last executing test programs:

10m30.575850958s ago: executing program 3 (id=2892):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000100)=0x8001, 0x4)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0xa, @empty, 0x9}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0xb, @loopback, 0x1}, 0x1c, &(0x7f0000000380)=[{0x0}], 0x1}}], 0x1, 0x8000)

10m30.471349971s ago: executing program 3 (id=2893):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fanotify_init(0x20, 0x40000)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
sendmsg$inet(r4, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0xffff, @multicast1}, 0x10, &(0x7f00000014c0)=[{&(0x7f0000000000)="be", 0x1}, {0x0}], 0x2, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}], 0x20}, 0x0)

10m29.169835784s ago: executing program 3 (id=2897):
r0 = socket$igmp(0x2, 0x3, 0x2)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000080)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c, 0x0}}], 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x44}, 0x8880)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000140)=[{0x6, 0x5, 0x3, 0x7fff0000}]})
bind$inet(r0, 0x0, 0x0)

10m28.095859082s ago: executing program 1 (id=2899):
socket$nl_route(0x10, 0x3, 0x0)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000ffc000/0x1000)=nil)
socket(0xa, 0x3, 0x3a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f00000005c0)='..&-^\x00', &(0x7f0000000640)='/selinux/status\x00', 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r3, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x10, 0x140e, 0x8, 0x70bd25, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x40000}, 0x20008040)
socket(0x1e, 0x805, 0x0)
r4 = socket(0x10, 0x803, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x2000000000000312, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000460000006500000085000000071255ce865c114900000000a293d0b882409f441cfb7dfec1320d71937441560d2123fb9ee7"], &(0x7f0000000340)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x3c}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000125c0)=@newtfilter={0x40, 0x2c, 0xd2b, 0x70bd2b, 0x2ddfdbfb, {0x0, 0x0, 0x0, r6, {0x8}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}]}}]}, 0x40}}, 0x24040084)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r7 = creat(&(0x7f00000000c0)='./file0\x00', 0x2)
r8 = dup2(r7, r7)
ioctl$BLKTRACESETUP(r8, 0xc0481273, &(0x7f0000000000)={'\x00', 0x40, 0xe, 0x1, 0x5, 0x10})
r9 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000009000000050000000000001102000000ffffffff0700000000000008000000000000302e5f613061009c6de67bf1e5a2a87a0fed5b0250c984a8831a2cd0566da2ddf43e7fb417b5cab26c738e6ebdbfca8add5478615ae71c3424bda02bac918d1f4375"], 0x0, 0x3d, 0x0, 0x1}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x100a7c1, '\x00', 0x0, r9, 0x0, 0x1}, 0x50)

10m27.994081904s ago: executing program 4 (id=2900):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
r3 = fsopen(&(0x7f0000000100)='squashfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
getitimer(0x0, &(0x7f0000000800))

10m25.937445481s ago: executing program 4 (id=2902):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f00000000c0)=0x3)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000000))
read$dsp(r3, &(0x7f0000000280)=""/85, 0x55)

10m25.520189623s ago: executing program 1 (id=2903):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='8\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000d3b244cd94c8cd220800", @ANYRES32=r1], 0x38}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)

10m25.304159515s ago: executing program 1 (id=2905):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
bind$alg(0xffffffffffffffff, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9, 0x0, 0x0, 0x4000000}, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r0 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendmsg$NL80211_CMD_VENDOR(r0, &(0x7f0000000240)={0x0, 0x50000, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x10)

10m25.170691783s ago: executing program 1 (id=2906):
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
syz_usb_connect$cdc_ecm(0x5, 0x4d, &(0x7f00000011c0)=ANY=[@ANYBLOB="12010000020000402505"], 0x0)
r1 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
ioctl$HIDIOCSFEATURE(r1, 0xc0404806, &(0x7f0000000040))
write$UHID_SET_REPORT_REPLY(r0, &(0x7f0000000600)={0xe, {0x1, 0x6, 0x4f}}, 0xc)

10m24.806702662s ago: executing program 4 (id=2908):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000005c0), 0x0)

10m23.622499728s ago: executing program 3 (id=2912):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
r3 = fsopen(&(0x7f0000000100)='squashfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
getitimer(0x0, &(0x7f0000000800))

10m23.614103093s ago: executing program 4 (id=2913):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
r3 = fsopen(&(0x7f0000000100)='squashfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
getitimer(0x0, &(0x7f0000000800))

10m17.4509055s ago: executing program 4 (id=2917):
r0 = getpgrp(0x0)
r1 = syz_pidfd_open(r0, 0x0)
fsetxattr$trusted_overlay_nlink(r1, &(0x7f00000018c0), 0x0, 0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = add_key(0x0, &(0x7f0000001380)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0)
r6 = gettid()
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000000)={0x0, 0x0, 0x80000000, 0x1, r6})
fsetxattr$trusted_overlay_nlink(r1, &(0x7f0000000080), &(0x7f0000000140)={'L-'}, 0x16, 0x1)

10m16.077362301s ago: executing program 3 (id=2918):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000012c0)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e24}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x3)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x14}}, 0x0)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x304}, "b337d9cc2c86df42", "7d05dacec51d55ff3c13567ddffb04317d0256f6506fca0a5f49cc3c88081372", "de2925ea", "0c2ae32fb6d80f6a"}, 0x38)

10m16.043456379s ago: executing program 4 (id=2919):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480), 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000bd02c440560831ac1e93010203010902120081000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000240)={0x0, 0x10, 0x7a, "d9fbbec3302f5e647df84b371aaa736bb24cbd1d07cf7f8a5e97910c650ae550964d513d58bd37acca569621b3f61e7f09fb2ca79e98592d63890fc95ac4ecfe8a9b3f928919c7906864c7b5852fc7f2fb74205e0acbbc94ca82f7942d7c95c701a2a5d0c91b456984a9a620d5a5a9e26db95c19c4f97f52a6fe"}, 0x0, &(0x7f0000000180)={0x0, 0x8, 0x1, 0xff}, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000b40)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @dstopts_2292={{0x90, 0x29, 0x4, {0x4, 0xe, '\x00', [@calipso={0x7, 0x8, {0x1, 0x0, 0x9, 0x9f}}, @generic={0x80, 0xb, "09e12e5f0b6bdcf72f2ec7"}, @calipso={0x7, 0x40, {0x1, 0xe, 0x7a, 0x8001, [0x5, 0x9, 0x4, 0x6, 0x4, 0x400, 0xb]}}, @ra={0x5, 0x2, 0xa7e}, @pad1, @ra={0x5, 0x2, 0xbf4}, @hao={0xc9, 0x10, @private2}]}}}, @hopopts={{0x108, 0x29, 0x36, {0x5e, 0x1d, '\x00', [@generic={0xff, 0xe, "50d650847249ad288702ebd0d654"}, @pad1, @pad1, @calipso={0x7, 0x38, {0x3, 0xc, 0x0, 0xfff, [0x4, 0x966, 0x7, 0xfffffffffffffff7, 0x1, 0x1]}}, @generic={0x8, 0x81, "c8a110995d439fbfac9716a99c357bcb2d59a850490739734f6b321d19b3754df39cc2dc26cf263cbebbddb9a7f17b6771f74c46623f9e38bd23e6f0a2fd3a9a017f66738394aca44d1a9f0b35d9df0a964360ab0900a5e6fcac1cd41c91c97f6826ff706c41edc4e00205bbb53218ed58a1122d993b55a1b9a870a17e7869e3fc"}, @calipso={0x7, 0x18, {0x3, 0x4, 0x3, 0x7, [0x0, 0xffffffffffffff04]}}, @generic={0x1}]}}}, @rthdrdstopts={{0x18, 0x29, 0x37, {0x73}}}, @flowinfo={{0x14, 0x29, 0xb, 0x2}}, @rthdr={{0x18}}], 0x210}}], 0x1, 0x810)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)

10m15.922170789s ago: executing program 1 (id=2920):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000002d80)={0x0, 0x0, &(0x7f0000002d40)={0x0, 0x30}}, 0x0)

10m15.808442721s ago: executing program 3 (id=2922):
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xafUD\x9dA\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x6, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000080)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x6, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r3)

10m15.794829855s ago: executing program 1 (id=2923):
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x6a, 0x4, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x4f, 0x94)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0xf8e77000)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040054}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000000)='jfs\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000002580)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x8, 0x16c0, 0x75e1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x2, 0x40, 0x0, "", [{{0x9, 0x4, 0x0, 0xb, 0x1, 0x3, 0x1, 0x1, 0x6, {0x9, 0x21, 0x8, 0x31, 0x1, {0x22, 0x3d3}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0xc, 0x2, 0x7}}}}}]}}]}}, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0x0})
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000000))
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newnexthop={0x18, 0x68, 0x1, 0x100003, 0x7ffffffd, {0x0, 0x0, 0x0, 0x0, 0x2000000}}, 0x18}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
r5 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870f500090582020002"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r5, 0x82, 0x0, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES64=r6], 0x40}}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000002840)=[{&(0x7f0000000240)=""/214, 0xd6}], 0x1, 0x1860, 0xffffffff)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='cgroup.threads\x00', 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)

10m0.508944539s ago: executing program 32 (id=2923):
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x6a, 0x4, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x4f, 0x94)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0xf8e77000)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040054}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000000)='jfs\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000002580)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x8, 0x16c0, 0x75e1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x2, 0x40, 0x0, "", [{{0x9, 0x4, 0x0, 0xb, 0x1, 0x3, 0x1, 0x1, 0x6, {0x9, 0x21, 0x8, 0x31, 0x1, {0x22, 0x3d3}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0xc, 0x2, 0x7}}}}}]}}]}}, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0x0})
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000000))
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newnexthop={0x18, 0x68, 0x1, 0x100003, 0x7ffffffd, {0x0, 0x0, 0x0, 0x0, 0x2000000}}, 0x18}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
r5 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870f500090582020002"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r5, 0x82, 0x0, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES64=r6], 0x40}}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000002840)=[{&(0x7f0000000240)=""/214, 0xd6}], 0x1, 0x1860, 0xffffffff)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='cgroup.threads\x00', 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)

10m0.356073618s ago: executing program 33 (id=2922):
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xafUD\x9dA\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x6, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000080)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x6, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r3)

10m0.199247134s ago: executing program 34 (id=2919):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480), 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000bd02c440560831ac1e93010203010902120081000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000240)={0x0, 0x10, 0x7a, "d9fbbec3302f5e647df84b371aaa736bb24cbd1d07cf7f8a5e97910c650ae550964d513d58bd37acca569621b3f61e7f09fb2ca79e98592d63890fc95ac4ecfe8a9b3f928919c7906864c7b5852fc7f2fb74205e0acbbc94ca82f7942d7c95c701a2a5d0c91b456984a9a620d5a5a9e26db95c19c4f97f52a6fe"}, 0x0, &(0x7f0000000180)={0x0, 0x8, 0x1, 0xff}, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000b40)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @dstopts_2292={{0x90, 0x29, 0x4, {0x4, 0xe, '\x00', [@calipso={0x7, 0x8, {0x1, 0x0, 0x9, 0x9f}}, @generic={0x80, 0xb, "09e12e5f0b6bdcf72f2ec7"}, @calipso={0x7, 0x40, {0x1, 0xe, 0x7a, 0x8001, [0x5, 0x9, 0x4, 0x6, 0x4, 0x400, 0xb]}}, @ra={0x5, 0x2, 0xa7e}, @pad1, @ra={0x5, 0x2, 0xbf4}, @hao={0xc9, 0x10, @private2}]}}}, @hopopts={{0x108, 0x29, 0x36, {0x5e, 0x1d, '\x00', [@generic={0xff, 0xe, "50d650847249ad288702ebd0d654"}, @pad1, @pad1, @calipso={0x7, 0x38, {0x3, 0xc, 0x0, 0xfff, [0x4, 0x966, 0x7, 0xfffffffffffffff7, 0x1, 0x1]}}, @generic={0x8, 0x81, "c8a110995d439fbfac9716a99c357bcb2d59a850490739734f6b321d19b3754df39cc2dc26cf263cbebbddb9a7f17b6771f74c46623f9e38bd23e6f0a2fd3a9a017f66738394aca44d1a9f0b35d9df0a964360ab0900a5e6fcac1cd41c91c97f6826ff706c41edc4e00205bbb53218ed58a1122d993b55a1b9a870a17e7869e3fc"}, @calipso={0x7, 0x18, {0x3, 0x4, 0x3, 0x7, [0x0, 0xffffffffffffff04]}}, @generic={0x1}]}}}, @rthdrdstopts={{0x18, 0x29, 0x37, {0x73}}}, @flowinfo={{0x14, 0x29, 0xb, 0x2}}, @rthdr={{0x18}}], 0x210}}], 0x1, 0x810)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)

9m0.466213616s ago: executing program 0 (id=3038):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000012c0)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e24}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x3)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4)
sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x0)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, 0x0, 0x0)

9m0.056242674s ago: executing program 0 (id=3040):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b", 0x44}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x40800)

8m58.624243393s ago: executing program 0 (id=3046):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x6, 0x5, &(0x7f0000000b40)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc000000c70000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r0, r2, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x46, &(0x7f0000001cc0)={@random="841307217ac9", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x12}, @void, {@ipv6={0x86dd, @udp={0x7, 0x6, "108ca2", 0x10, 0x11, 0xff, @private2={0xfc, 0x2, '\x00', 0x1}, @remote, {[], {0x4e23, 0x4e22, 0x10, 0x0, @gue={{0x2, 0x0, 0x3, 0x47}}}}}}}}, 0x0)

8m58.204548006s ago: executing program 0 (id=3048):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
shutdown(r0, 0x1)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r1, 0x40085112, &(0x7f0000000040)=@v={0x93, 0x0, 0x80, 0x16, @MIDI_NOTEON=@special, 0xee, 0x8})
r2 = socket$nl_route(0x10, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000000)={'wg2\x00'})
socket(0x10, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_open_dev$video(&(0x7f0000000000), 0x8, 0x20202)
syz_open_dev$audion(&(0x7f0000000040), 0x1ff, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x80000000, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x101a01)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1cf)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0)
open(&(0x7f0000000000)='.\x00', 0x1000000, 0x0)

8m56.535177619s ago: executing program 0 (id=3052):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000002a00)=ANY=[@ANYRES32=r1, @ANYRES32=r1], 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYBLOB], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setresuid(0xee01, 0x0, 0xffffffffffffffff)
r3 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r3, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f00000005c0)=[@in6={0xa, 0x4e20, 0x6, @remote, 0x2}], 0x1c)

8m53.572175898s ago: executing program 0 (id=3054):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0xa2)
fcntl$setsig(r0, 0xa, 0x13)
fcntl$setlease(r0, 0x400, 0x0)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f0000000280)=<r1=>0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = getpid()
syz_clone(0x648e7000, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setownex(r2, 0xf, &(0x7f0000000100)={0x2, r3})
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000004c0)=<r4=>0x0)
fcntl$setown(r0, 0x8, r4)
timer_settime(r1, 0x0, &(0x7f0000000200)={{0x77359400}, {0x0, 0x1c9c380}}, 0x0)
truncate(0x0, 0x0)

8m38.227097204s ago: executing program 35 (id=3054):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0xa2)
fcntl$setsig(r0, 0xa, 0x13)
fcntl$setlease(r0, 0x400, 0x0)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f0000000280)=<r1=>0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = getpid()
syz_clone(0x648e7000, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setownex(r2, 0xf, &(0x7f0000000100)={0x2, r3})
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000004c0)=<r4=>0x0)
fcntl$setown(r0, 0x8, r4)
timer_settime(r1, 0x0, &(0x7f0000000200)={{0x77359400}, {0x0, 0x1c9c380}}, 0x0)
truncate(0x0, 0x0)

34.613182753s ago: executing program 8 (id=4071):
syz_io_uring_setup(0x23c, 0x0, 0x0, &(0x7f0000000200), 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc980000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000006c0003806800008008000340000000025c000b802c0001800a0001006c696d69740000001c0002800c00024000000000000000030c00014000000000000100002c0001800a0001006c696d69740000001c0002800c00024000000000800000000c000140000000000000000814000000110001"], 0xfc}, 0x1, 0x0, 0x0, 0x4000850}, 0x844)
r3 = openat$comedi(0xffffff9c, &(0x7f0000000080)='/dev/comedi1\x00', 0x2180, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, &(0x7f0000000300)={'pcl730\x00', [0x2f00, 0x5, 0xd09d, 0xfff7ffff, 0x2d4, 0xfffffffe, 0x20000004, 0x6, 0xffe, 0x9, 0xc, 0x1001, 0x9, 0x1, 0xfffc, 0x6, 0x8, 0x40000009, 0x830, 0x30000, 0xf4, 0x2, 0x800, 0xe2db, 0x2, 0xc, 0x7, 0x3, 0x4, 0x5, 0x70f]})
ioctl$COMEDI_INSN(r3, 0x8028640c, &(0x7f0000000000)={0x4000000, 0x92ff, 0x0, 0x0, 0x4})

22.98259967s ago: executing program 8 (id=4091):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000340)=[@in6={0xa, 0x4e23, 0x8000, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xfff7fff7}], 0x1c)
listen(r0, 0xfffff789)
r1 = accept(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getpeername$packet(r1, 0x0, &(0x7f00000007c0))

21.559831938s ago: executing program 8 (id=4092):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setresgid(0xee00, 0xee01, 0x0)
setuid(0xee00)
r3 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4, 0x10000, @empty}, 0x1c)
ioctl$sock_inet_sctp_SIOCINQ(r3, 0x8905, &(0x7f0000000100))
shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)

14.252853695s ago: executing program 8 (id=4105):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f00000000c0)='fd', 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, 0x0, 0x0, r3)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x88002, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

14.067989528s ago: executing program 2 (id=4106):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = epoll_create1(0x80000)
r2 = fcntl$dupfd(r0, 0x406, r1)
r3 = getpid()
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp$KCMP_EPOLL_TFD(r3, r4, 0x7, r2, &(0x7f0000000100)={r1, r2})

13.806561091s ago: executing program 2 (id=4107):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

11.103229839s ago: executing program 2 (id=4112):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f00000000c0)='fd', 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, 0x0, 0x0, r2)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r5 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x88002, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f00000000c0)=0x11)
close_range(r4, 0xffffffffffffffff, 0x0)

8.46571219s ago: executing program 2 (id=4114):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x22f, &(0x7f0000019140)={0x0, 0x8ffd, 0x10000, 0x0, 0x100002cf}, &(0x7f0000000000), 0x0, 0x0)
syz_io_uring_setup(0x23c, &(0x7f0000000080)={0x0, 0x7ffffffe, 0x10100}, 0x0, &(0x7f0000000200), &(0x7f0000000000))
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc980000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000006c0003806800008008000340000000025c000b802c0001800a0001006c696d69740000001c0002800c00024000000000000000030c00014000000000000100002c0001800a0001006c696d69740000001c0002800c00024000000000800000000c000140000000000000000814000000110001"], 0xfc}, 0x1, 0x0, 0x0, 0x4000850}, 0x844)
r5 = openat$comedi(0xffffff9c, &(0x7f0000000080)='/dev/comedi1\x00', 0x2180, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f0000000300)={'pcl730\x00', [0x2f00, 0x5, 0xd09d, 0xfff7ffff, 0x2d4, 0xfffffffe, 0x20000004, 0x6, 0xffe, 0x9, 0xc, 0x1001, 0x9, 0x1, 0xfffc, 0x6, 0x8, 0x40000009, 0x830, 0x30000, 0xf4, 0x2, 0x800, 0xe2db, 0x2, 0xc, 0x7, 0x3, 0x4, 0x5, 0x70f]})
ioctl$COMEDI_INSN(r5, 0x8028640c, &(0x7f0000000000)={0x4000000, 0x92ff, 0x0, 0x0, 0x4})
syz_open_dev$swradio(0x0, 0x0, 0x2)
r6 = syz_open_dev$video(&(0x7f0000000000), 0x75, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000100)=0x101)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r6, 0xc034564b, &(0x7f00000000c0)={0x4dc9e, 0x42474752, 0x140, 0xb4, 0x3, @stepwise={{0x1, 0x1000}, {0x6, 0x6}, {0x1, 0x50c}}})

8.464679585s ago: executing program 6 (id=4115):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000300)={0x1000, 0x5, 0x5, 0x0, 0x9, 0x8000, 0x4, 0x9}, &(0x7f0000000340)=0x20)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = epoll_create(0x7)
r4 = epoll_create1(0x0)
r5 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000180))
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f00000000c0))
r6 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000100))
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r7, &(0x7f0000000080)={0x1008})
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000000))

6.920262314s ago: executing program 8 (id=4117):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = epoll_create1(0x80000)
r2 = fcntl$dupfd(r0, 0x406, r1)
r3 = getpid()
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000200))
kcmp$KCMP_EPOLL_TFD(r3, 0x0, 0x7, r2, &(0x7f0000000100)={r1, r2})

6.908451529s ago: executing program 6 (id=4119):
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000040)=0x8000, 0x4)
r1 = syz_open_dev$video(&(0x7f0000000280), 0x7fffffff, 0x129680)
ioctl$VIDIOC_ENUMINPUT(r1, 0xc050561a, &(0x7f0000000040)={0x2, "61a383835e7449d3f751591538e5fe23a81bcf9c307319290bd82a046f9c1290", 0x2, 0x0, 0x0, 0x0, 0x0, 0x8})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000100)={@any, 0x8})
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

6.698380123s ago: executing program 8 (id=4120):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4, 0x10000, @empty}, 0x1c)

5.275301997s ago: executing program 6 (id=4122):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000180)=0x11f7, 0x4)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000000)=0x40, 0x4)
recvmmsg(r0, &(0x7f0000004200)=[{{0x0, 0x6, 0x0, 0x0, &(0x7f0000000580)=""/73, 0x49}, 0x8}], 0x1, 0x45833af92e4b39ff, 0x0)

3.942210025s ago: executing program 6 (id=4123):
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000340)={@cgroup, 0xffffffffffffffff, 0x2f, 0x10, 0x4}, 0x20)

3.869679104s ago: executing program 5 (id=4124):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r3 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f00000000c0)='fd', 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, 0x0, 0x0, r2)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r5 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x88002, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f00000000c0)=0x11)
close_range(r4, 0xffffffffffffffff, 0x0)

3.797645986s ago: executing program 7 (id=4125):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, 0x0, 0x0)
listen(r0, 0xfff)
syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x4}}}}}}}, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000080)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x28, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x20, 0x0, 0x0, 0x3ff, {[@md5sig={0x13, 0x12, "244e1d18960ddf259874880689ccd578"}]}}}}}}}}, 0x0)

3.760660322s ago: executing program 2 (id=4126):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r0 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000))
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'syz_tun\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount$nfs(0x0, &(0x7f0000000640)='.\x00', &(0x7f0000000680), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB='ac'])

3.550716781s ago: executing program 6 (id=4127):
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, 0x0, 0x0, 0x0, 0x6b}, 0x0)

3.385177223s ago: executing program 7 (id=4128):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r0, 0xffffffffffffffff, 0x0)

2.744972368s ago: executing program 6 (id=4129):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setreuid(0xffffffffffffffff, 0xee01)
r3 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}, 0x1c)
setsockopt$sock_linger(r3, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

2.598526521s ago: executing program 7 (id=4130):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = epoll_create1(0x80000)
r2 = fcntl$dupfd(r0, 0x406, r1)
r3 = getpid()
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000200))
kcmp$KCMP_EPOLL_TFD(r3, 0x0, 0x7, r2, &(0x7f0000000100)={r1, r2})

2.407351646s ago: executing program 5 (id=4131):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f00000000c0)='fd', 0x0, 0xffffffffffffffff)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, 0x0, 0x0, r3)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x88002, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

2.406863047s ago: executing program 7 (id=4132):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000840}, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[], 0x12f4}, 0x1, 0x0, 0x0, 0x4040845}, 0x40000)
recvmsg$can_bcm(r1, &(0x7f00000017c0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000800)=""/153, 0x99}, {&(0x7f0000000b40)=""/253, 0x127}, {&(0x7f0000000400)=""/119, 0x77}, {&(0x7f0000000740)=""/157, 0x9d}, {&(0x7f0000000940)=""/243, 0xf3}, {&(0x7f0000000680)=""/148, 0x94}], 0x6}, 0x0)

2.124497094s ago: executing program 7 (id=4133):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000180)=0x11f7, 0x4)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000000)=0x40, 0x4)
recvmmsg(r0, &(0x7f0000004200)=[{{0x0, 0x6, 0x0, 0x0, &(0x7f0000000580)=""/73, 0x49}, 0x8}], 0x1, 0x45833af92e4b39ff, 0x0)

830.594503ms ago: executing program 5 (id=4134):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000280)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB="400000001000390400000000fcffffff00000000", @ANYRES32=r1, @ANYBLOB="01980000020800002000128008000100677265001400028008000100", @ANYRES32=r1], 0x40}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="60000000100039040200"/20, @ANYRES32=r1, @ANYBLOB="50100000000000002800128008000100677265001c00028008000700ac14"], 0x60}}, 0x4040000)

314.151644ms ago: executing program 7 (id=4135):
syz_usb_connect(0x0, 0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000055bed40020000000000000003010902", @ANYBLOB], 0x0)
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0xe6, 0x2602)
ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f0000000080)=0x5)

313.825077ms ago: executing program 5 (id=4136):
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000040)=0x8000, 0x4)
r1 = syz_open_dev$video(&(0x7f0000000280), 0x7fffffff, 0x129680)
ioctl$VIDIOC_ENUMINPUT(r1, 0xc050561a, &(0x7f0000000040)={0x2, "61a383835e7449d3f751591538e5fe23a81bcf9c307319290bd82a046f9c1290", 0x2, 0x0, 0x0, 0x0, 0x0, 0x8})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x8010}, 0x4000800)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000100)={@any, 0x8})
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

186.926402ms ago: executing program 5 (id=4137):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000340)={@cgroup=r0, 0xffffffffffffffff, 0x2f, 0x10, 0x4, @void, @value=r0}, 0x20)

157.073184ms ago: executing program 2 (id=4138):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
ioctl$F2FS_IOC_GARBAGE_COLLECT(0xffffffffffffffff, 0x4004f506, &(0x7f0000000180)=0x1)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000380)={'syz1\x00', {0x0, 0x7fff, 0x2, 0x2}, 0x51, [0x3ff, 0x2, 0x10000, 0x0, 0x7ca6, 0x9, 0xc2ad, 0x4, 0x9, 0x9, 0x5, 0x9, 0x8, 0x200, 0x5, 0x3, 0x7, 0x5, 0xfffffff9, 0x6, 0x3, 0xfff, 0x7f, 0x4152, 0x8b3, 0x9, 0x861, 0x7, 0x5, 0x0, 0x3c, 0x4, 0x1005, 0x4, 0x8, 0x38, 0x8, 0x8, 0xd5bb, 0x3, 0x1, 0x9de9, 0x8, 0x3, 0x3, 0x7f, 0x5, 0x8, 0x0, 0x1, 0x3ff, 0x6, 0x2e, 0x800, 0x846c, 0x3, 0x6, 0x31b, 0x8, 0xa, 0x1, 0x7, 0xffffffff, 0x3], [0x4a, 0x19a78cbf, 0xe936, 0x0, 0x200, 0xfffffff7, 0x2, 0x7d, 0x10001, 0x8, 0x3ff, 0x1, 0x7, 0x8f, 0x1, 0x5, 0x1ff, 0x200, 0x6f8, 0x7, 0xd, 0x7, 0x100788, 0x6, 0x0, 0x0, 0x8, 0x3, 0x5, 0x2, 0xa, 0x7, 0x80, 0x5aa, 0xfffff000, 0x400, 0x2, 0x7, 0x6, 0x6, 0x5, 0x3, 0x87, 0x22e2, 0x502, 0xffffffff, 0x7, 0x1ff, 0x6, 0x10001, 0x9e, 0x1, 0x5, 0x101, 0xfffffffa, 0x0, 0x2, 0x2, 0x6, 0x1ff, 0x8, 0x3, 0x6], [0x2, 0x94da, 0xffffffff, 0x7, 0xc0000, 0x4, 0x4, 0xfffffffa, 0x6, 0x7, 0xea, 0x7, 0x6, 0x400, 0xfffeffff, 0xfc000000, 0x8, 0x8, 0xd1, 0x2, 0xb66, 0x3, 0x4, 0x52c, 0x4, 0x10001, 0xfffffff8, 0x2, 0x9, 0x1, 0x7, 0xe86, 0x8, 0x20000100, 0x7, 0x1, 0x746a6ffd, 0x3, 0x4, 0x0, 0x1, 0x45a6c325, 0x8, 0x10000, 0x1000, 0x2, 0x5, 0x0, 0x2, 0x2, 0x1, 0x8, 0x2, 0x2, 0x81, 0x200, 0x3ff, 0xffffffcc, 0x6, 0xa000000, 0x8, 0xfff, 0x4000, 0x1], [0x8, 0x7, 0x3, 0xfffffffc, 0x8000, 0x2, 0x8, 0x1ff, 0xfffffffe, 0x10, 0x5e, 0x4, 0x8, 0x8, 0x5, 0x8, 0x45eb, 0xf25, 0xd, 0x1ff, 0x2, 0x95, 0x9, 0x9, 0x1, 0xc, 0xffff6f9e, 0x4, 0xfffffff7, 0x10000, 0x7, 0x52a, 0x5, 0xc1a4, 0x4, 0x8, 0x3, 0x9, 0x5, 0xb7af, 0x3, 0x4, 0x0, 0x1ff8, 0x2, 0x7, 0x6, 0x80000000, 0x652d, 0x7, 0x7fffffff, 0xd, 0x40, 0x3ff, 0xc, 0x1ff, 0x9, 0x6, 0x0, 0x1000, 0x9, 0x2, 0x9, 0x4]}, 0x45c)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f0000000040)=0x8000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = socket$phonet(0x23, 0x2, 0x1)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x8004587d, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)=0x20)
sendto(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080))
listen(r2, 0x90004)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
ppoll(&(0x7f00000000c0)=[{r2, 0x60}], 0x1, 0x0, 0x0, 0x0)

0s ago: executing program 5 (id=4139):
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, 0x0, 0x0, 0x0, 0x6b}, 0x0)

kernel console output (not intermixed with test programs):


[ 1242.473269][T15214] SQUASHFS error: Failed to read block 0x0: -5
[ 1247.139831][T15270] blktrace: Concurrent blktraces are not allowed on loop4
[ 1251.772971][T15302] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[ 1251.773012][T15302] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1251.775559][T15302] vhci_hcd vhci_hcd.0: Device attached
[ 1252.036570][ T5866] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[ 1252.052577][ T5866] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1252.239302][ T5128] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 1252.750610][ T5128] usb 1-1: config 0 has no interfaces?
[ 1252.781690][ T5128] usb 1-1: New USB device found, idVendor=2040, idProduct=2000, bcdDevice=65.72
[ 1252.781722][ T5128] usb 1-1: New USB device strings: Mfr=151, Product=0, SerialNumber=0
[ 1252.781754][ T5128] usb 1-1: Manufacturer: syz
[ 1252.908373][ T5866] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[ 1253.008501][T12574] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[ 1253.179596][T12574] usb 5-1: no configurations
[ 1253.179619][T12574] usb 5-1: can't read configurations, error -22
[ 1253.350332][ T5128] usb 1-1: config 0 descriptor??
[ 1253.666635][T12574] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[ 1254.197173][T12574] usb 5-1: no configurations
[ 1254.197196][T12574] usb 5-1: can't read configurations, error -22
[ 1254.197803][T12574] usb usb5-port1: attempt power cycle
[ 1254.217493][T15303] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 1
[ 1254.229245][ T5128] usb 1-1: USB disconnect, device number 38
[ 1254.265905][   T43] vhci_hcd vhci_hcd.0: stop threads
[ 1254.265925][   T43] vhci_hcd vhci_hcd.0: release socket
[ 1254.265970][   T43] vhci_hcd vhci_hcd.0: disconnect device
[ 1254.598492][T12574] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[ 1254.620868][T12574] usb 5-1: no configurations
[ 1254.620891][T12574] usb 5-1: can't read configurations, error -22
[ 1254.748783][T12574] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[ 1255.332613][T12574] usb 5-1: device descriptor read/all, error -71
[ 1255.333040][T12574] usb usb5-port1: unable to enumerate USB device
[ 1257.629219][T15357] blktrace: Concurrent blktraces are not allowed on loop2
[ 1258.297330][ T5866] vhci_hcd vhci_hcd.0: vhci_device speed not set
[ 1258.708526][   T31] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[ 1258.861552][   T31] usb 3-1: config 0 has too many interfaces: 129, using maximum allowed: 32
[ 1258.861585][   T31] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 129
[ 1258.864800][   T31] usb 3-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e
[ 1258.864829][   T31] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1258.864851][   T31] usb 3-1: Product: syz
[ 1258.864865][   T31] usb 3-1: Manufacturer: syz
[ 1258.864879][   T31] usb 3-1: SerialNumber: syz
[ 1258.940081][   T31] usb 3-1: config 0 descriptor??
[ 1259.150677][   T31] mos7840 3-1:0.0: required endpoints missing
[ 1259.375968][ T5866] usb 3-1: USB disconnect, device number 50
[ 1259.816894][ T5866] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[ 1260.057395][ T5866] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1261.157882][ T5128] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 1261.401910][ T5128] usb 2-1: no configurations
[ 1261.402058][ T5128] usb 2-1: can't read configurations, error -22
[ 1266.954692][T15402] SQUASHFS error: Failed to read block 0x0: -5
[ 1268.798399][ T5128] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[ 1269.260218][    T9] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[ 1270.237042][    T9] usb 5-1: config 0 has too many interfaces: 129, using maximum allowed: 32
[ 1270.237078][    T9] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 129
[ 1270.265014][    T9] usb 5-1: New USB device found, idVendor=0856, idProduct=ac31, bcdDevice=93.1e
[ 1270.265049][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1270.265071][    T9] usb 5-1: Product: syz
[ 1270.265086][    T9] usb 5-1: Manufacturer: syz
[ 1270.265101][    T9] usb 5-1: SerialNumber: syz
[ 1270.322820][T15434] netlink: 'syz.2.2925': attribute type 4 has an invalid length.
[ 1270.329542][    T9] usb 5-1: config 0 descriptor??
[ 1270.569991][    T9] mos7840 5-1:0.0: required endpoints missing
[ 1270.779330][ T9525] usb 5-1: USB disconnect, device number 54
[ 1285.160466][T15454] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1285.169448][T15454] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1285.176815][T15454] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1285.188577][T15454] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1285.193180][T15454] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1285.455069][T15454] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1285.467902][T15454] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1285.472427][T15454] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1285.501448][T15454] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1285.503010][T15454] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1285.733521][T15454] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1285.747884][T15454] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1285.764654][T15454] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1285.794600][T15454] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1285.811142][T15454] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1285.831655][T15466] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1287.279172][   T60] Bluetooth: hci5: command tx timeout
[ 1287.387809][T15478] netlink: 'syz.2.2938': attribute type 4 has an invalid length.
[ 1287.735335][   T60] Bluetooth: hci6: command tx timeout
[ 1287.780029][ T5796] syz_tun (unregistering): left allmulticast mode
[ 1287.843295][   T60] Bluetooth: hci7: command tx timeout
[ 1287.946334][T15488] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1289.358632][T15454] Bluetooth: hci5: command tx timeout
[ 1289.862969][T15454] Bluetooth: hci6: command tx timeout
[ 1289.918414][T15454] Bluetooth: hci7: command tx timeout
[ 1290.290467][T15504] blktrace: Concurrent blktraces are not allowed on loop4
[ 1292.408456][T15454] Bluetooth: hci5: command tx timeout
[ 1292.408502][T15454] Bluetooth: hci6: command tx timeout
[ 1292.408524][T15454] Bluetooth: hci7: command tx timeout
[ 1293.450805][T15519] netlink: 'syz.2.2948': attribute type 4 has an invalid length.
[ 1293.577292][T15452] chnl_net:caif_netlink_parms(): no params data found
[ 1293.780339][T15459] chnl_net:caif_netlink_parms(): no params data found
[ 1294.734971][T15464] chnl_net:caif_netlink_parms(): no params data found
[ 1294.882045][   T60] Bluetooth: hci7: command tx timeout
[ 1294.882060][T15454] Bluetooth: hci6: command tx timeout
[ 1294.882087][   T60] Bluetooth: hci5: command tx timeout
[ 1296.433873][T15548] blktrace: Concurrent blktraces are not allowed on loop4
[ 1297.093030][T15452] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1297.093224][T15452] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1297.093438][T15452] bridge_slave_0: entered allmulticast mode
[ 1297.095960][T15452] bridge_slave_0: entered promiscuous mode
[ 1297.381941][T15452] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1297.382096][T15452] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1297.382297][T15452] bridge_slave_1: entered allmulticast mode
[ 1297.385680][T15452] bridge_slave_1: entered promiscuous mode
[ 1297.561763][T15459] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1297.561911][T15459] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1297.562198][T15459] bridge_slave_0: entered allmulticast mode
[ 1297.565357][T15459] bridge_slave_0: entered promiscuous mode
[ 1297.651172][T15459] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1297.651410][T15459] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1297.651620][T15459] bridge_slave_1: entered allmulticast mode
[ 1297.654716][T15459] bridge_slave_1: entered promiscuous mode
[ 1297.687333][T15452] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1297.689831][ T7389] bridge_slave_1: left allmulticast mode
[ 1297.689859][ T7389] bridge_slave_1: left promiscuous mode
[ 1297.690126][ T7389] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1297.780242][ T7389] bridge_slave_0: left allmulticast mode
[ 1297.780277][ T7389] bridge_slave_0: left promiscuous mode
[ 1297.780580][ T7389] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1298.668963][T15566] netlink: 'syz.0.2957': attribute type 4 has an invalid length.
[ 1298.840909][ T7389] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1298.934031][ T7389] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1298.995323][ T7389] bond0 (unregistering): Released all slaves
[ 1299.003531][ T7389] bond1 (unregistering): Released all slaves
[ 1299.230379][T15452] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1299.347861][T15464] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1299.347948][T15464] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1299.348061][T15464] bridge_slave_0: entered allmulticast mode
[ 1299.383351][T15464] bridge_slave_0: entered promiscuous mode
[ 1299.662287][T15459] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1299.662440][T15464] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1299.662510][T15464] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1299.662635][T15464] bridge_slave_1: entered allmulticast mode
[ 1299.664126][T15464] bridge_slave_1: entered promiscuous mode
[ 1299.754389][T15459] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1299.769346][T15452] team0: Port device team_slave_0 added
[ 1299.904651][T15452] team0: Port device team_slave_1 added
[ 1299.920543][T15464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1299.988134][T15464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1300.120911][T15459] team0: Port device team_slave_0 added
[ 1300.195408][T15459] team0: Port device team_slave_1 added
[ 1300.240982][T15452] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1300.241001][T15452] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1300.241031][T15452] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1300.648506][T15574] overlayfs: missing 'lowerdir'
[ 1301.517646][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1301.517725][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1302.881748][T15452] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1302.881768][T15452] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1302.881797][T15452] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1302.887149][T15464] team0: Port device team_slave_0 added
[ 1303.237604][T15583] blktrace: Concurrent blktraces are not allowed on loop4
[ 1304.219877][T15464] team0: Port device team_slave_1 added
[ 1304.221210][T15459] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1304.221227][T15459] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1304.221257][T15459] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1304.365480][T15459] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1304.365501][T15459] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1304.365532][T15459] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1304.781823][T15598] netlink: 'syz.0.2966': attribute type 4 has an invalid length.
[ 1304.953540][T15464] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1304.953554][T15464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1304.953571][T15464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1305.025524][T15464] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1305.025542][T15464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1305.025570][T15464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1305.243310][T15452] hsr_slave_0: entered promiscuous mode
[ 1305.244160][T15452] hsr_slave_1: entered promiscuous mode
[ 1305.244713][T15452] debugfs: 'hsr0' already exists in 'hsr'
[ 1305.244730][T15452] Cannot create hsr debugfs directory
[ 1305.496531][T15459] hsr_slave_0: entered promiscuous mode
[ 1305.497402][T15459] hsr_slave_1: entered promiscuous mode
[ 1305.498012][T15459] debugfs: 'hsr0' already exists in 'hsr'
[ 1305.498029][T15459] Cannot create hsr debugfs directory
[ 1305.852068][T15464] hsr_slave_0: entered promiscuous mode
[ 1305.853651][T15464] hsr_slave_1: entered promiscuous mode
[ 1305.854743][T15464] debugfs: 'hsr0' already exists in 'hsr'
[ 1305.854769][T15464] Cannot create hsr debugfs directory
[ 1306.054683][ T7389] hsr_slave_0: left promiscuous mode
[ 1306.088511][ T7389] hsr_slave_1: left promiscuous mode
[ 1306.089972][ T7389] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1306.352267][T15608] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2969'.
[ 1306.352326][ T7389] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1306.429336][ T7389] pim6reg (unregistering): left allmulticast mode
[ 1307.290134][ T7389] team0 (unregistering): Port device team_slave_1 removed
[ 1307.339540][ T7389] team0 (unregistering): Port device team_slave_0 removed
[ 1307.973125][T15616] blktrace: Concurrent blktraces are not allowed on loop0
[ 1309.059671][T15632] netlink: 'syz.2.2974': attribute type 4 has an invalid length.
[ 1310.574275][ T7389] IPVS: stop unused estimator thread 0...
[ 1311.189485][T15452] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1311.270579][T15452] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1311.314605][T15452] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1311.488551][T15452] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1311.829892][T15459] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1312.033786][T15459] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1312.229659][T15459] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1312.312216][T15459] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1312.751201][T15464] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1313.664334][T15464] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1313.734525][T15464] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1313.809340][T15692] netlink: 'syz.0.2983': attribute type 4 has an invalid length.
[ 1313.992277][T15464] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1314.473709][T15452] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1314.599532][T15452] 8021q: adding VLAN 0 to HW filter on device team0
[ 1314.766312][ T3597] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1314.781818][ T3597] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1314.853974][ T3597] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1314.854481][ T3597] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1314.960350][T15459] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1315.082536][T15464] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1315.225288][T15459] 8021q: adding VLAN 0 to HW filter on device team0
[ 1315.289026][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1315.289170][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1315.309788][T15464] 8021q: adding VLAN 0 to HW filter on device team0
[ 1315.367973][ T3446] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1315.368125][ T3446] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1315.412290][ T3548] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1315.412526][ T3548] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1315.524055][ T6094] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1315.528497][ T6094] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1316.197577][ T7389] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1316.680005][ T7389] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1317.095831][ T7389] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1317.785452][ T7389] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1317.896373][T15452] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1318.051713][T15459] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1318.071881][T15464] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1319.122217][ T7389] bridge_slave_1: left allmulticast mode
[ 1319.122250][ T7389] bridge_slave_1: left promiscuous mode
[ 1319.122625][ T7389] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1320.654144][ T7389] bridge_slave_0: left allmulticast mode
[ 1320.654185][ T7389] bridge_slave_0: left promiscuous mode
[ 1320.654458][ T7389] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1321.309208][ T7389] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1321.389643][ T7389] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1321.413377][ T7389] bond0 (unregistering): Released all slaves
[ 1321.419663][ T7389] bond1 (unregistering): Released all slaves
[ 1321.430587][ T7389] bond2 (unregistering): Released all slaves
[ 1321.712708][ T7389] !: left promiscuous mode
[ 1323.424595][T15809] netlink: 'syz.0.2995': attribute type 4 has an invalid length.
[ 1323.523496][T15452] veth0_vlan: entered promiscuous mode
[ 1323.525021][T15459] veth0_vlan: entered promiscuous mode
[ 1323.568019][T15464] veth0_vlan: entered promiscuous mode
[ 1324.179052][T15459] veth1_vlan: entered promiscuous mode
[ 1324.187647][T15452] veth1_vlan: entered promiscuous mode
[ 1324.263203][T15464] veth1_vlan: entered promiscuous mode
[ 1325.348493][ T7389] hsr_slave_0: left promiscuous mode
[ 1325.411746][ T7389] hsr_slave_1: left promiscuous mode
[ 1325.412664][ T7389] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1325.412682][ T7389] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1325.469747][ T7389] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1325.469807][ T7389] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1326.717360][ T7389] veth1_macvtap: left promiscuous mode
[ 1326.717477][ T7389] veth0_macvtap: left promiscuous mode
[ 1326.717759][ T7389] veth1_vlan: left promiscuous mode
[ 1326.717938][ T7389] veth0_vlan: left promiscuous mode
[ 1327.019277][ T7389] pim6reg (unregistering): left allmulticast mode
[ 1327.523347][ T7389] team0 (unregistering): Port device team_slave_1 removed
[ 1327.559090][ T7389] team0 (unregistering): Port device team_slave_0 removed
[ 1327.725361][ T7389] team0 (unregistering): Port device dummy0 removed
[ 1327.785721][T15841] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3001'.
[ 1327.914563][T15459] veth0_macvtap: entered promiscuous mode
[ 1327.929315][T15452] veth0_macvtap: entered promiscuous mode
[ 1327.975643][T15464] veth0_macvtap: entered promiscuous mode
[ 1327.995401][T15459] veth1_macvtap: entered promiscuous mode
[ 1327.996916][T15452] veth1_macvtap: entered promiscuous mode
[ 1328.170538][T15464] veth1_macvtap: entered promiscuous mode
[ 1328.251165][T15848] program syz.2.3003 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1328.283956][T15459] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1328.332988][T15452] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1328.359916][T15464] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1328.365503][T15459] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1328.386477][T15452] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1328.421623][T15464] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1328.444673][ T3446] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.447455][ T3446] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.466880][ T3446] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.510531][ T3446] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.512747][ T3446] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.516060][ T3446] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.532933][ T3446] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.568468][   T10] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[ 1328.593520][ T3446] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.657558][ T3446] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.698385][   T10] usb 3-1: device descriptor read/64, error -71
[ 1328.811076][ T3446] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.816509][ T3446] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.908950][ T3446] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1328.938789][   T10] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[ 1329.098373][   T10] usb 3-1: device descriptor read/64, error -71
[ 1329.208755][   T10] usb usb3-port1: attempt power cycle
[ 1329.457625][ T7389] IPVS: stop unused estimator thread 0...
[ 1329.556601][ T3446] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1329.556626][ T3446] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1329.588361][ T3446] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1329.588385][ T3446] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1329.599999][   T10] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[ 1329.623781][   T10] usb 3-1: device descriptor read/8, error -71
[ 1329.735008][ T3446] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1329.735031][ T3446] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1329.858422][   T10] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[ 1329.879293][   T10] usb 3-1: device descriptor read/8, error -71
[ 1329.992740][T15870] netlink: 'syz.0.3004': attribute type 4 has an invalid length.
[ 1330.007619][   T10] usb usb3-port1: unable to enumerate USB device
[ 1330.121849][ T3548] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1330.121866][ T3548] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1330.274884][ T6094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1330.274901][ T6094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1330.442652][ T6094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1330.442675][ T6094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1331.969323][T15884] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3006'.
[ 1332.795500][T15896] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3007'.
[ 1337.028452][ T5128] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1337.158524][ T5128] usb 7-1: device descriptor read/64, error -71
[ 1339.798420][ T5128] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1340.192382][ T5128] usb 7-1: device descriptor read/64, error -71
[ 1340.275353][ T5881] IPVS: starting estimator thread 0...
[ 1340.391179][T15955] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3016'.
[ 1340.541642][ T5128] usb usb7-port1: attempt power cycle
[ 1340.649076][T15957] IPVS: using max 1 ests per chain, 2400 per kthread
[ 1340.939643][ T5128] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1341.127856][T15966] netlink: 'syz.0.3028': attribute type 4 has an invalid length.
[ 1341.148545][ T5128] usb 7-1: device not accepting address 4, error -71
[ 1343.603286][ T5881] libceph: connect (1)[c::]:6789 error -101
[ 1343.604037][ T5881] libceph: mon0 (1)[c::]:6789 connect error
[ 1343.679996][ T5881] libceph: connect (1)[c::]:6789 error -101
[ 1343.685062][ T5881] libceph: mon0 (1)[c::]:6789 connect error
[ 1343.942695][ T5881] libceph: connect (1)[c::]:6789 error -101
[ 1343.945201][ T5881] libceph: mon0 (1)[c::]:6789 connect error
[ 1344.040397][T15985] ceph: No mds server is up or the cluster is laggy
[ 1344.466414][   T10] libceph: connect (1)[c::]:6789 error -101
[ 1344.490817][   T10] libceph: mon0 (1)[c::]:6789 connect error
[ 1345.129789][T16015] netlink: 'syz.6.3039': attribute type 9 has an invalid length.
[ 1345.129841][T16015] netlink: 'syz.6.3039': attribute type 11 has an invalid length.
[ 1345.129882][T16015] netlink: 'syz.6.3039': attribute type 12 has an invalid length.
[ 1345.129962][T16015] netlink: 210020 bytes leftover after parsing attributes in process `syz.6.3039'.
[ 1345.130874][T16015] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3039'.
[ 1346.226003][T16021] netlink: 'syz.6.3043': attribute type 4 has an invalid length.
[ 1352.428238][T11666] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1352.444405][T11666] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1352.479162][T11666] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1352.484864][T11666] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1352.486091][T11666] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1353.766590][T16083] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1353.898858][T16081] netlink: 'syz.5.3059': attribute type 4 has an invalid length.
[ 1355.851279][T11666] Bluetooth: hci0: command tx timeout
[ 1357.929870][T11666] Bluetooth: hci0: command tx timeout
[ 1358.799388][T16128] netlink: 'syz.7.3068': attribute type 9 has an invalid length.
[ 1358.799443][T16128] netlink: 'syz.7.3068': attribute type 11 has an invalid length.
[ 1358.799483][T16128] netlink: 'syz.7.3068': attribute type 12 has an invalid length.
[ 1358.799552][T16128] netlink: 210020 bytes leftover after parsing attributes in process `syz.7.3068'.
[ 1358.800388][T16128] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3068'.
[ 1360.568369][T11666] Bluetooth: hci0: command tx timeout
[ 1361.089073][T16145] netlink: 'syz.5.3069': attribute type 4 has an invalid length.
[ 1361.619451][ T6094] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1362.092409][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.092510][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.303035][ T6094] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1362.638423][T11666] Bluetooth: hci0: command tx timeout
[ 1364.423742][ T6094] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1364.589075][T16173] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3079'.
[ 1365.859831][ T6094] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1366.076076][T16210] netlink: 'syz.6.3089': attribute type 4 has an invalid length.
[ 1366.649618][T16076] chnl_net:caif_netlink_parms(): no params data found
[ 1367.474112][ T6094] bridge_slave_1: left allmulticast mode
[ 1367.474144][ T6094] bridge_slave_1: left promiscuous mode
[ 1367.474412][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1367.961638][ T6094] bridge_slave_0: left allmulticast mode
[ 1367.961679][ T6094] bridge_slave_0: left promiscuous mode
[ 1367.961947][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1367.989283][   T60] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1368.009837][   T60] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1368.016044][   T60] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1368.046782][   T60] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1368.058518][   T60] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1370.158349][T11666] Bluetooth: hci1: command tx timeout
[ 1371.647737][T16270] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3104'.
[ 1371.849182][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1371.891640][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1371.942101][ T6094] bond0 (unregistering): Released all slaves
[ 1371.954803][ T6094] bond1 (unregistering): Released all slaves
[ 1372.827241][T11666] Bluetooth: hci1: command tx timeout
[ 1373.254799][T16281] netlink: 'syz.6.3107': attribute type 4 has an invalid length.
[ 1373.995209][T16076] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1373.995355][T16076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1373.995609][T16076] bridge_slave_0: entered allmulticast mode
[ 1374.042652][T16076] bridge_slave_0: entered promiscuous mode
[ 1374.075621][T16076] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1374.075698][T16076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1374.075892][T16076] bridge_slave_1: entered allmulticast mode
[ 1374.091303][T16076] bridge_slave_1: entered promiscuous mode
[ 1374.247053][T16297] 9p: Bad value for 'rfdno'
[ 1374.423394][T16293] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1374.846025][T16076] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1374.878696][T11666] Bluetooth: hci1: command tx timeout
[ 1375.974168][T16076] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1376.100585][T16310] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3116'.
[ 1376.958436][T11666] Bluetooth: hci1: command tx timeout
[ 1377.110413][T16076] team0: Port device team_slave_0 added
[ 1377.434970][T16076] team0: Port device team_slave_1 added
[ 1379.326022][T16349] SQUASHFS error: Failed to read block 0x0: -5
[ 1379.506424][T16076] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1379.506445][T16076] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1379.506476][T16076] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1379.584645][T16076] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1379.584664][T16076] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1379.584695][T16076] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1379.617501][T16354] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3125'.
[ 1379.630637][T16354] bridge0: port 3(geneve1) entered blocking state
[ 1379.630798][T16354] bridge0: port 3(geneve1) entered disabled state
[ 1379.631476][T16354] geneve1: entered allmulticast mode
[ 1379.635815][T16354] geneve1: entered promiscuous mode
[ 1379.637360][T16354] bridge0: port 3(geneve1) entered blocking state
[ 1379.638302][T16354] bridge0: port 3(geneve1) entered forwarding state
[ 1379.645546][T16354] netlink: 'syz.7.3125': attribute type 10 has an invalid length.
[ 1379.645868][T16354] bridge0: port 3(geneve1) entered disabled state
[ 1379.648106][T16354] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1379.650072][T16354] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1379.658654][T16354] bridge0: port 3(geneve1) entered blocking state
[ 1379.658868][T16354] bridge0: port 3(geneve1) entered forwarding state
[ 1379.659285][T16354] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1379.659486][T16354] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1379.659862][T16354] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1379.660062][T16354] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1379.666192][T16354] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1380.032393][T16076] hsr_slave_0: entered promiscuous mode
[ 1380.049992][T16076] hsr_slave_1: entered promiscuous mode
[ 1380.051210][T16076] debugfs: 'hsr0' already exists in 'hsr'
[ 1380.051238][T16076] Cannot create hsr debugfs directory
[ 1385.178327][ T6094] hsr_slave_0: left promiscuous mode
[ 1386.778396][ T6094] hsr_slave_1: left promiscuous mode
[ 1386.779557][ T6094] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1386.779583][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1387.160328][ T6094] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1387.160358][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1387.213903][ T6094] veth1_macvtap: left promiscuous mode
[ 1387.214016][ T6094] veth0_macvtap: left promiscuous mode
[ 1387.214288][ T6094] veth1_vlan: left promiscuous mode
[ 1387.214497][ T6094] veth0_vlan: left promiscuous mode
[ 1387.463797][ T6094] pim6reg (unregistering): left allmulticast mode
[ 1388.109351][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1388.180300][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1389.046263][T16423] syzkaller0: entered promiscuous mode
[ 1389.046296][T16423] syzkaller0: entered allmulticast mode
[ 1389.718387][T16436] overlayfs: failed to clone lowerpath
[ 1392.789071][T16237] chnl_net:caif_netlink_parms(): no params data found
[ 1395.178221][T16474] blktrace: Concurrent blktraces are not allowed on loop10
[ 1396.601559][T16237] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1396.601645][T16237] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1396.601823][T16237] bridge_slave_0: entered allmulticast mode
[ 1396.603522][T16237] bridge_slave_0: entered promiscuous mode
[ 1396.725613][T16237] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1396.725761][T16237] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1396.726026][T16237] bridge_slave_1: entered allmulticast mode
[ 1396.762492][T16237] bridge_slave_1: entered promiscuous mode
[ 1396.931383][T16237] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1396.952980][ T6094] IPVS: stop unused estimator thread 0...
[ 1396.977341][T16237] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1397.231945][T16237] team0: Port device team_slave_0 added
[ 1397.250636][T16237] team0: Port device team_slave_1 added
[ 1397.997366][T16500] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1398.072468][T16237] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1398.072482][T16237] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1398.072498][T16237] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1398.103817][T16237] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1398.103835][T16237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1398.103860][T16237] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1401.525428][ T6094] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1405.963198][ T6094] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1407.141553][T16545] blktrace: Concurrent blktraces are not allowed on loop12
[ 1407.229875][T16548] netlink: 'syz.7.3165': attribute type 4 has an invalid length.
[ 1407.279616][T16237] hsr_slave_0: entered promiscuous mode
[ 1407.373128][T16237] hsr_slave_1: entered promiscuous mode
[ 1407.374229][T16237] debugfs: 'hsr0' already exists in 'hsr'
[ 1407.374265][T16237] Cannot create hsr debugfs directory
[ 1407.507892][T16076] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1409.072368][ T6094] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1409.093260][T16577] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1409.170986][T16076] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1409.246440][T16076] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1409.313571][T15859] libceph: connect (1)[c::]:6789 error -101
[ 1409.313788][T15859] libceph: mon0 (1)[c::]:6789 connect error
[ 1409.331905][T16582] ceph: No mds server is up or the cluster is laggy
[ 1409.335161][T15859] libceph: connect (1)[c::]:6789 error -101
[ 1409.349525][T16076] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1409.360067][T15859] libceph: mon0 (1)[c::]:6789 connect error
[ 1409.800607][ T6094] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1411.328602][T16569] Bluetooth: hci5: command 0x0406 tx timeout
[ 1411.329118][T16569] Bluetooth: hci6: command 0x0406 tx timeout
[ 1411.329163][T16569] Bluetooth: hci7: command 0x0406 tx timeout
[ 1413.019945][T11666] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1413.056792][T11666] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1413.066630][T11666] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1413.076739][T11666] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1413.083411][T11666] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1414.620874][ T6094] bridge_slave_1: left allmulticast mode
[ 1414.620906][ T6094] bridge_slave_1: left promiscuous mode
[ 1414.621199][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1414.761674][ T6094] bridge_slave_0: left allmulticast mode
[ 1414.761708][ T6094] bridge_slave_0: left promiscuous mode
[ 1414.762036][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1415.991029][T15454] Bluetooth: hci2: command tx timeout
[ 1416.897669][T16693] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1418.266496][T15454] Bluetooth: hci2: command tx timeout
[ 1418.918603][T16705] vivid-000: kernel_thread() failed
[ 1419.001841][T16705] vivid-000: kernel_thread() failed
[ 1420.398480][T11666] Bluetooth: hci2: command tx timeout
[ 1422.619264][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1422.627936][T16743] netlink: 'syz.5.3215': attribute type 1 has an invalid length.
[ 1423.736743][T15454] Bluetooth: hci2: command tx timeout
[ 1423.763985][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.764065][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.856613][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1424.042061][ T6094] bond0 (unregistering): Released all slaves
[ 1429.325224][T15454] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1429.378902][T15454] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1429.386227][T15454] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1429.388032][T15454] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1429.394277][T15454] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1431.678635][T11666] Bluetooth: hci0: command tx timeout
[ 1433.249554][T12574] libceph: connect (1)[c::]:6789 error -101
[ 1433.249781][T12574] libceph: mon0 (1)[c::]:6789 connect error
[ 1433.252229][T12574] libceph: connect (1)[c::]:6789 error -101
[ 1433.252448][T12574] libceph: mon0 (1)[c::]:6789 connect error
[ 1433.252528][T16830] ceph: No mds server is up or the cluster is laggy
[ 1433.596840][T15800] libceph: connect (1)[c::]:6789 error -101
[ 1433.597113][T15800] libceph: mon0 (1)[c::]:6789 connect error
[ 1433.758762][T11666] Bluetooth: hci0: command tx timeout
[ 1435.838438][T11666] Bluetooth: hci0: command tx timeout
[ 1435.854288][ T6094] hsr_slave_0: left promiscuous mode
[ 1435.893159][ T6094] hsr_slave_1: left promiscuous mode
[ 1435.904396][ T6094] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1435.904428][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1435.935863][ T6094] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1435.935893][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1436.535214][ T6094] veth1_macvtap: left promiscuous mode
[ 1436.535288][ T6094] veth0_macvtap: left promiscuous mode
[ 1436.535497][ T6094] veth1_vlan: left promiscuous mode
[ 1436.535605][ T6094] veth0_vlan: left promiscuous mode
[ 1437.918390][T11666] Bluetooth: hci0: command tx timeout
[ 1442.920894][T16918] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1444.003442][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1444.071394][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1445.039610][T11666] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1447.846159][T16633] chnl_net:caif_netlink_parms(): no params data found
[ 1451.868352][T16797] chnl_net:caif_netlink_parms(): no params data found
[ 1452.519971][T16633] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1452.520240][T16633] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1452.520545][T16633] bridge_slave_0: entered allmulticast mode
[ 1452.551743][T16633] bridge_slave_0: entered promiscuous mode
[ 1452.594233][T16633] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1452.594374][T16633] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1452.594629][T16633] bridge_slave_1: entered allmulticast mode
[ 1452.619942][T16633] bridge_slave_1: entered promiscuous mode
[ 1453.007153][T16633] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1453.021070][T16797] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1453.021214][T16797] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1453.021910][T16797] bridge_slave_0: entered allmulticast mode
[ 1453.024898][T16797] bridge_slave_0: entered promiscuous mode
[ 1453.080359][T16633] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1453.080853][T16797] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1453.081093][T16797] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1453.081313][T16797] bridge_slave_1: entered allmulticast mode
[ 1453.272832][T16797] bridge_slave_1: entered promiscuous mode
[ 1455.188846][T16633] team0: Port device team_slave_0 added
[ 1455.207840][T16797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1455.231933][T16633] team0: Port device team_slave_1 added
[ 1455.247047][T16797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1455.670180][T16633] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1455.670192][T16633] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1455.670208][T16633] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1455.942898][T16797] team0: Port device team_slave_0 added
[ 1455.974637][T16633] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1455.974744][T16633] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1455.974812][T16633] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1456.116689][T16797] team0: Port device team_slave_1 added
[ 1457.038084][T16797] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1457.038103][T16797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1457.038133][T16797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1457.244879][T16797] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1457.244899][T16797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1457.244928][T16797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1457.600695][T16633] hsr_slave_0: entered promiscuous mode
[ 1457.809628][T16633] hsr_slave_1: entered promiscuous mode
[ 1457.810743][T16633] debugfs: 'hsr0' already exists in 'hsr'
[ 1457.810780][T16633] Cannot create hsr debugfs directory
[ 1458.989881][T16797] hsr_slave_0: entered promiscuous mode
[ 1458.990740][T16797] hsr_slave_1: entered promiscuous mode
[ 1458.991321][T16797] debugfs: 'hsr0' already exists in 'hsr'
[ 1458.991337][T16797] Cannot create hsr debugfs directory
[ 1459.793006][T17083] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1461.805457][T17101] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3298'.
[ 1461.838047][T17101] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3298'.
[ 1461.838084][T17101] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3298'.
[ 1463.215247][T17127] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1469.735526][T17170] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1472.551118][T17160] overlayfs: failed to clone upperpath
[ 1473.289974][T15454] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1473.332060][T15454] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1473.333946][T15454] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1473.335886][T15454] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1473.336881][T15454] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1476.459650][T15454] Bluetooth: hci1: command tx timeout
[ 1479.195060][T11666] Bluetooth: hci1: command tx timeout
[ 1479.224490][ T6094] bridge_slave_1: left allmulticast mode
[ 1479.224521][ T6094] bridge_slave_1: left promiscuous mode
[ 1479.224776][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1479.363081][T17233] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3328'.
[ 1479.375139][ T6094] bridge_slave_0: left allmulticast mode
[ 1479.375170][ T6094] bridge_slave_0: left promiscuous mode
[ 1479.375461][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1479.523453][ T6094] bridge_slave_1: left allmulticast mode
[ 1479.523487][ T6094] bridge_slave_1: left promiscuous mode
[ 1479.523768][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1479.623021][ T6094] bridge_slave_0: left allmulticast mode
[ 1479.623054][ T6094] bridge_slave_0: left promiscuous mode
[ 1479.624548][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1481.236691][T15454] Bluetooth: hci1: command tx timeout
[ 1481.280292][T17249] SQUASHFS error: Failed to read block 0x0: -5
[ 1481.438001][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1481.572750][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1481.651081][ T6094] bond0 (unregistering): Released all slaves
[ 1483.049357][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1483.286136][T15454] Bluetooth: hci1: command tx timeout
[ 1484.429209][T17272] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3337'.
[ 1484.518365][T17273] netlink: 'syz.5.3337': attribute type 10 has an invalid length.
[ 1484.531751][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1485.421006][ T6094] bond0 (unregistering): Released all slaves
[ 1485.471862][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1485.471943][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.499103][T17272] bridge0: port 3(geneve1) entered blocking state
[ 1485.499230][T17272] bridge0: port 3(geneve1) entered disabled state
[ 1485.499479][T17272] geneve1: entered allmulticast mode
[ 1485.504621][T17272] geneve1: entered promiscuous mode
[ 1485.505342][T17272] bridge0: port 3(geneve1) entered blocking state
[ 1485.505473][T17272] bridge0: port 3(geneve1) entered forwarding state
[ 1485.509755][T17273] bridge0: port 3(geneve1) entered disabled state
[ 1485.510012][T17273] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1485.510780][T17273] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1485.517851][T17273] bridge0: port 3(geneve1) entered blocking state
[ 1485.518002][T17273] bridge0: port 3(geneve1) entered forwarding state
[ 1485.518418][T17273] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1485.518586][T17273] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1485.518900][T17273] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1485.519081][T17273] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1485.522974][T17273] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1487.722862][T17193] chnl_net:caif_netlink_parms(): no params data found
[ 1487.900230][T11666] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1487.928849][T11666] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1487.933936][T11666] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1487.990313][T11666] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1487.996003][T11666] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1488.013190][T17293] SQUASHFS error: Failed to read block 0x0: -5
[ 1489.691108][T17306] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3348'.
[ 1490.082350][T15454] Bluetooth: hci2: command tx timeout
[ 1490.603035][T17308] ceph: No mds server is up or the cluster is laggy
[ 1490.618667][T15800] libceph: connect (1)[c::]:6789 error -101
[ 1490.618880][T15800] libceph: mon0 (1)[c::]:6789 connect error
[ 1490.621716][ T6094] hsr_slave_0: left promiscuous mode
[ 1490.698372][ T6094] hsr_slave_1: left promiscuous mode
[ 1490.700925][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1490.759355][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1492.158441][T11666] Bluetooth: hci2: command tx timeout
[ 1492.159183][ T6094] hsr_slave_0: left promiscuous mode
[ 1492.208435][ T6094] hsr_slave_1: left promiscuous mode
[ 1492.209130][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1492.259428][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1494.167350][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1494.222192][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1494.248334][T11666] Bluetooth: hci2: command tx timeout
[ 1494.729138][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1494.789131][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1497.621656][T11666] Bluetooth: hci2: command tx timeout
[ 1497.834255][T17193] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1497.838642][T17193] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1497.838910][T17193] bridge_slave_0: entered allmulticast mode
[ 1497.841818][T17193] bridge_slave_0: entered promiscuous mode
[ 1497.906207][T17193] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1497.906369][T17193] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1497.906658][T17193] bridge_slave_1: entered allmulticast mode
[ 1497.924737][T17193] bridge_slave_1: entered promiscuous mode
[ 1498.775488][T17193] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1498.783849][T17193] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1498.922329][T17369] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3369'.
[ 1499.214364][T17193] team0: Port device team_slave_0 added
[ 1500.207577][T17193] team0: Port device team_slave_1 added
[ 1500.984994][T17385] blktrace: Concurrent blktraces are not allowed on loop10
[ 1501.248967][T17193] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1501.248988][T17193] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1501.249017][T17193] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1501.571039][T17193] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1501.571059][T17193] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1501.571089][T17193] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1501.926826][T17397] overlay: Unknown parameter '/'
[ 1502.763879][T17193] hsr_slave_0: entered promiscuous mode
[ 1502.765469][T17193] hsr_slave_1: entered promiscuous mode
[ 1502.766500][T17193] debugfs: 'hsr0' already exists in 'hsr'
[ 1502.766527][T17193] Cannot create hsr debugfs directory
[ 1508.798495][T17448] blktrace: Concurrent blktraces are not allowed on loop14
[ 1509.417947][T17291] chnl_net:caif_netlink_parms(): no params data found
[ 1510.005067][T15326] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 1510.150635][T15326] usb 8-1: Using ep0 maxpacket: 16
[ 1512.269177][T15326] usb 8-1: config index 0 descriptor too short (expected 37266, got 202)
[ 1512.269209][T15326] usb 8-1: config 202 has too many interfaces: 130, using maximum allowed: 32
[ 1512.269224][T15326] usb 8-1: config 202 has an invalid descriptor of length 0, skipping remainder of the config
[ 1512.269235][T15326] usb 8-1: config 202 has 0 interfaces, different from the descriptor's value: 130
[ 1512.279367][T15326] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1512.279401][T15326] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1512.279420][T15326] usb 8-1: Product: syz
[ 1512.279433][T15326] usb 8-1: Manufacturer: syz
[ 1512.279453][T15326] usb 8-1: SerialNumber: syz
[ 1512.484688][T17193] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1512.615169][T17193] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1512.653344][T17455] tipc: Started in network mode
[ 1512.653363][T17455] tipc: Node identity 77777777, cluster identity 4711
[ 1512.653422][T17455] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1512.654182][T17291] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1512.654315][T17291] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1512.654537][T17291] bridge_slave_0: entered allmulticast mode
[ 1512.657133][T15326] usb 8-1: USB disconnect, device number 2
[ 1512.669452][T17291] bridge_slave_0: entered promiscuous mode
[ 1512.703186][T17291] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1512.703309][T17291] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1512.703575][T17291] bridge_slave_1: entered allmulticast mode
[ 1512.707439][T17291] bridge_slave_1: entered promiscuous mode
[ 1512.764971][T17193] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1512.859318][T17193] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1513.139939][T17291] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1514.110357][T17291] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1516.001779][T17291] team0: Port device team_slave_0 added
[ 1517.435258][T17505] blktrace: Concurrent blktraces are not allowed on loop14
[ 1518.252069][T17291] team0: Port device team_slave_1 added
[ 1518.791375][ T6094] bridge_slave_1: left allmulticast mode
[ 1518.791406][ T6094] bridge_slave_1: left promiscuous mode
[ 1518.791667][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1520.041506][ T6094] bridge_slave_0: left allmulticast mode
[ 1520.041543][ T6094] bridge_slave_0: left promiscuous mode
[ 1520.041845][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1521.342690][ T6094] bridge_slave_1: left allmulticast mode
[ 1521.342724][ T6094] bridge_slave_1: left promiscuous mode
[ 1521.343011][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1521.958068][T17528] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3405'.
[ 1522.071796][ T6094] bridge_slave_0: left allmulticast mode
[ 1522.071837][ T6094] bridge_slave_0: left promiscuous mode
[ 1522.072092][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1522.869094][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1522.959495][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1523.020444][ T6094] bond0 (unregistering): Released all slaves
[ 1523.179605][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1523.260549][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1523.320257][ T6094] bond0 (unregistering): Released all slaves
[ 1523.449402][T17291] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1523.449422][T17291] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1523.449453][T17291] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1523.511096][T17291] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1523.511110][T17291] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1523.511128][T17291] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1525.501718][T17552] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1528.275160][T17291] hsr_slave_0: entered promiscuous mode
[ 1528.276957][T17291] hsr_slave_1: entered promiscuous mode
[ 1528.896223][T17291] debugfs: 'hsr0' already exists in 'hsr'
[ 1528.896255][T17291] Cannot create hsr debugfs directory
[ 1530.392643][ T6094] hsr_slave_0: left promiscuous mode
[ 1530.507216][ T6094] hsr_slave_1: left promiscuous mode
[ 1530.517319][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1530.680494][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1532.795885][ T6094] hsr_slave_0: left promiscuous mode
[ 1533.509326][T17593] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3424'.
[ 1533.847040][ T6094] hsr_slave_1: left promiscuous mode
[ 1533.848107][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1533.919812][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1534.278702][T15454] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1535.159456][T15454] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1535.169829][T15454] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1535.173551][T15454] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1535.437881][T15454] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1536.104498][T17627] overlayfs: failed to clone lowerpath
[ 1537.671260][T15454] Bluetooth: hci0: command tx timeout
[ 1539.696435][T15454] Bluetooth: hci0: command tx timeout
[ 1539.890021][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1543.249585][T11666] Bluetooth: hci0: command tx timeout
[ 1543.306540][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1545.411249][T15454] Bluetooth: hci0: command tx timeout
[ 1545.980883][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1546.040485][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1546.489253][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.489332][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1548.663944][T17699] overlayfs: failed to clone lowerpath
[ 1550.439055][T11666] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1550.461571][T11666] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1550.465245][T11666] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1550.479145][T11666] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1550.481600][T11666] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1550.816809][T17604] chnl_net:caif_netlink_parms(): no params data found
[ 1552.612428][T11666] Bluetooth: hci3: command tx timeout
[ 1554.796737][T11666] Bluetooth: hci3: command tx timeout
[ 1555.585373][T17604] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1555.585517][T17604] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1555.585759][T17604] bridge_slave_0: entered allmulticast mode
[ 1555.619842][T17604] bridge_slave_0: entered promiscuous mode
[ 1555.698345][T17604] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1555.698424][T17604] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1555.698599][T17604] bridge_slave_1: entered allmulticast mode
[ 1555.706356][T17604] bridge_slave_1: entered promiscuous mode
[ 1556.112752][T17604] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1556.117521][T17604] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1556.898194][T11666] Bluetooth: hci3: command tx timeout
[ 1557.223733][T17714] chnl_net:caif_netlink_parms(): no params data found
[ 1557.595554][T17604] team0: Port device team_slave_0 added
[ 1558.562742][T17604] team0: Port device team_slave_1 added
[ 1559.934309][T11666] Bluetooth: hci3: command tx timeout
[ 1562.948493][T17604] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1562.948514][T17604] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1562.948545][T17604] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1563.109593][T17604] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1563.109612][T17604] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1563.109642][T17604] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1563.435197][T17714] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1563.435844][T17714] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1563.436100][T17714] bridge_slave_0: entered allmulticast mode
[ 1563.443707][T17714] bridge_slave_0: entered promiscuous mode
[ 1563.596570][T17714] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1563.596752][T17714] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1563.597024][T17714] bridge_slave_1: entered allmulticast mode
[ 1563.616129][T17714] bridge_slave_1: entered promiscuous mode
[ 1563.762456][T17604] hsr_slave_0: entered promiscuous mode
[ 1563.780579][T17604] hsr_slave_1: entered promiscuous mode
[ 1563.781711][T17604] debugfs: 'hsr0' already exists in 'hsr'
[ 1563.781736][T17604] Cannot create hsr debugfs directory
[ 1563.859055][T17714] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1563.889239][T17714] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1563.907032][T17862] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3476'.
[ 1563.923144][T17862] netlink: 'syz.7.3476': attribute type 10 has an invalid length.
[ 1563.923459][T17862] bridge0: port 3(geneve1) entered disabled state
[ 1563.923716][T17862] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1563.924130][T17862] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1566.704997][T17714] team0: Port device team_slave_0 added
[ 1566.804243][T17714] team0: Port device team_slave_1 added
[ 1567.334886][T17714] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1567.334905][T17714] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1567.334934][T17714] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1567.344157][T17714] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1567.344175][T17714] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1567.344201][T17714] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1570.007388][T17714] hsr_slave_0: entered promiscuous mode
[ 1571.464013][T17714] hsr_slave_1: entered promiscuous mode
[ 1571.465062][T17714] debugfs: 'hsr0' already exists in 'hsr'
[ 1571.465088][T17714] Cannot create hsr debugfs directory
[ 1575.760991][T17952] overlayfs: failed to clone lowerpath
[ 1577.237533][T17964] SQUASHFS error: Failed to read block 0x0: -5
[ 1583.223453][T18014] overlayfs: failed to clone lowerpath
[ 1586.037640][ T6094] bridge_slave_1: left allmulticast mode
[ 1586.037671][ T6094] bridge_slave_1: left promiscuous mode
[ 1586.054987][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1586.152518][ T6094] bridge_slave_0: left allmulticast mode
[ 1586.152551][ T6094] bridge_slave_0: left promiscuous mode
[ 1586.152880][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1586.269307][ T6094] bridge_slave_1: left allmulticast mode
[ 1586.269341][ T6094] bridge_slave_1: left promiscuous mode
[ 1586.269618][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1586.351861][ T6094] bridge_slave_0: left allmulticast mode
[ 1586.351897][ T6094] bridge_slave_0: left promiscuous mode
[ 1586.352201][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1588.031017][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1589.352695][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1590.855845][ T6094] bond0 (unregistering): Released all slaves
[ 1591.666714][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1591.789179][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1591.873192][ T6094] bond0 (unregistering): Released all slaves
[ 1591.971142][T18036] tipc: Started in network mode
[ 1591.971156][T18036] tipc: Node identity , cluster identity 4711
[ 1591.971166][T18036] tipc: Failed to set node id, please configure manually
[ 1591.971192][T18036] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1594.070692][ T6094] hsr_slave_0: left promiscuous mode
[ 1594.147132][ T6094] hsr_slave_1: left promiscuous mode
[ 1594.154697][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1594.190367][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1594.439628][ T6094] hsr_slave_0: left promiscuous mode
[ 1594.480796][ T6094] hsr_slave_1: left promiscuous mode
[ 1594.482055][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1594.529280][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1596.415762][T15454] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1596.443468][T15454] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1596.453916][T15454] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1596.474762][T15454] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1596.477394][T15454] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1597.546249][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1599.083964][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1600.782549][T15454] Bluetooth: hci1: command tx timeout
[ 1601.837329][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1601.909108][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1602.257964][T18133] tipc: Started in network mode
[ 1602.257985][T18133] tipc: Node identity , cluster identity 4711
[ 1602.258000][T18133] tipc: Failed to set node id, please configure manually
[ 1602.258049][T18133] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1603.365942][T15454] Bluetooth: hci1: command tx timeout
[ 1603.827473][T18163] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3537'.
[ 1605.438390][T15454] Bluetooth: hci1: command tx timeout
[ 1607.178320][T18195] blktrace: Concurrent blktraces are not allowed on loop12
[ 1607.797303][T15454] Bluetooth: hci1: command tx timeout
[ 1607.798252][T17714] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1607.845956][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.846069][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1608.497921][T18198] tipc: Started in network mode
[ 1608.497935][T18198] tipc: Node identity , cluster identity 4711
[ 1608.497946][T18198] tipc: Failed to set node id, please configure manually
[ 1608.497971][T18198] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1608.672381][T18205] program syz.6.3545 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1608.683668][T18119] chnl_net:caif_netlink_parms(): no params data found
[ 1608.894912][T11666] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1608.946322][T11666] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1608.955804][   T10] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1608.994043][T11666] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1608.997147][T11666] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1609.008682][T11666] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1609.165580][   T10] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1609.165610][   T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1609.165661][   T10] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1609.188366][   T10] usb 7-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5
[ 1609.188401][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1609.188421][   T10] usb 7-1: Product: syz
[ 1609.188437][   T10] usb 7-1: Manufacturer: syz
[ 1609.188483][   T10] usb 7-1: SerialNumber: syz
[ 1609.270833][   T10] usb 7-1: config 0 descriptor??
[ 1609.305736][   T10] uvcvideo 7-1:0.0: Found UVC 34.00 device syz (8086:0b5b)
[ 1609.305774][   T10] uvcvideo 7-1:0.0: No valid video chain found.
[ 1610.956596][T18218] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3545'.
[ 1611.162383][T15454] Bluetooth: hci0: command tx timeout
[ 1611.362830][T15802] usb 7-1: USB disconnect, device number 6
[ 1613.189121][T18244] tipc: Started in network mode
[ 1613.189140][T18244] tipc: Node identity , cluster identity 4711
[ 1613.189155][T18244] tipc: Failed to set node id, please configure manually
[ 1613.189199][T18244] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1613.218273][T15454] Bluetooth: hci0: command tx timeout
[ 1613.502658][T18119] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1613.515720][T18119] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1613.515914][T18119] bridge_slave_0: entered allmulticast mode
[ 1613.517605][T18119] bridge_slave_0: entered promiscuous mode
[ 1614.645449][T18119] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1614.645597][T18119] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1614.645866][T18119] bridge_slave_1: entered allmulticast mode
[ 1614.670981][T18119] bridge_slave_1: entered promiscuous mode
[ 1615.425072][T18262] blktrace: Concurrent blktraces are not allowed on loop14
[ 1615.484487][T15454] Bluetooth: hci0: command tx timeout
[ 1616.512971][T18119] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1616.884845][T18119] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1617.138765][T18272] trusted_key: syz.6.3556 sent an empty control message without MSG_MORE.
[ 1617.147000][T18119] team0: Port device team_slave_0 added
[ 1617.147572][T18207] chnl_net:caif_netlink_parms(): no params data found
[ 1617.213619][T18119] team0: Port device team_slave_1 added
[ 1617.612501][T15454] Bluetooth: hci0: command tx timeout
[ 1618.921121][T18119] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1618.921141][T18119] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1618.921169][T18119] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1620.090609][T18119] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1620.090629][T18119] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1620.090659][T18119] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1621.020693][T18119] hsr_slave_0: entered promiscuous mode
[ 1621.035209][T18119] hsr_slave_1: entered promiscuous mode
[ 1621.046647][T18119] debugfs: 'hsr0' already exists in 'hsr'
[ 1621.046676][T18119] Cannot create hsr debugfs directory
[ 1621.262223][T18207] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1621.262386][T18207] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1621.262596][T18207] bridge_slave_0: entered allmulticast mode
[ 1622.226361][T18207] bridge_slave_0: entered promiscuous mode
[ 1624.198567][T18207] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1624.198715][T18207] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1624.199114][T18207] bridge_slave_1: entered allmulticast mode
[ 1624.207528][T18207] bridge_slave_1: entered promiscuous mode
[ 1627.867980][T18356] program syz.7.3578 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1628.130662][   T10] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[ 1628.297533][T18207] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1629.296356][T18207] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1629.418633][   T10] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1629.418665][   T10] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1629.418714][   T10] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1629.449019][   T10] usb 8-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5
[ 1629.449052][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1629.449073][   T10] usb 8-1: Product: syz
[ 1629.449087][   T10] usb 8-1: Manufacturer: syz
[ 1629.449100][   T10] usb 8-1: SerialNumber: syz
[ 1629.454348][   T10] usb 8-1: config 0 descriptor??
[ 1629.490002][   T10] uvcvideo 8-1:0.0: Found UVC 34.00 device syz (8086:0b5b)
[ 1629.490035][   T10] uvcvideo 8-1:0.0: No valid video chain found.
[ 1629.660562][T18356] binder: 18355:18356 ioctl c0306201 0 returned -14
[ 1630.316443][   T10] IPVS: starting estimator thread 0...
[ 1630.370924][T18371] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3578'.
[ 1630.400712][T18370] IPVS: using max 7 ests per chain, 16800 per kthread
[ 1630.491940][T18207] team0: Port device team_slave_0 added
[ 1630.497357][T15859] usb 8-1: USB disconnect, device number 3
[ 1630.572249][T18207] team0: Port device team_slave_1 added
[ 1632.178398][T15800] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1632.308379][T15800] usb 7-1: device descriptor read/64, error -71
[ 1632.505841][T18207] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1632.505861][T18207] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1632.505891][T18207] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1632.525269][T18207] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1632.525286][T18207] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1632.525311][T18207] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1632.558409][T15800] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 1632.698229][T15800] usb 7-1: device descriptor read/64, error -71
[ 1632.788645][T18207] hsr_slave_0: entered promiscuous mode
[ 1632.790203][T18207] hsr_slave_1: entered promiscuous mode
[ 1632.791413][T18207] debugfs: 'hsr0' already exists in 'hsr'
[ 1632.791441][T18207] Cannot create hsr debugfs directory
[ 1632.808901][T15800] usb usb7-port1: attempt power cycle
[ 1634.168287][T15800] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1634.188958][T15800] usb 7-1: device descriptor read/8, error -71
[ 1634.536165][T18119] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1635.774040][T18119] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1636.026012][T18119] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1636.278681][T15800] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1636.504443][T15800] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1636.504548][T15800] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1636.515197][T15800] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1636.668303][T15800] usb 7-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5
[ 1636.668339][T15800] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1636.668358][T15800] usb 7-1: Product: syz
[ 1636.668373][T15800] usb 7-1: Manufacturer: syz
[ 1636.668388][T15800] usb 7-1: SerialNumber: syz
[ 1636.715467][T15800] usb 7-1: config 0 descriptor??
[ 1636.745969][T18119] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1636.759362][T15800] uvcvideo 7-1:0.0: Found UVC 34.00 device syz (8086:0b5b)
[ 1636.759399][T15800] uvcvideo 7-1:0.0: No valid video chain found.
[ 1637.033579][T18415] binder: 18414:18415 ioctl c0306201 0 returned -14
[ 1637.504071][T18415] netlink: 36 bytes leftover after parsing attributes in process `syz.6.3591'.
[ 1637.506256][T15859] usb 7-1: USB disconnect, device number 10
[ 1637.627467][ T6094] bridge_slave_1: left allmulticast mode
[ 1637.627498][ T6094] bridge_slave_1: left promiscuous mode
[ 1637.627821][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1637.841984][ T6094] bridge_slave_0: left allmulticast mode
[ 1637.842019][ T6094] bridge_slave_0: left promiscuous mode
[ 1637.842321][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1638.743115][ T6094] bridge_slave_1: left allmulticast mode
[ 1638.743155][ T6094] bridge_slave_1: left promiscuous mode
[ 1638.743416][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1638.830869][ T6094] bridge_slave_0: left allmulticast mode
[ 1638.830902][ T6094] bridge_slave_0: left promiscuous mode
[ 1638.831184][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1639.024676][T18444] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3596'.
[ 1639.172533][T18446] netlink: 'syz.7.3596': attribute type 10 has an invalid length.
[ 1640.118019][T18441] [U] ù
[ 1640.584919][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1642.005121][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1642.794687][ T6094] bond0 (unregistering): Released all slaves
[ 1642.979225][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1643.239076][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1643.614121][ T6094] bond0 (unregistering): Released all slaves
[ 1647.688213][ T6094] hsr_slave_0: left promiscuous mode
[ 1647.738322][ T6094] hsr_slave_1: left promiscuous mode
[ 1647.739131][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1647.970798][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1648.508273][ T6094] hsr_slave_0: left promiscuous mode
[ 1648.548231][ T6094] hsr_slave_1: left promiscuous mode
[ 1648.550491][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1648.579397][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1649.719875][T18521] netlink: 'syz.5.3619': attribute type 10 has an invalid length.
[ 1651.849077][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1652.324083][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1652.744019][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1652.780110][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1652.923045][T18521] bridge0: port 3(geneve1) entered disabled state
[ 1652.923370][T18521] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1652.923775][T18521] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1654.648375][T18119] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1654.719286][T18119] 8021q: adding VLAN 0 to HW filter on device team0
[ 1654.890665][T16650] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1654.890910][T16650] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1657.901294][T11666] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1657.931403][T11666] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1657.933490][T11666] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1657.934955][T11666] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1657.936245][T11666] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1658.183077][T18207] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1659.554056][T18207] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1659.897524][T18207] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1660.018285][T18207] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1660.078896][T15454] Bluetooth: hci2: command tx timeout
[ 1661.227591][T18607] blktrace: Concurrent blktraces are not allowed on loop10
[ 1662.158290][T15454] Bluetooth: hci2: command tx timeout
[ 1662.908580][T18565] chnl_net:caif_netlink_parms(): no params data found
[ 1663.680524][T18207] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1664.674076][T15454] Bluetooth: hci2: command tx timeout
[ 1667.378235][T15454] Bluetooth: hci2: command tx timeout
[ 1667.692720][T18565] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1667.692860][T18565] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1667.693690][T18565] bridge_slave_0: entered allmulticast mode
[ 1667.697156][T18565] bridge_slave_0: entered promiscuous mode
[ 1667.726157][T18565] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1667.726256][T18565] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1667.726442][T18565] bridge_slave_1: entered allmulticast mode
[ 1667.733675][T18565] bridge_slave_1: entered promiscuous mode
[ 1667.991230][T18565] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1668.002660][T18207] 8021q: adding VLAN 0 to HW filter on device team0
[ 1668.031798][T18565] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1668.551141][ T3597] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1668.551438][ T3597] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1668.560949][T18565] team0: Port device team_slave_0 added
[ 1668.671334][T18565] team0: Port device team_slave_1 added
[ 1668.950545][T18565] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1668.950564][T18565] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1668.950592][T18565] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1669.014850][T18565] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1669.014871][T18565] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1669.014904][T18565] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1669.214413][ T6094] bridge_slave_1: left allmulticast mode
[ 1669.214445][ T6094] bridge_slave_1: left promiscuous mode
[ 1669.214745][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1669.282584][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1669.282682][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1669.341391][ T6094] bridge_slave_0: left allmulticast mode
[ 1669.341415][ T6094] bridge_slave_0: left promiscuous mode
[ 1669.341617][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1669.992319][T11666] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1670.022345][T11666] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1670.255348][T18708] overlayfs: failed to clone lowerpath
[ 1670.783755][T11666] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1670.801396][T11666] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1670.818890][T11666] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1670.970375][T18712] fuse: Bad value for 'fd'
[ 1673.760248][T11666] Bluetooth: hci0: command tx timeout
[ 1674.204871][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1674.757017][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1675.772284][ T6094] bond0 (unregistering): Released all slaves
[ 1675.838446][T11666] Bluetooth: hci0: command tx timeout
[ 1676.373932][T18743] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3668'.
[ 1676.628133][T18746] netlink: 'syz.7.3668': attribute type 10 has an invalid length.
[ 1678.957258][T11666] Bluetooth: hci0: command tx timeout
[ 1679.730674][ T6094] hsr_slave_0: left promiscuous mode
[ 1679.770011][ T6094] hsr_slave_1: left promiscuous mode
[ 1679.771194][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1680.789220][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1681.040907][T11666] Bluetooth: hci0: command tx timeout
[ 1681.142089][T18774] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1681.410120][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1681.449513][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1681.861227][T18565] hsr_slave_0: entered promiscuous mode
[ 1681.864134][T18565] hsr_slave_1: entered promiscuous mode
[ 1681.865082][T18565] debugfs: 'hsr0' already exists in 'hsr'
[ 1681.865105][T18565] Cannot create hsr debugfs directory
[ 1682.168947][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1682.463814][T18785] overlayfs: missing 'lowerdir'
[ 1683.948395][T18800] SQUASHFS error: Failed to read block 0x0: -5
[ 1685.521900][T18704] chnl_net:caif_netlink_parms(): no params data found
[ 1688.441000][T18852] SQUASHFS error: Failed to read block 0x0: -5
[ 1688.509499][T18704] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1688.509788][T18704] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1688.510054][T18704] bridge_slave_0: entered allmulticast mode
[ 1688.513551][T18704] bridge_slave_0: entered promiscuous mode
[ 1688.552292][T18704] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1688.552532][T18704] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1688.552884][T18704] bridge_slave_1: entered allmulticast mode
[ 1688.556504][T18704] bridge_slave_1: entered promiscuous mode
[ 1688.652219][T18704] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1688.722728][T18704] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1690.605606][T18868] SQUASHFS error: Failed to read block 0x0: -5
[ 1693.605538][T18704] team0: Port device team_slave_0 added
[ 1693.630893][T18704] team0: Port device team_slave_1 added
[ 1697.102678][T18908] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1700.641656][T18704] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1700.641676][T18704] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1700.641706][T18704] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1700.707439][T18704] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1700.707452][T18704] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1700.707469][T18704] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1702.204633][T18964] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1702.529589][T18704] hsr_slave_0: entered promiscuous mode
[ 1702.531345][T18704] hsr_slave_1: entered promiscuous mode
[ 1702.532581][T18704] debugfs: 'hsr0' already exists in 'hsr'
[ 1702.532609][T18704] Cannot create hsr debugfs directory
[ 1702.808234][T18565] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1702.881023][T18565] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1703.153437][T18565] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1703.230283][T18565] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1703.861724][T18995] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3731'.
[ 1703.944610][T18996] bridge0: port 3(geneve1) entered blocking state
[ 1703.944737][T18996] bridge0: port 3(geneve1) entered disabled state
[ 1703.944987][T18996] geneve1: entered allmulticast mode
[ 1703.948033][T18996] geneve1: entered promiscuous mode
[ 1703.951368][T18996] bridge0: port 3(geneve1) entered blocking state
[ 1703.951507][T18996] bridge0: port 3(geneve1) entered forwarding state
[ 1703.956459][T18995] netlink: 'syz.6.3731': attribute type 10 has an invalid length.
[ 1703.963694][T18995] bridge0: port 3(geneve1) entered disabled state
[ 1703.971699][T18995] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1703.982306][T18995] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1704.092973][T18995] bridge0: port 3(geneve1) entered blocking state
[ 1704.097059][T18995] bridge0: port 3(geneve1) entered forwarding state
[ 1704.103987][T18995] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1704.105812][T18995] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1704.109613][T18995] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1704.113990][T18995] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1704.192319][T18995] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1705.098570][ T6094] bridge_slave_1: left allmulticast mode
[ 1705.098605][ T6094] bridge_slave_1: left promiscuous mode
[ 1705.098892][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1705.180945][ T6094] bridge_slave_0: left allmulticast mode
[ 1705.180978][ T6094] bridge_slave_0: left promiscuous mode
[ 1705.181253][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1706.659024][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1708.313391][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1708.441068][ T6094] bond0 (unregistering): Released all slaves
[ 1708.490053][T19024] netlink: 56 bytes leftover after parsing attributes in process `syz.6.3740'.
[ 1710.270428][ T6094] hsr_slave_0: left promiscuous mode
[ 1710.316242][ T6094] hsr_slave_1: left promiscuous mode
[ 1710.317829][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1710.358945][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1712.768403][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1712.884048][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1716.785684][T19095] netlink: 56 bytes leftover after parsing attributes in process `syz.6.3758'.
[ 1717.513035][T15454] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1717.527966][T15454] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1717.529930][T15454] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1717.531388][T15454] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1717.532176][T15454] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1720.100907][T15454] Bluetooth: hci1: command tx timeout
[ 1722.630816][T15454] Bluetooth: hci1: command tx timeout
[ 1723.227359][T19144] ceph: No mds server is up or the cluster is laggy
[ 1723.227918][T15800] libceph: connect (1)[c::]:6789 error -101
[ 1723.228711][T15800] libceph: mon0 (1)[c::]:6789 connect error
[ 1723.259452][T18704] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1723.966308][T18704] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1724.091486][T18704] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1724.153554][T18704] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1724.431454][T19166] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3774'.
[ 1724.754008][T15454] Bluetooth: hci1: command tx timeout
[ 1725.665658][    T9] kworker/0:0 (9) used greatest stack depth: 16968 bytes left
[ 1727.048641][T15454] Bluetooth: hci1: command tx timeout
[ 1728.329064][T19209] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input9
[ 1728.708498][T19099] chnl_net:caif_netlink_parms(): no params data found
[ 1730.331033][ T6094] bridge_slave_1: left allmulticast mode
[ 1730.331066][ T6094] bridge_slave_1: left promiscuous mode
[ 1730.331371][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1730.577490][ T6094] bridge_slave_0: left allmulticast mode
[ 1730.577526][ T6094] bridge_slave_0: left promiscuous mode
[ 1730.577833][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1730.731590][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.731667][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1731.184680][T11666] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1731.196838][T11666] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1731.201796][T11666] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1731.208716][T11666] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1731.220120][T11666] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1732.421032][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1732.540146][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1732.608445][ T6094] bond0 (unregistering): Released all slaves
[ 1732.644229][T19099] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1732.644376][T19099] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1732.644647][T19099] bridge_slave_0: entered allmulticast mode
[ 1732.647652][T19099] bridge_slave_0: entered promiscuous mode
[ 1733.076619][T19267] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3795'.
[ 1733.358318][T15454] Bluetooth: hci2: command tx timeout
[ 1733.403918][T19099] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1733.404104][T19099] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1733.404369][T19099] bridge_slave_1: entered allmulticast mode
[ 1733.430768][T19099] bridge_slave_1: entered promiscuous mode
[ 1733.683092][T19271] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input10
[ 1733.768385][ T6094] hsr_slave_0: left promiscuous mode
[ 1733.837599][ T6094] hsr_slave_1: left promiscuous mode
[ 1733.868751][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1733.900796][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1735.438602][T15454] Bluetooth: hci2: command tx timeout
[ 1735.453634][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1735.509407][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1735.896758][T19099] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1735.961363][T19099] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1737.165116][T19099] team0: Port device team_slave_0 added
[ 1737.224651][T19099] team0: Port device team_slave_1 added
[ 1738.637735][T15454] Bluetooth: hci2: command tx timeout
[ 1738.768825][T19099] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1738.768845][T19099] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1738.768875][T19099] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1738.804472][T19099] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1738.804491][T19099] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1738.804517][T19099] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1739.474756][T19099] hsr_slave_0: entered promiscuous mode
[ 1739.476519][T19099] hsr_slave_1: entered promiscuous mode
[ 1739.477609][T19099] debugfs: 'hsr0' already exists in 'hsr'
[ 1739.477636][T19099] Cannot create hsr debugfs directory
[ 1740.688248][T15454] Bluetooth: hci2: command tx timeout
[ 1740.714494][T19327] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3812'.
[ 1740.893005][T19252] chnl_net:caif_netlink_parms(): no params data found
[ 1741.467057][T19351] fuse: Bad value for 'fd'
[ 1743.989577][T19252] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1743.989798][T19252] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1743.990036][T19252] bridge_slave_0: entered allmulticast mode
[ 1743.999112][T19252] bridge_slave_0: entered promiscuous mode
[ 1744.207506][T19380] nfs4: Unknown parameter '
/file0'
[ 1744.305607][T19252] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1744.305774][T19252] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1744.306039][T19252] bridge_slave_1: entered allmulticast mode
[ 1744.339393][T19252] bridge_slave_1: entered promiscuous mode
[ 1744.342794][T19385] fuse: Bad value for 'fd'
[ 1746.493209][T19252] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1746.561057][T19252] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1746.688871][T19416] nfs4: Unknown parameter '
/file0'
[ 1750.096398][T19252] team0: Port device team_slave_0 added
[ 1750.411385][T19252] team0: Port device team_slave_1 added
[ 1750.540691][T19252] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1750.540710][T19252] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1750.540743][T19252] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1750.545504][T19252] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1750.545523][T19252] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1750.545552][T19252] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1751.070098][T15800] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[ 1751.241135][T15800] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1751.241175][T15800] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1751.241217][T15800] usb 8-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[ 1751.241241][T15800] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1751.266845][T15800] usb 8-1: config 0 descriptor??
[ 1752.071665][T15800] cp2112 0003:10C4:EA90.0007: unknown main item tag 0x0
[ 1752.105639][T15800] cp2112 0003:10C4:EA90.0007: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.7-1/input0
[ 1752.169998][T19252] hsr_slave_0: entered promiscuous mode
[ 1752.171602][T19252] hsr_slave_1: entered promiscuous mode
[ 1752.186762][T19252] debugfs: 'hsr0' already exists in 'hsr'
[ 1752.186791][T19252] Cannot create hsr debugfs directory
[ 1752.889595][T19099] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1753.273314][T19099] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1753.392751][T19099] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1753.746985][T19099] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1754.260389][ T6094] bridge_slave_1: left allmulticast mode
[ 1754.260424][ T6094] bridge_slave_1: left promiscuous mode
[ 1754.260692][ T6094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1754.352370][ T6094] bridge_slave_0: left allmulticast mode
[ 1754.352406][ T6094] bridge_slave_0: left promiscuous mode
[ 1754.372451][ T6094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1755.492655][ T6094] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1755.609803][ T6094] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1755.700521][ T6094] bond0 (unregistering): Released all slaves
[ 1756.288291][ T6094] hsr_slave_0: left promiscuous mode
[ 1756.332826][ T6094] hsr_slave_1: left promiscuous mode
[ 1756.334000][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1756.382683][ T6094] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1757.374436][T15800] cp2112 0003:10C4:EA90.0007: error requesting version
[ 1757.385089][T15800] cp2112 0003:10C4:EA90.0007: probe with driver cp2112 failed with error -110
[ 1757.438279][   T10] usb 8-1: USB disconnect, device number 4
[ 1758.212275][ T6094] team0 (unregistering): Port device team_slave_1 removed
[ 1758.309041][ T6094] team0 (unregistering): Port device team_slave_0 removed
[ 1760.171906][T19099] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1760.229318][T19099] 8021q: adding VLAN 0 to HW filter on device team0
[ 1760.259232][ T3503] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1760.266623][ T3503] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1760.355641][ T3503] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1760.355801][ T3503] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1762.723317][T19252] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1762.816506][T19252] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1762.982489][T19614] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3885'.
[ 1763.079153][T19614] netlink: 'syz.6.3885': attribute type 10 has an invalid length.
[ 1763.083438][T19614] bridge0: port 3(geneve1) entered disabled state
[ 1763.084613][T19614] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1763.085585][T19614] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1763.908601][T19252] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1764.030056][T19252] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1764.298894][T19099] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1764.541580][T19099] veth0_vlan: entered promiscuous mode
[ 1764.594725][T19099] veth1_vlan: entered promiscuous mode
[ 1764.661594][T19252] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1764.866996][T19252] 8021q: adding VLAN 0 to HW filter on device team0
[ 1764.992785][T19099] veth0_macvtap: entered promiscuous mode
[ 1765.019944][ T3503] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1765.021387][ T3503] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1765.095040][T19099] veth1_macvtap: entered promiscuous mode
[ 1765.125593][ T7389] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1765.125815][ T7389] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1765.560874][T19099] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1765.601746][T19099] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1765.646532][ T7389] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1765.646773][ T7389] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1765.647037][ T7389] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1765.647245][ T7389] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1765.718363][T19252] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1768.765110][T19252] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1768.774245][  T127] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1768.774266][  T127] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1769.828230][ T6094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1769.828255][ T6094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1771.773887][T19252] veth0_vlan: entered promiscuous mode
[ 1771.807077][T19252] veth1_vlan: entered promiscuous mode
[ 1771.900130][T19252] veth0_macvtap: entered promiscuous mode
[ 1771.911982][T19252] veth1_macvtap: entered promiscuous mode
[ 1772.096633][T19252] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1772.306952][T19252] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1772.349102][ T3503] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1772.349139][ T3503] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1772.349160][ T3503] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1772.349181][ T3503] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1775.740239][T17828] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1775.740264][T17828] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1775.879489][ T7389] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1775.879516][ T7389] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1783.103789][   T37] audit: type=1326 audit(1775375665.774:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19741 comm="syz.6.3915" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f55b0abc819 code=0x0
[ 1790.311976][T19785] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3925'.
[ 1795.753596][T19785] netlink: 'syz.7.3925': attribute type 10 has an invalid length.
[ 1796.289614][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1796.290320][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1797.238261][T19812] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3930'.
[ 1797.249399][T19812] netlink: 'syz.5.3930': attribute type 10 has an invalid length.
[ 1798.240928][T19814] loop2: detected capacity change from 0 to 7
[ 1798.311506][T19803] Dev loop2: unable to read RDB block 7
[ 1798.311545][T19803]  loop2: AHDI p1 p2 p3
[ 1798.311578][T19803] loop2: partition table partially beyond EOD, truncated
[ 1798.311893][T19803] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1798.311913][T19803] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1798.686138][T19814] Dev loop2: unable to read RDB block 7
[ 1798.686178][T19814]  loop2: AHDI p1 p2 p3
[ 1798.686209][T19814] loop2: partition table partially beyond EOD, truncated
[ 1798.686489][T19814] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1798.686511][T19814] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1801.998347][ T5167] Dev loop2: unable to read RDB block 7
[ 1801.998385][ T5167]  loop2: AHDI p1 p2 p3
[ 1801.998421][ T5167] loop2: partition table partially beyond EOD, truncated
[ 1801.998737][ T5167] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1801.998757][ T5167] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1803.992726][T19874] binder: 19870:19874 ioctl c0189376 0 returned -22
[ 1804.843767][T19877] binder: 19872:19877 ioctl c0189376 0 returned -22
[ 1808.814212][T19903] blktrace: Concurrent blktraces are not allowed on loop12
[ 1813.647035][T19957] blktrace: Concurrent blktraces are not allowed on loop4
[ 1817.211718][T19975] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3973'.
[ 1817.792071][T19978] netlink: 'syz.2.3973': attribute type 10 has an invalid length.
[ 1820.159354][T19977] bridge0: port 3(geneve1) entered blocking state
[ 1820.159481][T19977] bridge0: port 3(geneve1) entered disabled state
[ 1820.159740][T19977] geneve1: entered allmulticast mode
[ 1820.161456][T19977] geneve1: entered promiscuous mode
[ 1820.161913][T19977] bridge0: port 3(geneve1) entered blocking state
[ 1820.162028][T19977] bridge0: port 3(geneve1) entered forwarding state
[ 1820.162764][T19978] bridge0: port 3(geneve1) entered disabled state
[ 1820.163003][T19978] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1820.167797][T19978] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1820.176181][T19978] bridge0: port 3(geneve1) entered blocking state
[ 1820.176358][T19978] bridge0: port 3(geneve1) entered forwarding state
[ 1820.176758][T19978] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1820.176951][T19978] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1820.177324][T19978] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1820.177521][T19978] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1820.182143][T19978] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1821.666718][T19999] loop2: detected capacity change from 0 to 7
[ 1821.676753][T19999] Dev loop2: unable to read RDB block 7
[ 1821.676790][T19999]  loop2: AHDI p1 p2 p3
[ 1821.676824][T19999] loop2: partition table partially beyond EOD, truncated
[ 1821.677102][T19999] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1821.677123][T19999] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1822.029598][T19706] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[ 1822.350925][T19706] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1822.350976][T19706] usb 8-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[ 1822.351002][T19706] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1822.391114][T19706] usb 8-1: config 0 descriptor??
[ 1822.892194][T19706] chicony 0003:04F2:1421.0008: unknown main item tag 0x0
[ 1822.893850][T19706] chicony 0003:04F2:1421.0008: unknown main item tag 0x0
[ 1822.893895][T19706] chicony 0003:04F2:1421.0008: unknown main item tag 0x0
[ 1822.893921][T19706] chicony 0003:04F2:1421.0008: unknown main item tag 0x0
[ 1822.893945][T19706] chicony 0003:04F2:1421.0008: unknown main item tag 0x0
[ 1822.893970][T19706] chicony 0003:04F2:1421.0008: unknown main item tag 0x0
[ 1822.893994][T19706] chicony 0003:04F2:1421.0008: unknown main item tag 0x0
[ 1822.894019][T19706] chicony 0003:04F2:1421.0008: unknown main item tag 0x0
[ 1822.894045][T19706] chicony 0003:04F2:1421.0008: unknown main item tag 0x0
[ 1822.894070][T19706] chicony 0003:04F2:1421.0008: unknown main item tag 0x0
[ 1822.991742][T19706] chicony 0003:04F2:1421.0008: item fetching failed at offset 314/483
[ 1822.992688][T19706] chicony 0003:04F2:1421.0008: Chicony hid parse failed: -22
[ 1822.992782][T19706] chicony 0003:04F2:1421.0008: probe with driver chicony failed with error -22
[ 1823.477686][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1823.477731][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1823.502652][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1823.502694][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1823.503028][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1823.503057][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1823.503333][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1823.503362][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1823.503771][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1823.503800][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1823.504107][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1823.504135][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1823.504414][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1823.504441][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1823.504535][ T5167] ldm_validate_partition_table(): Disk read failed.
[ 1823.504719][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1823.504747][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1823.505007][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1823.505035][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1823.505298][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1823.505326][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[ 1823.505684][ T5167] Dev loop2: unable to read RDB block 0
[ 1823.506722][ T5167]  loop2: unable to read partition table
[ 1823.506995][ T5167] loop2: partition table beyond EOD, truncated
[ 1823.570098][T19706] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 1823.801825][T19706] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1823.801878][T19706] usb 7-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[ 1823.801904][T19706] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1823.818247][ T5128] usb 8-1: USB disconnect, device number 5
[ 1823.844087][T19706] usb 7-1: config 0 descriptor??
[ 1824.257779][ T5167] ldm_validate_partition_table(): Disk read failed.
[ 1824.281027][ T5167] Dev loop2: unable to read RDB block 0
[ 1824.282022][ T5167]  loop2: unable to read partition table
[ 1824.282291][ T5167] loop2: partition table beyond EOD, truncated
[ 1824.285103][T19706] chicony 0003:04F2:1421.0009: item fetching failed at offset 314/483
[ 1824.286045][T19706] chicony 0003:04F2:1421.0009: Chicony hid parse failed: -22
[ 1824.286138][T19706] chicony 0003:04F2:1421.0009: probe with driver chicony failed with error -22
[ 1825.868649][T19706] usb 7-1: USB disconnect, device number 11
[ 1828.324246][T20074] binder: 20068:20074 ioctl c0189376 0 returned -22
[ 1828.429585][T20077] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4011'.
[ 1828.519219][T20077] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4011'.
[ 1830.246958][T20089] binder: 20087:20089 ioctl c0189376 0 returned -22
[ 1830.435350][T20096] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4016'.
[ 1830.448390][T20096] netlink: 'syz.2.4016': attribute type 10 has an invalid length.
[ 1830.454155][T20096] bridge0: port 3(geneve1) entered disabled state
[ 1830.455351][T20096] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1830.459227][T20096] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1839.078527][   T10] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[ 1839.621000][   T10] usb 3-1: config 0 has no interfaces?
[ 1839.623063][   T10] usb 3-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00
[ 1839.623096][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1839.623114][   T10] usb 3-1: SerialNumber: syz
[ 1839.662056][   T10] usb 3-1: config 0 descriptor??
[ 1839.778208][ T5128] usb 7-1: new low-speed USB device number 12 using dummy_hcd
[ 1839.878704][   T10] usb 3-1: USB disconnect, device number 55
[ 1842.367812][ T5128] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 1842.367875][ T5128] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1842.367904][ T5128] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1842.367930][ T5128] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1842.367966][ T5128] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1842.432507][ T5128] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 1842.432573][ T5128] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1842.432602][ T5128] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1842.432629][ T5128] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1842.432657][ T5128] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1842.439372][ T5128] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[ 1842.439432][ T5128] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1842.439462][ T5128] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1842.439488][ T5128] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1842.439516][ T5128] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1842.455220][ T5128] usb 7-1: string descriptor 0 read error: -22
[ 1842.455407][ T5128] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1842.455433][ T5128] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1842.625416][T20195] syz.5.4050 (20195) used greatest stack depth: 16888 bytes left
[ 1842.795343][ T5128] usb 7-1: can't set config #168, error -71
[ 1842.806062][ T5128] usb 7-1: USB disconnect, device number 12
[ 1848.819854][T20250] bridge0: port 4(syz_tun) entered blocking state
[ 1848.822835][T20250] bridge0: port 4(syz_tun) entered disabled state
[ 1848.833216][T20250] syz_tun: entered allmulticast mode
[ 1848.894125][T20250] syz_tun: entered promiscuous mode
[ 1848.996332][T20250] netlink: 'syz.7.4067': attribute type 10 has an invalid length.
[ 1850.009194][T20255] binder: 20251:20255 ioctl c0189376 0 returned -22
[ 1854.860218][T20284] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1857.061997][T15454] Bluetooth: hci1: command 0x0406 tx timeout
[ 1859.518350][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[ 1859.518520][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[ 1866.669619][T20365] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4096'.
[ 1866.728426][T20365] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4096'.
[ 1866.728461][T20365] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4096'.
[ 1868.458144][ T5128] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[ 1868.729265][T20383] netlink: 'syz.7.4102': attribute type 10 has an invalid length.
[ 1869.860877][ T5128] usb 3-1: config 0 has no interfaces?
[ 1869.862438][ T5128] usb 3-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00
[ 1869.862466][ T5128] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1869.862488][ T5128] usb 3-1: SerialNumber: syz
[ 1869.880369][ T5128] usb 3-1: config 0 descriptor??
[ 1870.109004][ T5128] usb 3-1: USB disconnect, device number 56
[ 1870.661356][T20389] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1870.678491][T20389] syzkaller0: entered promiscuous mode
[ 1870.678509][T20389] syzkaller0: entered allmulticast mode
[ 1870.710920][T20389] tipc: Resetting bearer <eth:syzkaller0>
[ 1870.768286][T20388] tipc: Resetting bearer <eth:syzkaller0>
[ 1871.060934][T20388] tipc: Disabling bearer <eth:syzkaller0>
[ 1872.522620][T20410] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4110'.
[ 1873.628210][T20412] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4110'.
[ 1873.628249][T20412] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4110'.
[ 1876.478907][T15859] usb 8-1: new low-speed USB device number 6 using dummy_hcd
[ 1878.206728][T20438] bridge0: port 4(syz_tun) entered blocking state
[ 1878.211085][T20438] bridge0: port 4(syz_tun) entered disabled state
[ 1878.213636][T20438] syz_tun: entered allmulticast mode
[ 1878.230538][T20438] syz_tun: entered promiscuous mode
[ 1878.297453][T20438] netlink: 'syz.5.4118': attribute type 10 has an invalid length.
[ 1879.632640][T15859] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[ 1880.761037][T15859] usb 8-1: config 0 has no interfaces?
[ 1880.762794][T15859] usb 8-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00
[ 1880.762824][T15859] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1880.762847][T15859] usb 8-1: SerialNumber: syz
[ 1880.820257][T15859] usb 8-1: config 0 descriptor??
[ 1881.022554][T19706] usb 8-1: USB disconnect, device number 7
[ 1884.797789][T11666] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[ 1884.797823][T11666] CPU: 1 UID: 0 PID: 11666 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1884.797856][T11666] Tainted: [L]=SOFTLOCKUP
[ 1884.797864][T11666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1884.797879][T11666] Workqueue: hci1 hci_rx_wo[ 1884.797879][T11666] Workqueue: hci1 hci_rx_work
[ 1884.798054][T11666] Call Trace:
[ 1884.798062][T11666]  <TASK>
[ 1884.798072][T11666]  dump_stack_lvl+0xe8/0x150
[ 1884.798165][T11666]  sysfs_create_dir_ns+0x271/0x2a0
[ 1884.798254][T11666]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1884.798373][T11666]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1884.798406][T11666]  ? rt_spin_unlock+0x160/0x200
[ 1884.798442][T11666]  kobject_add_internal+0x631/0xd10
[ 1884.798528][T11666]  kobject_add+0x163/0x240
[ 1884.798563][T11666]  ? __pfx_kobject_add+0x10/0x10
[ 1884.798602][T11666]  ? get_device_parent+0x370/0x3a0
[ 1884.798698][T11666]  device_add+0x408/0xb80
[ 1884.798734][T11666]  hci_conn_add_sysfs+0xd5/0x210
[ 1884.798820][T11666]  le_conn_complete_evt+0x10e6/0x16b0
[ 1884.799001][T11666]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1884.799032][T11666]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1884.799059][T11666]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1884.799107][T11666]  ? skb_pull_data+0xfb/0x200
[ 1884.799215][T11666]  hci_le_conn_complete_evt+0x187/0x470
[ 1884.799254][T11666]  hci_event_packet+0x659/0xef0
[ 1884.799306][T11666]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1884.799339][T11666]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1884.799365][T11666]  ? __pfx_hci_event_packet+0x10/0x10
[ 1884.799387][T11666]  ? rt_spin_unlock+0x14f/0x200
[ 1884.799432][T11666]  ? hci_send_to_monitor+0xe2/0x590
[ 1884.799468][T11666]  hci_rx_work+0x3ee/0x1030
[ 1884.799501][T11666]  ? process_scheduled_works+0xa8d/0x18c0
[ 1884.799567][T11666]  process_scheduled_works+0xb6e/0x18c0
[ 1884.799639][T11666]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1884.799677][T11666]  ? assign_work+0x3d5/0x5e0
[ 1884.799715][T11666]  worker_thread+0xa53/0xfc0
[ 1884.799779][T11666]  kthread+0x388/0x470
[ 1884.799804][T11666]  ? __pfx_worker_thread+0x10/0x10
[ 1884.799835][T11666]  ? __pfx_kthread+0x10/0x10
[ 1884.799861][T11666]  ret_from_fork+0x51e/0xb90
[ 1884.799917][T11666]  ? __pfx_ret_from_fork+0x10/0x10
[ 1884.799947][T11666]  ? __switch_to+0xc7d/0x1450
[ 1884.799994][T11666]  ? __pfx_kthread+0x10/0x10
[ 1884.800021][T11666]  ret_from_fork_asm+0x1a/0x30
[ 1884.800063][T11666]  </TASK>
[ 1884.808169][T11666] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1884.808220][T11666] Bluetooth: hci1: failed to register connection device
[ 1884.854188][T11666] ==================================================================
[ 1884.854208][T11666] BUG: KASAN: slab-use-after-free in l2cap_connect_cfm+0x902/0x1560
[ 1884.854248][T11666] Read of size 8 at addr ffff88802b931500 by task kworker/u9:1/11666
[ 1884.854266][T11666] 
[ 1884.854280][T11666] CPU: 0 UID: 0 PID: 11666 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1884.854308][T11666] Tainted: [L]=SOFTLOCKUP
[ 1884.854316][T11666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1884.854330][T11666] Workqueue: hci1 hci_rx_work
[ 1884.854351][T11666] Call Trace:
[ 1884.854360][T11666]  <TASK>
[ 1884.854368][T11666]  dump_stack_lvl+0xe8/0x150
[ 1884.854396][T11666]  print_report+0xba/0x230
[ 1884.854455][T11666]  ? l2cap_connect_cfm+0x902/0x1560
[ 1884.854480][T11666]  kasan_report+0x117/0x150
[ 1884.854566][T11666]  ? l2cap_connect_cfm+0x902/0x1560
[ 1884.854596][T11666]  l2cap_connect_cfm+0x902/0x1560
[ 1884.854625][T11666]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1884.854650][T11666]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1884.854672][T11666]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1884.854694][T11666]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1884.854715][T11666]  ? mutex_lock_nested+0x152/0x1d0
[ 1884.854740][T11666]  ? hci_connect_cfm+0x2c/0x140
[ 1884.854770][T11666]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1884.854796][T11666]  hci_connect_cfm+0x95/0x140
[ 1884.854819][T11666]  le_conn_complete_evt+0x1134/0x16b0
[ 1884.854847][T11666]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1884.854871][T11666]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1884.854891][T11666]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1884.854912][T11666]  ? skb_pull_data+0xfb/0x200
[ 1884.854937][T11666]  hci_le_conn_complete_evt+0x187/0x470
[ 1884.854962][T11666]  hci_event_packet+0x659/0xef0
[ 1884.854984][T11666]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1884.855012][T11666]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1884.855033][T11666]  ? __pfx_hci_event_packet+0x10/0x10
[ 1884.855051][T11666]  ? rt_spin_unlock+0x14f/0x200
[ 1884.855083][T11666]  ? hci_send_to_monitor+0xe2/0x590
[ 1884.855110][T11666]  hci_rx_work+0x3ee/0x1030
[ 1884.855132][T11666]  ? process_scheduled_works+0xa8d/0x18c0
[ 1884.855159][T11666]  process_scheduled_works+0xb6e/0x18c0
[ 1884.855196][T11666]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1884.855224][T11666]  ? assign_work+0x3d5/0x5e0
[ 1884.855251][T11666]  worker_thread+0xa53/0xfc0
[ 1884.855288][T11666]  kthread+0x388/0x470
[ 1884.855308][T11666]  ? __pfx_worker_thread+0x10/0x10
[ 1884.855333][T11666]  ? __pfx_kthread+0x10/0x10
[ 1884.855352][T11666]  ret_from_fork+0x51e/0xb90
[ 1884.855381][T11666]  ? __pfx_ret_from_fork+0x10/0x10
[ 1884.855405][T11666]  ? __switch_to+0xc7d/0x1450
[ 1884.855430][T11666]  ? __pfx_kthread+0x10/0x10
[ 1884.855449][T11666]  ret_from_fork_asm+0x1a/0x30
[ 1884.855474][T11666]  </TASK>
[ 1884.855482][T11666] 
[ 1884.855486][T11666] Allocated by task 11666:
[ 1884.855496][T11666]  kasan_save_track+0x3e/0x80
[ 1884.855541][T11666]  __kasan_kmalloc+0x93/0xb0
[ 1884.855584][T11666]  __kmalloc_cache_noprof+0x3a6/0x690
[ 1884.855626][T11666]  l2cap_chan_create+0x51/0x7a0
[ 1884.855652][T11666]  l2cap_sock_new_connection_cb+0x182/0x2e0
[ 1884.855678][T11666]  l2cap_connect_cfm+0x368/0x1560
[ 1884.855700][T11666]  hci_connect_cfm+0x95/0x140
[ 1884.855717][T11666]  le_conn_complete_evt+0x1134/0x16b0
[ 1884.855739][T11666]  hci_le_conn_complete_evt+0x187/0x470
[ 1884.855759][T11666]  hci_event_packet+0x659/0xef0
[ 1884.855782][T11666]  hci_rx_work+0x3ee/0x1030
[ 1884.855797][T11666]  process_scheduled_works+0xb6e/0x18c0
[ 1884.855819][T11666]  worker_thread+0xa53/0xfc0
[ 1884.855843][T11666]  kthread+0x388/0x470
[ 1884.855860][T11666]  ret_from_fork+0x51e/0xb90
[ 1884.855882][T11666]  ret_from_fork_asm+0x1a/0x30
[ 1884.855898][T11666] 
[ 1884.855902][T11666] Freed by task 20492:
[ 1884.855910][T11666]  kasan_save_track+0x3e/0x80
[ 1884.855934][T11666]  kasan_save_free_info+0x46/0x50
[ 1884.855984][T11666]  __kasan_slab_free+0x5c/0x80
[ 1884.856009][T11666]  kfree+0x1c1/0x6c0
[ 1884.856050][T11666]  l2cap_sock_cleanup_listen+0xf0/0x440
[ 1884.856075][T11666]  l2cap_sock_release+0x6e/0x270
[ 1884.856098][T11666]  sock_close+0xc3/0x240
[ 1884.856144][T11666]  __fput+0x461/0xa90
[ 1884.856189][T11666]  task_work_run+0x1d9/0x270
[ 1884.856208][T11666]  exit_to_user_mode_loop+0xed/0x480
[ 1884.856251][T11666]  do_syscall_64+0x32d/0xf80
[ 1884.856292][T11666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1884.856328][T11666] 
[ 1884.856334][T11666] The buggy address belongs to the object at ffff88802b931000
[ 1884.856334][T11666]  which belongs to the cache kmalloc-2k of size 2048
[ 1884.856350][T11666] The buggy address is located 1280 bytes inside of
[ 1884.856350][T11666]  freed 2048-byte region [ffff88802b931000, ffff88802b931800)
[ 1884.856370][T11666] 
[ 1884.856375][T11666] The buggy address belongs to the physical page:
[ 1884.856385][T11666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2b930
[ 1884.856404][T11666] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1884.856420][T11666] flags: 0x80000000000040(head|node=0|zone=1)
[ 1884.856436][T11666] page_type: f5(slab)
[ 1884.856454][T11666] raw: 0080000000000040 ffff88813fe1b000 dead000000000100 dead000000000122
[ 1884.856471][T11666] raw: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[ 1884.856489][T11666] head: 0080000000000040 ffff88813fe1b000 dead000000000100 dead000000000122
[ 1884.856506][T11666] head: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[ 1884.856522][T11666] head: 0080000000000003 ffffea0000ae4c01 00000000ffffffff 00000000ffffffff
[ 1884.856537][T11666] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008
[ 1884.856547][T11666] page dumped because: kasan: bad access detected
[ 1884.856556][T11666] page_owner tracks the page as allocated
[ 1884.856563][T11666] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 43, tgid 43 (kworker/u8:2), ts 16009890851, free_ts 0
[ 1884.856620][T11666]  post_alloc_hook+0x231/0x280
[ 1884.856680][T11666]  get_page_from_freelist+0x28bb/0x2950
[ 1884.856700][T11666]  __alloc_frozen_pages_noprof+0x18d/0x380
[ 1884.856719][T11666]  allocate_slab+0x77/0x660
[ 1884.856740][T11666]  refill_objects+0x334/0x3c0
[ 1884.856759][T11666]  __pcs_replace_empty_main+0x35c/0x710
[ 1884.856789][T11666]  __kmalloc_noprof+0x530/0x7b0
[ 1884.856805][T11666]  scsi_alloc_target+0x138/0xbd0
[ 1884.856887][T11666]  __scsi_scan_target+0x164/0xe10
[ 1884.856914][T11666]  scsi_scan_host_selected+0x375/0x690
[ 1884.856941][T11666]  do_scan_async+0x124/0x760
[ 1884.856956][T11666]  async_run_entry_fn+0xa8/0x440
[ 1884.856981][T11666]  process_scheduled_works+0xb6e/0x18c0
[ 1884.857004][T11666]  worker_thread+0xa53/0xfc0
[ 1884.857027][T11666]  kthread+0x388/0x470
[ 1884.857044][T11666]  ret_from_fork+0x51e/0xb90
[ 1884.857067][T11666] page_owner free stack trace missing
[ 1884.857075][T11666] 
[ 1884.857079][T11666] Memory state around the buggy address:
[ 1884.857089][T11666]  ffff88802b931400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1884.857102][T11666]  ffff88802b931480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1884.857115][T11666] >ffff88802b931500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1884.857124][T11666]                    ^
[ 1884.857135][T11666]  ffff88802b931580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1884.857147][T11666]  ffff88802b931600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1884.857157][T11666] ==================================================================
[ 1884.857170][T11666] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1884.857186][T11666] CPU: 0 UID: 0 PID: 11666 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1884.857213][T11666] Tainted: [L]=SOFTLOCKUP
[ 1884.857220][T11666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1884.857232][T11666] Workqueue: hci1 hci_rx_work
[ 1884.857251][T11666] Call Trace:
[ 1884.857258][T11666]  <TASK>
[ 1884.857265][T11666]  vpanic+0x56c/0xa60
[ 1884.857295][T11666]  ? __pfx_vpanic+0x10/0x10
[ 1884.857327][T11666]  panic+0xc5/0xd0
[ 1884.857352][T11666]  ? __pfx_panic+0x10/0x10
[ 1884.857380][T11666]  ? l2cap_connect_cfm+0x902/0x1560
[ 1884.857408][T11666]  ? l2cap_connect_cfm+0x902/0x1560
[ 1884.857432][T11666]  check_panic_on_warn+0x89/0xb0
[ 1884.857467][T11666]  ? l2cap_connect_cfm+0x902/0x1560
[ 1884.857491][T11666]  end_report+0x73/0x180
[ 1884.857509][T11666]  ? l2cap_connect_cfm+0x902/0x1560
[ 1884.857532][T11666]  kasan_report+0x128/0x150
[ 1884.857551][T11666]  ? l2cap_connect_cfm+0x902/0x1560
[ 1884.857579][T11666]  l2cap_connect_cfm+0x902/0x1560
[ 1884.857608][T11666]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1884.857633][T11666]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1884.857654][T11666]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1884.857674][T11666]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1884.857695][T11666]  ? mutex_lock_nested+0x152/0x1d0
[ 1884.857720][T11666]  ? hci_connect_cfm+0x2c/0x140
[ 1884.857741][T11666]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[ 1884.857774][T11666]  hci_connect_cfm+0x95/0x140
[ 1884.857797][T11666]  le_conn_complete_evt+0x1134/0x16b0
[ 1884.857824][T11666]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1884.857848][T11666]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1884.857868][T11666]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1884.857888][T11666]  ? skb_pull_data+0xfb/0x200
[ 1884.857913][T11666]  hci_le_conn_complete_evt+0x187/0x470
[ 1884.857938][T11666]  hci_event_packet+0x659/0xef0
[ 1884.857958][T11666]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1884.857990][T11666]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1884.858012][T11666]  ? __pfx_hci_event_packet+0x10/0x10
[ 1884.858030][T11666]  ? rt_spin_unlock+0x14f/0x200
[ 1884.858060][T11666]  ? hci_send_to_monitor+0xe2/0x590
[ 1884.858088][T11666]  hci_rx_work+0x3ee/0x1030
[ 1884.858111][T11666]  ? process_scheduled_works+0xa8d/0x18c0
[ 1884.858138][T11666]  process_scheduled_works+0xb6e/0x18c0
[ 1884.858175][T11666]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1884.858203][T11666]  ? assign_work+0x3d5/0x5e0
[ 1884.858229][T11666]  worker_thread+0xa53/0xfc0
[ 1884.858266][T11666]  kthread+0x388/0x470
[ 1884.858285][T11666]  ? __pfx_worker_thread+0x10/0x10
[ 1884.858311][T11666]  ? __pfx_kthread+0x10/0x10
[ 1884.858331][T11666]  ret_from_fork+0x51e/0xb90
[ 1884.858358][T11666]  ? __pfx_ret_from_fork+0x10/0x10
[ 1884.858383][T11666]  ? __switch_to+0xc7d/0x1450
[ 1884.858407][T11666]  ? __pfx_kthread+0x10/0x10
[ 1884.858426][T11666]  ret_from_fork_asm+0x1a/0x30
[ 1884.858451][T11666]  </TASK>
[ 1884.858965][T11666] Kernel Offset: disabled