last executing test programs:

12.692878114s ago: executing program 2 (id=3138):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x8000000a, 0x0)

12.324381047s ago: executing program 2 (id=3144):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000100)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000740)={'filter\x00', 0x10, 0x4, 0x408, 0x1f0, 0x1f0, 0xe8, 0x320, 0x320, 0x320, 0x4, 0x0, {[{{@arp={@private, @broadcast, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@random="bd22fdd68c29"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 'veth0_macvtap\x00'}, 0xc0, 0xe8}, @unspec=@AUDIT={0x28}}, {{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "0d6581a280a9fd38cc0cd92b7c41598c1625a223e855c9fbc1389f5d44ef17d4f24b7890dbf5909d70031d8427048dc1646921eaa7e6ac8400"}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x458)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.current\x00', 0x275a, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x6, 0x0, &(0x7f00000001c0)='asymmetric\x00', &(0x7f00000000c0)=@chain)
sendfile(r1, r0, 0x0, 0x2)

11.237490981s ago: executing program 2 (id=3147):
r0 = syz_open_dev$dri(&(0x7f00000001c0), 0x1, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x10})

11.045614961s ago: executing program 2 (id=3149):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)={0x1c, 0x28, 0x9, 0x0, 0x0, {0x8, 0x0, 0x2c00}, [@typed={0x8, 0x1, 0x0, 0x0, @binary="58de5d25"}]}, 0x1c}}, 0x0)

10.868695749s ago: executing program 2 (id=3151):
fanotify_init(0x0, 0x0)
socket$inet6(0xa, 0x1, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
dup(r0)
r1 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x8, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0)

9.719966144s ago: executing program 2 (id=3154):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)
recvmmsg(r0, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000100)=""/210, 0xd2}, {&(0x7f0000000400)=""/203, 0xcb}, {&(0x7f0000000200)=""/7, 0x7}, {&(0x7f0000000280)=""/118, 0x76}], 0x4}}], 0x1, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x2)
getsockname(r1, &(0x7f0000000d00)=@xdp={0x2c, 0x0, <r2=>0x0}, &(0x7f0000000c80)=0x80)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000810500"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012800a00010063616e"], 0x48}}, 0x0)

5.309203853s ago: executing program 4 (id=3174):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01080000000000000000070000000900010073797a310000000040000000030a010800000000000000000700000014000480080001400000000008000240000000000900010073797a3100000000090003"], 0x88}}, 0x0)

5.096601042s ago: executing program 4 (id=3176):
prlimit64(0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x42000, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/igmp6\x00')
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00'}, 0x90)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={0x14, 0x24, 0x9, 0x0, 0x0, {0x7}}, 0x14}}, 0x0)
r3 = eventfd2(0x8000, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
r5 = dup3(r4, r3, 0x0)
setsockopt$sock_int(r4, 0x1, 0x0, &(0x7f0000000040)=0x1, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r4, &(0x7f0000000240)={0x1d, r6, 0x0, {0x0, 0x0, 0x4}}, 0x18)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r5, &(0x7f000009de80)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x4c}}, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f00000010c0)=""/171, 0xab}], 0x2)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600))
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000640)=@getqdisc={0x44, 0x26, 0x6, 0x70bd26, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x3, 0xffe0}, {0x8, 0xfff3}, {0x0, 0xa}}, [{0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}, {0x4}]}, 0x44}}, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="05000010a1fe9d999ab526c1611033ad79005a0f0000000000009abab0", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0000004001000000000000000000000071446f0d0e7a7fea2b8e41e591fa"], 0x80}}, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x20000600}}, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c00000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB, @ANYRES32, @ANYBLOB="abd20ac6323023ec7c00"/20], 0x3c}}, 0x0)

4.556271634s ago: executing program 1 (id=3177):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_WME={0xc, 0x81, [@NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0xa9}]}]}, 0x34}}, 0x0)

4.053152555s ago: executing program 4 (id=3178):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0)

3.944818797s ago: executing program 4 (id=3179):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f00000001c0)={0x3c, 0x0, 0x8, 0x301, 0x0, 0x0, {}, [@CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_TIME_WAIT={0x4}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6}]}, 0x3c}}, 0x0)

3.835411247s ago: executing program 0 (id=3180):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x13, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000002e000000000000000000008500000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000080)='GPL\x00'}, 0x90)

3.834354802s ago: executing program 4 (id=3181):
r0 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCGSTAMP(r0, 0x8906, 0x0)
sendmsg$inet(r0, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x0, @local}, 0x10, 0x0}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x0)

3.749245086s ago: executing program 0 (id=3182):
iopl(0x3)
msync(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x300)

3.709918712s ago: executing program 4 (id=3183):
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100800001)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'wlan0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@newqdisc={0x2c4, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x8}, {0x87, 0x2, [@TCA_GRED_STAB={0x104, 0x2, "ca0fb762580766136d5ec4ec043657e3dda6b09124a58b8180fc3e503693b90a549393abbc32273876e0443ae40b45e4ca3ed3c6a671fbcfbcf0704bbc6304c1b3a748d39ba48c00555dd1fa5a1ddba64f0e54784d49da03d925c228d5ac61f5425e51bf618b9548a80c44f9c4c1c918fc529c43a34e302df28c23871d3316074d2b7c0169c7b32ed6c8b2c3e2ae0455de4ff1320ff7acec2ee2a38c8244af06d38467892e1de78c05139040d2549cefae949ac8f9a053d0a5a2f6ee7789988f93a700cc5b89cbd99b23d7ee7be321fff1a0d9bd6f53f68ee7878f6243b26894b051247c1d51ba4d1e50fc26d958614a2e0441f486f1eccd0120a84dbc4e26ef"}, @TCA_GRED_MAX_P={0x8}, @TCA_GRED_STAB={0x104, 0x2, "6f9c29745866749223f963f886722428930e39ec6ac30ee16c2c9d0768da8b274a8c33af0a3fc41551ab9e1d7c50ee8a7137d1c05b5299d86f52072fb08316fc155ee2334f6620cf89aa68eef43d1213c663705c51a341c8fca89f17defc32d1f0b6457e5a7f9704ff001c7f21bdaf5545d5270ed517a9de7ae6e124d5b471a188d954ba5f93be27f7e90360c07065cb07d9b690ecbf7eb0fbd8563bc50e3a7ae1778cb68ac34610c514bd046909d2ed4de92b06cb359486b946ef967ac20f4d25534f239693d0cb733b40ae226f001cf8b81b8fc4d8c5eb8a27631c82a01c43ff285ff1273bf76c37732624d2a8cbc061554fd533bde21659cc686b2ede7517"}, @TCA_GRED_PARMS={0x38}, @TCA_GRED_PARMS={0x38}, @TCA_GRED_DPS={0x10}]}}]}, 0x2c4}}, 0x0)
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1e, 0x13, r3, 0x2000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x2}}}, 0x7)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r5, &(0x7f0000000200), 0xfffffd9d)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="02c90012000e14000a0000000700ffff00000700000000"], 0x17)
syz_emit_vhci(&(0x7f0000000100)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
syz_emit_vhci(0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000280), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
recvmmsg(r6, 0x0, 0x0, 0x0, 0x0)

3.660600524s ago: executing program 0 (id=3184):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd0100000000200000020060206b830f983afffe8000000000000000020000000000bbfe88000000000000000000000000000189"], 0xfce)

3.079741135s ago: executing program 1 (id=3186):
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
openat$pidfd(0xffffffffffffff9c, 0x0, 0x381000, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, 0x0, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x4098000, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x45b, 0x44000102, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x552a, &(0x7f0000000000), 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x14)
r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="18080000000000000000", @ANYRES32], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x23, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xa1a}, 0x90)
setxattr$incfs_metadata(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x10012, r3, 0x3000)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vlan1\x00'})
socket$qrtr(0x2a, 0x2, 0x0)

2.640736689s ago: executing program 0 (id=3187):
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89001)
prlimit64(0x0, 0xe, &(0x7f0000000140), 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000240))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000000))
io_uring_setup(0x0, &(0x7f0000000180))
fcntl$lock(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000a40)=ANY=[@ANYBLOB="b70200000d000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a7fb0a93d035f2f206d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d7be3e8c254a5cba117cbdb9cd38bdb2cc8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e6a9f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d996d60a17e3c184b751c51160100000000000080148b9a31ee8dc8b544f3c4a532e60a0ac346dfebd31a08060000000200000000000000334d83239dd20100008000000000d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08a406f99f7b1e1ad828267d4eadd3964663e085354133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb28cb0bae7c34dc5e7c805210600000000000000c3dec04b25df45d4f71ab158c36657b7218baa07a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d01776839b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c707fe81436b024c2574980397bc49d70c060d57bc88fbe3bbaa058b040362ab926150763fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4e6068f1bf710d133d541da86e046e513b3177e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2b2ff7f9a7d365e63845f3e1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000010000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edef8ba72205beff7771bcb293747b88486cacee403000000a2919a4b09e168e4e4d5ff2ed893f2e314679fa69fc7e0cf761f91b18725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289c2f884d0766cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2efce676a93110904d5e055af44664b53c764d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976694b6a0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d201721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e671282a2d3066ac968c7d7d7db195f255b1b4a85eb9ee0a3b68c9e209756623adf685dd715d68ed1274b4d5502f512493af8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc"], 0x0}, 0x90)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r5, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x23}})
fsetxattr(0xffffffffffffffff, &(0x7f00000000c0)=@known='trusted.syz\x00', 0x0, 0x0, 0x0)
io_uring_enter(r2, 0x27e2, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYBLOB="500100001000130700000000000000007f000001000000000000000000000000200100"/64, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac1e000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000100000000000000008060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060"], 0x150}}, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000000)={0x0, 0x0, 0xd4a4})
fcntl$lock(0xffffffffffffffff, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r7 = socket$qrtr(0x2a, 0x2, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x28}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r8, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000380)=@assoc_value, &(0x7f00000003c0)=0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r7, 0x8914, &(0x7f0000000140)={'virt_wifi0\x00', 0x1})

2.083322716s ago: executing program 3 (id=3189):
r0 = memfd_create(&(0x7f0000000500)='\xf1q\x97.\x8e\xc3\xfe\r\a\xee\xc9[\x9a%=\x01#\x00\r\x9a\xbf\xd9\xcb\xe4\"mqo\xa1\xd2dhV\xf3\n*_A\xef\xc7\xa4\xee\xb2z\xc0\r\n\xd2\xa3\x98_\xf6\xb6\f\xbdOS\t\xfe\x8a\xf9>\x05+\xfc\x9c\xa5y\xf8\x17Vo\x00l\v\xe5\xff\x92\xc9\xaeH\xeeK\x00S\xf6\xecz\x87iiO\xdauvJ\xad\x82\xa5\xa1]\xd5+=\xb4\xf0\x02\xadT\x81\x00\x00\x017\xc5\x8e\\\x00\x8a\x0e\xc50L \xd5\xf3\xee\xa8\x82-\xcb\x00\x00\x00\x00\x00\x00\x00\x04\xa6\x19\xe1\b\x84a\xb9^\xc4\xa3\xa2\xd8\x82\xd0\x8e\xd2\xd2m\xea\x92\xd4\x1f\x1d\xeb\xa0\xf7\x00\xf8\x00Wzh\xd6\x9a\x1d-\x03m^c\x05O\xa2wVA\xe2\xc0\"\xa9\x15\x1e\x13\x82o\xfe\x0e:\x1a\xbb_.Bt\xa7\x8c\v\x92\x90H\xb9\xfd\xf4c\f{\x86\xfd`\xce_k\x17\xf9r\xe8^\xc0N\x8b>\xd6:\x1d\x02z\xec\x9d\xd64/\xc7&\x91\xa3C\xd4\xf8\x16\x82aS]\xa0\x9a\x9bE{\xf6\xfc\x8b\xfb\x96k\xfc<L\xf9\xa0(O\x99\xef\xba\xe6\x15*\xc7\xac\xab\x8c\xc1A\xc81\xebQ\xcckU\xdb\x8c\x1e\t\x90\x89g\xa2G=\xd5\xebZ\x1f|;\x16O[\xb1/\xfe\xfb@Ho\xa2\xd0\x8b\x86\xb9\xd8\a\xaa\t\xed\x13\x96\xa5\xd2\x10i8\xab]*F\xc8HL\xb3t)KQ$\xacF\x16\'\xe6\xaa\x7fF\xf3\x8c\x8e\xbc>\xe3\xf3 \x1d\xd9@\xf6\xdcQG\'\xed(G\xb0\xba\xee8\xa5\xa8\x8c\xb1\xab\x8b\xc8e}\a\x1f\x84(\x85HB\x119\x8d\xab\\\\\xba\xb3\x89>~s1@\x9e\x8dD\xb5\x8c\xb6H\xbfJ5R\x06/.\xc5\xd4o\x0e\xa0\xdd\xb5\x8b\xddwU\xd91\xd2\xcfj\xc4=-\xdb\xa8\xb5r\x9f\xa3\x9f*}\r7B\x9e\xc20\xf5\xe8B\xd0\xb6\x00\xd52\xc9w\x8bAu,\x8b\xdc\xe7\xd8\x8d\x85\xd0\xa8\xf0\xfe\xa9\xf1\x92\x18?\xc1\x02w/\xef\xdb\x02\x87_\x89 \x14T\x9c\xc1\xf6ck\x14 \x18\x10\xb3`\xf4\'Oz\x12\xd2Wr\xc6\xba\x00\x99\x8b\xfd\xdbz\x1e\x1d\xd1\xadFb\xe7\xcb\xf52?\xfbH\xf7\x9bE\x13\xe9\xec\xea)A\x87\xfb+Y.\x85\xd5\xca\xf3F\x13L\xf3\xe7Kd\xe3\xe0*M\xdc\r\x06{.+0\xab\x86\xe7\"\xdf\x05\x90|\t}\x85\xfa\x8a=\xf7\xa0\xbd^F\xf1\'\x9c\xd7\xfc\x01p\x1frn\x83\x10u\xc6M\xfb', 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0)=0x10)
copy_file_range(r0, 0x0, r0, 0x0, 0x0, 0x0)

1.910515541s ago: executing program 1 (id=3190):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
pipe2(&(0x7f0000000040), 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
getsockopt$MRT6(r1, 0x29, 0x21, 0x0, &(0x7f0000000640))
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18}, @TCA_ACT_BPF_FD={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1}}, @TCA_ACT_BPF_FD={0x8}]}, {0xc88}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)

1.864881556s ago: executing program 3 (id=3191):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f00000001c0)={0x3c, 0x0, 0x8, 0x301, 0x0, 0x0, {}, [@CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_TIME_WAIT={0x4}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6}]}, 0x3c}}, 0x0)

1.647005583s ago: executing program 3 (id=3192):
r0 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCGSTAMP(r0, 0x8906, 0x0)
sendmsg$inet(r0, &(0x7f0000000500)={&(0x7f0000000080)={0x2, 0x0, @local}, 0x10, 0x0}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000800)={0x0, 0x0, 0x0}, 0x0)

1.556314879s ago: executing program 0 (id=3193):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10)
listen(r0, 0x1ff)
sendto$inet(r0, &(0x7f0000000100)='7', 0x1, 0x0, &(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10)

1.510081551s ago: executing program 3 (id=3194):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x541c, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000e40)={<r2=>0xffffffffffffffff})
r3 = io_uring_setup(0x291c, &(0x7f0000000140))
dup3(r2, r3, 0x0)
prctl$PR_SET_TIMERSLACK(0x1d, 0xffffffffffffffe1)
futex(&(0x7f000000cffc)=0x100000000000004, 0x0, 0x4, &(0x7f0000edfff0)={0x0, 0x989680}, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x1, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
setuid(0xee00)
ioctl$PIO_UNIMAP(r4, 0x4b67, &(0x7f00000001c0)={0x0, 0x0})
open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x88200)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="043e0c04ebc800"], 0xf)
r5 = socket(0x10, 0x803, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000040), 0x2}], 0x1, 0x0, 0x0, 0x0)
futex(&(0x7f0000000040), 0x1, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r5)
getsockname$packet(r5, &(0x7f0000000380)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newqdisc={0x2c, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r6}}, 0x24}}, 0x0)
r7 = socket$inet6(0xa, 0x1, 0x8010000000000084)
connect$inet6(r7, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
connect$inet6(r7, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)

1.244064213s ago: executing program 1 (id=3195):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f0000000040)=[<r2=>0x0, 0x0], 0x0, 0x0, 0x0, 0x2})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000440)={0x0, 0x0, r2})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000140)={0x0, 0xb, 0xb2})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080))
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000500))
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20-simd,anubis-generic,nhpoly1305-sse2)\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$alg(r4, 0x0, 0x0, 0x0)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x6c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

222.361161ms ago: executing program 1 (id=3196):
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040), 0x28402, 0x0)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0', [{0x20, '/dev/cachefiles\x00'}]}, 0x1c)

194.706971ms ago: executing program 3 (id=3197):
iopl(0x3)
msync(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x300)

73.403055ms ago: executing program 0 (id=3198):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000004c0)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
unshare(0x8000000)
unshare(0x8040080)
r1 = openat$sysfs(0xffffffffffffff9c, 0x0, 0xac802, 0x61)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000000)={0x4000000, {}, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x0, @empty}, 0x290, 0x0, 0x0, 0x0, 0x8000})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/power/image_size', 0x40042, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f00000001c0)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x0, 0x0, r3, &(0x7f00000000c0)="fc", 0xa}])
socket$inet_tcp(0x2, 0x1, 0x0)
unshare(0x6a040000)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r6 = dup(r5)
bind$bt_l2cap(r6, &(0x7f0000000080), 0xe)
listen(r6, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000140)={0x1f, 0x0, @none}, 0xe)
sendmmsg$inet6(r1, &(0x7f0000000480)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0xbc34, @mcast1, 0x8000000}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000002080)="f30ee204a98b62555316f64ff9218b710b223582be67cd392e183ef34c570e4a43575e133d893a6d17aadbd826930662a89097e91587d5703eed916a36e1d3925437768bb1de5af9a3fefd657c8d3ca13b58cc7641425a1477941ba37f1d7a381a92956939324158257b9e66eec8ed6a535fd5179dc0dc4dc6e32433f214c27fa2ee27e8165a8fc04aa1be87693ceaa0aa53289fe7de6939e195d7de64bd6be707692718b065559fb3935e6d610fbce471fcfc0cd853d01df952b7f313e998f118ba346faf3804da9a4bd3d0cfe7a8d0dbd34afe34f1bc56c19f4c175030c783885d4c0b6412329540c1db7c6bedd372abc676d23b770d447e09d79e63f9d0f4301b076c14e7ed5491428eae4ed962a15dfdb5c6d26120d218cbb99c0353f0a065517369dc0a80a1f38fd17d4ee08f634567dcb0e3c4db1d977804b6ba44a2ecce16f2da25b07c102fd1ff60e65556d747ac29603392e4a6e07b2e22e9dea22dc2cab6e40cd758c232265966ca05bd4b320799204b06bca61a4056de873838b83c7ff78a92f8dae1541af9e934d8b15f0a2545ff627736721704072c6f1baf29cc30c4a99f8986be60575d0c2e3dcee8939d58c4dc6a2608830f30b07f8cd331df212bbd0b56307e58ba8c7ca3345f5a920d11635a7d387c2638d67ef7fc276f29af1cf799e6bc38ed5c074834ce96e249f6b554dc53af02437b4dc9d94b9bec88ce32bc61f734e4f024578ebe9d79b7941ef6a7ff43abf62fb171112e5e84af1d849292b410a33d0481a19ca0647b9d72e6b1b66fa7754e5c5b1080611ae93d0d3a96e9b9b88c086496d5124cb77f90df339b7c520d80a287670a79bcdcef49e529b1d3ec95e838bcd6cb2843744fad50f84d754bd91186db701aa5bed94f00a3911ad7a98574d451f6187d728e9be048d3680d12686818cee68430cb086a069780b1f6ddbd70d970156a84b9acbceb8299a605ebfa9efe527bfadd29a975e87b280792f71ec24c8322761f786cf62690b539c97de8a3f6617dee7e9065b30149b9f627beea3d831de4bf3fbbe29dd2c2514e03d5021f9dcec53b6c06a0b59e4c710f66b931f36296a2e8aed9952f0ce885db0a1032142e36a7176b77578e9171c88ea6df031d4541028140f9d72f60826883c783716765dd5199f2cc67e803fabff116c8a13db51037d87b6e358c9404830cd160c6fc0a123c35380c1dabaface69fb0643f6211e4161659521f7d4d479bf084340c6801037573cf7b3315b4ffc3612a7fcc7b0415acee68864d3c95688041fd9c85a30b4c56add3c2147a69f73bae8ebd8e7897eace466b8622e0b1b2c0e1e489c26351549f3753625bd97fb5397eb2dd44bcd125ace2c5e2e7f4a8ef14485298b3c4dd8dda01fd58b02532a58840cbc157c9f8105b67235741c5bd278fb8589ff55c558725102e5b6a0b6a0387faee8d5cc17ff52cd269a9d488493ca535ecd0e0397672c752683aacc70f2e1442e76140b06de9c224ba9fd7b1219f832ce923177f447e1781793c2146580f9f5f1cad40aa54c2e499cdc0634a32fab013ce6978a481315d00b1c60921156336406ec895abed2e69caf3d685d43fcea28d9ff30f3591c3552844b8d7ce9bd1da2ea594d84a6c82a4121333f6d1879bb179d0d1f51bd760262c50836f8a4acffe69fbb6288d08a22268f98a42a55a9c93b7019b3d30fffff4470347756bc6db6493cd7a72fa1f2720c77ac7b2082a7703aec98ceecb98413f52a09e31e7983909ecf2d80c8715d4a557738bf3916e060e9552342a7098de958b322cc1485c3ed98596150fcecc6af1aacada18558d03a98de6e82c5b14fbf009fc121fbd037243372c0a932dbd99e8e6cbd530d258c567ddbfcf043712ebd741b51f52d9fadb95aaebd3619b9d283d573c5bdaf309aa5ea2341fcdde781afe509f6e760196a30a16cd005cdb3a231a0bd947f615099b3e4150a0ddc4e19445d4424a651746075d496ca2115577934496211be837510355a1b216fc3e27bd1c96de7a1bfacc478dc742720fab2b0e38a19a8510048fcedbcfcac2b2329f44d75a741735f252403c431b40fd4f1516154e9a22c5c3b362cbe8c8dae273fd959aef42aedd6707eed92d2e9607f3e14430a8d8eedbc74f187b0788777c18d46b81791a88065d89a9b49c53e0acc25a66250011540c73fa1c1fbd0f587860236ca1450d25b4970bc7825b6a2aa5fd80c1deb5ebe307c7ad18ba96d0e0cf71ba979ae63f7bfa6378e005329f1699fd486d52fb98f7e410018993ee49e02fb722c3396cb2a76744f690a54c3091e14cd3a5ec67fa74f6bf3d3bd8f6e7ae3ad34d02768246860e06431edd25a290514aada4b9ff7419fc86b6c934466d842255d38e15bdd242614147f063714ff2c051000b57ea5641c44df47c5a5b30ba1690dc880fe968a3a62667c60e4998606d9f60090fcb31f9ec75c0f5cedb372b768e126a3e590772f060958d90707da0244ff6a1a7ae2239806502b868aaff24b1de530770802c487925964e8276bdb00584bbf6d47b035c2d60f91d60b5389111acc14fae284887c0d24e5eb0ed388253988843331c0dbf2edf0e0e754ce859f53d3fc0137f541dca9f01b704ad6fdc67e44560ef0d71320d686986765767ca8632dbddf985275a3f414eda0f2a0359affc21146d0347cafdf548a01d8b355cecf548c3aee87a1a32f931817205017adcf76d35e94257775966cbabfc9cf5a7c8633585e66e1fc6f3f7614c741f19cf1fc07e11e65218ad366aeca69398901cd1396bff5cf658cc435bf0fe92285c8d9551b4f794e9305eb9b0c1a6075eea76244f34a5dd51169610327d1e3e3b7e4880ed2257005f75efa94164ea2e428779df4b0c123886283e334cac8f7faa1c0ecfdded8ba80a063c4c08f3721e4c3870e2a5c993504992394e7fa136617cf636e127c2d79d494b0d4b73351a4778c71bf5502e233376cbea2636cde73ca4e2ef4cd7816f69ec6d2fe41ab87cbe8c24ebf53b50c7d90995788f96121e23c938138ce19901de0bd933cd395e6e981f837cbad268c3597a29fc6108bccafc88b6db596db6267999cb81e2df11ec1842e6d0ec968e071c28be52dad247d0dd9bb38fa410d088817e6504d7f480f53abd0048864283b87d98fa80f12dfb91f3c3297169a4de5766566b4e8c8197c9f579d79661e2532b79db6f3f64fdce9eccaaef3bc1d2f3eda4526b121dc7fcb164abc0a09e547c3814d3a2d731f132c75c7d3547cbdf5764fc8ec8ed8b28c806ebb064339fac66fc7511aead63b4ce01bcb6aca61042aed85e82437eae0f75701198a86dc5f3910031a5bb3b6de100c58ac419ec6aecf2d6d156b04b4f29ef35923cc994cea0def2f09535e6557a683bf27b3c2a70b0312542dd66c3d989b372d45c5b4ac04e30482a26939a061c980e5bd1a1d61542169be0673a57db70173216e4e1ac18992dcaa5ceb79521e3961599871f4db532f77e158d5bcbbb4358bd2845653ac280eeca0da8d8a44526ce901f3e17af44a857f1bbc463f77539ce181d28201667b1688c3fe1719d48bd0209cff6f4b38dce183c6dd152c9a62fa8ca3bc251b79ef658d95cc4195f097f1371d17e7ae0611c65638b2d80d9411d97c55fec9a068136deb35a545a0b497b275b2f473efa8453a3fbe6a66f675d245bd660a62dd1f545e88c2a741854b12b2eb3ac8fe1285be74a9260a695657dd2cb2f08123ef83777fe2a5dfa94e398fbb96fdfae4b9971bc2c87fdf6d282ef48ed87872bec1fcf3943826ed417b5437bc014efcb923c718325ce917533de0e3b36e08723ec972744654912ab51608da85853d6f9d42e839a0996b712fe9bb0da5f54a2be73158906f9d187ab05eb61cd627c876158f21b5b81ccd5e7dca6dea39467b0a3bbd182ad6bb16be4c1c5ff3104caa1d3037a831ed8e1260a63537c59aa1b4cb5c7e14a1cd634652b242c9bed008666ef52f5c76f7fd958c1c8f0538a754e2fd1c70022e4d4e3fb85ad72073dae8a89895e03ab5f8e450ac6a3e68de0451cd406dd9fddd87e1dd656e5d4642cc228804fe2eea4e8328dde9686361baedd925f6c30807dd8205f66037ec656af9927ad3e5909d88fdbfab925e71f0c6002a51f44e1ea45d8b9a198aca43536bd4aa93e34d1fc617d12a204b153c5c5b8ebd1ad97385730038357734cb1a1bf0f01c1a4a00f57831a1b37a0c2f7a18a7cddea8fa08da2cf618df92bedf95316191552d0dfe8e3c6bb2b3baeee6edf75154036d8e2ac19404ba4abf36881e2c376b2ef385179d11498494c18a53c9c3616631aae837f1c13b0e97eb0dda08536136f44a26c037c13419aebc2c0f6df70f4ab29cbcc291475b5398c8130650d16221a958d46800ba97ad590a85f7c22abd556cbb3a99fc5b513ecce277b63eba48fea1413c9ba6b6ef614ebef281f8b040cf7feead20781e5fcc18e51f7f590b62f1fae11d94c919de23bab8de7dcbfe3ee74f9144745da40b743364f1431319b33bb32ec5d3f663de9d39f48081301599294ab506b06c6414a093d161d0504f1f36c98618fc0943f7a96e4fe08b12f738b3e09d3e39947ce8144783134a68f9d43ebbd99da39ff5efbe98af0fe6fe89c03a09d7ebcfeb71d0a3e9a10c5a3b25a352a30016b1f1d9c661935212646901ef957391324e9a0157ae25bf76a06c9448e6a3a1383b103b71c46a191ae79515f9668120216828c820d122296c8ab58add271328a23bf4470f7820f735dd743b1aa89cb38491802b9142b417569247c53af9ff79fb72423e38ef513d88acfe0444faa36c9daaa0488442b7a161354bb7805935eed3cc7cff164d51a5019e7491a2b7e4e7fd8da6f7672c637313a59e4fd9278fe83724bf03acffd4dfcf2fbbe11e0509038cafd1c3ebb07a9f52ddc782e1cba15fa3259aaaf74d7e8d49d5421b2ce86cb04920f3d6c5fdafde77ccf08de0db2ec482ded71d6aa7cfe9e1953b2f0a0e90b027ac57fd7189d81369433a5a6e7added250b960352fac434c638b686b4607d8c73ac24f2120bd8d81d3c8069f1fbbfbda227b6cbb30b1821def0b90462279fadaa12580644516728e8a028f6b74e938f1ebfa4848ae49c11005a7216eee084a15373dff9014a37577f5409aba639ac21db21a2c9b026043e6b1055b93b7ca4e7a1ed438d3cd0ca6f1790f06f3b4934da3cc57be452330ed3a0df3c5b0232e5e2a16513d852af0574bb627fe6b35c10b9400e483e94c026e96ae5d05b9535e2ba823380004279d24c960dd9f4efbf4645af2366b1353a7f6d115b8e185261ba4e702b43ea6710328dfc92d0a51d17c97a45124ac20a70b67e4c43cb2f65307c7338d082d2819e0cc12d04aeee6acd2d56941e10268aab7e5894a968d383a92fd4ad817faaa3f6dc36051687c5cd7de696788ce01cab704bb9633023c91de298fdf736a4aeeffa9e3b6c47fa9d432e012d513a0847c4dcf0771fd739f920c1268f5efa2175287485a87b4b80156981e0ab53454d966aa49c49cbe855f94129dade6065330a67e5d58aeed7b4ae9fef1ddd12c218b551a6e9d546acb6e9d5bc695642559d9cc5846c7b6e666a0972156b982ea5bc135073964b522f9d9a9f500f955ac039d98158d78d7bb2ab1b5594afde2cc461c8ffa3a76ae994122eef932bd3e04f7bfaf3ecdbe0a26d031e6188408e1afd1a5a27c8b5342c7124836cf20fc6f7fc19a1ee7df3ca23ea839456e518b3a7f7e43fd2567ddbf0d8f5bcf373d0ba0665e1fbe7053ac1266c3c5aaf24f", 0x1000}, {&(0x7f0000000300)="83c66f81274161b4731a4be2a2e2fb76c63a60a4b5ec38653be04a44ca72bdcce540f46bfe47fc0a776f49bd3de38d9a92779c19cf069ca5a3198640ebe4b8af50d847ffca94bd121c23485e71e644778376f92337cb9765c4257f500e78d062720e6158017b48b97dc26d62f8cc7ff7ac86d06b8dfc2857fa36e38794b8805e6ea188161a56cd5e08d48ea06b6cf0bfe9ecd5d87db15af5bdb43d44b71d", 0x9e}], 0x2, &(0x7f0000000540)=ANY=[@ANYBLOB="140000000000000000430000000000000000000000200000000000000029000000360000003300000000000000000100050200070014000000000000002900000008000000020000000000000014200000000000002900000034000000060000000000000039983132a0e92181e59a455d02dbaa9304c9a1719012c0fdcfe3e58aaf003fa9b0b5bb4f381f2058a4f4ed3cefa631929b3099d75b4b87ec35e9436f4b01539137af45bb0d9a2b2ef77571071619927e6329ea6e52bf89cb459c6bcc51c9ed40dad684aac000bf686f93dcdc2d836b2f4e69a5c31b283c3c20b50b1d3273fafaf624fd1fd8f6ac9ad1b0070df0fe70a6da39f74985f7b1acc369ff03a34b2a450efc370ff13daa9976ce46ce000000"], 0x68}}], 0x1, 0x40050)
r7 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r7, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r9, 0x201, 0x0, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}}, 0x0)

325.887µs ago: executing program 1 (id=3199):
fanotify_init(0x0, 0x0)
socket$inet6(0xa, 0x1, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
dup(r0)
r1 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index=0x8, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x47f6, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 3 (id=3200):
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
openat$pidfd(0xffffffffffffff9c, 0x0, 0x381000, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, 0x0, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x4098000, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x45b, 0x44000102, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x552a, &(0x7f0000000000), 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x14)
r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="18080000000000000000", @ANYRES32], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x23, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xa1a}, 0x90)
setxattr$incfs_metadata(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x10012, r3, 0x3000)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vlan1\x00'})
socket$qrtr(0x2a, 0x2, 0x0)

kernel console output (not intermixed with test programs):

7] usb usb16-port1: unable to enumerate USB device
[  669.549375][ T4476] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  669.564608][ T4476] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  669.576226][ T4476] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  669.589504][ T4476] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  669.600501][ T4476] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  669.632141][ T4476] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  669.818739][T11971] netlink: 'syz.0.2084': attribute type 3 has an invalid length.
[  669.826679][T11971] netlink: 'syz.0.2084': attribute type 1 has an invalid length.
[  669.834446][T11971] netlink: 181400 bytes leftover after parsing attributes in process `syz.0.2084'.
[  670.528215][ T5089] Bluetooth: hci5: command tx timeout
[  671.779927][ T5089] Bluetooth: hci1: command tx timeout
[  672.260913][ T2810] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  672.318571][ T2810] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  672.367006][ T2810] bond0 (unregistering): Released all slaves
[  672.914287][T11965] lo speed is unknown, defaulting to 1000
[  673.219027][   T29] audit: type=1400 audit(1721026662.064:1015): avc:  denied  { accept } for  pid=11998 comm="syz.2.2091" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  673.318445][T12001] netlink: 'syz.2.2091': attribute type 4 has an invalid length.
[  673.507588][ T2810] hsr_slave_0: left promiscuous mode
[  673.530659][ T2810] hsr_slave_1: left promiscuous mode
[  673.586474][ T2810] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  673.601663][ T2810] batman_adv: batadv0: Removing interface: batadv_slave_0
[  673.627282][ T2810] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  673.661234][ T2810] batman_adv: batadv0: Removing interface: batadv_slave_1
[  673.747386][ T2810] veth1_macvtap: left promiscuous mode
[  673.764995][ T2810] veth0_macvtap: left promiscuous mode
[  673.775350][ T2810] veth1_vlan: left promiscuous mode
[  673.796022][ T5089] Bluetooth: hci1: command tx timeout
[  673.807231][ T2810] veth0_vlan: left promiscuous mode
[  675.878270][ T5089] Bluetooth: hci1: command tx timeout
[  677.316370][ T5137] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  677.845969][T12028] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  677.959061][ T5089] Bluetooth: hci1: command tx timeout
[  678.226879][ T2810] team0 (unregistering): Port device team_slave_1 removed
[  678.346408][ T2810] team0 (unregistering): Port device team_slave_0 removed
[  680.136421][T11965] chnl_net:caif_netlink_parms(): no params data found
[  681.360300][T12048] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2103'.
[  681.700021][T12063] siw: device registration error -23
[  682.528560][T11850] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  682.543802][T11850] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  682.637418][T11965] bridge0: port 1(bridge_slave_0) entered blocking state
[  682.664529][T11965] bridge0: port 1(bridge_slave_0) entered disabled state
[  682.673209][T11965] bridge_slave_0: entered allmulticast mode
[  682.722911][T11965] bridge_slave_0: entered promiscuous mode
[  682.753591][T11965] bridge0: port 2(bridge_slave_1) entered blocking state
[  682.780262][T11965] bridge0: port 2(bridge_slave_1) entered disabled state
[  682.842681][T11965] bridge_slave_1: entered allmulticast mode
[  682.853920][T11965] bridge_slave_1: entered promiscuous mode
[  682.881252][T11850] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  682.927745][T11850] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  683.123500][T12082] netlink: 'syz.0.2116': attribute type 1 has an invalid length.
[  683.168805][   T29] audit: type=1400 audit(1721026671.994:1016): avc:  denied  { setattr } for  pid=12073 comm="syz.2.2113" name="net" dev="proc" ino=45176 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  683.949459][ T2810] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.084818][T12089] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  684.111287][T11965] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  684.198357][ T2810] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.282509][T11965] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  684.454708][ T2810] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.719104][ T2810] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.802133][T11965] team0: Port device team_slave_0 added
[  684.853141][T11965] team0: Port device team_slave_1 added
[  685.003042][T11965] batman_adv: batadv0: Adding interface: batadv_slave_0
[  685.015328][T11965] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  685.050584][T11965] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  685.119563][T12101] netlink: 'syz.1.2125': attribute type 1 has an invalid length.
[  685.136653][T11965] batman_adv: batadv0: Adding interface: batadv_slave_1
[  685.143645][T11965] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  685.179742][T11965] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  685.446625][T11965] hsr_slave_0: entered promiscuous mode
[  685.469457][T11965] hsr_slave_1: entered promiscuous mode
[  685.492424][T11965] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  685.510090][T11965] Cannot create hsr debugfs directory
[  685.531985][ T2810] bridge_slave_1: left allmulticast mode
[  685.544474][T12110] Cannot find add_set index 0 as target
[  685.553123][ T2810] bridge_slave_1: left promiscuous mode
[  685.569072][ T2810] bridge0: port 2(bridge_slave_1) entered disabled state
[  685.602476][ T2810] bridge_slave_0: left allmulticast mode
[  685.622177][ T2810] bridge_slave_0: left promiscuous mode
[  685.649012][ T2810] bridge0: port 1(bridge_slave_0) entered disabled state
[  685.879749][T12106] 9pnet_virtio: no channels available for device 
[  686.530218][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  686.544053][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  686.575573][ T2810] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  686.606637][ T2810] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  686.624260][ T2810] bond0 (unregistering): Released all slaves
[  686.786005][T12118] netlink: 'syz.1.2130': attribute type 4 has an invalid length.
[  687.338218][ T2810] hsr_slave_0: left promiscuous mode
[  687.352411][ T2810] hsr_slave_1: left promiscuous mode
[  687.375387][ T2810] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  687.387102][ T2810] batman_adv: batadv0: Removing interface: batadv_slave_0
[  687.402106][   T29] audit: type=1326 audit(1721026676.244:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12133 comm="syz.0.2137" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd0b7f75bd9 code=0x0
[  687.427568][ T2810] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  687.435049][ T2810] batman_adv: batadv0: Removing interface: batadv_slave_1
[  687.453168][   T29] audit: type=1326 audit(1721026676.244:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12132 comm="syz.1.2136" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9a5f575bd9 code=0x0
[  687.520759][ T2810] veth1_macvtap: left promiscuous mode
[  687.526667][ T2810] veth0_macvtap: left promiscuous mode
[  687.532692][ T2810] veth1_vlan: left promiscuous mode
[  687.539431][ T2810] veth0_vlan: left promiscuous mode
[  689.851656][ T2810] team0 (unregistering): Port device team_slave_1 removed
[  689.958026][ T2810] team0 (unregistering): Port device team_slave_0 removed
[  690.842944][T12143] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2137'.
[  690.870409][T12166] binder: BINDER_SET_CONTEXT_MGR already set
[  690.883038][T12166] binder: 12165:12166 ioctl 4018620d 20000040 returned -16
[  691.007112][T11850] 8021q: adding VLAN 0 to HW filter on device bond0
[  691.231265][T11850] 8021q: adding VLAN 0 to HW filter on device team0
[  692.065352][ T5139] bridge0: port 1(bridge_slave_0) entered blocking state
[  692.072950][ T5139] bridge0: port 1(bridge_slave_0) entered forwarding state
[  692.090775][ T5139] bridge0: port 2(bridge_slave_1) entered blocking state
[  692.098024][ T5139] bridge0: port 2(bridge_slave_1) entered forwarding state
[  692.833049][T11965] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  692.892754][T11965] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  692.947923][T11965] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  692.967463][T11965] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  693.143960][T11850] 8021q: adding VLAN 0 to HW filter on device batadv0
[  693.442496][T11965] 8021q: adding VLAN 0 to HW filter on device bond0
[  693.600570][T12217] random: crng reseeded on system resumption
[  694.070672][   T29] audit: type=1400 audit(1721026682.444:1019): avc:  denied  { write } for  pid=12208 comm="syz.0.2160" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  694.360311][   T29] audit: type=1400 audit(1721026682.444:1020): avc:  denied  { open } for  pid=12208 comm="syz.0.2160" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  694.385777][T12216] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2155'.
[  694.422508][T11965] 8021q: adding VLAN 0 to HW filter on device team0
[  694.475660][ T6863] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.483066][ T6863] bridge0: port 1(bridge_slave_0) entered forwarding state
[  694.513934][ T6863] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.521160][ T6863] bridge0: port 2(bridge_slave_1) entered forwarding state
[  696.304664][T11850] veth0_vlan: entered promiscuous mode
[  696.647883][T12237] hub 9-0:1.0: USB hub found
[  696.654325][T12237] hub 9-0:1.0: 8 ports detected
[  696.857628][ T5089] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  696.868136][ T5089] Bluetooth: hci0: Injecting HCI hardware error event
[  697.174444][T11965] 8021q: adding VLAN 0 to HW filter on device batadv0
[  697.283551][T11850] veth1_vlan: entered promiscuous mode
[  697.539728][T11850] veth0_macvtap: entered promiscuous mode
[  697.612237][T11850] veth1_macvtap: entered promiscuous mode
[  697.735234][T11965] veth0_vlan: entered promiscuous mode
[  697.829885][T11965] veth1_vlan: entered promiscuous mode
[  697.875141][T11850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  697.920898][T11850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  697.952010][T11850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  697.981916][T11850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  698.004996][T11850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  698.030097][T11850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  698.053908][T11850] batman_adv: batadv0: Interface activated: batadv_slave_0
[  698.100087][T11850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  698.194859][T11850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  698.225945][T11850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  698.292470][T11850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  698.353659][T11850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  698.371938][T11850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  698.407409][T11850] batman_adv: batadv0: Interface activated: batadv_slave_1
[  698.466833][T11850] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  698.496160][T11850] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  698.504928][T11850] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  698.534370][T11850] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  698.639470][T11965] veth0_macvtap: entered promiscuous mode
[  698.691274][T11965] veth1_macvtap: entered promiscuous mode
[  698.867684][ T5390] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  698.879268][ T5390] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  698.900378][T11965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  698.917034][T11965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  698.930979][T11965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  698.944814][T11965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  698.955085][T11965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  698.966825][T11965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  698.977548][T11965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  698.993766][T11965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  699.011270][T11965] batman_adv: batadv0: Interface activated: batadv_slave_0
[  699.026848][ T5089] Bluetooth: hci0: hardware error 0x00
[  699.084654][ T1109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  699.086174][T11965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  699.094632][ T1109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  699.167818][T11965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  699.205289][T11965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  699.228317][T11965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  699.249757][T11965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  699.260563][T11965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  699.270513][T11965] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  699.295862][T11965] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  699.302492][T11965] batman_adv: batadv0: Interface activated: batadv_slave_1
[  699.496423][T11965] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  699.496467][T11965] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  699.496503][T11965] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  699.496537][T11965] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  700.587294][   T29] audit: type=1400 audit(1721026689.434:1021): avc:  denied  { listen } for  pid=12277 comm="syz.2.2180" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  700.812711][ T5390] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  700.824932][ T5390] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  700.875959][T12229] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  700.891049][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  700.931447][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  701.076671][ T5089] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  701.088055][T12229] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  701.150296][T12229] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  701.227969][T12229] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  701.286064][T12229] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  701.342676][T12229] usb 2-1: config 0 descriptor??
[  701.528470][   T29] audit: type=1400 audit(1721026690.354:1022): avc:  denied  { ioctl } for  pid=12301 comm="syz.2.2187" path="socket:[47164]" dev="sockfs" ino=47164 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  702.251524][   T29] audit: type=1400 audit(1721026691.094:1023): avc:  denied  { execute } for  pid=12299 comm="syz.4.2186" path="/dev/nullb0" dev="devtmpfs" ino=681 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  702.275908][    C1] vkms_vblank_simulate: vblank timer overrun
[  702.403774][T12319] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2178'.
[  702.569641][T12229] plantronics 0003:047F:FFFF.0011: No inputs registered, leaving
[  702.612849][T12229] plantronics 0003:047F:FFFF.0011: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  703.143963][T12336] random: crng reseeded on system resumption
[  704.668123][T12337] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  704.679404][T12229] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  704.735975][T12337] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  704.891891][T12229] usb 3-1: New USB device found, idVendor=05ac, idProduct=0241, bcdDevice=94.10
[  704.933934][T12229] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  704.966055][T12229] usb 3-1: Product: syz
[  704.970389][T12229] usb 3-1: Manufacturer: syz
[  704.978357][T12229] usb 3-1: SerialNumber: syz
[  705.014270][T12229] usb 3-1: config 0 descriptor??
[  705.064120][T12229] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input29
[  705.504466][T12347] kvm: user requested TSC rate below hardware speed
[  705.533451][ T4517] bcm5974 3-1:0.0: could not read from device
[  705.613026][T12229] usb 3-1: USB disconnect, device number 15
[  705.631633][ T4517] bcm5974 3-1:0.0: could not read from device
[  705.672021][ T5136] usb 2-1: USB disconnect, device number 14
[  706.003109][T12373] syz.1.2207: attempt to access beyond end of device
[  706.003109][T12373] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[  706.018784][T12373] FAT-fs (nbd1): unable to read boot sector
[  706.192442][T12373] Bluetooth: MGMT ver 1.22
[  710.517929][T12379] block nbd0: shutting down sockets
[  711.347179][ T5136] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  711.996701][T12394] hub 9-0:1.0: USB hub found
[  712.003420][T12394] hub 9-0:1.0: 8 ports detected
[  712.705956][ T5089] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  713.239853][  T785] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  713.542826][  T785] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  713.593706][  T785] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  713.620419][  T785] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  713.660117][  T785] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  713.735201][T12417] binder: 12416:12417 ioctl 4018620d 0 returned -22
[  713.802789][  T785] usb 3-1: config 0 descriptor??
[  714.360954][  T785] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving
[  714.396231][  T785] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  714.723742][T12419] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  716.246798][T12427] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  716.255446][T12427] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  716.675701][ T4476] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  716.689894][ T4476] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  716.699854][ T4476] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  716.708314][ T4476] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  716.718975][ T4476] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  716.726876][ T4476] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  717.001460][T12444] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2223'.
[  718.687643][T12456] ALSA: seq fatal error: cannot create timer (-22)
[  718.843064][ T5089] Bluetooth: hci2: command tx timeout
[  719.032995][   T29] audit: type=1400 audit(1721026707.874:1024): avc:  denied  { getopt } for  pid=12460 comm="syz.3.2229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  719.825724][T12467] kvm: emulating exchange as write
[  720.319221][  T785] usb 3-1: USB disconnect, device number 16
[  720.354781][T12441] lo speed is unknown, defaulting to 1000
[  720.916104][ T5089] Bluetooth: hci2: command tx timeout
[  721.193136][T12441] chnl_net:caif_netlink_parms(): no params data found
[  721.797295][T12020] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  721.810407][T12491] kexec: Could not allocate control_code_buffer
[  722.075716][T12441] bridge0: port 1(bridge_slave_0) entered blocking state
[  722.106471][T12441] bridge0: port 1(bridge_slave_0) entered disabled state
[  722.137793][T12441] bridge_slave_0: entered allmulticast mode
[  722.164402][T12441] bridge_slave_0: entered promiscuous mode
[  722.791968][T12020] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  722.920525][T12504] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  722.958336][T12441] bridge0: port 2(bridge_slave_1) entered blocking state
[  722.965616][T12441] bridge0: port 2(bridge_slave_1) entered disabled state
[  722.997339][ T5089] Bluetooth: hci2: command tx timeout
[  723.015247][T12441] bridge_slave_1: entered allmulticast mode
[  723.025356][T12441] bridge_slave_1: entered promiscuous mode
[  723.142397][T12020] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  723.157671][T12529] syz.1.2251[12529] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  723.157856][T12529] syz.1.2251[12529] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  723.408365][T12020] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  723.655661][T12441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  723.940532][ T5089] Bluetooth: Unknown BR/EDR signaling command 0x0f
[  724.116026][ T5089] Bluetooth: Wrong link type (-22)
[  724.121815][ T5089] Bluetooth: Unknown BR/EDR signaling command 0xee
[  724.128646][ T5089] Bluetooth: Wrong link type (-22)
[  724.135408][ T5089] Bluetooth: Unknown BR/EDR signaling command 0x10
[  724.391800][ T5089] Bluetooth: Wrong link type (-22)
[  724.397578][ T5089] Bluetooth: hci1: link tx timeout
[  724.403327][ T5089] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  724.545088][T12441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  724.757325][T12441] team0: Port device team_slave_0 added
[  724.818152][T12441] team0: Port device team_slave_1 added
[  725.376307][ T5089] Bluetooth: hci2: command tx timeout
[  726.150073][T12441] batman_adv: batadv0: Adding interface: batadv_slave_0
[  726.192014][T12441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  726.436036][ T5089] Bluetooth: hci1: command 0x0406 tx timeout
[  727.076069][T12441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  727.193931][T12555] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2257'.
[  727.241528][T12555] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2257'.
[  727.306958][T12441] batman_adv: batadv0: Adding interface: batadv_slave_1
[  727.313959][T12441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  727.396030][T12441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  727.908922][   T29] audit: type=1400 audit(1721026716.754:1025): avc:  denied  { override_creds } for  pid=12565 comm="syz.0.2263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  727.919677][T12441] hsr_slave_0: entered promiscuous mode
[  728.005027][T12441] hsr_slave_1: entered promiscuous mode
[  728.044626][T12020] bridge_slave_1: left allmulticast mode
[  728.081767][T12020] bridge_slave_1: left promiscuous mode
[  728.129763][T12020] bridge0: port 2(bridge_slave_1) entered disabled state
[  728.208407][T12570] netlink: 'syz.3.2262': attribute type 11 has an invalid length.
[  728.247498][T12020] bridge_slave_0: left allmulticast mode
[  728.254511][T12020] bridge_slave_0: left promiscuous mode
[  728.305052][T12020] bridge0: port 1(bridge_slave_0) entered disabled state
[  730.390527][T12599] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2271'.
[  730.844074][T12020] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  730.857756][T12020] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  730.859845][T12593] Falling back ldisc for ptm0.
[  730.878535][T12020] bond0 (unregistering): Released all slaves
[  730.970585][T12603] hsr0: entered promiscuous mode
[  731.326533][T12614] netlink: 296 bytes leftover after parsing attributes in process `syz.0.2280'.
[  732.613832][T12020] hsr_slave_0: left promiscuous mode
[  732.650071][T12020] hsr_slave_1: left promiscuous mode
[  732.699234][T12020] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  732.717475][T12020] batman_adv: batadv0: Removing interface: batadv_slave_0
[  732.740627][T12020] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  732.755972][T12020] batman_adv: batadv0: Removing interface: batadv_slave_1
[  732.807602][T12020] veth1_macvtap: left promiscuous mode
[  732.813338][T12020] veth0_macvtap: left promiscuous mode
[  732.837773][T12020] veth1_vlan: left promiscuous mode
[  732.849604][T12020] veth0_vlan: left promiscuous mode
[  733.685860][T12638] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  734.397786][T12020] team0 (unregistering): Port device team_slave_1 removed
[  734.506443][T12020] team0 (unregistering): Port device team_slave_0 removed
[  734.558588][T12670] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  735.610213][T12681] random: crng reseeded on system resumption
[  737.530672][T12683] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  737.658943][T12696] could not open pipe file descriptor
[  739.746029][   T29] audit: type=1400 audit(1721026728.494:1026): avc:  denied  { setopt } for  pid=12723 comm="syz.3.2313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  739.765703][    C1] vkms_vblank_simulate: vblank timer overrun
[  740.223034][T12728] netlink: 1272 bytes leftover after parsing attributes in process `syz.2.2312'.
[  740.572627][T12734] could not open pipe file descriptor
[  741.043112][T12441] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  741.101694][T12441] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  741.166399][   T29] audit: type=1400 audit(1721026729.994:1027): avc:  denied  { ioctl } for  pid=12739 comm="syz.0.2318" path="socket:[49222]" dev="sockfs" ino=49222 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  741.208803][T12441] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  741.311683][T12441] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  741.497545][ T5089] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  741.526994][ T5089] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  741.539944][ T5089] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  741.550884][ T5089] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  741.558997][ T5089] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  741.566943][ T5089] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  741.682901][ T5390] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  741.898447][T12751] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2319'.
[  742.323750][ T5390] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  742.411734][T12747] lo speed is unknown, defaulting to 1000
[  742.528695][ T5390] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  742.748775][ T5390] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  742.953120][T12441] 8021q: adding VLAN 0 to HW filter on device bond0
[  743.620747][T12771] hub 9-0:1.0: USB hub found
[  743.627556][T12771] hub 9-0:1.0: 8 ports detected
[  743.835636][ T4476] Bluetooth: hci4: command tx timeout
[  744.352787][T12441] 8021q: adding VLAN 0 to HW filter on device team0
[  744.416311][  T930] bridge0: port 1(bridge_slave_0) entered blocking state
[  744.423525][  T930] bridge0: port 1(bridge_slave_0) entered forwarding state
[  744.497083][ T5390] bridge_slave_1: left allmulticast mode
[  744.512472][ T5390] bridge_slave_1: left promiscuous mode
[  744.531000][ T5390] bridge0: port 2(bridge_slave_1) entered disabled state
[  744.570745][ T5390] bridge_slave_0: left allmulticast mode
[  744.593430][ T5390] bridge_slave_0: left promiscuous mode
[  744.607272][ T5390] bridge0: port 1(bridge_slave_0) entered disabled state
[  745.010066][T12783] could not open pipe file descriptor
[  745.511392][ T5390] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  745.534007][ T5390] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  745.551385][ T5390] bond0 (unregistering): Released all slaves
[  745.582841][  T930] bridge0: port 2(bridge_slave_1) entered blocking state
[  745.590084][  T930] bridge0: port 2(bridge_slave_1) entered forwarding state
[  745.607039][T12747] chnl_net:caif_netlink_parms(): no params data found
[  745.700792][T12791] netdevsim netdevsim3: Direct firmware load for ng failed with error -2
[  745.712701][T12791] netdevsim netdevsim3: Falling back to sysfs fallback for: ng
[  745.876897][ T4476] Bluetooth: hci4: command tx timeout
[  746.275580][T12747] bridge0: port 1(bridge_slave_0) entered blocking state
[  746.307595][T12747] bridge0: port 1(bridge_slave_0) entered disabled state
[  746.333234][   T29] audit: type=1400 audit(1721026735.174:1028): avc:  denied  { load_policy } for  pid=12799 comm="syz.2.2333" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  746.355399][T12800] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  746.367225][T12747] bridge_slave_0: entered allmulticast mode
[  746.381572][T12747] bridge_slave_0: entered promiscuous mode
[  746.399565][T12800] SELinux: failed to load policy
[  746.453810][T12747] bridge0: port 2(bridge_slave_1) entered blocking state
[  746.478150][T12747] bridge0: port 2(bridge_slave_1) entered disabled state
[  746.486252][T12747] bridge_slave_1: entered allmulticast mode
[  746.495197][T12747] bridge_slave_1: entered promiscuous mode
[  746.519908][T12803] hpfs: Bad magic ... probably not HPFS
[  746.623224][ T5390] hsr_slave_0: left promiscuous mode
[  746.633745][ T5390] hsr_slave_1: left promiscuous mode
[  746.653439][ T5390] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  746.669383][ T5390] batman_adv: batadv0: Removing interface: batadv_slave_0
[  746.716955][ T5390] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  746.747755][ T5390] batman_adv: batadv0: Removing interface: batadv_slave_1
[  746.821136][ T5390] veth1_macvtap: left promiscuous mode
[  746.834213][ T5390] veth0_macvtap: left promiscuous mode
[  746.849914][ T5390] veth1_vlan: left promiscuous mode
[  746.867617][ T5390] veth0_vlan: left promiscuous mode
[  747.958674][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  747.965240][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  747.965871][ T4476] Bluetooth: hci4: command tx timeout
[  749.659465][T12839] kexec: Could not allocate control_code_buffer
[  749.798124][ T5390] team0 (unregistering): Port device team_slave_1 removed
[  749.950594][ T5390] team0 (unregistering): Port device team_slave_0 removed
[  750.119819][ T4476] Bluetooth: hci4: command tx timeout
[  751.943742][T12747] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  752.003566][T12747] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  752.329426][T12864] hub 9-0:1.0: USB hub found
[  752.335896][T12864] hub 9-0:1.0: 8 ports detected
[  752.815223][T12441] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  752.993677][T12747] team0: Port device team_slave_0 added
[  753.079641][ T4476] Bluetooth: hci1: SCO packet for unknown connection handle 201
[  753.143687][T12747] team0: Port device team_slave_1 added
[  753.340136][T12747] batman_adv: batadv0: Adding interface: batadv_slave_0
[  753.363375][T12747] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  753.401231][T12877] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2355'.
[  753.442775][T12747] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  753.492976][T12441] 8021q: adding VLAN 0 to HW filter on device batadv0
[  753.508196][T12747] batman_adv: batadv0: Adding interface: batadv_slave_1
[  753.535476][T12747] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  753.637117][T12747] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  753.842578][T12747] hsr_slave_0: entered promiscuous mode
[  753.903257][T12747] hsr_slave_1: entered promiscuous mode
[  753.927065][T12747] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  753.935950][T12747] Cannot create hsr debugfs directory
[  754.302503][T12903] futex_wake_op: syz.0.2363 tries to shift op by 32; fix this program
[  754.516172][   T29] audit: type=1326 audit(1721026743.324:1029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12904 comm="syz.3.2362" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe630d75bd9 code=0x0
[  754.584663][T12441] veth0_vlan: entered promiscuous mode
[  754.815525][T12912] IPVS: length: 174 != 1776
[  755.511555][T12441] veth1_vlan: entered promiscuous mode
[  755.652717][T12441] veth0_macvtap: entered promiscuous mode
[  755.675080][T12441] veth1_macvtap: entered promiscuous mode
[  755.702863][T12441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  755.739708][T12441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  755.749845][T12441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  755.765925][T12441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  755.781941][T12441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  755.794527][T12441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  755.814934][T12441] batman_adv: batadv0: Interface activated: batadv_slave_0
[  755.874966][T12441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  755.900911][T12441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  755.942967][T12441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  755.983402][T12441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  756.015969][T12441] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  756.040210][T12441] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  756.071179][T12441] batman_adv: batadv0: Interface activated: batadv_slave_1
[  756.094747][T12441] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  756.150428][T12441] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  756.176771][T12441] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  756.192036][T12441] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  756.519694][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  756.542454][T12934] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  756.552527][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  757.245551][T12940] hub 9-0:1.0: USB hub found
[  757.253015][T12940] hub 9-0:1.0: 8 ports detected
[  757.784389][T12946] futex_wake_op: syz.0.2377 tries to shift op by 32; fix this program
[  757.826045][T12938] veth0_vlan: entered allmulticast mode
[  758.089872][T12949] IPVS: length: 174 != 1776
[  759.049958][ T7692] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  759.065958][ T7692] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  759.092031][T12747] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  759.122703][T12952] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2378'.
[  759.142471][T12952] netlink: 'syz.0.2378': attribute type 14 has an invalid length.
[  759.173712][T12952] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  759.182834][T12952] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  759.191715][T12952] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  759.200541][T12952] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  759.215595][T12952] vxlan0: entered promiscuous mode
[  759.248633][T12747] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  759.283870][T12747] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  759.366066][T12938] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2376'.
[  759.403909][T12747] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  759.904736][T12747] 8021q: adding VLAN 0 to HW filter on device bond0
[  760.008732][T12747] 8021q: adding VLAN 0 to HW filter on device team0
[  760.061937][T12972] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  760.074140][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  760.081397][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  760.144343][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  760.151696][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  761.154877][T12981] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  761.243101][T12747] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  762.750362][T12747] 8021q: adding VLAN 0 to HW filter on device batadv0
[  762.954824][T12747] veth0_vlan: entered promiscuous mode
[  763.022855][T12747] veth1_vlan: entered promiscuous mode
[  763.172701][   T29] audit: type=1400 audit(1721026752.014:1030): avc:  denied  { read } for  pid=13020 comm="syz.0.2397" path="socket:[51396]" dev="sockfs" ino=51396 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  763.346409][T12747] veth0_macvtap: entered promiscuous mode
[  763.390858][T12747] veth1_macvtap: entered promiscuous mode
[  763.502561][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  763.524655][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.547563][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  763.578007][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.590643][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  763.604084][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.616258][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  763.650336][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.711831][T12747] batman_adv: batadv0: Interface activated: batadv_slave_0
[  763.794617][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  763.819605][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.848673][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  763.908072][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.924302][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  763.945216][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  763.990352][T12747] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  764.013290][T12747] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  764.074641][T12747] batman_adv: batadv0: Interface activated: batadv_slave_1
[  764.179368][T12747] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  764.189515][T12747] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  764.198611][T12747] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  764.233319][T12747] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  764.569141][ T1109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  764.644966][ T1109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  764.806675][ T1109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  764.839230][ T1109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  765.046761][   T29] audit: type=1400 audit(1721026753.894:1031): avc:  denied  { write } for  pid=13047 comm="syz.1.2317" name="tcp" dev="proc" ino=4026533277 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  765.337965][T13053] libceph: resolve '40' (ret=-3): failed
[  765.514586][T13055] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2407'.
[  765.844461][ T4476] Bluetooth: hci1: Malformed HCI Event: 0x22
[  765.854392][   T29] audit: type=1400 audit(1721026754.504:1032): avc:  denied  { execmem } for  pid=13059 comm="syz.2.2410" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  766.709086][ T4476] Bluetooth: hci1: unexpected event for opcode 0x0000
[  767.298897][   T29] audit: type=1400 audit(1721026756.144:1033): avc:  denied  { create } for  pid=13068 comm="syz.0.2411" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  767.523432][T13083] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2416'.
[  767.587476][T13083] openvswitch: netlink: Multiple metadata blocks provided
[  767.590514][   T29] audit: type=1400 audit(1721026756.344:1034): avc:  denied  { mount } for  pid=13074 comm="syz.2.2414" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  767.769121][T13086] tmpfs: Bad value for 'size'
[  767.815144][T13086] netem: change failed
[  767.966099][T13089] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  768.475862][T13103] syz.2.2421: attempt to access beyond end of device
[  768.475862][T13103] loop2: rw=0, sector=64, nr_sectors = 1 limit=0
[  768.493398][T13103] syz.2.2421: attempt to access beyond end of device
[  768.493398][T13103] loop2: rw=0, sector=256, nr_sectors = 1 limit=0
[  768.512742][T13103] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  768.524133][T13103] syz.2.2421: attempt to access beyond end of device
[  768.524133][T13103] loop2: rw=0, sector=512, nr_sectors = 1 limit=0
[  768.537299][T13103] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  768.547146][T13103] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  768.554932][T13103] UDF-fs: Scanning with blocksize 512 failed
[  768.567527][T13103] syz.2.2421: attempt to access beyond end of device
[  768.567527][T13103] loop2: rw=0, sector=64, nr_sectors = 2 limit=0
[  768.582764][T13103] syz.2.2421: attempt to access beyond end of device
[  768.582764][T13103] loop2: rw=0, sector=512, nr_sectors = 2 limit=0
[  768.596575][T13103] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  768.611630][T13103] syz.2.2421: attempt to access beyond end of device
[  768.611630][T13103] loop2: rw=0, sector=1024, nr_sectors = 2 limit=0
[  768.625376][T13103] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  768.635175][T13103] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  768.643039][T13103] UDF-fs: Scanning with blocksize 1024 failed
[  768.652860][T13103] syz.2.2421: attempt to access beyond end of device
[  768.652860][T13103] loop2: rw=0, sector=64, nr_sectors = 4 limit=0
[  768.668780][T13103] syz.2.2421: attempt to access beyond end of device
[  768.668780][T13103] loop2: rw=0, sector=1024, nr_sectors = 4 limit=0
[  768.683545][T13103] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  768.696845][T13103] syz.2.2421: attempt to access beyond end of device
[  768.696845][T13103] loop2: rw=0, sector=2048, nr_sectors = 4 limit=0
[  768.710185][T13103] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  768.719927][T13103] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  768.727758][T13103] UDF-fs: Scanning with blocksize 2048 failed
[  768.736639][T13103] syz.2.2421: attempt to access beyond end of device
[  768.736639][T13103] loop2: rw=0, sector=64, nr_sectors = 8 limit=0
[  768.750845][T13103] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  768.762179][T13103] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  768.772232][T13103] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  768.780567][T13103] UDF-fs: Scanning with blocksize 4096 failed
[  768.802322][T13103] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1)
[  768.825825][   T29] audit: type=1400 audit(1721026757.294:1035): avc:  denied  { mounton } for  pid=13096 comm="syz.2.2421" path="/137/file0" dev="tmpfs" ino=731 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[  770.412875][ T4476] Bluetooth: hci2: Malformed HCI Event: 0x22
[  770.612442][ T4476] Bluetooth: hci1: unexpected event for opcode 0x043d
[  771.166087][   T29] audit: type=1400 audit(1721026760.004:1036): avc:  denied  { setattr } for  pid=13125 comm="syz.1.2430" name="vbi6" dev="devtmpfs" ino=909 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  771.706302][   T29] audit: type=1400 audit(1721026760.534:1037): avc:  denied  { write } for  pid=13137 comm="syz.2.2433" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  771.804842][   T29] audit: type=1400 audit(1721026760.534:1038): avc:  denied  { nlmsg_write } for  pid=13137 comm="syz.2.2433" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  772.391404][T13147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2436'.
[  772.828482][T13159] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2440'.
[  772.852350][T13159] openvswitch: netlink: Multiple metadata blocks provided
[  773.054468][   T29] audit: type=1400 audit(1721026761.894:1039): avc:  denied  { watch watch_reads } for  pid=13160 comm="syz.2.2442" path="pipe:[52941]" dev="pipefs" ino=52941 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  773.127507][T13168] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2441'.
[  774.060134][T13189] binder_alloc: 13188: binder_install_single_page failed to insert page at offset 0 with -14
[  774.135048][   T29] audit: type=1400 audit(1721026762.974:1040): avc:  denied  { watch watch_reads } for  pid=13191 comm="syz.0.2453" path="/proc/timer_list" dev="proc" ino=4026532104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=file permissive=1
[  776.158667][T13204] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2456'.
[  780.682784][T13229] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2463'.
[  783.769660][T13265] pim6reg: entered allmulticast mode
[  783.812750][T13268] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2476'.
[  783.847726][T13268] IPv6: NLM_F_REPLACE set, but no existing node found!
[  783.904523][    T8] IPVS: starting estimator thread 0...
[  783.925110][T13273] pim6reg: left allmulticast mode
[  783.951874][T13268] IPVS: rr: TCP 172.20.20.170:0 - no destination available
[  784.024529][T13276] IPVS: using max 21 ests per chain, 50400 per kthread
[  784.059388][T13274] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2476'.
[  784.120888][T13281] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2476'.
[  785.152008][   T29] audit: type=1400 audit(1721026773.918:1041): avc:  denied  { remount } for  pid=13287 comm="syz.1.2481" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  785.172269][    C0] vkms_vblank_simulate: vblank timer overrun
[  786.467723][T13317] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2491'.
[  787.418282][   T29] audit: type=1400 audit(1721026776.113:1042): avc:  denied  { bind } for  pid=13304 comm="syz.1.2489" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  787.789122][T13313] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2490'.
[  788.450550][T13344] netlink: 212404 bytes leftover after parsing attributes in process `syz.2.2502'.
[  788.477671][T13340] nbd1: detected capacity change from 0 to 22
[  788.481592][T13344] netlink: 211388 bytes leftover after parsing attributes in process `syz.2.2502'.
[  788.549926][T13347] block nbd1: shutting down sockets
[  788.585074][    C1] blk_print_req_error: 5 callbacks suppressed
[  788.585101][    C1] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  788.600581][    C1] buffer_io_error: 5 callbacks suppressed
[  788.600601][    C1] Buffer I/O error on dev nbd1, logical block 0, async page read
[  788.619044][   T26] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  788.629245][   T26] Buffer I/O error on dev nbd1, logical block 0, async page read
[  788.640244][T13345] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  788.649616][T13345] Buffer I/O error on dev nbd1, logical block 0, async page read
[  788.657579][T13345] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  788.666820][T13345] Buffer I/O error on dev nbd1, logical block 0, async page read
[  788.674706][T13345] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  788.687096][T13345] Buffer I/O error on dev nbd1, logical block 0, async page read
[  788.701060][T13345] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  788.727046][T13345] Buffer I/O error on dev nbd1, logical block 0, async page read
[  788.750587][T13345] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  788.783580][T13345] Buffer I/O error on dev nbd1, logical block 0, async page read
[  788.809017][T13345] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  788.831731][T13345] Buffer I/O error on dev nbd1, logical block 0, async page read
[  788.850600][T13345] ldm_validate_partition_table(): Disk read failed.
[  788.859043][T13345] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  788.896471][T13345] Buffer I/O error on dev nbd1, logical block 0, async page read
[  788.917681][T13345] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  788.948252][T13345] Buffer I/O error on dev nbd1, logical block 0, async page read
[  788.956685][T13345] Dev nbd1: unable to read RDB block 0
[  788.969971][T13345]  nbd1: unable to read partition table
[  788.976173][T13345] nbd1: partition table beyond EOD, truncated
[  790.609343][T13382] netlink: 1300 bytes leftover after parsing attributes in process `syz.2.2508'.
[  791.140079][T13374] lo speed is unknown, defaulting to 1000
[  791.447143][T13388] loop0: detected capacity change from 0 to 7
[  791.698643][T13388] Dev loop0: unable to read RDB block 7
[  791.769979][T13388]  loop0: AHDI p4
[  791.805800][T13388] loop0: partition table partially beyond EOD, truncated
[  793.365248][T13406] 9pnet_virtio: no channels available for device ./file0
[  795.416464][T13418] lo speed is unknown, defaulting to 1000
[  796.251816][ T4476] Bluetooth: hci1: command 0x0406 tx timeout
[  796.282713][T13437] netlink: 144 bytes leftover after parsing attributes in process `syz.4.2530'.
[  796.314799][   T29] audit: type=1804 audit(1721026785.018:1043): pid=13433 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.2528" name="/newroot/88/bus/file0" dev="overlay" ino=494 res=1 errno=0
[  796.459438][T13439] [U] Q
[  796.582648][   T29] audit: type=1400 audit(1721026785.286:1044): avc:  granted  { setsecparam } for  pid=13442 comm="syz.3.2534" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  796.637190][T13443] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  796.660548][T13443] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[  797.638537][ T5089] Bluetooth: hci1: unexpected event for opcode 0x0c38
[  797.701059][T13457] netlink: 212404 bytes leftover after parsing attributes in process `syz.3.2538'.
[  799.417562][T13457] netlink: 211388 bytes leftover after parsing attributes in process `syz.3.2538'.
[  799.629872][T13469] loop0: detected capacity change from 0 to 7
[  799.653965][T13469] Dev loop0: unable to read RDB block 7
[  799.672694][T13469]  loop0: AHDI p4
[  799.682720][T13469] loop0: partition table partially beyond EOD, truncated
[  799.719964][T13471] [U] Q
[  799.832790][T13477] lo speed is unknown, defaulting to 1000
[  800.033956][   T29] audit: type=1400 audit(1721026788.717:1045): avc:  granted  { setsecparam } for  pid=13480 comm="syz.4.2549" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  800.076881][ T5089] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  800.093951][T13475] lo speed is unknown, defaulting to 1000
[  800.110216][ T5089] Bluetooth: hci1: SCO packet for unknown connection handle 200
[  800.311324][T13482] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  800.535693][T13482] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[  802.932847][   T29] audit: type=1400 audit(1721026791.313:1046): avc:  denied  { create } for  pid=13502 comm="syz.4.2553" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  803.312971][ T5089] Bluetooth: hci2: unexpected event 0x06 length: 23 > 3
[  803.403546][T13522] loop0: detected capacity change from 0 to 7
[  803.447298][T13522] Dev loop0: unable to read RDB block 7
[  803.481251][T13522]  loop0: AHDI p4
[  803.500652][T13522] loop0: partition table partially beyond EOD, truncated
[  803.828786][   T29] audit: type=1400 audit(1721026792.497:1047): avc:  granted  { setsecparam } for  pid=13532 comm="syz.1.2564" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  803.892606][T13533] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  803.901536][T13533] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[  803.961393][T13540] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  804.170296][T13547] random: crng reseeded on system resumption
[  805.562786][T13559] lo speed is unknown, defaulting to 1000
[  806.351343][T13590] 9pnet_virtio: no channels available for device ./file0
[  808.706773][T13622] netlink: 144 bytes leftover after parsing attributes in process `syz.2.2596'.
[  808.750750][T13623] delete_channel: no stack
[  809.704813][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  809.737260][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  809.941520][T13639] netlink: 664 bytes leftover after parsing attributes in process `syz.4.2603'.
[  810.342986][T13646] xt_CONNSECMARK: invalid mode: 0
[  811.469381][   T29] audit: type=1400 audit(1721026800.100:1048): avc:  denied  { map } for  pid=13647 comm="syz.3.2605" path="socket:[54035]" dev="sockfs" ino=54035 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  812.771131][T13663] delete_channel: no stack
[  812.916330][T13671] netlink: 144 bytes leftover after parsing attributes in process `syz.1.2611'.
[  813.080034][T13674] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  813.377318][T13679] 9pnet_virtio: no channels available for device ./file0
[  814.096966][T13674] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  814.672544][T13695] syz.0.2618[13695] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  814.672726][T13695] syz.0.2618[13695] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  814.693092][T13695] usb usb8: usbfs: process 13695 (syz.0.2618) did not claim interface 0 before use
[  816.848460][T13702] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2623'.
[  816.967740][   T29] audit: type=1400 audit(1721026805.566:1049): avc:  denied  { map } for  pid=13699 comm="syz.0.2623" path="/dev/usbmon0" dev="devtmpfs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  817.112613][T13723] vivid-004: disconnect
[  817.126113][T13720] vivid-004: reconnect
[  817.438075][T13731] syz.0.2634[13731] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  817.438261][T13731] syz.0.2634[13731] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  817.459295][T13731] usb usb8: usbfs: process 13731 (syz.0.2634) did not claim interface 0 before use
[  818.657733][T13743] netdevsim netdevsim2: Direct firmware load for ng failed with error -2
[  818.723709][T13743] netdevsim netdevsim2: Falling back to sysfs fallback for: ng
[  819.297952][T13754] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2642'.
[  821.000155][T13772] vivid-000: disconnect
[  821.060400][T13771] vivid-000: reconnect
[  821.310902][ T5139] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  821.743162][ T5139] usb 5-1: Using ep0 maxpacket: 16
[  821.783323][ T5139] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  821.827007][ T5139] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  821.887392][ T5139] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  821.922077][ T5139] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  822.370628][ T5139] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  822.432548][ T5139] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  822.462388][ T5139] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  822.494774][ T5139] usb 5-1: Product: syz
[  822.519526][ T5139] usb 5-1: Manufacturer: syz
[  822.546350][ T5139] usb 5-1: SerialNumber: syz
[  823.039537][ T5139] cdc_ncm 5-1:1.0: bind() failure
[  823.057980][ T5139] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  823.085262][ T5139] cdc_ncm 5-1:1.1: bind() failure
[  823.110674][ T5139] usb 5-1: USB disconnect, device number 5
[  823.317811][T13803] devtmpfs: Bad value for 'context'
[  823.759879][T13817] lo speed is unknown, defaulting to 1000
[  824.000904][T13817] tipc: Started in network mode
[  824.006572][T13817] tipc: Node identity 4, cluster identity 4711
[  824.012847][T13817] tipc: Node number set to 4
[  824.039354][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880583a1c00: rx timeout, send abort
[  824.549678][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880583a1c00: abort rx timeout. Force session deactivation
[  825.761712][T13838] netlink: 'syz.1.2668': attribute type 15 has an invalid length.
[  825.936105][T13843] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2670'.
[  825.956731][   T29] audit: type=1326 audit(1721026814.531:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13823 comm="syz.2.2664" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f532dd75bd9 code=0x0
[  826.092990][T13848] devtmpfs: Bad value for 'context'
[  826.103146][T13849] netlink: 256 bytes leftover after parsing attributes in process `syz.4.2674'.
[  826.506824][T13869] TCP: TCP segment has incorrect auth options set for 172.20.20.187.0->255.255.255.255.20002 [S] 
[  827.202991][T13884] tipc: Enabling <eth:lo> not permitted
[  827.245230][T13884] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  827.497261][T13892] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2688'.
[  827.827991][   T29] audit: type=1400 audit(1721026816.385:1051): avc:  denied  { write } for  pid=13890 comm="syz.3.2689" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  828.564104][   T29] audit: type=1326 audit(1721026817.122:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13898 comm="syz.1.2692" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3643d75bd9 code=0x0
[  828.587071][    C1] vkms_vblank_simulate: vblank timer overrun
[  829.841101][T13915] tipc: Enabling <eth:lo> not permitted
[  829.870516][T13923] netlink: 'syz.3.2698': attribute type 3 has an invalid length.
[  829.889201][T13915] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  829.915078][T13923] netlink: 'syz.3.2698': attribute type 3 has an invalid length.
[  829.947398][T13923] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2698'.
[  830.152138][T13930] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2701'.
[  830.227272][T13933] netlink: 'syz.3.2703': attribute type 1 has an invalid length.
[  830.268844][T13935] overlayfs: missing 'lowerdir'
[  830.278274][T13933] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2703'.
[  831.123707][T13961] tipc: Enabling <eth:lo> not permitted
[  831.138346][T13961] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  831.186831][T13963] netlink: 'syz.0.2711': attribute type 3 has an invalid length.
[  831.248839][T13963] netlink: 'syz.0.2711': attribute type 3 has an invalid length.
[  831.275721][T13963] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2711'.
[  831.317112][T13965] xt_CT: No such helper "pptp"
[  831.477338][T13971] capability: warning: `syz.1.2714' uses 32-bit capabilities (legacy support in use)
[  831.549073][T13974] overlayfs: missing 'lowerdir'
[  831.688769][T13980] devtmpfs: Bad value for 'context'
[  831.723171][T13987] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2721'.
[  831.887178][T13991] netlink: 'syz.0.2723': attribute type 5 has an invalid length.
[  832.059041][T14002] [U] 
[  832.062516][T14002] [U] 
[  832.065239][T14002] [U] 
[  832.068070][T14002] [U] 
[  832.074371][T13999] xt_CT: No such helper "pptp"
[  832.086285][T13993] syz_tun: entered promiscuous mode
[  832.097092][T14002] [U] 
[  832.099850][T14002] [U] 
[  832.102580][T14002] [U] 
[  832.105305][T14002] [U] 
[  832.108910][T13993] batadv_slave_1: entered promiscuous mode
[  832.122452][T14006] netlink: 'syz.1.2724': attribute type 13 has an invalid length.
[  832.122558][T14002] [U] 
[  832.133115][T14002] [U] 
[  832.135840][T14002] [U] 
[  832.138643][T14002] [U] 
[  832.142853][T14006] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2724'.
[  832.171760][T14006] syz_tun: refused to change device tx_queue_len
[  832.178251][T14006] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  832.182526][T14002] [U] 
[  832.196838][T14002] [U] 
[  832.199563][T14002] [U] 
[  832.202283][T14002] [U] 
[  832.205931][T14002] [U] 
[  832.208655][T14002] [U] 
[  832.211370][T14002] [U] 
[  832.214082][T14002] [U] 
[  832.217577][T14002] [U] 
[  832.220290][T14002] [U] 
[  832.223087][T14002] [U] 
[  832.225763][T14002] [U] 
[  832.242067][T14002] [U] 
[  832.244835][T14002] [U] 
[  832.247651][T14002] [U] 
[  832.250381][T14002] [U] 
[  832.268729][T14002] [U] 
[  832.271483][T14002] [U] 
[  832.274181][T14002] [U] 
[  832.276856][T14002] [U] 
[  832.319740][T14002] [U] 
[  832.322500][T14002] [U] 
[  832.325311][T14002] [U] 
[  832.328374][T14002] [U] 
[  832.350062][T14002] [U] 
[  832.352820][T14002] [U] 
[  832.355546][T14002] [U] 
[  832.358272][T14002] [U] 
[  832.412151][T14002] [U] 
[  832.414879][T14002] [U] 
[  832.417663][T14002] [U] 
[  832.420372][T14002] [U] 
[  832.439985][T14002] [U] 
[  832.442730][T14002] [U] 
[  832.445978][T14002] [U] 
[  832.448699][T14002] [U] 
[  832.508154][T14002] [U] 
[  832.508758][T14016] vivid-004: disconnect
[  832.510885][T14002] [U] 
[  832.510920][T14002] [U] 
[  832.510953][T14002] [U] 
[  832.533184][T14002] [U] 
[  832.535928][T14002] [U] 
[  832.538662][T14002] [U] 
[  832.541404][T14002] [U] 
[  832.545628][T14015] vivid-004: reconnect
[  832.581119][T14002] [U] 
[  832.583881][T14002] [U] 
[  832.586599][T14002] [U] 
[  832.589396][T14002] [U] 
[  832.601172][T14002] [U] 
[  832.603902][T14002] [U] 
[  832.606600][T14002] [U] 
[  832.609453][T14002] [U] 
[  832.612450][T14002] [U] 
[  832.615175][T14002] [U] 
[  832.617900][T14002] [U] 
[  832.620657][T14002] [U] 
[  832.627970][T14002] [U] 
[  832.630797][T14002] [U] 
[  832.633480][T14002] [U] 
[  832.636164][T14002] [U] 
[  832.641202][T14002] [U] 
[  832.643940][T14002] [U] 
[  832.646744][T14002] [U] 
[  832.649464][T14002] [U] 
[  832.653051][T14002] [U] 
[  832.655869][T14002] [U] 
[  832.658585][T14002] [U] 
[  832.661304][T14002] [U] 
[  832.685573][T14002] [U] 
[  832.688316][T14002] [U] 
[  832.690999][T14002] [U] 
[  832.693773][T14002] [U] 
[  832.701637][T14002] [U] 
[  832.704455][T14002] [U] 
[  832.707159][T14002] [U] 
[  832.709854][T14002] [U] 
[  832.765736][T14002] [U] 
[  832.768540][T14002] [U] 
[  832.771261][T14002] [U] 
[  832.773976][T14002] [U] 
[  832.777229][T14002] [U] 
[  832.779941][T14002] [U] 
[  832.782627][T14002] [U] 
[  832.785349][T14002] [U] 
[  832.789875][T14002] [U] 
[  832.792602][T14002] [U] 
[  832.795322][T14002] [U] 
[  832.798048][T14002] [U] 
[  832.801803][T14002] [U] 
[  832.804535][T14002] [U] 
[  832.807250][T14002] [U] 
[  832.809966][T14002] [U] 
[  832.816293][T14002] [U] 
[  832.819007][T14002] [U] 
[  832.821700][T14002] [U] 
[  832.824390][T14002] [U] 
[  832.840488][T14002] [U] 
[  832.843217][T14002] [U] 
[  832.845903][T14002] [U] 
[  832.848591][T14002] [U] 
[  832.868666][T14002] [U] 
[  833.011253][T14021] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2733'.
[  833.214261][T14036] netlink: 'syz.2.2739': attribute type 5 has an invalid length.
[  833.427329][   T29] audit: type=1400 audit(1721026821.976:1053): avc:  denied  { getopt } for  pid=14042 comm="syz.4.2742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  834.583423][T14060] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2746'.
[  835.429835][T14063] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2748'.
[  835.528530][T14071] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2750'.
[  836.057307][T14077] binder: 14073:14077 ioctl 4018620d 0 returned -22
[  836.076889][ T4476] Bluetooth: hci4: command 0x0405 tx timeout
[  836.282821][   T29] audit: type=1400 audit(1721026824.638:1054): avc:  denied  { map } for  pid=14073 comm="syz.3.2751" path="/dev/bus/usb/005/001" dev="devtmpfs" ino=723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  838.794092][T14119] binder: 14111:14119 ioctl 4018620d 0 returned -22
[  840.831383][T14140] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  841.753031][T14162] lo speed is unknown, defaulting to 1000
[  842.118559][T14162] tipc: Started in network mode
[  842.124035][T14162] tipc: Node identity 4, cluster identity 4711
[  842.130456][T14162] tipc: Node number set to 4
[  842.516318][ T5089] Bluetooth: hci1: SCO packet for unknown connection handle 0
[  842.521558][ T5089] Bluetooth: hci2: command 0x0406 tx timeout
[  843.894007][ T4476] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  844.492731][ T7692] tipc: Left network mode
[  845.139092][T14212] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  849.522402][   T29] audit: type=1400 audit(1721026838.010:1055): avc:  denied  { setattr } for  pid=14249 comm="syz.1.2814" name="NETLINK" dev="sockfs" ino=58422 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  850.963118][ T5082] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  851.183749][ T5082] usb 3-1: Using ep0 maxpacket: 16
[  851.206638][ T5082] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  851.255577][ T5082] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  851.283700][ T5082] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  851.301853][ T5082] usb 3-1: config 0 descriptor??
[  851.367398][T14287] 9pnet: p9_errstr2errno: server reported unknown error �@�΂�(����QhQI���9��E�>w��
[  851.367398][T14287] �D���e	!���6�~���D��69��PYb����|��
[  851.647141][T14263] overlayfs: conflicting lowerdir path
[  851.773663][ T4476] Bluetooth: hci2: Malformed LE Event: 0x0d
[  852.414092][T14263] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  852.433851][T14263] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  852.604512][ T5082] hid-generic 0003:0158:0100.0013: unknown main item tag 0x1
[  852.627059][  T930] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  852.652276][ T5082] hid-generic 0003:0158:0100.0013: unexpected long global item
[  852.706574][ T5082] hid-generic 0003:0158:0100.0013: probe with driver hid-generic failed with error -22
[  852.848313][ T5082] usb 3-1: USB disconnect, device number 17
[  852.860992][  T930] usb 1-1: config 0 has no interfaces?
[  852.887685][  T930] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  852.913173][  T930] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  852.939810][  T930] usb 1-1: Manufacturer: syz
[  852.991963][  T930] usb 1-1: config 0 descriptor??
[  853.445098][T14330] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2844'.
[  854.627219][T14355] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  855.140874][  T930] usb 1-1: USB disconnect, device number 16
[  856.479929][T14374] syz.3.2859[14374] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  856.480115][T14374] syz.3.2859[14374] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  856.706854][T12747] syz_tun (unregistering): left promiscuous mode
[  857.060793][ T1109] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  857.232395][ T1109] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  857.257553][  T930] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  857.382884][ T1109] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  857.552332][ T1109] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  857.598503][  T930] usb 3-1: Using ep0 maxpacket: 16
[  857.655824][  T930] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  857.691663][  T930] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  857.701028][  T930] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  857.721305][  T930] usb 3-1: config 0 descriptor??
[  857.783223][ T5089] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  857.800420][ T5089] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  857.812666][ T5089] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  857.837786][ T5089] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  857.954825][ T5089] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  857.964713][ T5089] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  857.983996][ T1109] bridge_slave_1: left allmulticast mode
[  858.004902][ T1109] bridge_slave_1: left promiscuous mode
[  858.019743][ T1109] bridge0: port 2(bridge_slave_1) entered disabled state
[  858.118331][T14380] overlayfs: conflicting lowerdir path
[  858.119935][ T1109] bridge_slave_0: left allmulticast mode
[  858.139397][ T1109] bridge_slave_0: left promiscuous mode
[  858.145393][ T1109] bridge0: port 1(bridge_slave_0) entered disabled state
[  859.168245][T14380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  859.182200][T14380] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  859.212560][  T930] hid-generic 0003:0158:0100.0014: unknown main item tag 0x1
[  859.220144][  T930] hid-generic 0003:0158:0100.0014: unexpected long global item
[  859.232329][  T930] hid-generic 0003:0158:0100.0014: probe with driver hid-generic failed with error -22
[  859.491100][ T1109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  859.507845][ T1109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  859.519601][ T1109] bond0 (unregistering): Released all slaves
[  859.560906][ T5134] usb 3-1: USB disconnect, device number 18
[  859.609608][T14387] lo speed is unknown, defaulting to 1000
[  859.965422][   T29] audit: type=1400 audit(1721026848.446:1056): avc:  denied  { read } for  pid=14404 comm="syz.4.2872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  860.086235][ T4476] Bluetooth: hci4: command tx timeout
[  860.162094][ T1109] batadv_slave_1: left promiscuous mode
[  860.206300][ T1109] hsr_slave_0: left promiscuous mode
[  860.216204][   T29] audit: type=1400 audit(1721026848.696:1057): avc:  denied  { getopt } for  pid=14415 comm="syz.0.2874" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  860.251639][ T1109] hsr_slave_1: left promiscuous mode
[  860.274479][ T1109] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  860.286063][ T1109] batman_adv: batadv0: Removing interface: batadv_slave_0
[  860.408364][ T1109] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  860.435679][ T1109] batman_adv: batadv0: Removing interface: batadv_slave_1
[  860.578044][ T1109] veth1_macvtap: left promiscuous mode
[  860.583670][ T1109] veth0_macvtap: left promiscuous mode
[  860.604905][ T1109] veth1_vlan: left promiscuous mode
[  860.610350][ T1109] veth0_vlan: left promiscuous mode
[  861.704962][   T29] audit: type=1400 audit(1721026850.173:1058): avc:  denied  { getopt } for  pid=14431 comm="syz.2.2880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  861.750199][T14438] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2880'.
[  861.766933][   T29] audit: type=1400 audit(1721026850.173:1059): avc:  denied  { write } for  pid=14431 comm="syz.2.2880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  861.866405][   T29] audit: type=1400 audit(1721026850.322:1060): avc:  denied  { listen } for  pid=14437 comm="syz.4.2883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  861.937568][   T29] audit: type=1400 audit(1721026850.332:1061): avc:  denied  { connect } for  pid=14437 comm="syz.4.2883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  862.176393][T14444] binder: 14435:14444 ioctl 4018620d 0 returned -22
[  862.268410][ T4476] Bluetooth: hci4: command tx timeout
[  863.166961][ T1109] team0 (unregistering): Port device team_slave_1 removed
[  863.239720][ T1109] team0 (unregistering): Port device team_slave_0 removed
[  863.391666][T12229] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  863.601048][T12229] usb 1-1: Using ep0 maxpacket: 16
[  863.613981][T12229] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  863.628215][T12229] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  863.638429][T12229] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  863.651381][T12229] usb 1-1: config 0 descriptor??
[  864.056525][T14432] IPv6: Can't replace route, no match found
[  864.084086][T14387] chnl_net:caif_netlink_parms(): no params data found
[  864.087969][T14449] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  864.100079][T14449] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  864.144144][T12229] hid-generic 0003:0158:0100.0015: unknown main item tag 0x1
[  864.151681][T12229] hid-generic 0003:0158:0100.0015: unexpected long global item
[  864.162954][T12229] hid-generic 0003:0158:0100.0015: probe with driver hid-generic failed with error -22
[  864.340321][ T4476] Bluetooth: hci4: command tx timeout
[  864.889280][ T5134] usb 1-1: USB disconnect, device number 17
[  866.291595][T14387] bridge0: port 1(bridge_slave_0) entered blocking state
[  866.357074][T14387] bridge0: port 1(bridge_slave_0) entered disabled state
[  866.364358][T14387] bridge_slave_0: entered allmulticast mode
[  866.426786][ T4476] Bluetooth: hci4: command tx timeout
[  866.435103][T14387] bridge_slave_0: entered promiscuous mode
[  866.526709][T14387] bridge0: port 2(bridge_slave_1) entered blocking state
[  866.559135][T14387] bridge0: port 2(bridge_slave_1) entered disabled state
[  866.608129][T14387] bridge_slave_1: entered allmulticast mode
[  866.651137][T14387] bridge_slave_1: entered promiscuous mode
[  866.802280][T14387] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  866.832462][T14387] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  866.948465][T14387] team0: Port device team_slave_0 added
[  866.970138][T14387] team0: Port device team_slave_1 added
[  867.065942][T14387] batman_adv: batadv0: Adding interface: batadv_slave_0
[  867.073976][T14387] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  867.077605][ T5134] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  867.118128][T14387] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  867.189723][T14387] batman_adv: batadv0: Adding interface: batadv_slave_1
[  867.223812][T14387] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  867.321821][ T5134] usb 5-1: config 0 has no interfaces?
[  867.331954][ T5134] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  867.348221][ T5134] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  867.373240][ T5134] usb 5-1: Manufacturer: syz
[  867.395577][T14387] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  867.419147][ T5134] usb 5-1: config 0 descriptor??
[  867.770836][T14387] hsr_slave_0: entered promiscuous mode
[  867.795422][T14387] hsr_slave_1: entered promiscuous mode
[  867.807143][T14387] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  867.817240][T14387] Cannot create hsr debugfs directory
[  868.110170][ T5089] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  868.126187][ T5089] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  868.139273][ T5089] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  868.169910][ T5089] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  868.181286][ T5089] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  868.188670][ T5089] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  868.466939][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  868.654752][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  868.746033][T14491] lo speed is unknown, defaulting to 1000
[  868.796318][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  868.934722][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  869.492615][   T35] bridge_slave_1: left allmulticast mode
[  869.507813][   T35] bridge_slave_1: left promiscuous mode
[  869.550885][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  869.568763][   T35] bridge_slave_0: left allmulticast mode
[  869.580937][   T35] bridge_slave_0: left promiscuous mode
[  869.589092][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  869.590761][ T5136] usb 5-1: USB disconnect, device number 6
[  870.474114][ T4476] Bluetooth: hci1: command tx timeout
[  870.729599][ T5089] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  870.743109][ T5089] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  870.755437][ T5089] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  870.766308][ T5089] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  870.807550][ T5089] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  870.815343][ T5089] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  871.238777][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  871.245321][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  871.369485][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  871.382915][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  871.394386][   T35] bond0 (unregistering): Released all slaves
[  871.442601][T14511] lo speed is unknown, defaulting to 1000
[  871.893103][T14515] lo speed is unknown, defaulting to 1000
[  872.093631][T14387] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  872.135350][T14387] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  872.154649][T14491] chnl_net:caif_netlink_parms(): no params data found
[  872.186526][T14387] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  872.199383][T14387] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  872.225221][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  872.234554][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  872.243704][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  872.251291][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  872.277302][   T35] veth1_macvtap: left promiscuous mode
[  872.282891][   T35] veth0_macvtap: left promiscuous mode
[  872.291131][   T35] veth1_vlan: left promiscuous mode
[  872.507592][ T5089] Bluetooth: hci1: command tx timeout
[  872.920918][ T5089] Bluetooth: hci5: command tx timeout
[  873.081809][T14532] 9pnet_virtio: no channels available for device ./file0
[  873.857606][   T35] team0 (unregistering): Port device team_slave_1 removed
[  873.929627][   T35] team0 (unregistering): Port device team_slave_0 removed
[  874.591493][ T5089] Bluetooth: hci1: command tx timeout
[  874.997452][ T5089] Bluetooth: hci5: command tx timeout
[  875.085388][   T29] audit: type=1400 audit(1721026863.538:1062): avc:  denied  { execstack } for  pid=14542 comm="syz.2.2908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  875.157518][T14491] bridge0: port 1(bridge_slave_0) entered blocking state
[  875.179636][T14491] bridge0: port 1(bridge_slave_0) entered disabled state
[  875.188043][T14491] bridge_slave_0: entered allmulticast mode
[  875.198310][T14491] bridge_slave_0: entered promiscuous mode
[  875.224142][T14491] bridge0: port 2(bridge_slave_1) entered blocking state
[  875.231327][T14491] bridge0: port 2(bridge_slave_1) entered disabled state
[  875.239580][T14491] bridge_slave_1: entered allmulticast mode
[  875.250517][T14491] bridge_slave_1: entered promiscuous mode
[  875.522361][T14515] chnl_net:caif_netlink_parms(): no params data found
[  875.630128][T14548] bio_check_eod: 2 callbacks suppressed
[  875.630174][T14548] syz.2.2909: attempt to access beyond end of device
[  875.630174][T14548] nbd2: rw=0, sector=6, nr_sectors = 2 limit=0
[  875.649453][T14548] ADFS-fs (nbd2): error: unable to read block 3, try 0
[  876.389750][T14491] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  876.437501][T14491] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  876.601979][T14491] team0: Port device team_slave_0 added
[  876.644048][T14491] team0: Port device team_slave_1 added
[  876.684798][ T5089] Bluetooth: hci1: command tx timeout
[  876.776703][T14491] batman_adv: batadv0: Adding interface: batadv_slave_0
[  876.794028][T14491] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  876.827567][T14491] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  876.845609][   T29] audit: type=1400 audit(1721026865.285:1063): avc:  denied  { getopt } for  pid=14556 comm="syz.2.2912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  876.846674][T14557] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2912'.
[  876.875546][T14557] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2912'.
[  876.885523][T14557] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2912'.
[  876.907268][T14491] batman_adv: batadv0: Adding interface: batadv_slave_1
[  876.916839][T14491] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  876.948700][T14491] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  877.038187][T14515] bridge0: port 1(bridge_slave_0) entered blocking state
[  877.048198][T14515] bridge0: port 1(bridge_slave_0) entered disabled state
[  877.058434][T14515] bridge_slave_0: entered allmulticast mode
[  877.068580][T14515] bridge_slave_0: entered promiscuous mode
[  877.075225][ T5089] Bluetooth: hci5: command tx timeout
[  877.089661][T14515] bridge0: port 2(bridge_slave_1) entered blocking state
[  877.100308][T14515] bridge0: port 2(bridge_slave_1) entered disabled state
[  877.116385][T14515] bridge_slave_1: entered allmulticast mode
[  877.126450][T14515] bridge_slave_1: entered promiscuous mode
[  877.253414][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.371466][T14491] hsr_slave_0: entered promiscuous mode
[  877.390194][T14491] hsr_slave_1: entered promiscuous mode
[  877.420676][T14491] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  877.428808][T14491] Cannot create hsr debugfs directory
[  877.484783][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.546000][T14515] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  877.622978][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.663850][T14515] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  877.782427][T14515] team0: Port device team_slave_0 added
[  877.841554][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  877.864732][T14564] SELinux:  Context � is not valid (left unmapped).
[  877.890768][T14515] team0: Port device team_slave_1 added
[  877.901569][   T29] audit: type=1400 audit(1721026866.343:1064): avc:  denied  { create } for  pid=14563 comm="syz.0.2914" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=DC
[  877.926185][T14564] SELinux: security_context_str_to_sid () failed with errno=-22
[  877.942650][T14387] 8021q: adding VLAN 0 to HW filter on device bond0
[  877.954388][   T29] audit: type=1400 audit(1721026866.363:1065): avc:  denied  { associate } for  pid=14563 comm="syz.0.2914" name="file0" scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon=DC
[  878.016345][   T29] audit: type=1400 audit(1721026866.363:1066): avc:  denied  { mounton } for  pid=14563 comm="syz.0.2914" path="/447/file0" dev="tmpfs" ino=2384 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=DC
[  878.022035][T14566] netlink: 'syz.0.2915': attribute type 1 has an invalid length.
[  878.056121][T14566] netlink: 9344 bytes leftover after parsing attributes in process `syz.0.2915'.
[  878.070168][T14566] netlink: 43 bytes leftover after parsing attributes in process `syz.0.2915'.
[  878.087412][T14515] batman_adv: batadv0: Adding interface: batadv_slave_0
[  878.094378][T14515] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  878.135706][   T29] audit: type=1400 audit(1721026866.433:1067): avc:  denied  { rmdir } for  pid=8768 comm="syz-executor" name="file0" dev="tmpfs" ino=2384 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon=DC
[  878.155267][T14515] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  878.242276][T14515] batman_adv: batadv0: Adding interface: batadv_slave_1
[  878.256809][T14515] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  878.312164][T14515] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  878.598510][T14387] 8021q: adding VLAN 0 to HW filter on device team0
[  878.695371][T14577] syz.2.2918: attempt to access beyond end of device
[  878.695371][T14577] nbd2: rw=0, sector=6, nr_sectors = 2 limit=0
[  878.708315][T14577] ADFS-fs (nbd2): error: unable to read block 3, try 0
[  879.160257][ T5089] Bluetooth: hci5: command tx timeout
[  879.502552][ T5082] bridge0: port 1(bridge_slave_0) entered blocking state
[  879.509830][ T5082] bridge0: port 1(bridge_slave_0) entered forwarding state
[  879.574007][   T35] bridge_slave_1: left allmulticast mode
[  879.580255][   T35] bridge_slave_1: left promiscuous mode
[  879.590631][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  879.627079][   T35] bridge_slave_0: left allmulticast mode
[  879.650551][   T35] bridge_slave_0: left promiscuous mode
[  879.669634][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  879.931386][T14594] netlink: 'syz.2.2925': attribute type 1 has an invalid length.
[  879.939448][T14594] netlink: 9344 bytes leftover after parsing attributes in process `syz.2.2925'.
[  879.949347][T14594] netlink: 43 bytes leftover after parsing attributes in process `syz.2.2925'.
[  880.335011][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  880.346427][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  880.357642][   T35] bond0 (unregistering): Released all slaves
[  880.393018][T14515] hsr_slave_0: entered promiscuous mode
[  880.399724][T14515] hsr_slave_1: entered promiscuous mode
[  880.409020][T14515] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  880.417720][T14515] Cannot create hsr debugfs directory
[  880.733869][ T5136] bridge0: port 2(bridge_slave_1) entered blocking state
[  880.741127][ T5136] bridge0: port 2(bridge_slave_1) entered forwarding state
[  880.807472][  T785] IPVS: starting estimator thread 0...
[  880.892860][T14602] IPVS: using max 21 ests per chain, 50400 per kthread
[  881.586045][   T35] hsr_slave_0: left promiscuous mode
[  881.665542][   T35] hsr_slave_1: left promiscuous mode
[  881.717550][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  881.750760][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  881.789468][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  881.819494][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  881.916989][   T35] veth1_macvtap: left promiscuous mode
[  881.942704][   T35] veth0_macvtap: left promiscuous mode
[  881.948461][   T35] veth1_vlan: left promiscuous mode
[  881.972864][   T35] veth0_vlan: left promiscuous mode
[  883.147664][   T29] audit: type=1400 audit(1721026871.585:1068): avc:  denied  { watch } for  pid=14620 comm="syz.0.2931" path="/455" dev="tmpfs" ino=2421 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  883.204539][   T29] audit: type=1400 audit(1721026871.585:1069): avc:  denied  { watch_sb } for  pid=14620 comm="syz.0.2931" path="/455" dev="tmpfs" ino=2421 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  883.226803][    C0] vkms_vblank_simulate: vblank timer overrun
[  883.617858][T14623] netlink: 256 bytes leftover after parsing attributes in process `syz.0.2931'.
[  883.627993][T14623] unsupported nlmsg_type 40
[  884.785691][   T35] team0 (unregistering): Port device team_slave_1 removed
[  884.868543][   T35] team0 (unregistering): Port device team_slave_0 removed
[  886.140559][T14644] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2938'.
[  886.169950][T14644] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2938'.
[  886.204084][T14644] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2938'.
[  886.218458][T14491] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  886.246812][T14491] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  886.274357][T14387] 8021q: adding VLAN 0 to HW filter on device batadv0
[  886.346703][T14491] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  886.364218][T14650] sctp: [Deprecated]: syz.0.2939 (pid 14650) Use of struct sctp_assoc_value in delayed_ack socket option.
[  886.364218][T14650] Use struct sctp_sack_info instead
[  886.409619][T14491] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  886.435021][T14652] loop0: detected capacity change from 0 to 7
[  886.451551][T14652] Dev loop0: unable to read RDB block 7
[  886.457246][T14652]  loop0: AHDI p1
[  886.461096][T14652] loop0: partition table partially beyond EOD, truncated
[  886.478923][   T35] IPVS: stop unused estimator thread 0...
[  886.622514][T14387] veth0_vlan: entered promiscuous mode
[  886.703854][T14387] veth1_vlan: entered promiscuous mode
[  886.776703][T14387] veth0_macvtap: entered promiscuous mode
[  886.823533][T14387] veth1_macvtap: entered promiscuous mode
[  886.916792][T14491] 8021q: adding VLAN 0 to HW filter on device bond0
[  886.981927][T14387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  886.993320][T14387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  887.005351][T14387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  887.019493][T14387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  887.052212][T14387] batman_adv: batadv0: Interface activated: batadv_slave_0
[  887.146260][T14387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  887.165386][T14387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  887.184261][T14387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  887.213582][T14387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  887.245412][T14387] batman_adv: batadv0: Interface activated: batadv_slave_1
[  887.315773][T14387] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  887.337264][T14387] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  887.349460][T14387] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  887.358294][T14387] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  887.401779][T14515] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  887.412981][T14515] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  887.451685][T14515] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  887.475476][T14515] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  887.501097][T14491] 8021q: adding VLAN 0 to HW filter on device team0
[  887.603541][ T5137] bridge0: port 1(bridge_slave_0) entered blocking state
[  887.610875][ T5137] bridge0: port 1(bridge_slave_0) entered forwarding state
[  887.659307][ T5139] bridge0: port 2(bridge_slave_1) entered blocking state
[  887.666508][ T5139] bridge0: port 2(bridge_slave_1) entered forwarding state
[  887.719747][ T5390] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  887.747603][ T5390] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  887.809293][ T5390] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  887.819970][ T5390] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  887.914783][  T785] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  887.998431][T14515] 8021q: adding VLAN 0 to HW filter on device bond0
[  888.040041][   T29] audit: type=1326 audit(1721026876.468:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14666 comm="syz.1.2864" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd752775bd9 code=0x0
[  888.073491][T14515] 8021q: adding VLAN 0 to HW filter on device team0
[  888.129900][ T5139] bridge0: port 1(bridge_slave_0) entered blocking state
[  888.137107][ T5139] bridge0: port 1(bridge_slave_0) entered forwarding state
[  888.184564][  T785] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  888.205538][ T5082] bridge0: port 2(bridge_slave_1) entered blocking state
[  888.212774][ T5082] bridge0: port 2(bridge_slave_1) entered forwarding state
[  888.220627][  T785] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  888.234618][  T785] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  888.248389][  T785] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  888.288832][  T785] usb 3-1: config 0 descriptor??
[  888.361265][T14491] 8021q: adding VLAN 0 to HW filter on device batadv0
[  888.415330][T14515] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  888.589690][T14491] veth0_vlan: entered promiscuous mode
[  888.642965][  T785] usb 3-1: string descriptor 0 read error: -71
[  888.658037][T14491] veth1_vlan: entered promiscuous mode
[  888.669437][  T785] usb 3-1: USB disconnect, device number 19
[  888.770594][T14491] veth0_macvtap: entered promiscuous mode
[  888.826408][T14491] veth1_macvtap: entered promiscuous mode
[  888.888104][T14491] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  888.902434][T14491] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  888.918035][T14491] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  888.935466][T14491] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  888.948481][T14491] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  888.962045][T14491] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  888.975897][T14491] batman_adv: batadv0: Interface activated: batadv_slave_0
[  889.013443][T14491] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  889.029109][T14491] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  889.032050][T14681] sock: sock_timestamping_bind_phc: sock not bind to device
[  889.039904][T14491] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  889.082835][T14491] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  889.102209][T14491] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  889.120254][T14491] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  889.142560][T14491] batman_adv: batadv0: Interface activated: batadv_slave_1
[  889.223921][T14491] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  889.232680][T14491] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  889.260796][T14491] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  889.277241][T14491] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  889.296774][T14686] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2950'.
[  889.404262][T14515] 8021q: adding VLAN 0 to HW filter on device batadv0
[  890.144024][  T785] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  890.424196][ T1109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  890.461992][ T1109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  890.469432][  T785] usb 1-1: Using ep0 maxpacket: 8
[  890.483210][  T785] usb 1-1: config 0 has an invalid interface number: 193 but max is 0
[  890.502014][  T785] usb 1-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[  890.519861][  T785] usb 1-1: config 0 has an invalid descriptor of length 231, skipping remainder of the config
[  890.540707][  T785] usb 1-1: config 0 has no interface number 0
[  890.564763][  T785] usb 1-1: config 0 interface 193 altsetting 0 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  890.603485][  T785] usb 1-1: config 0 interface 193 altsetting 0 endpoint 0x5 has invalid maxpacket 1032, setting to 64
[  890.620421][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  890.620966][  T785] usb 1-1: config 0 interface 193 altsetting 0 has a duplicate endpoint with address 0x4, skipping
[  890.643750][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  890.675861][  T785] usb 1-1: config 0 interface 193 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 13
[  890.697166][  T785] usb 1-1: New USB device found, idVendor=03eb, idProduct=2002, bcdDevice= 1.00
[  890.706672][  T785] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  890.720952][  T785] usb 1-1: config 0 descriptor??
[  890.748530][  T785] usb-storage 1-1:0.193: USB Mass Storage device detected
[  890.780561][  T785] usb-storage 1-1:0.193: Quirks match for vid 03eb pid 2002: 20
[  890.921988][T14721] netlink: 'syz.2.2957': attribute type 9 has an invalid length.
[  890.935764][T14721] netlink: 61951 bytes leftover after parsing attributes in process `syz.2.2957'.
[  891.062865][T14723] UBIFS error (pid: 14723): cannot open "ub	", error -22
[  891.625120][T14515] veth0_vlan: entered promiscuous mode
[  891.650117][T14515] veth1_vlan: entered promiscuous mode
[  891.756061][T14515] veth0_macvtap: entered promiscuous mode
[  891.794006][T14515] veth1_macvtap: entered promiscuous mode
[  891.830454][T14734] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2961'.
[  891.901787][T14515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  891.936575][ T5082] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  891.952500][T14515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  891.969066][T14515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  892.003492][T14515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  892.024393][T14515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  892.044618][T14515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  892.055747][T14515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  892.066790][T14515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  892.111985][T14515] batman_adv: batadv0: Interface activated: batadv_slave_0
[  892.169130][ T5082] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  892.245566][T14515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  892.257651][ T5082] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  892.305250][ T5082] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  892.314477][T14515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  892.332675][ T5082] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  892.344159][T14515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  892.447626][ T5082] usb 4-1: config 0 descriptor??
[  892.463762][T14515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  892.489332][T14515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  892.500736][T14515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  892.512047][T14515] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  892.523719][T14515] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  892.542657][T14515] batman_adv: batadv0: Interface activated: batadv_slave_1
[  892.576200][T14515] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  892.596431][T14515] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  892.611617][T14515] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  892.635334][T14515] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  892.714016][   T25] usb 1-1: USB disconnect, device number 18
[  892.840547][T14751] netlink: 'syz.1.2967': attribute type 9 has an invalid length.
[  892.877847][T14751] netlink: 61951 bytes leftover after parsing attributes in process `syz.1.2967'.
[  893.067170][ T7692] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  893.118096][ T7692] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  893.131809][ T5082] usb 4-1: string descriptor 0 read error: -71
[  893.189312][ T5082] usb 4-1: USB disconnect, device number 12
[  893.229768][ T5390] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  893.237636][ T5390] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  893.396346][T14766] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2972'.
[  894.121045][T14774] netlink: 9 bytes leftover after parsing attributes in process `syz.1.2975'.
[  896.134507][T14805] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=83 sclass=netlink_route_socket pid=14805 comm=syz.1.2985
[  896.941973][T14808] SELinux: security_context_str_to_sid () failed with errno=-22
[  896.964313][T14807] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2986'.
[  899.263035][T14847] IPv4: Oversized IP packet from 172.20.20.24
[  899.278248][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  899.287019][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  902.518143][T14891] lo speed is unknown, defaulting to 1000
[  902.795334][T14891] tipc: Started in network mode
[  902.800422][T14891] tipc: Node identity 4, cluster identity 4711
[  902.806694][T14891] tipc: Node number set to 4
[  903.367600][T12020] tipc: Left network mode
[  903.747843][T14918] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3025'.
[  904.240134][T14938] netlink: 'syz.0.3032': attribute type 2 has an invalid length.
[  904.278463][   T29] audit: type=1400 audit(1721026892.689:1071): avc:  denied  { ioctl } for  pid=14937 comm="syz.0.3032" path="ipc:[4026532913]" dev="nsfs" ino=4026532913 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  904.338158][   T29] audit: type=1326 audit(1721026892.749:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14937 comm="syz.0.3032" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd0b7f75bd9 code=0x0
[  904.461195][   T29] audit: type=1400 audit(1721026892.868:1073): avc:  denied  { read } for  pid=14944 comm="syz.3.3034" name="nvram" dev="devtmpfs" ino=625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  904.519938][   T29] audit: type=1400 audit(1721026892.868:1074): avc:  denied  { open } for  pid=14944 comm="syz.3.3034" path="/dev/nvram" dev="devtmpfs" ino=625 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  904.566896][   T29] audit: type=1400 audit(1721026892.908:1075): avc:  denied  { ioctl } for  pid=14944 comm="syz.3.3034" path="/dev/nvram" dev="devtmpfs" ino=625 ioctlcmd=0x7041 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  904.629453][T14953] SELinux: security_context_str_to_sid () failed with errno=-22
[  904.747072][   T29] audit: type=1400 audit(1721026893.158:1076): avc:  denied  { name_bind } for  pid=14957 comm="syz.3.3040" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  904.769326][   T29] audit: type=1400 audit(1721026893.158:1077): avc:  denied  { name_connect } for  pid=14959 comm="syz.2.3041" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  906.583711][T14996] netlink: 'syz.3.3052': attribute type 11 has an invalid length.
[  907.359717][T14999] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3056'.
[  907.374122][   T29] audit: type=1400 audit(1721026895.756:1078): avc:  denied  { map } for  pid=14998 comm="syz.3.3056" path="socket:[62973]" dev="sockfs" ino=62973 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  908.349871][T14999] team0: Device macvlan1 is up. Set it down before adding it as a team port
[  908.395504][T14999] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3056'.
[  908.696835][T15012] netlink: 9 bytes leftover after parsing attributes in process `syz.4.3060'.
[  909.142651][T15020] lo speed is unknown, defaulting to 1000
[  911.073290][   T29] audit: type=1400 audit(1721026899.482:1079): avc:  denied  { write } for  pid=15034 comm="syz.4.3067" lport=50982 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  911.183452][   T29] audit: type=1400 audit(1721026899.482:1080): avc:  denied  { setopt } for  pid=15034 comm="syz.4.3067" lport=50982 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  911.337798][T15047] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  911.382467][T15047] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  911.498170][    T8] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  911.705267][   T29] audit: type=1400 audit(1721026900.101:1081): avc:  denied  { watch watch_reads } for  pid=15062 comm="syz.0.3078" path="/syzcgroup/unified/syz0" dev="cgroup2" ino=68 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  911.730739][    T8] usb 3-1: Using ep0 maxpacket: 8
[  911.741256][    T8] usb 3-1: config 0 has an invalid interface number: 193 but max is 0
[  911.749625][    T8] usb 3-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[  911.761594][    T8] usb 3-1: config 0 has an invalid descriptor of length 231, skipping remainder of the config
[  911.772097][    T8] usb 3-1: config 0 has no interface number 0
[  911.782055][    T8] usb 3-1: config 0 interface 193 altsetting 0 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  911.796823][    T8] usb 3-1: config 0 interface 193 altsetting 0 endpoint 0x5 has invalid maxpacket 1032, setting to 64
[  911.808379][    T8] usb 3-1: config 0 interface 193 altsetting 0 has a duplicate endpoint with address 0x4, skipping
[  911.819519][    T8] usb 3-1: config 0 interface 193 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 13
[  911.833591][    T8] usb 3-1: New USB device found, idVendor=03eb, idProduct=2002, bcdDevice= 1.00
[  911.843946][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  911.889316][    T8] usb 3-1: config 0 descriptor??
[  911.910981][    T8] usb-storage 3-1:0.193: USB Mass Storage device detected
[  911.934836][    T8] usb-storage 3-1:0.193: Quirks match for vid 03eb pid 2002: 20
[  912.357525][   T29] audit: type=1400 audit(1721026900.761:1082): avc:  denied  { ioctl } for  pid=15075 comm="syz.1.3082" path="socket:[62135]" dev="sockfs" ino=62135 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  912.393160][ T5089] Bluetooth: hci5: Received unexpected HCI Event 0x00
[  912.585289][T15085] syz.4.3083 (15085): attempted to duplicate a private mapping with mremap.  This is not supported.
[  914.216654][T14700] usb 3-1: USB disconnect, device number 20
[  914.746264][   T29] audit: type=1400 audit(1721026903.149:1083): avc:  denied  { write } for  pid=15114 comm="syz.3.3094" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  916.541654][T15124] DRBG: could not allocate digest TFM handle: hmac(sha512)
[  916.551662][   T29] audit: type=1400 audit(1721026904.927:1084): avc:  denied  { setattr } for  pid=15138 comm="syz.0.3100" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  916.802354][T15150] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3102'.
[  916.816468][T15147] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3101'.
[  916.837905][T15147] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3101'.
[  916.855025][   T29] audit: type=1400 audit(1721026905.247:1085): avc:  denied  { mount } for  pid=15148 comm="syz.4.3103" name="/" dev="selinuxfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[  917.038908][   T29] audit: type=1400 audit(1721026905.437:1086): avc:  denied  { unmount } for  pid=14515 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=filesystem permissive=1
[  917.048583][T15154] netlink: 'syz.1.3105': attribute type 10 has an invalid length.
[  917.574838][T14700] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  917.787505][T14700] usb 2-1: Using ep0 maxpacket: 8
[  917.849792][T14700] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  917.877484][T14700] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  917.954702][T14700] usb 2-1: config 0 descriptor??
[  918.444626][T14700] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  918.484744][T14700] asix 2-1:0.0: probe with driver asix failed with error -71
[  918.574240][T14700] usb 2-1: USB disconnect, device number 15
[  918.824708][T15184] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3115'.
[  920.105406][   T29] audit: type=1400 audit(1721026907.585:1087): avc:  denied  { ioctl } for  pid=15192 comm="syz.1.3119" path="socket:[63296]" dev="sockfs" ino=63296 ioctlcmd=0x8940 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  920.588217][T15212] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3127'.
[  920.833427][T15226] netlink: 268 bytes leftover after parsing attributes in process `syz.0.3134'.
[  920.881052][T15229] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3136'.
[  921.090557][T15229] team0: Port device bridge1 added
[  921.121484][T15242] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3136'.
[  922.928815][T15269] netlink: 268 bytes leftover after parsing attributes in process `syz.0.3150'.
[  924.059524][T15281] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3154'.
[  924.105880][T15281] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3154'.
[  926.663715][ T4476] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  926.677167][ T4476] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  926.686186][ T4476] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  926.695885][ T4476] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  926.707736][   T29] audit: type=1400 audit(1721026915.079:1088): avc:  denied  { setopt } for  pid=15308 comm="syz.3.3165" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  926.734024][ T4476] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  926.741834][ T4476] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  926.743556][T15313] netlink: 'syz.0.3166': attribute type 7 has an invalid length.
[  926.975326][ T7692] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  927.229742][ T7692] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  927.259859][T15326] netlink: 'syz.0.3171': attribute type 10 has an invalid length.
[  928.117357][ T7692] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  928.162505][T15309] lo speed is unknown, defaulting to 1000
[  928.264365][T14700] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  928.292165][ T7692] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  928.423857][ T5137] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  928.482127][T14700] usb 1-1: Using ep0 maxpacket: 8
[  928.489639][T14700] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  928.499134][T14700] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  928.509910][T14700] usb 1-1: config 0 descriptor??
[  928.654809][ T5137] usb 4-1: Using ep0 maxpacket: 16
[  928.707508][ T5137] usb 4-1: config 0 has no interfaces?
[  928.839128][ T4476] Bluetooth: hci0: command tx timeout
[  928.937879][T15326] Bluetooth: MGMT ver 1.22
[  928.951028][T14700] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  928.962552][T14700] asix 1-1:0.0: probe with driver asix failed with error -71
[  928.963014][ T7692] bridge_slave_1: left allmulticast mode
[  928.985700][T14700] usb 1-1: USB disconnect, device number 19
[  929.025419][ T7692] bridge_slave_1: left promiscuous mode
[  929.041740][ T7692] bridge0: port 2(bridge_slave_1) entered disabled state
[  929.081806][ T5137] usb 4-1: string descriptor 0 read error: -71
[  929.082369][ T7692] bridge_slave_0: left allmulticast mode
[  929.092755][ T5137] usb 4-1: New USB device found, idVendor=f76d, idProduct=c71d, bcdDevice= 0.40
[  929.109700][ T5137] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  929.142127][ T7692] bridge_slave_0: left promiscuous mode
[  929.151655][ T5137] usb 4-1: config 0 descriptor??
[  929.166118][ T5137] usb 4-1: can't set config #0, error -71
[  929.171240][ T7692] bridge0: port 1(bridge_slave_0) entered disabled state
[  929.174407][ T5137] usb 4-1: USB disconnect, device number 13
[  929.627932][T15351] netlink: 'syz.4.3179': attribute type 7 has an invalid length.
[  930.374699][ T7692] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  930.401587][ T7692] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  930.421778][ T7692] bond0 (unregistering): Released all slaves
[  930.461862][T15309] chnl_net:caif_netlink_parms(): no params data found
[  930.660491][T15361] netlink: 664 bytes leftover after parsing attributes in process `syz.4.3183'.
[  930.678826][ T7692] tipc: Left network mode
[  930.903911][ T5089] Bluetooth: hci0: command tx timeout
[  930.974145][ T4476] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  931.052370][T15309] bridge0: port 1(bridge_slave_0) entered blocking state
[  931.064313][T15309] bridge0: port 1(bridge_slave_0) entered disabled state
[  931.078649][T15309] bridge_slave_0: entered allmulticast mode
[  931.087903][T15309] bridge_slave_0: entered promiscuous mode
[  931.099549][T15309] bridge0: port 2(bridge_slave_1) entered blocking state
[  931.113751][T15309] bridge0: port 2(bridge_slave_1) entered disabled state
[  931.128598][T15309] bridge_slave_1: entered allmulticast mode
[  931.151481][T15309] bridge_slave_1: entered promiscuous mode
[  931.425455][T15309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  931.560209][T15309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  931.784204][T15393] netlink: 'syz.3.3191': attribute type 7 has an invalid length.
[  931.892494][T15309] team0: Port device team_slave_0 added
[  931.939843][T15309] team0: Port device team_slave_1 added
[  932.155406][T15395] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3190'.
[  932.184970][T15395] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3190'.
[  932.251244][T15309] batman_adv: batadv0: Adding interface: batadv_slave_0
[  932.266998][T15309] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  932.348555][T15309] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  932.394389][T15309] batman_adv: batadv0: Adding interface: batadv_slave_1
[  932.425098][T15309] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  932.451726][T15309] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  932.788348][ T1249] ieee802154 phy0 wpan0: encryption failed: -22
[  932.798669][ T1249] ieee802154 phy1 wpan1: encryption failed: -22
[  932.975501][ T4476] Bluetooth: hci0: command 0x040f tx timeout
[  933.339963][ T7692] hsr_slave_0: left promiscuous mode
[  933.381637][ T7692] hsr_slave_1: left promiscuous mode
[  933.410826][ T7692] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  933.429903][ T7692] batman_adv: batadv0: Removing interface: batadv_slave_0
[  933.453973][ T7692] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  933.465963][ T7692] batman_adv: batadv0: Removing interface: batadv_slave_1
[  933.563488][ T5390] ------------[ cut here ]------------
[  933.569435][ T5390] WARNING: CPU: 0 PID: 5390 at net/wireless/sme.c:846 __cfg80211_connect_result+0x2967/0x2ac0
[  933.579768][ T5390] Modules linked in:
[  933.583660][ T5390] CPU: 0 PID: 5390 Comm: kworker/u8:11 Not tainted 6.10.0-syzkaller #0
[  933.592208][ T5390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  933.603029][ T5390] Workqueue: cfg80211 cfg80211_event_work
[  933.608871][ T5390] RIP: 0010:__cfg80211_connect_result+0x2967/0x2ac0
[  933.615674][ T5390] Code: ff ff 41 8b 1f 31 ff 4c 89 95 68 ff ff ff 89 de e8 de 0e 4c f7 85 db 4c 8b 95 68 ff ff ff 0f 85 f3 e6 ff ff e8 ca 13 4c f7 90 <0f> 0b 90 4c 89 fe 4c 89 f7 e8 bb 60 ff ff e9 06 d9 ff ff e8 d1 f5
[  933.621151][ T7692] veth1_macvtap: left promiscuous mode
[  933.635938][ T5390] RSP: 0000:ffffc900032b7b20 EFLAGS: 00010293
[  933.647085][ T5390] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8a41d6a2
[  933.655117][ T5390] RDX: ffff8880217bbc00 RSI: ffffffff8a41d6b6 RDI: 0000000000000005
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  933.663450][ T5390] RBP: ffffc900032b7c00 R08: 0000000000000005 R09: 0000000000000000
[  933.672006][ T5390] R10: ffff888064e95486 R11: ffff88802f87a898 R12: 0000000000000000
[  933.680165][ T5390] R13: ffff88802f87a818 R14: ffff888064e95000 R15: ffff88802f87a818
[  933.688272][ T5390] FS:  0000000000000000(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000
[  933.701252][ T5390] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  933.707968][ T5390] CR2: 00007fff3a022628 CR3: 000000007bed0000 CR4: 00000000003506f0
[  933.715968][ T5390] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  933.723942][ T5390] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  933.731957][ T5390] Call Trace:
[  933.735222][ T5390]  <TASK>
[  933.738166][ T5390]  ? show_regs+0x8c/0xa0
[  933.742421][ T5390]  ? __warn+0xe5/0x3c0
[  933.746516][ T5390]  ? __cfg80211_connect_result+0x2967/0x2ac0
[  933.752537][ T5390]  ? report_bug+0x3c0/0x580
[  933.757129][ T5390]  ? handle_bug+0x3d/0x70
[  933.761484][ T5390]  ? exc_invalid_op+0x17/0x50
[  933.766213][ T5390]  ? asm_exc_invalid_op+0x1a/0x20
[  933.771311][ T5390]  ? __cfg80211_connect_result+0x2952/0x2ac0
[  933.777336][ T5390]  ? __cfg80211_connect_result+0x2966/0x2ac0
[  933.783307][ T5390]  ? __cfg80211_connect_result+0x2967/0x2ac0
[  933.789326][ T5390]  ? __pfx___cfg80211_connect_result+0x10/0x10
[  933.795826][ T5390]  ? mark_held_locks+0x9f/0xe0
[  933.800595][ T5390]  ? cfg80211_process_wdev_events+0x391/0x5d0
[  933.806846][ T5390]  cfg80211_process_wdev_events+0x391/0x5d0
[  933.812754][ T5390]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  933.818602][ T5390]  cfg80211_process_rdev_events+0x9f/0x130
[  933.824434][ T5390]  cfg80211_event_work+0x2b/0x40
[  933.829405][ T5390]  process_one_work+0x9c5/0x1b40
[  933.834336][ T5390]  ? __pfx_lock_acquire+0x10/0x10
[  933.839389][ T5390]  ? __pfx_process_one_work+0x10/0x10
[  933.844770][ T5390]  ? assign_work+0x1a0/0x250
[  933.849437][ T5390]  worker_thread+0x6c8/0xf30
[  933.854048][ T5390]  ? __kthread_parkme+0x148/0x220
[  933.859200][ T5390]  ? __pfx_worker_thread+0x10/0x10
[  933.864338][ T5390]  kthread+0x2c1/0x3a0
[  933.868480][ T5390]  ? _raw_spin_unlock_irq+0x23/0x50
[  933.873696][ T5390]  ? __pfx_kthread+0x10/0x10
[  933.878357][ T5390]  ret_from_fork+0x45/0x80
[  933.882780][ T5390]  ? __pfx_kthread+0x10/0x10
[  933.887400][ T5390]  ret_from_fork_asm+0x1a/0x30
[  933.892223][ T5390]  </TASK>
[  933.895483][ T5390] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  933.902854][ T5390] CPU: 0 PID: 5390 Comm: kworker/u8:11 Not tainted 6.10.0-syzkaller #0
[  933.911075][ T5390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  933.921131][ T5390] Workqueue: cfg80211 cfg80211_event_work
[  933.926866][ T5390] Call Trace:
[  933.930129][ T5390]  <TASK>
[  933.933045][ T5390]  dump_stack_lvl+0x3d/0x1f0
[  933.937626][ T5390]  panic+0x6f5/0x7a0
[  933.941513][ T5390]  ? __pfx_panic+0x10/0x10
[  933.945922][ T5390]  ? show_trace_log_lvl+0x363/0x500
[  933.951121][ T5390]  ? check_panic_on_warn+0x1f/0xb0
[  933.956227][ T5390]  ? __cfg80211_connect_result+0x2967/0x2ac0
[  933.962196][ T5390]  check_panic_on_warn+0xab/0xb0
[  933.967141][ T5390]  __warn+0xf1/0x3c0
[  933.971026][ T5390]  ? __cfg80211_connect_result+0x2967/0x2ac0
[  933.977036][ T5390]  report_bug+0x3c0/0x580
[  933.981364][ T5390]  handle_bug+0x3d/0x70
[  933.985509][ T5390]  exc_invalid_op+0x17/0x50
[  933.990004][ T5390]  asm_exc_invalid_op+0x1a/0x20
[  933.994838][ T5390] RIP: 0010:__cfg80211_connect_result+0x2967/0x2ac0
[  934.001430][ T5390] Code: ff ff 41 8b 1f 31 ff 4c 89 95 68 ff ff ff 89 de e8 de 0e 4c f7 85 db 4c 8b 95 68 ff ff ff 0f 85 f3 e6 ff ff e8 ca 13 4c f7 90 <0f> 0b 90 4c 89 fe 4c 89 f7 e8 bb 60 ff ff e9 06 d9 ff ff e8 d1 f5
[  934.021042][ T5390] RSP: 0000:ffffc900032b7b20 EFLAGS: 00010293
[  934.027116][ T5390] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8a41d6a2
[  934.035109][ T5390] RDX: ffff8880217bbc00 RSI: ffffffff8a41d6b6 RDI: 0000000000000005
[  934.043093][ T5390] RBP: ffffc900032b7c00 R08: 0000000000000005 R09: 0000000000000000
[  934.051059][ T5390] R10: ffff888064e95486 R11: ffff88802f87a898 R12: 0000000000000000
[  934.059017][ T5390] R13: ffff88802f87a818 R14: ffff888064e95000 R15: ffff88802f87a818
[  934.066975][ T5390]  ? __cfg80211_connect_result+0x2952/0x2ac0
[  934.072948][ T5390]  ? __cfg80211_connect_result+0x2966/0x2ac0
[  934.079094][ T5390]  ? __pfx___cfg80211_connect_result+0x10/0x10
[  934.085248][ T5390]  ? mark_held_locks+0x9f/0xe0
[  934.090043][ T5390]  ? cfg80211_process_wdev_events+0x391/0x5d0
[  934.096274][ T5390]  cfg80211_process_wdev_events+0x391/0x5d0
[  934.102180][ T5390]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  934.107982][ T5390]  cfg80211_process_rdev_events+0x9f/0x130
[  934.113792][ T5390]  cfg80211_event_work+0x2b/0x40
[  934.118723][ T5390]  process_one_work+0x9c5/0x1b40
[  934.123647][ T5390]  ? __pfx_lock_acquire+0x10/0x10
[  934.128661][ T5390]  ? __pfx_process_one_work+0x10/0x10
[  934.134020][ T5390]  ? assign_work+0x1a0/0x250
[  934.138689][ T5390]  worker_thread+0x6c8/0xf30
[  934.143283][ T5390]  ? __kthread_parkme+0x148/0x220
[  934.148353][ T5390]  ? __pfx_worker_thread+0x10/0x10
[  934.153451][ T5390]  kthread+0x2c1/0x3a0
[  934.157509][ T5390]  ? _raw_spin_unlock_irq+0x23/0x50
[  934.162715][ T5390]  ? __pfx_kthread+0x10/0x10
[  934.167296][ T5390]  ret_from_fork+0x45/0x80
[  934.171703][ T5390]  ? __pfx_kthread+0x10/0x10
[  934.176277][ T5390]  ret_from_fork_asm+0x1a/0x30
[  934.181033][ T5390]  </TASK>
[  934.184362][ T5390] Kernel Offset: disabled
[  934.188832][ T5390] Rebooting in 86400 seconds..