][T19194] bond_slave_0: entered allmulticast mode
[ 1127.935817][T19194] bond_slave_1: entered allmulticast mode
[ 1127.994559][T19106] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1127.994576][T19106] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1127.994602][T19106] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1128.115634][ T5810] Bluetooth: hci2: command tx timeout
[ 1128.265102][T19210] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4460'.
[ 1128.546482][T19106] hsr_slave_0: entered promiscuous mode
[ 1128.562032][T19106] hsr_slave_1: entered promiscuous mode
[ 1128.563065][T19106] debugfs: 'hsr0' already exists in 'hsr'
[ 1128.563088][T19106] Cannot create hsr debugfs directory
[ 1128.914600][T19241] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4473'.
[ 1129.652420][T19269] ptrace attach of "./syz-executor exec"[19270] was attempted by "./syz-executor exec"[19269]
[ 1130.195156][ T5810] Bluetooth: hci2: command tx timeout
[ 1130.210602][T19284] IPv6: addrconf: prefix option has invalid lifetime
[ 1131.295956][   T37] audit: type=1326 audit(1760834052.274:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19309 comm="syz.2.4503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952763efc9 code=0x7ffc0000
[ 1131.296009][   T37] audit: type=1326 audit(1760834052.274:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19309 comm="syz.2.4503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952763efc9 code=0x7ffc0000
[ 1131.300811][   T37] audit: type=1326 audit(1760834052.274:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19309 comm="syz.2.4503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952763efc9 code=0x7ffc0000
[ 1131.301086][   T37] audit: type=1326 audit(1760834052.274:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19309 comm="syz.2.4503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952763efc9 code=0x7ffc0000
[ 1131.336977][   T37] audit: type=1326 audit(1760834052.314:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19309 comm="syz.2.4503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f952763efc9 code=0x7ffc0000
[ 1131.337027][   T37] audit: type=1326 audit(1760834052.314:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19309 comm="syz.2.4503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952763efc9 code=0x7ffc0000
[ 1131.337068][   T37] audit: type=1326 audit(1760834052.314:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19309 comm="syz.2.4503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952763efc9 code=0x7ffc0000
[ 1131.337114][   T37] audit: type=1326 audit(1760834052.314:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19309 comm="syz.2.4503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952763efc9 code=0x7ffc0000
[ 1131.337154][   T37] audit: type=1326 audit(1760834052.314:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19309 comm="syz.2.4503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f952763efc9 code=0x7ffc0000
[ 1131.337196][   T37] audit: type=1326 audit(1760834052.314:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19309 comm="syz.2.4503" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f952763efc9 code=0x7ffc0000
[ 1131.619690][T19106] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1131.686165][T19106] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1131.721564][T19106] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1131.805375][T19106] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1131.810070][T19327] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4508'.
[ 1132.074413][T19341] kvm: pic: non byte read
[ 1132.074768][T19341] kvm: pic: non byte read
[ 1132.101145][T19106] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1132.171853][T19106] 8021q: adding VLAN 0 to HW filter on device team0
[ 1132.230089][T15773] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1132.255579][T15773] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1132.274636][  T158] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1132.275401][ T5810] Bluetooth: hci2: command tx timeout
[ 1132.277775][  T158] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1132.607142][T19362] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4521'.
[ 1132.738988][T19368] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4522'.
[ 1132.739021][T19368] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4522'.
[ 1132.903891][T19106] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1135.315929][T19106] veth0_vlan: entered promiscuous mode
[ 1135.382180][T19106] veth1_vlan: entered promiscuous mode
[ 1135.512048][T19106] veth0_macvtap: entered promiscuous mode
[ 1135.551410][T19106] veth1_macvtap: entered promiscuous mode
[ 1135.613001][T19106] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1135.641519][T19106] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1135.665056][T13179] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1135.688788][  T158] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1135.705039][T15773] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1135.728507][T15773] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1135.728733][T15773] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1135.838795][T13179] usb 4-1: Using ep0 maxpacket: 32
[ 1135.844139][T13179] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[ 1135.844161][T13179] usb 4-1: config 0 has no interface number 0
[ 1135.871010][T13179] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1135.871036][T13179] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1135.871055][T13179] usb 4-1: Product: syz
[ 1135.871068][T13179] usb 4-1: Manufacturer: syz
[ 1135.871082][T13179] usb 4-1: SerialNumber: syz
[ 1135.912417][T13179] usb 4-1: config 0 descriptor??
[ 1135.921565][T13179] smsc95xx v2.0.0
[ 1137.527628][T13179] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000034: -71
[ 1137.527656][T13179] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_DATA
[ 1137.528321][T13179] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1137.528630][T13179] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71
[ 1137.609647][T13179] usb 4-1: USB disconnect, device number 7
[ 1137.619677][  T158] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1137.619694][  T158] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1137.777543][T19452] fuse: Unknown parameter 'use00000000000000000000'
[ 1137.874451][  T142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1137.874471][  T142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1138.615507][T19482] fuse: Unknown parameter 'user_i00000000000000000000'
[ 1141.725203][T13176] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1141.875029][T13176] usb 4-1: Using ep0 maxpacket: 16
[ 1141.895906][T13176] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1141.895937][T13176] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1141.895958][T13176] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1141.895998][T13176] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1141.896021][T13176] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1141.902310][T13176] usb 4-1: config 0 descriptor??
[ 1142.225089][T13202] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1142.403901][T13176] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.000B/input/input12
[ 1142.418869][T13202] usb 9-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1142.418899][T13202] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1142.418932][T13202] usb 9-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[ 1142.418953][T13202] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1142.471891][T13202] usb 9-1: config 0 descriptor??
[ 1142.501115][T13176] microsoft 0003:045E:07DA.000B: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[ 1142.556998][T13176] usb 4-1: USB disconnect, device number 8
[ 1142.930371][T13202] wacom 0003:056A:0015.000C: item fetching failed at offset 0/3
[ 1142.931151][T13202] wacom 0003:056A:0015.000C: parse failed
[ 1142.931253][T13202] wacom 0003:056A:0015.000C: probe with driver wacom failed with error -22
[ 1142.982614][T19517] fido_id[19517]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 1143.165113][ T5804] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1143.260669][T19523] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4582'.
[ 1143.317929][ T5804] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1143.317955][ T5804] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1143.319436][ T5804] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1143.319460][ T5804] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1143.319479][ T5804] usb 3-1: SerialNumber: syz
[ 1143.419739][   T37] kauditd_printk_skb: 4 callbacks suppressed
[ 1143.419754][   T37] audit: type=1326 audit(1760834064.374:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19526 comm="syz.7.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1143.419799][   T37] audit: type=1326 audit(1760834064.394:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19526 comm="syz.7.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1143.419842][   T37] audit: type=1326 audit(1760834064.394:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19526 comm="syz.7.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1143.419884][   T37] audit: type=1326 audit(1760834064.394:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19526 comm="syz.7.4584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1143.568716][T19533] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4587'.
[ 1143.612381][ T5804] usb 3-1: 0:2 : does not exist
[ 1143.675671][T13176] usb 9-1: USB disconnect, device number 2
[ 1143.727644][ T5804] usb 3-1: USB disconnect, device number 15
[ 1143.818215][T18890] udevd[18890]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1144.296779][T19555] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4596'.
[ 1144.467459][T19564] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1147.077519][T19598] fuse: Bad value for 'user_id'
[ 1147.077537][T19598] fuse: Bad value for 'user_id'
[ 1147.114347][T19599] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4612'.
[ 1147.696209][T19624] fuse: Bad value for 'user_id'
[ 1147.696227][T19624] fuse: Bad value for 'user_id'
[ 1147.854258][T19627] fuse: Bad value for 'group_id'
[ 1147.854277][T19627] fuse: Bad value for 'group_id'
[ 1147.912732][T19630] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4629'.
[ 1150.347416][T19661] fuse: Bad value for 'user_id'
[ 1150.347434][T19661] fuse: Bad value for 'user_id'
[ 1150.745888][T19673] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4645'.
[ 1150.887877][T19677] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1152.702799][T19688] fuse: Bad value for 'fd'
[ 1155.695067][T13176] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1155.858955][T13176] usb 3-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1155.858987][T13176] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1155.859020][T13176] usb 3-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[ 1155.859041][T13176] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1155.865151][T13176] usb 3-1: config 0 descriptor??
[ 1156.125985][T19753] fuse: Unknown parameter '0x0000000000000003'
[ 1156.583748][T19769] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4683'.
[ 1156.590098][T19769] bridge_slave_0: default FDB implementation only supports local addresses
[ 1156.888004][T19780] fuse: Unknown parameter '0x0000000000000003'
[ 1156.908962][T13176] usbhid 3-1:0.0: can't add hid device: -71
[ 1156.909088][T13176] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1156.935847][T13176] usb 3-1: USB disconnect, device number 16
[ 1157.485435][T13202] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 1157.635199][T13202] usb 8-1: Using ep0 maxpacket: 16
[ 1157.637609][T13202] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1157.638868][T13202] usb 8-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1157.638888][T13202] usb 8-1: config 1 has an invalid descriptor of length 127, skipping remainder of the config
[ 1157.638907][T13202] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1157.638942][T13202] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1157.641406][T13202] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1157.641431][T13202] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1157.641450][T13202] usb 8-1: Product: syz
[ 1157.641463][T13202] usb 8-1: Manufacturer: syz
[ 1157.641476][T13202] usb 8-1: SerialNumber: syz
[ 1157.687687][T19791] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1158.022424][T19804] fuse: Unknown parameter '0x0000000000000003'
[ 1158.320935][T13202] usb 8-1: 0:2 : does not exist
[ 1158.427406][T13202] usb 8-1: USB disconnect, device number 2
[ 1158.581910][T18890] udevd[18890]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1158.671168][T19815] fuse: Unknown parameter '0x0000000000000003'
[ 1158.775826][T19819] trusted_key: encrypted_key: master key parameter '' is invalid
[ 1158.804320][T19817] netlink: 'syz.3.4705': attribute type 4 has an invalid length.
[ 1160.585067][T13179] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[ 1160.739834][T13179] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1160.740591][T13179] usb 4-1: not running at top speed; connect to a high speed hub
[ 1160.741968][T13179] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1160.741989][T13179] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1160.742007][T13179] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1160.744779][T13179] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1160.744805][T13179] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1160.744824][T13179] usb 4-1: Product: syz
[ 1160.744837][T13179] usb 4-1: Manufacturer: syz
[ 1160.744850][T13179] usb 4-1: SerialNumber: syz
[ 1161.823219][T13179] usb 4-1: 0:2 : does not exist
[ 1162.206922][ T5876] usb 4-1: USB disconnect, device number 9
[ 1162.589785][T19848] fuse: Unknown parameter '0x0000000000000003'
[ 1162.722115][T19854] trusted_key: encrypted_key: master key parameter '' is invalid
[ 1162.829887][T19858] netlink: 'syz.2.4719': attribute type 4 has an invalid length.
[ 1163.415165][T13176] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1163.715120][T13176] usb 4-1: Using ep0 maxpacket: 8
[ 1163.717933][T13176] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[ 1163.717957][T13176] usb 4-1: config 179 has no interface number 0
[ 1163.718008][T13176] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1163.718033][T13176] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1163.718059][T13176] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1163.718083][T13176] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 1163.718109][T13176] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1163.718150][T13176] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1163.718171][T13176] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1163.730548][T19869] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1165.874823][ T5804] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input13
[ 1165.894642][T19869] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1165.897453][T19869] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1166.238124][T13176] usb 4-1: USB disconnect, device number 10
[ 1166.238183][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1166.238218][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1166.455694][T19883] trusted_key: encrypted_key: master key parameter '' is invalid
[ 1166.526377][T19886] fuse: Unknown parameter 'fd0x0000000000000003'
[ 1170.135060][T13204] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[ 1170.287519][T13204] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1170.290523][T13204] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1170.290549][T13204] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1170.290568][T13204] usb 8-1: Product: syz
[ 1170.290582][T13204] usb 8-1: Manufacturer: syz
[ 1170.290595][T13204] usb 8-1: SerialNumber: syz
[ 1170.395031][T13179] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1170.554370][T13179] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1170.554395][T13179] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1170.582348][T13179] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1170.582375][T13179] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1170.582393][T13179] usb 4-1: SerialNumber: syz
[ 1171.509415][T13179] usb 4-1: 0:2 : does not exist
[ 1171.527326][T13179] usb 4-1: 5:0: cannot get min/max values for control 7 (id 5)
[ 1171.581157][T13179] usb 4-1: 5:0: cannot get min/max values for control 9 (id 5)
[ 1171.608940][T13179] usb 4-1: 5:0: cannot get min/max values for control 10 (id 5)
[ 1171.653826][T13179] usb 4-1: USB disconnect, device number 11
[ 1171.806499][T17868] udevd[17868]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1172.206007][T13204] cdc_ncm 8-1:1.0: MAC-Address: 42:42:42:42:42:42
[ 1172.206047][T13204] cdc_ncm 8-1:1.0: setting rx_max = 16384
[ 1172.410903][T13204] cdc_ncm 8-1:1.0: setting tx_max = 16384
[ 1172.461518][T13204] cdc_ncm 8-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.7-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[ 1172.520268][T13204] usb 8-1: USB disconnect, device number 3
[ 1172.529993][T13204] cdc_ncm 8-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.7-1, CDC NCM (NO ZLP)
[ 1174.718108][T13179] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[ 1175.342489][T13179] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1175.342518][T13179] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1175.372115][T13179] usb 3-1: config 0 descriptor??
[ 1175.417620][T13179] cp210x 3-1:0.0: cp210x converter detected
[ 1175.642072][ T5810] Bluetooth: hci1: ACL packet for unknown connection handle 200
[ 1175.753919][T20014] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4781'.
[ 1176.028142][T13179] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71
[ 1176.028197][T13179] cp210x 3-1:0.0: GPIO initialisation failed: -71
[ 1176.066600][T13179] usb 3-1: cp210x converter now attached to ttyUSB0
[ 1176.084221][T13179] usb 3-1: USB disconnect, device number 17
[ 1176.109619][T13179] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1176.114491][T13179] cp210x 3-1:0.0: device disconnected
[ 1179.050081][T20063] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4793'.
[ 1180.806440][T13176] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 1180.809373][  T158] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1183.015953][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1183.016025][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1183.045036][T13176] usb 4-1: Using ep0 maxpacket: 8
[ 1183.108575][T13176] usb 4-1: config 0 has no interfaces?
[ 1183.137587][T13176] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1183.137605][T13176] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1183.137615][T13176] usb 4-1: Product: syz
[ 1183.137623][T13176] usb 4-1: Manufacturer: syz
[ 1183.137630][T13176] usb 4-1: SerialNumber: syz
[ 1183.194671][T13176] usb 4-1: config 0 descriptor??
[ 1183.656487][ T5876] usb 4-1: USB disconnect, device number 12
[ 1184.610912][  T158] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1186.036370][  T158] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1186.549582][  T158] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1187.485797][ T5876] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 1187.927059][ T5876] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[ 1187.927087][ T5876] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1187.927106][ T5876] usb 4-1: config 220 has no interface number 2
[ 1187.927182][ T5876] usb 4-1: config 220 interface 1 altsetting 5 has an invalid endpoint descriptor of length 6, skipping
[ 1187.927204][ T5876] usb 4-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12
[ 1187.927229][ T5876] usb 4-1: config 220 interface 0 has no altsetting 0
[ 1187.927246][ T5876] usb 4-1: config 220 interface 76 has no altsetting 0
[ 1187.927263][ T5876] usb 4-1: config 220 interface 1 has no altsetting 0
[ 1187.929691][ T5876] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1187.929717][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1187.929736][ T5876] usb 4-1: Product: syz
[ 1187.929749][ T5876] usb 4-1: Manufacturer: syz
[ 1187.929763][ T5876] usb 4-1: SerialNumber: syz
[ 1188.670594][T20155] netlink: 44 bytes leftover after parsing attributes in process `syz.7.4829'.
[ 1190.999775][ T5876] usb 4-1: selecting invalid altsetting 0
[ 1191.035366][ T5876] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 1191.035427][ T5876] uvcvideo 4-1:220.0: No valid video chain found.
[ 1191.102505][ T5876] usb 4-1: selecting invalid altsetting 0
[ 1191.102541][ T5876] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[ 1191.135362][ T5876] usb 4-1: USB disconnect, device number 13
[ 1199.909145][T20219] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4849'.
[ 1201.286848][   T37] audit: type=1326 audit(1760834122.264:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20232 comm="syz.7.4854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1201.325398][   T37] audit: type=1326 audit(1760834122.264:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20232 comm="syz.7.4854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1201.325450][   T37] audit: type=1326 audit(1760834122.264:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20232 comm="syz.7.4854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1201.325493][   T37] audit: type=1326 audit(1760834122.264:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20232 comm="syz.7.4854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1201.325536][   T37] audit: type=1326 audit(1760834122.264:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20232 comm="syz.7.4854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1201.325580][   T37] audit: type=1326 audit(1760834122.264:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20232 comm="syz.7.4854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1201.325622][   T37] audit: type=1326 audit(1760834122.264:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20232 comm="syz.7.4854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1201.325664][   T37] audit: type=1326 audit(1760834122.264:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20232 comm="syz.7.4854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1201.325707][   T37] audit: type=1326 audit(1760834122.264:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20232 comm="syz.7.4854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1201.706028][T10946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1201.710124][T10946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1201.712489][T10946] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1201.714161][T10946] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1201.727886][T10946] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1202.803536][   T37] audit: type=1326 audit(1760834123.774:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20244 comm="syz.9.4858" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f44ee52efc9 code=0x0
[ 1203.448727][  T158] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1203.525570][  T158] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1203.547781][  T158] bond0 (unregistering): Released all slaves
[ 1203.795303][ T5810] Bluetooth: hci3: command tx timeout
[ 1205.512249][T20288] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4872'.
[ 1205.875122][ T5810] Bluetooth: hci3: command tx timeout
[ 1205.903315][T20295] 9pnet_fd: Insufficient options for proto=fd
[ 1207.644239][T20308] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4880'.
[ 1207.692179][T20305] pimreg: entered allmulticast mode
[ 1207.987240][ T5810] Bluetooth: hci3: command tx timeout
[ 1208.796273][T20317] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4886'.
[ 1209.399250][T20324] input: syz0 as /devices/virtual/input/input14
[ 1210.061666][T10946] Bluetooth: hci3: command tx timeout
[ 1210.328395][T20329] 9pnet_fd: Insufficient options for proto=fd
[ 1210.410796][  T158] hsr_slave_0: left promiscuous mode
[ 1210.445164][  T158] hsr_slave_1: left promiscuous mode
[ 1210.446104][  T158] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1210.446128][  T158] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1210.506183][  T158] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1210.506216][  T158] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1210.666322][  T158] veth1_macvtap: left promiscuous mode
[ 1210.666425][  T158] veth0_macvtap: left promiscuous mode
[ 1210.666714][  T158] veth1_vlan: left promiscuous mode
[ 1210.666896][  T158] veth0_vlan: left promiscuous mode
[ 1210.743191][T20343] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4883'.
[ 1211.491280][T20354] cgroup: subsys name conflicts with all
[ 1212.123218][T20359] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4899'.
[ 1212.276245][T20366] fuse: Unknown parameter '0x0000000000000003'
[ 1212.303272][T20365] 9pnet_fd: Insufficient options for proto=fd
[ 1214.529467][   T37] audit: type=1804 audit(1760834135.494:66): pid=20388 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.8.4907" name="/newroot/110/file0" dev="fuse" ino=1 res=1 errno=0
[ 1214.537542][   T37] audit: type=1804 audit(1760834135.514:67): pid=20388 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.8.4907" name="/newroot/110/file0" dev="fuse" ino=1 res=1 errno=0
[ 1216.025625][  T158] team0 (unregistering): Port device team_slave_1 removed
[ 1216.195602][T10946] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1216.225736][  T158] team0 (unregistering): Port device team_slave_0 removed
[ 1216.629358][T20421] fuse: Bad value for 'fd'
[ 1217.484328][T20423] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4921'.
[ 1218.457734][T20240] chnl_net:caif_netlink_parms(): no params data found
[ 1218.629663][T20428] netlink: 76 bytes leftover after parsing attributes in process `syz.9.4923'.
[ 1220.072480][T20446] fuse: Bad value for 'fd'
[ 1221.307563][T20453] fuse: Invalid rootmode
[ 1221.518114][T20459] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4932'.
[ 1221.574694][T20462] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4936'.
[ 1221.598875][T20463] netlink: 76 bytes leftover after parsing attributes in process `syz.3.4935'.
[ 1221.657527][T20240] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1221.657658][T20240] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1221.657792][T20240] bridge_slave_0: entered allmulticast mode
[ 1221.665784][T20240] bridge_slave_0: entered promiscuous mode
[ 1221.816092][T20240] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1221.816235][T20240] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1221.816493][T20240] bridge_slave_1: entered allmulticast mode
[ 1221.819517][T20240] bridge_slave_1: entered promiscuous mode
[ 1222.069136][T20473] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4940'.
[ 1223.953511][T20473] bridge_slave_1: left allmulticast mode
[ 1223.953538][T20473] bridge_slave_1: left promiscuous mode
[ 1223.953794][T20473] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1224.086501][T20473] bridge_slave_0: left allmulticast mode
[ 1224.086530][T20473] bridge_slave_0: left promiscuous mode
[ 1224.086829][T20473] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1224.432159][T20240] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1224.489866][T20240] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1224.619155][T20487] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4947'.
[ 1226.097908][T20240] team0: Port device team_slave_0 added
[ 1226.118114][T20240] team0: Port device team_slave_1 added
[ 1227.953770][T20510] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4953'.
[ 1228.106010][T20514] fuse: Unknown parameter '00000000000000000003'
[ 1228.499163][T20525] netlink: 76 bytes leftover after parsing attributes in process `syz.7.4959'.
[ 1228.531043][T20240] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1228.531059][T20240] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1228.531084][T20240] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1228.533998][T20240] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1228.534012][T20240] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1228.534037][T20240] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1229.181258][  T158] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1229.655472][T20544] fuse: Unknown parameter '00000000000000000003'
[ 1229.950548][T20554] netlink: 76 bytes leftover after parsing attributes in process `syz.8.4969'.
[ 1231.175520][  T158] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1231.237236][T20240] hsr_slave_0: entered promiscuous mode
[ 1231.238666][T20240] hsr_slave_1: entered promiscuous mode
[ 1231.239689][T20240] debugfs: 'hsr0' already exists in 'hsr'
[ 1231.239712][T20240] Cannot create hsr debugfs directory
[ 1234.157851][T20575] fuse: Unknown parameter '00000000000000000003'
[ 1234.421876][  T158] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1235.858282][T20587] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4984'.
[ 1236.189778][  T158] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1236.199689][T10946] Bluetooth: hci4: command 0x0406 tx timeout
[ 1236.604238][T20600] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4986'.
[ 1237.445337][  T158] bridge_slave_1: left allmulticast mode
[ 1237.445365][  T158] bridge_slave_1: left promiscuous mode
[ 1237.445632][  T158] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1237.550222][  T158] bridge_slave_0: left allmulticast mode
[ 1237.550250][  T158] bridge_slave_0: left promiscuous mode
[ 1237.550941][  T158] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1237.628130][T20629] fuse: Unknown parameter '0x0000000000000003'
[ 1238.854486][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1242.358330][T20688] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5019'.
[ 1242.358361][T20688] netlink: 'syz.3.5019': attribute type 1 has an invalid length.
[ 1243.991403][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1243.991477][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1244.330424][T20715] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5029'.
[ 1245.045523][   T37] audit: type=1326 audit(1760834165.704:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20710 comm="syz.9.5028" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f44ee52efc9 code=0x0
[ 1246.089872][T20728] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1246.854955][T10946] Bluetooth: hci2: command 0x0406 tx timeout
[ 1247.355302][T20748] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5038'.
[ 1248.445529][  T158] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1248.449004][T20760] netlink: 63 bytes leftover after parsing attributes in process `syz.8.5043'.
[ 1248.545863][  T158] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1248.580806][  T158] bond0 (unregistering): Released all slaves
[ 1249.773074][T20788] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5056'.
[ 1250.455281][T13176] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[ 1250.620084][T13176] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1250.620122][T13176] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1250.620161][T13176] usb 8-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00
[ 1250.620183][T13176] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1250.653958][T13176] usb 8-1: config 0 descriptor??
[ 1252.428597][T13176] usbhid 8-1:0.0: can't add hid device: -71
[ 1252.428725][T13176] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1252.504631][T13176] usb 8-1: USB disconnect, device number 4
[ 1254.496359][T20819] fuse: Unknown parameter 'fd0x0000000000000003'
[ 1254.971134][  T158] hsr_slave_0: left promiscuous mode
[ 1255.047199][  T158] hsr_slave_1: left promiscuous mode
[ 1255.048183][  T158] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1255.048208][  T158] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1255.096206][  T158] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1255.096231][  T158] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1255.260780][  T158] veth1_macvtap: left promiscuous mode
[ 1255.260888][  T158] veth0_macvtap: left promiscuous mode
[ 1255.261155][  T158] veth1_vlan: left promiscuous mode
[ 1255.262695][  T158] veth0_vlan: left promiscuous mode
[ 1255.588366][T20831] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5073'.
[ 1260.265720][  T158] team0 (unregistering): Port device team_slave_1 removed
[ 1260.776917][  T158] team0 (unregistering): Port device team_slave_0 removed
[ 1262.705102][T10946] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1262.727168][T10946] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1262.731929][T10946] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1262.733845][T10946] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1262.756905][T10946] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1264.852756][T10946] Bluetooth: hci5: command tx timeout
[ 1266.372305][T20851] fuse: Unknown parameter 'fd0x0000000000000003'
[ 1266.935117][T10946] Bluetooth: hci5: command tx timeout
[ 1267.043947][ T5810] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1267.055881][ T5810] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1267.069077][ T5810] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1267.081468][ T5810] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1267.082297][ T5810] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1268.995883][ T5810] Bluetooth: hci5: command tx timeout
[ 1269.327067][ T5810] Bluetooth: hci6: command tx timeout
[ 1270.144300][T20884] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1270.325894][T20887] fuse: Unknown parameter 'fd0x0000000000000003'
[ 1270.900009][T20906] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5097'.
[ 1271.403896][ T5810] Bluetooth: hci5: command tx timeout
[ 1271.405097][ T5810] Bluetooth: hci6: command tx timeout
[ 1271.946648][T20895] SQUASHFS error: Failed to read block 0x0: -5
[ 1271.950065][T20914] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5098'.
[ 1272.308669][T20846] chnl_net:caif_netlink_parms(): no params data found
[ 1274.223092][T10946] Bluetooth: hci6: command tx timeout
[ 1274.271626][T20943] netlink: 24 bytes leftover after parsing attributes in process `syz.8.5110'.
[ 1274.483566][T20861] chnl_net:caif_netlink_parms(): no params data found
[ 1275.079735][T20846] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1275.084659][T20846] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1275.086081][T20846] bridge_slave_0: entered allmulticast mode
[ 1275.088685][T20846] bridge_slave_0: entered promiscuous mode
[ 1275.171195][T20846] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1275.171345][T20846] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1275.171555][T20846] bridge_slave_1: entered allmulticast mode
[ 1275.177502][T20846] bridge_slave_1: entered promiscuous mode
[ 1276.299390][ T5810] Bluetooth: hci6: command tx timeout
[ 1278.092939][T20846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1278.093046][T20981] bridge_slave_0: default FDB implementation only supports local addresses
[ 1278.095935][T20982] bridge_slave_0: default FDB implementation only supports local addresses
[ 1278.245529][T20846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1278.305285][T20861] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1278.305443][T20861] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1278.305767][T20861] bridge_slave_0: entered allmulticast mode
[ 1278.325749][T20861] bridge_slave_0: entered promiscuous mode
[ 1278.449927][T20861] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1278.450068][T20861] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1278.450292][T20861] bridge_slave_1: entered allmulticast mode
[ 1278.453436][T20861] bridge_slave_1: entered promiscuous mode
[ 1278.727814][T20846] team0: Port device team_slave_0 added
[ 1278.812818][T20846] team0: Port device team_slave_1 added
[ 1278.823886][T20861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1278.900644][T20861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1279.229463][ T6232] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1279.278969][T20846] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1279.278985][T20846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1279.279010][T20846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1280.519488][T20846] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1280.519504][T20846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1280.519530][T20846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1280.571642][T20861] team0: Port device team_slave_0 added
[ 1280.572869][T21001] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5129'.
[ 1281.983723][ T6232] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1282.217663][T20861] team0: Port device team_slave_1 added
[ 1282.985032][ T5876] usb 9-1: new full-speed USB device number 3 using dummy_hcd
[ 1283.118010][ T6232] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1283.142120][T20861] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1283.142129][T20861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1283.142143][T20861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1283.148949][ T5876] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1283.148979][ T5876] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1283.149015][ T5876] usb 9-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1283.149036][ T5876] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1283.161776][ T5876] usb 9-1: config 0 descriptor??
[ 1283.207676][ T5876] hub 9-1:0.0: USB hub found
[ 1283.405178][ T5876] hub 9-1:0.0: 1 port detected
[ 1283.430443][T20861] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1283.430458][T20861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1283.430485][T20861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1283.497662][T20846] hsr_slave_0: entered promiscuous mode
[ 1283.500970][T20846] hsr_slave_1: entered promiscuous mode
[ 1283.517187][T20846] debugfs: 'hsr0' already exists in 'hsr'
[ 1283.517212][T20846] Cannot create hsr debugfs directory
[ 1283.733461][ T6232] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1283.805266][T21029] netlink: 'syz.3.5140': attribute type 22 has an invalid length.
[ 1283.844002][ T5810] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[ 1283.844038][ T5810] CPU: 1 UID: 0 PID: 5810 Comm: kworker/u9:4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1283.844060][ T5810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1283.844072][ T5810] Workqueue: hci4 hci_rx_work
[ 1283.844287][ T5810] Call Trace:
[ 1283.844299][ T5810]  <TASK>
[ 1283.844308][ T5810]  dump_stack_lvl+0x189/0x250
[ 1283.844368][ T5810]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1283.844404][ T5810]  ? __pfx__printk+0x10/0x10
[ 1283.844431][ T5810]  ? __rcu_read_unlock+0x84/0xe0
[ 1283.844479][ T5810]  ? kernfs_path_from_node+0x2c/0x280
[ 1283.844536][ T5810]  ? kernfs_path_from_node+0x243/0x280
[ 1283.844561][ T5810]  ? kernfs_path_from_node+0x2c/0x280
[ 1283.844590][ T5810]  sysfs_create_dir_ns+0x259/0x280
[ 1283.844616][ T5810]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1283.844731][ T5810]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1283.844759][ T5810]  ? rt_spin_unlock+0x161/0x200
[ 1283.844782][ T5810]  kobject_add_internal+0x5a5/0xb50
[ 1283.844851][ T5810]  kobject_add+0x155/0x220
[ 1283.844877][ T5810]  ? __pfx_kobject_add+0x10/0x10
[ 1283.844903][ T5810]  ? get_device_parent+0x370/0x3a0
[ 1283.844996][ T5810]  device_add+0x408/0xb50
[ 1283.845025][ T5810]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1283.845084][ T5810]  le_conn_complete_evt+0xf39/0x1500
[ 1283.845166][ T5810]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1283.845195][ T5810]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1283.845226][ T5810]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1283.845286][ T5810]  ? skb_pull_data+0xfb/0x200
[ 1283.845397][ T5810]  hci_le_conn_complete_evt+0x187/0x450
[ 1283.845436][ T5810]  hci_event_packet+0x78f/0x1200
[ 1283.845464][ T5810]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1283.845495][ T5810]  ? __pfx_hci_event_packet+0x10/0x10
[ 1283.845538][ T5810]  ? hci_send_to_monitor+0xe2/0x570
[ 1283.845561][ T5810]  hci_rx_work+0x46a/0xe80
[ 1283.845595][ T5810]  ? process_scheduled_works+0x9ef/0x17b0
[ 1283.845644][ T5810]  process_scheduled_works+0xae1/0x17b0
[ 1283.845703][ T5810]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1283.845748][ T5810]  worker_thread+0x8a0/0xda0
[ 1283.845790][ T5810]  kthread+0x711/0x8a0
[ 1283.845816][ T5810]  ? __pfx_worker_thread+0x10/0x10
[ 1283.845832][ T5810]  ? __pfx_kthread+0x10/0x10
[ 1283.845851][ T5810]  ? rt_spin_unlock+0x150/0x200
[ 1283.845880][ T5810]  ? rt_spin_unlock+0x161/0x200
[ 1283.845902][ T5810]  ? __pfx_kthread+0x10/0x10
[ 1283.845924][ T5810]  ret_from_fork+0x4bc/0x870
[ 1283.845973][ T5810]  ? __pfx_ret_from_fork+0x10/0x10
[ 1283.846011][ T5810]  ? __switch_to_asm+0x39/0x70
[ 1283.846036][ T5810]  ? __switch_to_asm+0x33/0x70
[ 1283.846059][ T5810]  ? __pfx_kthread+0x10/0x10
[ 1283.846080][ T5810]  ret_from_fork_asm+0x1a/0x30
[ 1283.846118][ T5810]  </TASK>
[ 1283.846685][ T5810] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1283.846724][ T5810] Bluetooth: hci4: failed to register connection device
[ 1284.005083][ T5876] usb 9-1: USB disconnect, device number 3
[ 1284.196573][T21038] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5143'.
[ 1285.494163][T20861] hsr_slave_0: entered promiscuous mode
[ 1285.498646][T20861] hsr_slave_1: entered promiscuous mode
[ 1285.500804][T20861] debugfs: 'hsr0' already exists in 'hsr'
[ 1285.500828][T20861] Cannot create hsr debugfs directory
[ 1287.046705][T21063] netlink: 36 bytes leftover after parsing attributes in process `syz.3.5153'.
[ 1293.134471][T21096] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5164'.
[ 1293.165850][ T6232] bridge_slave_1: left allmulticast mode
[ 1293.165877][ T6232] bridge_slave_1: left promiscuous mode
[ 1293.166154][ T6232] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1293.256912][ T6232] bridge_slave_0: left allmulticast mode
[ 1293.256939][ T6232] bridge_slave_0: left promiscuous mode
[ 1293.257203][ T6232] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1293.369800][ T6232] bridge_slave_1: left allmulticast mode
[ 1293.369828][ T6232] bridge_slave_1: left promiscuous mode
[ 1293.370060][ T6232] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1293.458610][ T6232] bridge_slave_0: left allmulticast mode
[ 1293.458637][ T6232] bridge_slave_0: left promiscuous mode
[ 1293.459052][ T6232] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1293.588784][ T5876] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1293.735009][ T5876] usb 4-1: Using ep0 maxpacket: 16
[ 1293.749064][ T5876] usb 4-1: config 0 has an invalid interface number: 105 but max is 0
[ 1293.749089][ T5876] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1293.749107][ T5876] usb 4-1: config 0 has no interface number 0
[ 1293.776669][ T5876] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[ 1293.776694][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1293.776713][ T5876] usb 4-1: Product: syz
[ 1293.776727][ T5876] usb 4-1: Manufacturer: syz
[ 1293.776740][ T5876] usb 4-1: SerialNumber: syz
[ 1293.839410][ T5876] usb 4-1: config 0 descriptor??
[ 1293.862264][ T5876] uvcvideo 4-1:0.105: Found UVC 0.00 device syz (046d:08f3)
[ 1293.862294][ T5876] uvcvideo 4-1:0.105: No valid video chain found.
[ 1293.949330][T21110] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5169'.
[ 1294.066818][ T5876] usb 4-1: USB disconnect, device number 14
[ 1294.345052][T13200] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[ 1294.396085][ T6232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1294.475791][ T6232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1294.495022][T13200] usb 8-1: Using ep0 maxpacket: 16
[ 1294.499979][T13200] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1294.500056][T13200] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1294.500068][T13200] usb 8-1: Product: syz
[ 1294.500075][T13200] usb 8-1: Manufacturer: syz
[ 1294.500082][T13200] usb 8-1: SerialNumber: syz
[ 1294.589006][ T6232] bond0 (unregistering): Released all slaves
[ 1295.182694][T13200] cdc_ncm 8-1:1.0: bind() failure
[ 1295.192735][T13200] cdc_ncm 8-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1295.193639][T13200] cdc_mbim 8-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1295.199448][T13200] usbtest 8-1:1.1: probe with driver usbtest failed with error -71
[ 1295.217589][T13200] usb 8-1: USB disconnect, device number 5
[ 1297.095773][ T6232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1297.895760][ T6232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1298.076697][ T6232] bond0 (unregistering): Released all slaves
[ 1305.192171][T21205] input: syz1 as /devices/virtual/input/input15
[ 1305.411820][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1305.411890][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1310.516507][T21216] kthread_run failed with err -4
[ 1314.685266][ T6232] hsr_slave_0: left promiscuous mode
[ 1314.782222][ T6232] hsr_slave_1: left promiscuous mode
[ 1314.783245][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1314.977079][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1316.355158][ T6232] hsr_slave_0: left promiscuous mode
[ 1316.389623][   T37] audit: type=1326 audit(1760834237.365:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21251 comm="syz.8.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1316.389923][   T37] audit: type=1326 audit(1760834237.365:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21251 comm="syz.8.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1316.390297][   T37] audit: type=1326 audit(1760834237.365:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21251 comm="syz.8.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1316.390435][   T37] audit: type=1326 audit(1760834237.365:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21251 comm="syz.8.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1316.390554][   T37] audit: type=1326 audit(1760834237.365:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21251 comm="syz.8.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1316.390727][   T37] audit: type=1326 audit(1760834237.365:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21251 comm="syz.8.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1316.390997][   T37] audit: type=1326 audit(1760834237.365:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21251 comm="syz.8.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1316.391210][   T37] audit: type=1326 audit(1760834237.365:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21251 comm="syz.8.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1316.391544][   T37] audit: type=1326 audit(1760834237.365:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21251 comm="syz.8.5217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1316.594992][ T6232] hsr_slave_1: left promiscuous mode
[ 1316.595994][ T6232] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1316.596018][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1316.646269][ T6232] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1316.646294][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1317.660091][ T6232] veth1_macvtap: left promiscuous mode
[ 1317.661275][ T6232] veth0_macvtap: left promiscuous mode
[ 1317.661548][ T6232] veth1_vlan: left promiscuous mode
[ 1317.661732][ T6232] veth0_vlan: left promiscuous mode
[ 1318.617165][T21270] syz.7.5221 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[ 1321.299268][T21283] cgroup: Unknown subsys name 'cpuset'
[ 1322.439906][ T5810] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1322.442703][ T5810] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1322.443914][ T5810] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1322.454478][ T5810] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1322.468803][T13201] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1322.475567][ T5810] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1322.546903][ T6232] team0 (unregistering): Port device team_slave_1 removed
[ 1322.632049][T13201] usb 9-1: Using ep0 maxpacket: 16
[ 1322.634640][T13201] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1322.634671][T13201] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1322.634694][T13201] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1322.634735][T13201] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1322.634757][T13201] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1322.653892][T13201] usb 9-1: config 0 descriptor??
[ 1322.756398][ T6232] team0 (unregistering): Port device team_slave_0 removed
[ 1323.949638][   T37] audit: type=1326 audit(1760834244.756:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21303 comm="syz.3.5232" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc2a6e2efc9 code=0x0
[ 1324.431369][T13201] microsoft 0003:045E:07DA.000D: item 0 4 0 9 parsing failed
[ 1324.432300][T13201] microsoft 0003:045E:07DA.000D: parse failed
[ 1324.432400][T13201] microsoft 0003:045E:07DA.000D: probe with driver microsoft failed with error -22
[ 1324.529985][T21311] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5234'.
[ 1324.595163][T10946] Bluetooth: hci0: command tx timeout
[ 1324.625257][T13176] usb 9-1: USB disconnect, device number 4
[ 1325.752400][T21326] hub 1-0:1.0: USB hub found
[ 1325.758226][T21326] hub 1-0:1.0: 1 port detected
[ 1326.675005][T10946] Bluetooth: hci0: command tx timeout
[ 1326.746909][ T5810] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1326.754164][ T5810] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1326.769927][ T5810] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1326.805476][ T5810] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1326.811608][ T5810] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1327.930516][   T37] audit: type=1326 audit(1760834248.896:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21336 comm="syz.8.5241" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdc236cefc9 code=0x0
[ 1328.590504][T21342] netlink: 'syz.8.5242': attribute type 11 has an invalid length.
[ 1328.656114][ T6232] team0 (unregistering): Port device team_slave_1 removed
[ 1328.754972][ T5810] Bluetooth: hci0: command tx timeout
[ 1328.835031][ T5810] Bluetooth: hci3: command tx timeout
[ 1328.836450][ T6232] team0 (unregistering): Port device team_slave_0 removed
[ 1330.793869][T21320] pimreg: left allmulticast mode
[ 1330.835704][ T5810] Bluetooth: hci0: command tx timeout
[ 1330.915032][ T5810] Bluetooth: hci3: command tx timeout
[ 1331.051938][   T37] audit: type=1326 audit(1760834252.026:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21353 comm="syz.3.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a6e2efc9 code=0x7ffc0000
[ 1331.051990][   T37] audit: type=1326 audit(1760834252.026:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21353 comm="syz.3.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a6e2efc9 code=0x7ffc0000
[ 1331.061540][   T37] audit: type=1326 audit(1760834252.036:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21353 comm="syz.3.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc2a6e2efc9 code=0x7ffc0000
[ 1331.061850][   T37] audit: type=1326 audit(1760834252.036:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21353 comm="syz.3.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a6e2efc9 code=0x7ffc0000
[ 1331.062492][   T37] audit: type=1326 audit(1760834252.036:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21353 comm="syz.3.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc2a6e2efc9 code=0x7ffc0000
[ 1331.064234][   T37] audit: type=1326 audit(1760834252.036:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21353 comm="syz.3.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a6e2efc9 code=0x7ffc0000
[ 1331.064758][   T37] audit: type=1326 audit(1760834252.036:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21353 comm="syz.3.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a6e2efc9 code=0x7ffc0000
[ 1331.068771][   T37] audit: type=1326 audit(1760834252.046:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21353 comm="syz.3.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc2a6e2efc9 code=0x7ffc0000
[ 1331.068819][   T37] audit: type=1326 audit(1760834252.046:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21353 comm="syz.3.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a6e2efc9 code=0x7ffc0000
[ 1331.068860][   T37] audit: type=1326 audit(1760834252.046:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21353 comm="syz.3.5245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a6e2efc9 code=0x7ffc0000
[ 1333.327360][ T5810] Bluetooth: hci3: command tx timeout
[ 1334.512762][T21371] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5251'.
[ 1335.434484][ T5810] Bluetooth: hci3: command tx timeout
[ 1337.265039][T13178] usb 4-1: new low-speed USB device number 15 using dummy_hcd
[ 1337.428720][T13178] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[ 1337.428747][T13178] usb 4-1: config 179 has no interface number 0
[ 1337.428799][T13178] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[ 1337.428824][T13178] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 8
[ 1337.428849][T13178] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[ 1337.428873][T13178] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 45824, setting to 8
[ 1337.428898][T13178] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1337.428938][T13178] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1337.428960][T13178] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1337.545017][T21387] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1337.545239][T21387] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1337.846079][T13178] usb 4-1: USB disconnect, device number 15
[ 1337.846156][    C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1337.846225][    C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1339.849879][   T37] kauditd_printk_skb: 5 callbacks suppressed
[ 1339.849898][   T37] audit: type=1326 audit(1760834260.756:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21403 comm="syz.8.5261" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdc236cefc9 code=0x0
[ 1340.430289][T21411] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5263'.
[ 1341.752408][T13204] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[ 1343.505759][T13204] usb 8-1: Using ep0 maxpacket: 16
[ 1343.507663][T13204] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1343.507691][T13204] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1343.507720][T13204] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1343.507760][T13204] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1343.507781][T13204] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1343.520337][T13204] usb 8-1: config 0 descriptor??
[ 1344.575068][   T37] audit: type=1326 audit(1760834265.476:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21433 comm="syz.8.5270" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdc236cefc9 code=0x0
[ 1344.615121][T13204] usbhid 8-1:0.0: can't add hid device: -71
[ 1344.615247][T13204] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1344.721261][T13204] usb 8-1: USB disconnect, device number 6
[ 1344.965541][T21333] chnl_net:caif_netlink_parms(): no params data found
[ 1345.031910][T21298] chnl_net:caif_netlink_parms(): no params data found
[ 1345.191221][T21442] netlink: 12 bytes leftover after parsing attributes in process `syz.7.5273'.
[ 1347.426154][T21333] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1347.426392][T21333] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1347.426534][T21333] bridge_slave_0: entered allmulticast mode
[ 1347.428433][T21333] bridge_slave_0: entered promiscuous mode
[ 1348.574624][T21333] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1348.585166][T21333] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1348.605931][T21333] bridge_slave_1: entered allmulticast mode
[ 1349.045162][T21333] bridge_slave_1: entered promiscuous mode
[ 1350.285112][T21298] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1350.285248][T21298] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1350.285506][T21298] bridge_slave_0: entered allmulticast mode
[ 1350.294988][T21298] bridge_slave_0: entered promiscuous mode
[ 1351.426557][T21298] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1351.426684][T21298] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1351.426913][T21298] bridge_slave_1: entered allmulticast mode
[ 1351.429934][T21298] bridge_slave_1: entered promiscuous mode
[ 1352.014498][T13180] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[ 1352.177660][T13180] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1352.177686][T13180] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1352.177722][T13180] usb 8-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[ 1352.177745][T13180] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1352.237051][T13180] usb 8-1: config 0 descriptor??
[ 1357.765002][T13200] usb 8-1: USB disconnect, device number 7
[ 1359.002719][T21333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1359.155211][T13202] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1359.178860][T21519] netlink: 'syz.3.5293': attribute type 32 has an invalid length.
[ 1359.201074][T21333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1359.305112][T13202] usb 9-1: Using ep0 maxpacket: 32
[ 1359.308738][T13202] usb 9-1: config 0 has an invalid interface number: 154 but max is 0
[ 1359.308761][T13202] usb 9-1: config 0 has no interface number 0
[ 1359.311862][T13202] usb 9-1: New USB device found, idVendor=0b95, idProduct=7e2b, bcdDevice=c4.04
[ 1359.311887][T13202] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1359.311905][T13202] usb 9-1: Product: syz
[ 1359.311918][T13202] usb 9-1: Manufacturer: syz
[ 1359.311932][T13202] usb 9-1: SerialNumber: syz
[ 1359.323825][T13202] usb 9-1: config 0 descriptor??
[ 1359.546440][T21298] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1359.756692][T21298] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1359.771073][T21333] team0: Port device team_slave_0 added
[ 1359.784096][T13202] asix 9-1:0.154 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1359.784380][T13202] asix 9-1:0.154: probe with driver asix failed with error -71
[ 1359.830355][T13202] usb 9-1: USB disconnect, device number 5
[ 1360.949639][T21333] team0: Port device team_slave_1 added
[ 1364.110136][T21298] team0: Port device team_slave_0 added
[ 1364.226286][T21298] team0: Port device team_slave_1 added
[ 1364.227694][T21333] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1364.227706][T21333] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1364.227725][T21333] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1364.379993][T21333] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1364.380008][T21333] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1364.380034][T21333] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1364.606098][T21298] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1364.606115][T21298] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1364.606140][T21298] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1364.829189][T21298] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1364.829206][T21298] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1364.829232][T21298] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1364.953962][T21549] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5300'.
[ 1365.124701][T21333] hsr_slave_0: entered promiscuous mode
[ 1365.144450][T21333] hsr_slave_1: entered promiscuous mode
[ 1365.599731][ T6232] bridge_slave_1: left allmulticast mode
[ 1365.599760][ T6232] bridge_slave_1: left promiscuous mode
[ 1365.599998][ T6232] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1365.727727][ T6232] bridge_slave_0: left allmulticast mode
[ 1365.727755][ T6232] bridge_slave_0: left promiscuous mode
[ 1365.728005][ T6232] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1365.822000][ T6232] bridge_slave_1: left allmulticast mode
[ 1365.822027][ T6232] bridge_slave_1: left promiscuous mode
[ 1365.822254][ T6232] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1365.846200][T21563] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5308'.
[ 1365.886989][ T6232] bridge_slave_0: left allmulticast mode
[ 1365.887007][ T6232] bridge_slave_0: left promiscuous mode
[ 1365.887664][ T6232] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1366.854754][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1366.854823][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1368.145749][ T6232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1368.300134][ T6232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1368.373777][ T6232] bond0 (unregistering): Released all slaves
[ 1368.966877][ T6232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1369.045691][ T6232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1369.123511][ T6232] bond0 (unregistering): Released all slaves
[ 1369.939236][T21298] hsr_slave_0: entered promiscuous mode
[ 1369.940259][T21298] hsr_slave_1: entered promiscuous mode
[ 1369.940961][T21298] debugfs: 'hsr0' already exists in 'hsr'
[ 1369.940976][T21298] Cannot create hsr debugfs directory
[ 1371.279343][ T6232] hsr_slave_0: left promiscuous mode
[ 1371.324440][ T6232] hsr_slave_1: left promiscuous mode
[ 1371.325660][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1371.371634][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1371.671424][ T6232] hsr_slave_0: left promiscuous mode
[ 1371.705197][ T6232] hsr_slave_1: left promiscuous mode
[ 1371.707782][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1371.751179][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1371.755178][T13178] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 1371.904924][T13178] usb 9-1: Using ep0 maxpacket: 16
[ 1371.906704][T13178] usb 9-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1371.906733][T13178] usb 9-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1371.906752][T13178] usb 9-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[ 1371.906765][T13178] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1371.906784][T13178] usb 9-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1371.906796][T13178] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1371.912104][T13178] usb 9-1: config 0 descriptor??
[ 1372.351782][T13178] hid (null): unknown global tag 0xd
[ 1372.351842][T13178] hid (null): invalid report_count -1251151245
[ 1372.351880][T13178] hid (null): invalid report_size -1102836422
[ 1372.578048][T13178] usb 9-1: USB disconnect, device number 6
[ 1373.605410][T13204] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[ 1373.645766][ T6232] team0 (unregistering): Port device team_slave_1 removed
[ 1373.781901][T13204] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1373.781920][T13204] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1373.781941][T13204] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1373.781953][T13204] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1373.846343][T13204] usb 4-1: config 0 descriptor??
[ 1373.848115][ T6232] team0 (unregistering): Port device team_slave_0 removed
[ 1373.884723][T13204] hub 4-1:0.0: USB hub found
[ 1374.061055][T13204] hub 4-1:0.0: config failed, hub doesn't have any ports! (err -19)
[ 1374.561491][T13204] hid-generic 0003:046D:C31C.000F: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.3-1/input0
[ 1375.357004][T13204] usb 4-1: USB disconnect, device number 16
[ 1375.565484][ T6232] team0 (unregistering): Port device team_slave_1 removed
[ 1375.686459][ T6232] team0 (unregistering): Port device team_slave_0 removed
[ 1383.340495][T21333] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1383.354979][ T5890] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[ 1383.450207][T21333] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1383.535770][T10946] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1383.547558][T10946] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1383.549814][T10946] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1383.559696][T10946] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1383.560431][T10946] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1383.667733][ T5890] usb 8-1: config index 0 descriptor too short (expected 45, got 36)
[ 1383.667791][ T5890] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1383.667806][ T5890] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[ 1383.667819][ T5890] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1383.667842][ T5890] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1383.667854][ T5890] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1383.675318][ T5890] usb 8-1: config 0 descriptor??
[ 1383.681587][T21667] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1383.725527][T21333] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1383.939533][T21333] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1384.177174][ T5890] plantronics 0003:047F:FFFF.0010: reserved main item tag 0xd
[ 1384.317385][ T5890] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[ 1384.568879][T13200] usb 8-1: USB disconnect, device number 8
[ 1384.687005][T21679] fido_id[21679]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[ 1385.773952][T10946] Bluetooth: hci5: command tx timeout
[ 1387.933846][T10946] Bluetooth: hci5: command tx timeout
[ 1388.462011][ T5810] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1388.477209][ T5810] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1388.479836][ T5810] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1388.481748][ T5810] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1388.482515][ T5810] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1389.327361][ T6232] bridge_slave_1: left allmulticast mode
[ 1389.327389][ T6232] bridge_slave_1: left promiscuous mode
[ 1389.327630][ T6232] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1389.432034][ T6232] bridge_slave_0: left allmulticast mode
[ 1389.432061][ T6232] bridge_slave_0: left promiscuous mode
[ 1389.432386][ T6232] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1389.509718][ T6232] bridge_slave_1: left allmulticast mode
[ 1389.509746][ T6232] bridge_slave_1: left promiscuous mode
[ 1389.510005][ T6232] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1389.596607][ T6232] bridge_slave_0: left allmulticast mode
[ 1389.596633][ T6232] bridge_slave_0: left promiscuous mode
[ 1389.596875][ T6232] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1389.955358][ T5810] Bluetooth: hci5: command tx timeout
[ 1390.594984][ T5810] Bluetooth: hci0: command tx timeout
[ 1391.521271][ T6232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1391.639221][ T6232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1391.730735][ T6232] bond0 (unregistering): Released all slaves
[ 1392.037438][ T5810] Bluetooth: hci5: command tx timeout
[ 1392.339104][T21732] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1392.846428][ T5810] Bluetooth: hci0: command tx timeout
[ 1393.556312][ T6232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1393.581468][ T6232] bond_slave_0: left allmulticast mode
[ 1393.615710][ T6232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1393.638197][ T6232] bond_slave_1: left allmulticast mode
[ 1393.651074][ T6232] bond0 (unregistering): Released all slaves
[ 1393.741930][T21710] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5349'.
[ 1393.742583][T21711] netlink: 24 bytes leftover after parsing attributes in process `syz.7.5349'.
[ 1393.984736][T21670] chnl_net:caif_netlink_parms(): no params data found
[ 1395.245152][ T5810] Bluetooth: hci0: command tx timeout
[ 1396.033454][T21767] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5368'.
[ 1397.059523][T21670] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1397.059706][T21670] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1397.059966][T21670] bridge_slave_0: entered allmulticast mode
[ 1397.062795][T21670] bridge_slave_0: entered promiscuous mode
[ 1397.103178][T21670] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1397.114529][T21670] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1397.114719][T21670] bridge_slave_1: entered allmulticast mode
[ 1397.134344][T21670] bridge_slave_1: entered promiscuous mode
[ 1397.330527][T21794] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5377'.
[ 1397.345283][ T5810] Bluetooth: hci0: command tx timeout
[ 1397.737790][T21670] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1397.824996][ T6232] hsr_slave_0: left promiscuous mode
[ 1397.867093][ T6232] hsr_slave_1: left promiscuous mode
[ 1397.868130][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1397.906250][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1398.039581][   T37] audit: type=1326 audit(1760834319.016:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21809 comm="syz.8.5382" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdc236cefc9 code=0x0
[ 1398.115024][ T6232] hsr_slave_0: left promiscuous mode
[ 1398.155047][ T6232] hsr_slave_1: left promiscuous mode
[ 1398.155835][ T6232] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1398.155852][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1398.216556][ T6232] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1398.216578][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1398.331615][ T6232] veth1_macvtap: left promiscuous mode
[ 1398.331710][ T6232] veth0_macvtap: left promiscuous mode
[ 1398.331889][ T6232] veth1_vlan: left promiscuous mode
[ 1398.331992][ T6232] veth0_vlan: left promiscuous mode
[ 1398.515282][ T5810] Bluetooth: hci1: command 0x0406 tx timeout
[ 1399.115921][ T6232] team0 (unregistering): Port device team_slave_1 removed
[ 1399.277806][ T6232] team0 (unregistering): Port device team_slave_0 removed
[ 1401.945616][ T6232] team0 (unregistering): Port device team_slave_1 removed
[ 1402.356764][ T6232] team0 (unregistering): Port device team_slave_0 removed
[ 1408.015144][T21670] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1409.854578][T21670] team0: Port device team_slave_0 added
[ 1409.875172][T21705] chnl_net:caif_netlink_parms(): no params data found
[ 1409.908166][T21670] team0: Port device team_slave_1 added
[ 1410.295422][T21903] netlink: 220 bytes leftover after parsing attributes in process `syz.8.5417'.
[ 1410.295454][T21903] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5417'.
[ 1410.295470][T21903] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5417'.
[ 1410.295739][T21903] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5417'.
[ 1410.297122][T21903] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5417'.
[ 1410.306618][T21670] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1410.306631][T21670] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1410.306656][T21670] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1410.543576][T21670] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1410.543593][T21670] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1410.543619][T21670] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1412.987066][T21705] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1412.987184][T21705] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1412.987379][T21705] bridge_slave_0: entered allmulticast mode
[ 1412.990498][T21705] bridge_slave_0: entered promiscuous mode
[ 1413.048847][T21670] hsr_slave_0: entered promiscuous mode
[ 1413.051647][T21670] hsr_slave_1: entered promiscuous mode
[ 1413.052586][T21670] debugfs: 'hsr0' already exists in 'hsr'
[ 1413.052609][T21670] Cannot create hsr debugfs directory
[ 1413.058141][T21705] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1413.058331][T21705] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1413.058520][T21705] bridge_slave_1: entered allmulticast mode
[ 1413.073788][T21705] bridge_slave_1: entered promiscuous mode
[ 1413.546013][T21705] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1413.834640][T21705] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1415.380999][T21705] team0: Port device team_slave_0 added
[ 1415.383704][   T37] audit: type=1326 audit(1760834336.336:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21965 comm="syz.7.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1415.383754][   T37] audit: type=1326 audit(1760834336.336:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21965 comm="syz.7.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1415.383852][   T37] audit: type=1326 audit(1760834336.336:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21965 comm="syz.7.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1415.383904][   T37] audit: type=1326 audit(1760834336.336:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21965 comm="syz.7.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1415.383945][   T37] audit: type=1326 audit(1760834336.336:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21965 comm="syz.7.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1415.383987][   T37] audit: type=1326 audit(1760834336.336:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21965 comm="syz.7.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1415.384029][   T37] audit: type=1326 audit(1760834336.336:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21965 comm="syz.7.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2355e3efc9 code=0x7ffc0000
[ 1415.384071][   T37] audit: type=1326 audit(1760834336.346:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21965 comm="syz.7.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2355e71885 code=0x7ffc0000
[ 1415.384464][   T37] audit: type=1326 audit(1760834336.346:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21965 comm="syz.7.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2355e71885 code=0x7ffc0000
[ 1415.384509][   T37] audit: type=1326 audit(1760834336.346:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21965 comm="syz.7.5437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2355e71885 code=0x7ffc0000
[ 1415.875398][T21705] team0: Port device team_slave_1 added
[ 1416.043417][T21979] netlink: 48 bytes leftover after parsing attributes in process `syz.8.5442'.
[ 1416.577625][T21705] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1416.577641][T21705] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1416.577666][T21705] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1416.641990][T21705] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1416.642005][T21705] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1416.642030][T21705] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1417.283843][T21705] hsr_slave_0: entered promiscuous mode
[ 1417.286295][T21705] hsr_slave_1: entered promiscuous mode
[ 1417.287218][T21705] debugfs: 'hsr0' already exists in 'hsr'
[ 1417.287240][T21705] Cannot create hsr debugfs directory
[ 1424.621164][T21670] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1424.670053][T21670] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1424.725988][T21670] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1424.894035][T21670] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1425.365525][ T6232] bridge_slave_1: left allmulticast mode
[ 1425.365553][ T6232] bridge_slave_1: left promiscuous mode
[ 1425.365794][ T6232] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1425.428234][ T6232] bridge_slave_0: left allmulticast mode
[ 1425.428261][ T6232] bridge_slave_0: left promiscuous mode
[ 1425.428831][ T6232] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1425.519330][ T6232] bridge_slave_1: left allmulticast mode
[ 1425.519358][ T6232] bridge_slave_1: left promiscuous mode
[ 1425.519586][ T6232] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1425.606414][ T6232] bridge_slave_0: left allmulticast mode
[ 1425.606433][ T6232] bridge_slave_0: left promiscuous mode
[ 1425.606687][ T6232] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1427.188913][ T6232] bond0 (unregistering): Released all slaves
[ 1428.282294][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[ 1428.282363][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[ 1428.635441][ T6232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1428.696284][ T6232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1428.737646][ T6232] bond0 (unregistering): Released all slaves
[ 1429.205973][ T6232] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1429.305458][ T6232] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1429.386911][ T6232] bond0 (unregistering): Released all slaves
[ 1429.968953][T21670] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1430.036698][T21670] 8021q: adding VLAN 0 to HW filter on device team0
[ 1430.059327][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1430.066089][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1430.080070][  T158] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1430.080946][  T158] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1430.818101][   T37] kauditd_printk_skb: 38 callbacks suppressed
[ 1430.818120][   T37] audit: type=1326 audit(1760834351.796:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22128 comm="syz.8.5492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1430.818407][   T37] audit: type=1326 audit(1760834351.796:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22128 comm="syz.8.5492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1430.818453][   T37] audit: type=1326 audit(1760834351.796:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22128 comm="syz.8.5492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1430.819423][   T37] audit: type=1326 audit(1760834351.796:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22128 comm="syz.8.5492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1430.819469][   T37] audit: type=1326 audit(1760834351.796:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22128 comm="syz.8.5492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1430.819512][   T37] audit: type=1326 audit(1760834351.796:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22128 comm="syz.8.5492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1430.819553][   T37] audit: type=1326 audit(1760834351.796:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22128 comm="syz.8.5492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1430.819681][   T37] audit: type=1326 audit(1760834351.796:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22128 comm="syz.8.5492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1430.819724][   T37] audit: type=1326 audit(1760834351.796:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22128 comm="syz.8.5492" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fdc236cefc9 code=0x7ffc0000
[ 1431.020269][T22132] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5493'.
[ 1431.179067][T21670] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1432.158130][T21670] veth0_vlan: entered promiscuous mode
[ 1432.186987][T21670] veth1_vlan: entered promiscuous mode
[ 1432.238501][T21670] veth0_macvtap: entered promiscuous mode
[ 1432.254474][T21670] veth1_macvtap: entered promiscuous mode
[ 1434.236281][T21670] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1434.937255][T21670] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1434.966214][T10988] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1434.966845][T10988] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1434.966885][T10988] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1434.967022][T10988] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1435.533497][T21705] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1435.631717][T21705] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1435.987768][T21705] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1436.098060][T21705] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1436.400372][T22220] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[ 1436.424974][ T6232] hsr_slave_0: left promiscuous mode
[ 1436.447428][ T6232] hsr_slave_1: left promiscuous mode
[ 1436.575050][ T6232] hsr_slave_0: left promiscuous mode
[ 1436.624419][ T6232] hsr_slave_1: left promiscuous mode
[ 1436.625477][ T6232] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1436.625501][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1436.666019][ T6232] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1436.666044][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1436.844942][ T6232] hsr_slave_0: left promiscuous mode
[ 1436.885702][ T6232] hsr_slave_1: left promiscuous mode
[ 1436.886465][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1436.918163][ T6232] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1437.008903][ T6232] veth1_macvtap: left promiscuous mode
[ 1437.009006][ T6232] veth0_macvtap: left promiscuous mode
[ 1437.009262][ T6232] veth1_vlan: left promiscuous mode
[ 1437.009443][ T6232] veth0_vlan: left promiscuous mode
[ 1439.767210][T22259] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[ 1443.772057][T10946] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1443.775654][T10946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1443.780881][T10946] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1443.816922][T10946] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1443.817678][T10946] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1445.875000][ T5810] Bluetooth: hci3: command tx timeout
[ 1446.873514][T10946] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1446.885071][T10946] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1446.889694][T10946] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1446.924126][T10946] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1446.929943][T10946] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1447.297659][ T6232] team0 (unregistering): Port device team_slave_1 removed
[ 1447.576037][ T6232] team0 (unregistering): Port device team_slave_0 removed
[ 1447.956963][ T5810] Bluetooth: hci3: command tx timeout
[ 1449.193078][ T5810] Bluetooth: hci6: command tx timeout
[ 1450.035184][ T5810] Bluetooth: hci3: command tx timeout
[ 1451.405400][ T6232] team0 (unregistering): Port device team_slave_1 removed
[ 1451.490667][ T5810] Bluetooth: hci6: command tx timeout
[ 1451.545821][ T6232] team0 (unregistering): Port device team_slave_0 removed
[ 1452.110771][T10946] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1452.114215][T10946] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1452.116269][T10946] Bluetooth: hci3: command tx timeout
[ 1452.124307][T22364] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1452.141094][T22364] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1452.141833][T22364] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1452.389374][T22226] netlink: 'syz.8.5525': attribute type 49 has an invalid length.
[ 1453.729423][ T5810] Bluetooth: hci6: command tx timeout
[ 1454.210346][ T5810] Bluetooth: hci7: command tx timeout
[ 1454.277880][T22226]  slab kmalloc-2k start ffff888034645000 pointer offset 1904 size 2048
[ 1454.277922][T22226] list_del corruption. prev->next should be ffff88801a375770, but was 0000000000000000. (prev=ffff888034645770)
[ 1454.278440][T22226] ------------[ cut here ]------------
[ 1454.278449][T22226] kernel BUG at lib/list_debug.c:64!
[ 1454.278490][T22226] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[ 1454.278511][T22226] CPU: 0 UID: 0 PID: 22226 Comm: syz.8.5525 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1454.278532][T22226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1454.278543][T22226] RIP: 0010:__list_del_entry_valid_or_report+0x15a/0x190
[ 1454.278685][T22226] Code: e8 fb 54 76 fd 43 80 3c 2c 00 74 08 4c 89 ff e8 3c 55 96 fd 49 8b 17 48 c7 c7 00 59 3f 8b 48 89 de 4c 89 f9 e8 c7 e1 9c fc 90 <0f> 0b 4c 89 f7 e8 cc 54 76 fd 43 80 3c 2c 00 74 08 4c 89 ff e8 0d
[ 1454.278701][T22226] RSP: 0018:ffffc90003b4f680 EFLAGS: 00010246
[ 1454.278716][T22226] RAX: 000000000000006d RBX: ffff88801a375770 RCX: 1bae272511c54b00
[ 1454.278730][T22226] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1454.278741][T22226] RBP: ffff88801a371010 R08: 0000000000000000 R09: 0000000000000000
[ 1454.278753][T22226] R10: dffffc0000000000 R11: ffffed101710487b R12: 1ffff110068c8aee
[ 1454.278766][T22226] R13: dffffc0000000000 R14: ffff888034645770 R15: ffff888034645770
[ 1454.278780][T22226] FS:  0000000000000000(0000) GS:ffff888126bc6000(0000) knlGS:0000000000000000
[ 1454.278796][T22226] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1454.278809][T22226] CR2: 00007ffcf6b79d78 CR3: 000000003bb24000 CR4: 00000000003526f0
[ 1454.278826][T22226] Call Trace:
[ 1454.278832][T22226]  <TASK>
[ 1454.278840][T22226]  bt_accept_unlink+0x39/0x240
[ 1454.278907][T22226]  l2cap_sock_teardown_cb+0x17e/0x460
[ 1454.278956][T22226]  l2cap_chan_del+0xb5/0x5e0
[ 1454.278977][T22226]  ? l2cap_conn_del+0x37c/0x680
[ 1454.278995][T22226]  l2cap_conn_del+0x388/0x680
[ 1454.279015][T22226]  ? __pfx_l2cap_disconn_cfm+0x10/0x10
[ 1454.279033][T22226]  hci_conn_hash_flush+0x10d/0x230
[ 1454.279055][T22226]  hci_dev_close_sync+0xaef/0x1330
[ 1454.279107][T22226]  ? __pfx_hci_dev_close_sync+0x10/0x10
[ 1454.279132][T22226]  ? hci_unregister_dev+0x212/0x510
[ 1454.279154][T22226]  hci_unregister_dev+0x21a/0x510
[ 1454.279174][T22226]  vhci_release+0x155/0x1b0
[ 1454.279249][T22226]  ? __pfx_vhci_release+0x10/0x10
[ 1454.279272][T22226]  __fput+0x45b/0xa80
[ 1454.279319][T22226]  task_work_run+0x1d4/0x260
[ 1454.279342][T22226]  ? __pfx_task_work_run+0x10/0x10
[ 1454.279364][T22226]  ? do_exit+0x6b0/0x2300
[ 1454.279384][T22226]  ? do_exit+0x6b0/0x2300
[ 1454.279405][T22226]  do_exit+0x6b5/0x2300
[ 1454.279422][T22226]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1454.279456][T22226]  ? __pfx_do_exit+0x10/0x10
[ 1454.279473][T22226]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1454.279492][T22226]  ? rt_spin_lock+0x1c1/0x3e0
[ 1454.279516][T22226]  do_group_exit+0x21c/0x2d0
[ 1454.279536][T22226]  ? rt_spin_unlock+0x161/0x200
[ 1454.279557][T22226]  get_signal+0x125d/0x1310
[ 1454.279589][T22226]  arch_do_signal_or_restart+0xa0/0x790
[ 1454.279614][T22226]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1454.279638][T22226]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1454.279697][T22226]  ? exit_to_user_mode_loop+0x40/0x130
[ 1454.279724][T22226]  exit_to_user_mode_loop+0x72/0x130
[ 1454.279741][T22226]  do_syscall_64+0x2bd/0xfa0
[ 1454.279799][T22226]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1454.279824][T22226]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1454.279856][T22226]  ? clear_bhb_loop+0x60/0xb0
[ 1454.279882][T22226]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1454.279899][T22226] RIP: 0033:0x7fdc236cefc9
[ 1454.279920][T22226] Code: Unable to access opcode bytes at 0x7fdc236cef9f.
[ 1454.279930][T22226] RSP: 002b:00007fdc21936038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1454.279949][T22226] RAX: 0000000000000024 RBX: 00007fdc23925fa0 RCX: 00007fdc236cefc9
[ 1454.279962][T22226] RDX: 0000000004000800 RSI: 0000200000001080 RDI: 0000000000000003
[ 1454.279974][T22226] RBP: 00007fdc23751f91 R08: 0000000000000000 R09: 0000000000000000
[ 1454.279986][T22226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1454.279997][T22226] R13: 00007fdc23926038 R14: 00007fdc23925fa0 R15: 00007ffd3becbcc8
[ 1454.280017][T22226]  </TASK>
[ 1454.280028][T22226] Modules linked in:
[ 1454.280044][T22226] ---[ end trace 0000000000000000 ]---
[ 1454.280056][T22226] RIP: 0010:__list_del_entry_valid_or_report+0x15a/0x190
[ 1454.280080][T22226] Code: e8 fb 54 76 fd 43 80 3c 2c 00 74 08 4c 89 ff e8 3c 55 96 fd 49 8b 17 48 c7 c7 00 59 3f 8b 48 89 de 4c 89 f9 e8 c7 e1 9c fc 90 <0f> 0b 4c 89 f7 e8 cc 54 76 fd 43 80 3c 2c 00 74 08 4c 89 ff e8 0d
[ 1454.280095][T22226] RSP: 0018:ffffc90003b4f680 EFLAGS: 00010246
[ 1454.280109][T22226] RAX: 000000000000006d RBX: ffff88801a375770 RCX: 1bae272511c54b00
[ 1454.280123][T22226] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1454.280134][T22226] RBP: ffff88801a371010 R08: 0000000000000000 R09: 0000000000000000
[ 1454.280146][T22226] R10: dffffc0000000000 R11: ffffed101710487b R12: 1ffff110068c8aee
[ 1454.280160][T22226] R13: dffffc0000000000 R14: ffff888034645770 R15: ffff888034645770
[ 1454.280175][T22226] FS:  0000000000000000(0000) GS:ffff888126bc6000(0000) knlGS:0000000000000000
[ 1454.280191][T22226] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1454.280203][T22226] CR2: 00007ffcf6b79d78 CR3: 000000003bb24000 CR4: 00000000003526f0
[ 1454.280225][T22226] Kernel panic - not syncing: Fatal exception
[ 1454.280575][T22226] Kernel Offset: disabled