last executing test programs:

4m28.816144466s ago: executing program 4 (id=3648):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000002c000000030a01080000000000000000010000000900"], 0xd0}}, 0x0)

4m27.520411315s ago: executing program 4 (id=3651):
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rfc1337\x00', 0x2, 0x0)
sendfile(r1, r2, 0x0, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r5, 0xc2c45512, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf27, 0x500}, 0x48)
mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x3, 0x13, r6, 0x0)
mremap(&(0x7f0000fa4000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000fa2000/0x1000)=nil)
connect$qrtr(r0, &(0x7f0000000340)={0x2a, 0xffffffff00000002, 0x7fff}, 0xc)
bind$qrtr(r0, &(0x7f0000000500)={0x2a, 0x1, 0x1}, 0xc)
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)

4m26.184790427s ago: executing program 4 (id=3655):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x3b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff30, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x2000)=nil, 0x2000, &(0x7f0000000000))
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8c, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)={0x60, 0x1403, 0x1, 0xe4ffffff, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vlan1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'ipvlan0\x00'}}]}, 0x60}, 0x1, 0x0, 0x0, 0x80c9}, 0x20000000)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_create_resource$binfmt(&(0x7f0000000180)='./file1\x00')
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000780)={'netdevsim0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r7, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x4, 0x4dc, [0x0, 0x0, 0x0, 0x0, 0x0, 0x800007c0], 0x0, &(0x7f00000000c0), &(0x7f00000007c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{0x11, 0x40, 0x5, 'bond_slave_1\x00', 'ip6gretap0\x00', 'veth0_to_team\x00', 'veth0_to_batadv\x00', @broadcast, [0x0, 0xff, 0xff, 0x0, 0xff], @empty, [0x0, 0x0, 0xff, 0xff, 0xff], 0xde, 0x10a, 0x152, [@ip6={{'ip6\x00', 0x0, 0x4c}, {{@mcast2, @loopback, [0xffffff00, 0xff000000, 0xffffffff], [0xffffffff, 0xff, 0xffffffff, 0xff], 0x5, 0x6, 0x44, 0x22, 0x4e21, 0x4e22, 0x4e23, 0x4e23}}}], [@common=@mark={'mark\x00', 0x8, {{0xfffffff0, 0xfffffffffffffffc}}}], @common=@log={'log\x00', 0x24, {{0xff, "4e323a79304fa9eca81f54974afa54ef12cf13571a49acdc7d6d9eebd8ad", 0x8}}}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x2, [{0x11, 0x73, 0x6002, 'hsr0\x00', 'veth0_to_team\x00', 'pimreg0\x00', 'bridge_slave_1\x00', @broadcast, [0xff, 0xff, 0xff, 0x0, 0x0, 0xff], @multicast, [0xff, 0x0, 0xff, 0xff], 0x9e, 0x9e, 0xce, [@mac={{'mac\x00', 0x0, 0xc}, {{@random="684ba89c1044"}}}], [], @common=@dnat={'dnat\x00', 0xc, {{@local, 0xffffffffffffffee}}}}, {0x3, 0x1, 0x805, 'veth0\x00', 'netpci0\x00', 'gre0\x00', 'virt_wifi0\x00', @broadcast, [0xff, 0x0, 0xff], @remote, [0xff, 0x0, 0xff, 0x0, 0x0, 0xff], 0xae, 0xda, 0x126, [@ip={{'ip\x00', 0x0, 0x1c}, {{@local, @broadcast, 0xffffffff, 0xffffffff, 0xf1, 0x33, 0x3a, 0x24, 0x4e24, 0x4e24, 0x4e24, 0x4e22}}}], [@common=@mark={'mark\x00', 0x8, {{0xffffffd0, 0xfffffffffffffffc}}}], @common=@LED={'LED\x00', 0x28, {{'syz0\x00', 0x0, 0xa9}}}}]}, {0x0, '\x00', 0x3, 0xffffffffffffffff, 0x1, [{0x5, 0x50, 0x7, 'wg0\x00', 'bridge_slave_0\x00', 'ipvlan1\x00', 'vcan0\x00', @remote, [0xff, 0x0, 0xff, 0xff, 0x0, 0xff], @remote, [0xff, 0xff, 0xff, 0x0, 0xff, 0xff], 0xaa, 0xaa, 0xd6, [@quota={{'quota\x00', 0x0, 0x18}, {{0x1, 0x0, 0x6, {0xffff}}}}], [], @common=@mark={'mark\x00', 0x8, {{0xfffffff0, 0xfffffffffffffffc}}}}]}]}, 0x5a8)
r8 = open$dir(&(0x7f0000000080)='./file0\x00', 0x228400, 0x20)
r9 = openat(r8, &(0x7f0000000000)='./file0\x00', 0x224d03, 0x104)
setsockopt$SO_J1939_PROMISC(r9, 0x6b, 0x2, &(0x7f0000000040), 0x4)

4m20.061166729s ago: executing program 4 (id=3658):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x4}, 0x6)
write$bt_hci(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0000023f3201"], 0x138)

4m19.986381988s ago: executing program 4 (id=3660):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000002c000000030a01080000000000000000010000000900"], 0xd0}}, 0x0)

4m18.570372443s ago: executing program 4 (id=3664):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0xffffffff, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000600)='Q', 0x1, 0x0, 0x0, 0x0)
io_uring_setup(0x177f, 0x0)
r1 = socket(0x2b, 0x1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000200)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0xffffffd4, 0x0, 0x0, 0x20}}, 0x0, 0x1, 0xc3, &(0x7f0000000280)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4}}}]}, 0x38}}, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000001340)={r7, 0x7}, 0x8)
getsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000040)={r7, 0x0, 0x1, 0x7fff}, &(0x7f0000000380)=0x10)
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd21, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0xc, 0x4}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@gettfilter={0x24, 0x2e, 0x1, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r10, {0xc, 0x4}, {0x0, 0xfff1}, {0x84, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x4041080)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400070000000900020073797a3100000000050005000200000011000300686173683a69702c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)={0x54, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
syz_usb_connect$hid(0x4, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8)
writev(r0, &(0x7f0000001300)=[{&(0x7f0000000100)='^', 0x34000}], 0x1)

4m3.118721612s ago: executing program 32 (id=3664):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0xffffffff, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000600)='Q', 0x1, 0x0, 0x0, 0x0)
io_uring_setup(0x177f, 0x0)
r1 = socket(0x2b, 0x1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000200)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0xffffffd4, 0x0, 0x0, 0x20}}, 0x0, 0x1, 0xc3, &(0x7f0000000280)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4}}}]}, 0x38}}, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000001340)={r7, 0x7}, 0x8)
getsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000040)={r7, 0x0, 0x1, 0x7fff}, &(0x7f0000000380)=0x10)
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd21, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0xc, 0x4}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r8 = socket(0x400000000010, 0x3, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@gettfilter={0x24, 0x2e, 0x1, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r10, {0xc, 0x4}, {0x0, 0xfff1}, {0x84, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x4041080)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400070000000900020073797a3100000000050005000200000011000300686173683a69702c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)={0x54, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
syz_usb_connect$hid(0x4, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x8)
writev(r0, &(0x7f0000001300)=[{&(0x7f0000000100)='^', 0x34000}], 0x1)

2m23.325195488s ago: executing program 2 (id=3956):
syz_emit_ethernet(0x66, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, 0x0, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r2, 0x111, 0x1, 0x8, 0x4)
r3 = syz_io_uring_setup(0x68e, &(0x7f0000000740)={0x0, 0x9d7f, 0x10100, 0x80, 0x1d4, 0x0, r1}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r3, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r6, &(0x7f0000000cc0)={'syz1\x00', {}, 0x3, [0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x40, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f9, 0x100, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, 0x0, 0x0, 0x0, 0x3, 0xe, 0x721a2d6b, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x6], [0x3, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x8, 0x7f, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x289, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0xa46, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x72, 0x0, 0x0, 0x0, 0xffffffff, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x5, 0x8, 0xfffffffd, 0x0, 0xfffffffe, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x3, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000008, 0xc7, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8, 0x0, 0xc, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x10004, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffd, 0x400, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x4]}, 0x45c)
r7 = eventfd(0x9)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000200)={0x1, r7})
ioctl$UI_DEV_SETUP(r6, 0x5501, 0x0)
readv(r6, &(0x7f0000001900)=[{&(0x7f0000000040)=""/65, 0x41}], 0x1)
ioctl$UI_DEV_DESTROY(r6, 0x5502)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d8000000140081044e81f782db44b9040211080211000000040000a118000200e000000000000e1208000f0100810401a80016ea1f000640c9201114c92011148ed08734843cb12b00000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)

2m22.777405218s ago: executing program 2 (id=3958):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
r0 = syz_io_uring_setup(0x234, &(0x7f0000000580)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x8})
io_uring_enter(r0, 0x207a98, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}}, 0x1c)

2m22.574789187s ago: executing program 2 (id=3960):
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x6, 0x2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r3)
r5 = socket(0x1e, 0x1, 0x0)
connect$tipc(r5, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r5, &(0x7f0000000080), 0x2000011a)
sendmsg$TIPC_NL_NET_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x20, r4, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x0)

2m18.291506933s ago: executing program 2 (id=3968):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$netlink(0x10, 0x3, 0x6)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)

2m16.758625224s ago: executing program 2 (id=3971):
fsopen(&(0x7f0000000000)='sysfs\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000400), 0xffffffffffffffff)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x4008000)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={&(0x7f0000000900)=ANY=[], 0x0, 0x26, 0x0, 0x0, 0x2000000}, 0x28)
migrate_pages(r0, 0xa94b, &(0x7f0000000b80), &(0x7f0000000bc0)=0x27e0407a)
umount2(&(0x7f0000000340)='./file0\x00', 0x0)
syz_open_dev$sndctrl(&(0x7f0000000280), 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000000)='cifs\x00', 0x0, &(0x7f00000001c0)='=\n\x9b\xa1Q\x83\xe9\n@\xf6\"2a\xd7\x1fch\x1a}#\xfa\xe4\n\xdc[\x03\x97\xcd\xf1\xa6b\x9a\x1f\xff\xff\xffIT\xe4\x8c&\xac\xe6:\xc5\xe8\xd9\"\x82\xd5\xeb\x90\xef1:\xba\xc3\xc3\xd3\xad\'\xc44\x17,,\x8dZz\x04\x17-#F\xc7<\xe6\xf5]%gC\x9e\xca\nS\xc3\xc8\x98\xd8\xc8\x9eZ\xa76\x9f\xc2=\xaa\xcet7\xb9\xbd\xd47\xe3\xc8@$8\v\x9f\xfd\xe1!\x11\x19Y\x06J\x8f\x80\xef9Tw8\x1b\xe2\xf3\x85\xd5}\xa5\xb7\xd5|')

2m15.281824816s ago: executing program 2 (id=3974):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$netlink(0x10, 0x3, 0x6)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd29, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0xfffffffc, 0x0, 0x0, 0x0, 0xd782}}}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x1)
fchdir(r2)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r3, 0x101, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_uring_setup(0x308a, &(0x7f0000000640)={0x0, 0xbf2f, 0x800, 0x103fc, 0x13c})
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
sendmsg$rds(r6, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)

32.768198457s ago: executing program 0 (id=4177):
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write$P9_RGETLOCK(r2, &(0x7f00000002c0)=ANY=[], 0x200002e6)
fcntl$setpipe(r2, 0x407, 0x7000000)
syz_clone3(&(0x7f00000014c0)={0xa1860000, &(0x7f0000000000), 0x0, 0x0, {0x33}, &(0x7f00000004c0)=""/4096, 0x1000, &(0x7f0000000340)=""/69, &(0x7f00000003c0)=[r0], 0x1, {r2}}, 0x58)

30.454703658s ago: executing program 0 (id=4179):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x5efe)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000240)={0x28, 0x0, 0x0, @local}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0xe, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x43, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2(&(0x7f00000003c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB=',cache=fscach'])
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r8, 0x0, 0x96, 0x4}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}]}, 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f00000000c0)={0x1, 0x79e}, 0x8)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)

22.558320839s ago: executing program 3 (id=4189):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@loopback, @in6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x4e23, 0xfffc, 0x4e23, 0x3, 0xa, 0x80, 0x30}, {0x100000000, 0x2, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff, 0x6, 0x8, 0x800000000001}, {0x9, 0xfffffffffffffffe, 0x0, 0x9}, 0xd6, 0x0, 0x1, 0x0, 0x0, 0x1}, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x210000, 0x33}, 0x0, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0xfffffffb}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0xffe0)

21.279728313s ago: executing program 0 (id=4193):
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000180), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000140))
r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r2, 0xc0804124, 0x0)

19.120078284s ago: executing program 0 (id=4202):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000005580)=""/102392, 0x18ff8)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=@newlink={0x60, 0x10, 0xffffff1f, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4408}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x28, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TTL_INHERIT={0x5, 0xc, 0x1}, @IFLA_GENEVE_UDP_ZERO_CSUM6_TX={0x5, 0x9, 0x1}, @IFLA_GENEVE_REMOTE6={0x14, 0x7, @loopback}]}}}, @IFLA_MASTER={0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}]}}}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe0}}, 0x0)

17.100257586s ago: executing program 3 (id=4204):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendfile(r1, r2, 0x0, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r6 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r6, 0xc2c45512, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf27, 0x500}, 0x48)
mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x3, 0x13, r7, 0x0)
mremap(&(0x7f0000fa4000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000fa2000/0x1000)=nil)
connect$qrtr(r0, &(0x7f0000000340)={0x2a, 0xffffffff00000002, 0x7fff}, 0xc)
bind$qrtr(r0, &(0x7f0000000500)={0x2a, 0x1, 0x1}, 0xc)
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)

15.292530329s ago: executing program 3 (id=4206):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x1d0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000180)='W', 0x1}], 0x1}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xf5ad}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$netlink(0x10, 0x3, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @loopback}}, 0x0, 0x0, 0x3f8, 0x0, 0x32, 0x4000}, 0x9c)
sendto$inet6(r3, 0x0, 0x0, 0x40000, &(0x7f000005ffe4)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}}, 0x1c)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)="5c00000014006b03000000d86e6c1d00028400000000564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20008010)

12.527511079s ago: executing program 3 (id=4213):
socket$nl_generic(0x10, 0x3, 0x10)
getpid()
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x43, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmctl$IPC_STAT(0x0, 0x2, 0x0)

11.165608126s ago: executing program 3 (id=4216):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket(0x0, 0x800, 0x5c801904)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffcffffff, 0x20031, 0xffffffffffffffff, 0xbe9f5000)
userfaultfd(0x80001)
setsockopt(0xffffffffffffffff, 0x84, 0x81, &(0x7f0000000280)="1a000000", 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000240)=ANY=[@ANYRES64=r0], 0x9)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f00000005c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB="020000000100"], 0x50)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
r5 = fsopen(&(0x7f0000000040)='ntfs3\x00', 0x0)
close(r5)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000040)={0xa0, 0x258, 0x690, 0x384, 0xda, 0x10000, 0x20, 0x0, {0x4, 0x7}, {0x5, 0x1}, {0xfffffffe, 0x2, 0x1}, {0x800, 0x5, 0x1}, 0x5, 0x1, 0x3ff, 0x1000, 0x1, 0x7, 0x63, 0x10002, 0x5, 0x7fff, 0x10001, 0x7, 0x24, 0x100, 0x0, 0x2})
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x4)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

9.429560374s ago: executing program 1 (id=4219):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)={0x20, 0x14, 0x119, 0x0, 0x0, {0x28}, [@INET_DIAG_REQ_BYTECODE={0xb, 0xfa, "8d747ea4dc9278"}]}, 0x20}}, 0x0)

8.697177593s ago: executing program 1 (id=4220):
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @empty}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f5, &(0x7f00000001c0)={'syztnl0\x00', 0x0})

8.642887405s ago: executing program 5 (id=4221):
fsopen(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0xfffffd10, &(0x7f0000000200)=0x2000000000006)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
syz_open_dev$dri(0x0, 0x1ff, 0x80800)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'pim6reg1\x00', @link_local})
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x14, 0x0, 0x106, 0x6}}, 0x20)
r1 = socket(0x10, 0x3, 0x0)
write(r1, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000000100000000000000080003000b000000", 0x24)

8.067418857s ago: executing program 1 (id=4222):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x0, 0x0, 0x13}]}}, 0x0, 0x26}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f00000000c0)=0x40, 0x4)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000feffffff00000000000004008500000036000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000010400000850000000600000095"], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
splice(r1, &(0x7f0000000300)=0x3, 0xffffffffffffffff, 0x0, 0x7, 0x2)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c0000000206050000000000000000000700000014000780080008400000009808000640200000000500010006000000050005000200000005000400000000000900020073797a310000000010000300686173683a69702c6d6163"], 0x5c}}, 0x20000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xd, 0x4, 0x4, 0xa8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x5}, 0x48)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r6, 0x400455c8, 0x2)
ioctl$TIOCSTI(r6, 0x5412, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'ipvlan1\x00'})

6.76701531s ago: executing program 1 (id=4223):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x18, 0x6, 0x0, &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
openat$sysctl(0xffffff9c, &(0x7f0000000000)='/proc/self/clear_refs\x00', 0x1, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x120)
lseek(r0, 0x0, 0x2)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xfffe, 0x0, 0xa40}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
socket$kcm(0x10, 0x2, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x400000000, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)={0x14, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}}, 0x14}}, 0x20000000)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000900)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x38, 0x1403, 0x4, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'caif0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x24004054}, 0x80)

4.765037623s ago: executing program 1 (id=4224):
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
socket$unix(0x1, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x28, r1, 0x801, 0x400, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x28}}, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x51)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x8, 0xda, 0x0, 0x1}, 0x48)

4.701708191s ago: executing program 0 (id=4225):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
syz_usb_connect(0x2, 0x24, 0x0, 0x0)
getpid()
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x5, &(0x7f0000000340)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000100)=""/77)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r5 = openat$cgroup_devices(r4, &(0x7f0000000140)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r5, &(0x7f0000000080)={'b', ' *:* ', 'rwm\x00'}, 0xa)
ioctl$SIOCGETSGCNT(0xffffffffffffffff, 0x89e1, &(0x7f0000000000)={@multicast1, @dev={0xac, 0x14, 0x14, 0x35}})
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_DEL_PMKSA(r6, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x3c, r7, 0x300, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x1c000000, 0x1}}}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "468eb8b5c817089b3730960ec42884b4"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x84020}, 0x54)

3.093399382s ago: executing program 3 (id=4226):
r0 = inotify_init1(0x0)
r1 = dup(r0)
read$FUSE(r1, &(0x7f0000002280)={0x2020}, 0x2020)
inotify_rm_watch(r1, 0x0)

3.0754268s ago: executing program 1 (id=4227):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x0, 0x0, 0x13}]}}, 0x0, 0x26}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r4, 0x11b, 0x5, &(0x7f00000000c0)=0x40, 0x4)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000feffffff00000000000004008500000036000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000010400000850000000600000095"], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r5, 0x0, 0xe, 0x0, &(0x7f0000000200)="ff7f0e3f2617d1f439b5a1db8511", 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x6}, 0x50)
splice(r1, &(0x7f0000000300)=0x3, 0xffffffffffffffff, 0x0, 0x7, 0x2)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c0000000206050000000000000000000700000014000780080008400000009808000640200000000500010006000000050005000200000005000400000000000900020073797a310000000010000300686173683a69702c6d6163"], 0x5c}}, 0x20000000)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x9, 0x4, 0x4, 0x2, 0x80, 0x1, 0x0, '\x00', 0x0, r0, 0x1, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xd, 0x4, 0x4, 0xa8, 0x0, r7, 0x0, '\x00', 0x0, r0, 0x0, 0x5}, 0x48)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r8, 0x400455c8, 0x2)
ioctl$TIOCSTI(r8, 0x5412, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'ipvlan1\x00'})

3.074483403s ago: executing program 5 (id=4228):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000000000000100"/28])
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000340)={{0x0, 0x0, 0xfffffffffffffe6d, {0xdddd0000, 0x100000}}, "a9cbc4b723986beb2541731c8831607b6ee747534f2610e68420ac50bde6dad58d04aad3777f18b4f168b3950653ce1d7740b6225b60f102dea41282032f21c3f19760a59ad876506e4e939e80e92248edfd8137e41621c1a490cf3cbb0502fa6deb4cb0efa6bc813cca06ed4828bafa15d1afd8ac82b71d1a7b410eeac6a6f31e4995b05d3f93bf80a053ae74958ed42c6c4b4d0bcaa08d3e6025a166ac6f19973f974613e0d7ca520dd948ed23fcce9f475faa3e49d697324fa1b2cdfef7deb66a190e9185a90f5c54c88895af1a61f8c0722f0c0bf9835d8910449682cc5551ec995aec222238bb28f41ba7f99f93b785dd2d48cf389f27da125b9c3ec7f716d6b6b696a93e625f0e17b4ff3bac5eec8e2dd837254c16d8c9b2a773ac70b8dc7216980fcf1db0cd885a6f3379dfcca516b0b5771d3dfb2212fd569b8f6003dcf8478390e14a5bf73eb1a61a12ce20ea3f5fbd6d9a56a4adf6043190cc7d559e7773668d0498f6c7438917d204ed2ec53da03cc744619be3785cd8cddb678f8e90965f22242bb62fa3590dde45cacad3852a54154a90d7495cc4cfbd7baacc19604efd864cc76a7e867cd7403301f45a3ad20ed8edf412e4aae5f279eada88ee43a436dd3b1f37098b7d81759aff2d81e5593535d44035fdcbae0f45a7163c06b8ed7da27a03e266947d7f11d9e1600f1a88b99643a0b99abad360b8137415f7800f8a5a16ba306778733d5493cc73d0aacebe1cc4618847bd620034cb617c55e47ff8d8000f52c25a6b3e9272c297e6b30bed370dda4c2b56278893a4faefb28a87c40229d3f80814e128eedb7050465e1e00547a1b77ebaef78355d9867ce521138d63f147ec3de6cac38d9eeb1d167494466e00d97a32701117bbe0f95304970e632b9cf8ded044b3f1c01326095b422678d798a9c5f8ab05f4e6549639186723aa3d38927ed4ca94a9e6de3c4f5ce99d090389473455cb366c7dfcb43ebe60271a3693e80ae4948291753007f5032f518ffc832f3e819f3bdac1085a80cdd494cdcac4a874a14818b9dae534559c2c5a542a12949a22fddb9060e8a400f96512aa8eaaa6659932dc8852f5709a808604c2fda229c79933646e36255948baec6e0c2d4fbe056628157ba456603e5cb45761b5aa97c0daceb3e6d7a192d109847057cb4322c9c5e62403c921e9cebeca77d12c3ed05f5e131e3c00d9070618872ea8a1f05e4598c98739d3a9245e537ed992aa4eb8a571e4c7c0dc797f91e3258835f9db1b6501edaaf38c9fd4d718c743d30b6f1e480ce9408aa6b894055768738e3df843301d99b476ba8d30f6483022ad7fd50493e600700ef1b70c72f607feb0df9898b61a38f4f59d23779b7af4a5b5a0e7379877d8c875d1e47a9ddbac19208cd22e05f729a9175b9bf1c96618d63585204eb5ea29e0a0f17c12219fd51bc462dcff6d3ff73b64d2a5f7ebe6ebdefd841698e909cf1018a88afefc1802fc97c22a240f20ce6938ae6b2224f7ca311622695577f3e4cb8f7e87bcf5bcdcc5311815bab1499465f687903b4da5693c83cbe13ba3d94f413bbdf9886241fc1f0b9ea00e7b2d1c2fe29d8921c56919bbfa091d4542c590a18848256b7eca92114c5542356bb15e1cd59b28a5d5b86bb92c30e88ea6edc6efd3c685a7e9b840b61f445bb57d670d3dbba61da442fcdabd4c14b9dd6543aafca5bea6ca16c00bbdc0999cec79272dfd1de86bea7d830ec2deaa339c2fc57d6490ee7cf3bb4e6cb4b8dcaa4279bef0af601f96dc25a3cf926eb6c5eb9529a266e1a9d96fbb5e0ffeb472d40e3853f42d69e725d2dd570b531779a09a5f945a2dce4ddd898be60b9d38f3c305f942f8f8a3ee992de01a0d6b3db1a4174b770681d2470edd2319a9b9d04d3cadd67583a313c071f809c89134b2b714cb2d7247d4d6b5d794302e9408e946bf1cadc767a8ae918a6608f7d2dbb2d825e949c823ac6bda0c46dea864c83222f3c7f7ec020f3a6445f3762dfaae5a28c3857053b2548d11c9b9f4af5366b43012e35d14ba139085493e95ad24bcc92b835f3c72ff762fcbe3d04ee2051e959a9e680f51425d5eeeedd99767fccda20b44bbbac6989e1d6f70f030c2530b83923fbf27fbf24f62ff7a5619b39b338e165dcf66faf6092edd19216fdacfb8eb80bd7d8a7767f538c3021e20f498c8e456bc32af1157b5988950caf1c478047f132c01f53c12929f030e9d78c284e64a521350d72748ef214c05f4c8d2e47384c3cd29c99a2df1abb2e8ff5a363a488feb119e8ad5e3c39a4f24449d00b3772090b499e2c65b50a3e6ce7f1e2f2bac0ae5e58147d1d6887617ca38d12b1cc9a5e3ee47539f40179136698acd9b9e20a4f85335dcb19d4ba4a05bcd84b27a9f1897ab8f67abf78ba3ce4d87b37c129562d33bb0836c8fe830c068e7c8b6728ed585258c7d82b5c407d0532bf5ba60cfb0a6e6f3aa44bdf3bb7ac389023c3db4395c3875a3496d85640d423775d8ac0c4c3ab1831bdd785a5ca0ba2073bdf6970e4b63718944603ab32b83d7c73af090c3a941561a76f08e2235e1ea8a0b721cd6a73466664c411c33fd1a3e46e580c77034cb09ac38b6d1824f642d3354e827b6ddc0ca15c3bd7192882eaece388d428282c859fed7d280e5d81cd0252c149154e2038a3f2535781dc81d7221278c21ee819fb913fc8d97e96f3dbbf0b2cd63a0ceeadec43fca7a760f45aa53de97597b4afb3abf5921125e9f148da377556e6de1a62aab6055b10c1698649515e62c572d62d901ae7fcd417b627db64785fbdc21f0e978eb143d7abb2771de9a912466fb6e6f55a12f209e131732d45a8293f1a36ddddfad54f857016e3ab7fceb97ddfde1a8c8569dfa972ec636e7c93e603d5e1d0e98d6f109dfa6df50ce987abfc291aba0e488ba8f0596fbd1bacd58862b611250a85cd34e7d100f785286d815281b62ef2dfeea5e8ba4ee4a019af0ff59b0f4f3049f8718d0fca57de1cf88763d13ad26c50cccec4faba99d899ef079c3400052d065cc0a44e8f73dc5bef5f8681015b29c96dacd026d920f369a2b0c341b8295f5268e2d9bf80df2d9ea1017b5b41ec2060c2fecc67c040e7c37521b6d6174c4d4ed4accc5479f6fc4ddc0e45a7f8030ff8e23f000315a3565498d07bd0cc6459f5cff23b40ffb80ace2f48fe0c1a337bb4f748bb8c057089de5cd727b278b45d84a8f7df9f898b3cef2ec319b032f888c4953bfe141c8e4b67ab3f95fa133790ea17b27be21c9478da70641265045e81e28229a4dc15f59c2f18b1b9c082d1154bc9565508fc9419912b48f3b1271609006399a844f6ccedb6323ada63d3e0b340fd07cf9e3b98b1d193bd76796c2a185366b25468017d28371d8792eb42304961bc9c1f4ef4025d2814837dacc9f1d777bfeddb30eca1cacd9f5b6619c4000252ecdabf7107dff264046c111c6f5767e3486c37ec175f52bd3460a7ad49e35bb729ba76e2fa5e117c49b750000005e0abf56340740b81ea37c5df26b7c885cc5da412cf4e9932e2561aa7945945dcba0677786c9ea9b9aee47d73454df82048f021b30a817606c96415c22e1e908316f84aae52e050e31176408d35ef33091618df7d38d22bd2b626dc138f423c32362878c8f6538dcf0b96c4298668d4bb35773c952bbebd4778c964b0eae8eac9bef3469ea5da890377c500ea027180f5308585cd7941c7e3305c32d610de49b5c1acce6c285d88a99dcebb2b5972a276d416abf25b44c1712a43d3e30005a1535553e779c0f72ff519d2407214c02e7020ca479e93c3fb2b867ad73e69ba10e92f329cd54c4c80d227d0710cf384fd9a39d444053afce6d1e93b47137843d149e888bd868b1b2179c1fdd8291d15724db10a756300209ae4a2ed91788fe9f980af1bb00d05a8fe1a020fe4bba91fb487c8ea674a6739067a0a86b7f2a4fc141f6c864f065fc6e5effdb5a1f1d063c6888626e13ced52f3669677dad96da1cfff7d700e9f6f74131b8ac0f4fb6c8d5fd675b1ed6001bba7dd0e95567a6d06fe28e756609821312f4725c5909c6353ad385e57fb162e2f65b5e2a0100aaa356a19b9c5c183d195d0134adb8bc8d03415daafd95f3a5e44f201741e22dd905dc12469664040ce714a5d9042f58db392d6c6af1eaa4c82cd9b4996252b44334be627708463ffe52a80d8d1c8a5b1a23f9c68144c4a6c6387e542b3cb9de7765faf05fda086986d3c6a1f0906b2ea0eba741abb9514ccd57f2d8ea1d67145c5d71749b560f85093ecc265a24239078253fa0bd39bf67f8e1d78f07e167c05d808771c7b0146af368e8859273ef76f9feedf7fc69640b5e95a25076c477338e31cc9a7348b8a31a0f8d4dd9e6c46f18126279c5d1192ddee08a7057195689954b26a19dcfd2a59febb6556c18c18abc85527372919196b29a737f8bb3b97bebaf3e6c43099064e067f12772c2333be19dd4e803289430a660d68963a26ff1b1c8c664c0318a2558dec140d984837a936651906ab960b6bff8bc8b32704f3e0769e6c85c9f5bd50270bc1030ea71f2db5c43116bd0641ed31ab6db12514aec68febe59e04d2b872c9fc2173017ee6e75a18d6832c9992d1ed2ead9452dce9b2efa01dc97ea31ee5c3f5743760f2589615f45738140d0f8c148f1858d0897094a34727493e607132bc1eefa0d0ff236f9ac5a2a0f0bf06719c1d5061846e427fa36138c808741ccbd10ad3f6f54470804e656a8ab1a9ee9a523bed87cb2fd4d6db8aa6d6b80d1e9886dc12b915665101b9094a22f444379182f5356fed797ebd97ec6493bd681f69321f9735ae6d3d6822818c7cfb21c5f3a0f9d5b8ef070c916fe9ccbbf04128a27e7928e3572f125b986c52ec0de078b40135b922a2feb294b0349df06d1c3e2c9d2ed2ee88b7a1673423c6baedb51beb8f8cb1b3b986d1b9632fedfaec8e9a237311beb89cb0dd7efaa5b68537641d06b7cbfda581344c87452b4d3fe96cea6143378c4dd7586a9d55c666cce828ef91a35f3f0a5c9c369bd20c1bc7cc77fcf316a567fa21863b12c43faf3b9588dce4caa151937c6ee699cf49dba041775773ae062c69783758513a178bf46d2d40e24afe8975dd768a466755af2ffbb9fa728724a18fc9f427672ad5867a72ae8caca60fcc90cf817c291a2025b5243ae36e200b5e5c9ee4e90eac775c3b29fe1df8c35716f37d11961084fc28b0f8855376ec85d7741535f88db7977629dd832f06bb258e9a88cfc8671df2763fd9383a777f768c7aaecb9a7af9e76bb719767767c3d5178e2a10765c6b2ae80753f403125a9203ede6ed44eb96a1a010842f88f020dbb7f8df8bcbea0b60f1b99dd9b9aae2dbc995edc8ed82ec5e21e8d5e4d8d9fd0bfab342db38d12bb24c20c2a579069d74624db16bb9ec501312d8de0e653e9e74668d0ed05ccb0eb99db410c0000000fc246302635630b295ccf849e45944a25baa7f4651fa37f147e0fa977c0304e7cf25fa78260ca03abe8dc32cfb461f019f7d82194a98daae521ec4eaf3e138bb95b09d8ff2f106febcc126743abc8f8b707cd2cae1548c6fe54f64bf46c9ff03975e0c37eda3d485ff76ea5ae71fa5a2ca0d9293ea0cd4186e6e2e26fc2ba5e2cdde9400d9c1717058157a8410c9cd7ca4e679f41d8932576e7b292f28dfb9775b0ac5eb5788a8ddf797e32919e7a41c305af2e4e37eb4d5600", "1acd2077949cf1f27e1e764566e4cffaa168dcad09bfe7c84a06d9db78a4e8f0504116608cffa736ae4427d04f27d39e5de80f8935f281bc483252d1c4e0dff576831d8505d3cf34ddc4f4760b53ec5182b54b352dea1b5975eea9b6bffd5b66524559c7c3e9981d7a0ff5ffe6814c923871db66426d98286aec1debc56864a4b29ee5cb46989af08546d6d1a5d9da45db7d8abea1d392d0c668cc040da5d129ddbbe6a95a7d9e51a13328ea3fbd9ac81f03914ed9d1d2b72c234093a351f7294556996ca5459d796cb4127a9aed8e0cca398d1b5af6eae257d02db91a61d49a5677ee9c8caf1855edd2c25b9b3a9a5174d2193108e5e87d781780d9506a890687c80c429f3a46028ed71364c4b8d3b2380b38d2cf7e447dee058f556dcae2627e49dfd316d169d382f2b6775233157f57c7be54b105e2493e140ad97ecf9c12df8f0db9a973d0ef9197ebbdebc5e822ee06852a408560c7f19c65ab8527edc9ec1d6378f2c748f7e84d1d6e98de8abab3e0e42a866e1ec5d00822b124a98d77e9c8dbb3ac6648afe409b21e1cf2f5458a0588cd11af6887f552f6c16a801abf2594eb9a80e704b8053573f661dd29706e71060b630272037144b33d684f66128950510d4138785418f726eb7c7f84c7dda646b3647d673122f95ef89c863c3d4adec4477664cfe911683f19862cc918451f70a6a359dbc66b3599c0af91858ebe13c253a6e9a96758955fdfd1be103777812339e3786484a25b18994ba69b4275f26a64afb9be5219061d94d7c472236f1a20a9217d70abab15182c5f04c6080d535e34045d6497c1c8a2ea53fc022eb159d0d1be59a21f277ce441f3c5cb03ef0e7e1ac63177dfe567e2cb9055228f32c9ca6d38d99093fdc129951380cedafcca40712a2da5cc0af8d872d8f848ea5ff95210a52d2390e236da76fffce86cc8a78a8ea0e1e4464ceac9021556d29d7470ca19849b417aa6aee032f3bd437cb5c839c9f5fb20ec1367449abfb5e19f8365b7947bda60e34136e2eb53e0243766c2718d4bfe6eec77f8ca04d177cc17bad59d651a08349651de6d4dbf5856a6d42cc8cb2441ab7dfa9420d87d4a5aa5914f619b2478a0d68a98280231c8e7558d11eec87e80f2d039b5d6b287d9b3667b020dc45b999b162247bf38f5ac5fc99b5eb6ac5939d35d7d6e71b366f9553ada2784671aecdbdcaf42a2f254dc0289f7be9c6f0c045b30f63ae1a8fac778030f27e04e980bae66e474bc4f9572b8a0d8119ce13ea2ad1285b3397bc929ff26a2ba1ef2760c77e3e114d15742740b27796cb2fc84761db427cdf3c63be71fd6734ed2cb1300a8d5e2b1964f2a0320bfbad8e9bce0cd9329c8c41d79107d77f65c99f3c03813c1f0f5351869434c2ccb685f1863fac38a44ecf354ffde4926ae3cee90833db386633e6dba3585ec36f1aca6701d4d1fc13ac1c5d4cf2ae8c8c418da372bce96451dc2add28828e45ce3f6e35da3d49dcdb8ceb084a581b68fc5fcd4c45246e6b215ca98ae7239c317fe45404984292a83ac7e62614665bec4a5e80b055a0635003e93172e2045ec88144d9d7a2b50c45333720e2273b165147a0b1af77fe87089fe8c0fd32c4e950aedf6798c9007575dc86c02089414089527baf9bbbe5eaf4d58289de0987f8f310d7900ef2350daa438ac83ff255344a2bc814a3e7055269544310b0fe78b07eb0ee5f16899fc8bdf8e3cc47d27a44c93528885452195706091eaf15930f9df5874c19d0a1deedde0cbe9cda7f0618c378bc4ba6fbe911d546c7bc76954fcc6b5ef56c77d306421f9d24e0770cf8b578aaa6276bff4b98e9968e9a1f8c78c6d647d8c52a42d27ee8359840747913e0983e049ad77d87e35800eeeb19cd786a5edf6886e610f51b4d2290d959c7fe906dad2d3e2a5648c5ec0d48becaf209fbb6599d1b0d6299cb2b2fad3b3efac6ba0911a63ae399fa3f19adecc9b10533c99bba28bf9e37600db41c2b463c25b0602fb86ef043ee72aa26e7f102c3afe4073d1318671a514f8320dcbc699514792d5c90c34fe6809102cb6537a4e76530256cd997a1dba4a75b1578c7f12b409af040afa35c54001a4abf1c402f91413995ced6b64256684c34283e644246d235af905fa2edf8f802a65c1c1e0ba24ea656cb3b1f876b6f335aed27c3a6e8da53b1b9c283d299390310df6dc84e5569ad3ac1744824b329fc24cb8612c061b09440464c1168012dc40e8df788f9c708bde6bd4eb3f6111729b08796d0243b07a21ac542ae418f19ec3d7171197c8ca216b20f786784400f2834d98819a5fbbd909677f7d7309dca5c0e2cf74a8a53c1791c78488fec0520d3c71a9698e5040920acc5eb7764f4c295cb2f00b5a62d5fc1e1d0040c639886712ad4fece171739fbc0519b93c8bccac49f871a0e2f5ba97331be916aaae29b8cd646028629cc227b916d1d8b4729da3baffb0e39b533e039eb9f10073c156485902745ec60b8d281b2f84a8651fe4c533119bab8424bcecb28c067ffb1e03e05bcf9d6d44dfe0782e072934fc36e70b1acbf30387495618ac2729811aa6c2901b109b33a0010cfbe666fe9fcac86cc81023dda253863714e89c78265e219d00ba20b3c846368dd21816f699a6af20a290f075f4346b98ad40d69caaf2614856c0bdaa661907975679f5cb5afd3738ba811db58123922647476de50ccf17360393433b547bf0377b2115a7cd357699d043bd80981a2a28c638f7c2e725d85f9edd2fdcfea1f7e2bf02f9f0d4236c9d14c6d382dad99192125b219eea6a13b5685efcf34454d2a12537c5354dc5e34ecda968422cc472f0fec174b95cd298e89e7efbc164465dae45059a40e104b1a980ebc781848b0109ce9cec600b190a34dcf741dd6145d56c4ec27c983a7d6328130c122217bbbb33e2cffba1a352b6805dbd715772153b53051db7215f475ba8673b0dd59e2db414a658d3d262c5304d300b930921c7c0a9910eed96a705eea2c8657be193836a20f23fcbc8ef105ca25551626caf63c511d3c9dcffd9d485f27a63b6992e4b6fa26b02903a4da52fd7fa06397fe2883f9b6a4cac2ffb8ce1f476ec72bccaf0ec7b16e6f601e72f46e835d9bc2a82dccaa449728d22a7ff17772276f54073c66b184de0fa7f681823dcb7603a20aa94b76a9b7adb9f11f447b8764b2d719bea91ea32edbb4d340d18f18b3f53d1d07d0405facb202c30ac1ec145516e071cc71c59cc6205db061a8c19bb2d3ab463f6fea1c6d3b5a69d96e5b67ed569e1c04cff6c9f69ab9343e9a71bf6776d3b84b47de2ecf9a0d45515ef5a3b5c6d55f2c6543ef2bf0eb795219da3026ab06c9ba9bbdc30d5dc7c3782a9f58141a63f8d4683ad5c1d156c92c508cefd9702e9267263e34ff96800c425f768bd204466f4f9badabdfaf35e1a8096150e8afeea3a30586b89d1002f041612f8e81de4dcd268bf538307c4d28d1d2ae1af979f3b02017ebe942cdc8fa7964fe978254eb15fed7478e4200e381409486d37e0205c597b5ec19243ab547da051dee03f18e079af60dcb2095fe86f292a4b4bba8682ed8b220c0b48958882aaa7e93448bfecebfba6ca3ef28e0752080cbc9f752d6da814a9dc5bc552d9fe73b8a1df8eb0158df58810fce8719f11b04c4e157ac8ae3692f825a4569ff859273775c45eb999fff7a47ca461b2fda6edfe8ed8371ed29c4f7499448cfff0bc47ca1d8fc9eb35f79db389781c36e89541b686edc21f088463b2d26fd9b650eaf5ed1cda0f00040000000000009b0c527ba655252f77b77c2f4cc0f7741c52a57629fe511c5f9c17ee44fec35da363f5356343037b2705a393115062719e6bd87bbff2472a7833be6d2270fe5ff4cc9f0439a53adb91fe1520ff4841c120e80c99fcc2d0ee794fa8c91dc9c4227ef9f9ac784ce41abefa69b84acb285e385b74501ea137be765172d90738f201497cb7c992dcc2f17341c9b6a0ef3dcb14350669802e3295b5a133142df7bc5645bbf222d2da033ee4cc4f225f248ad88782945869c29943eb6498c87c2b125fb2d4067118c2b417308a1703fd9f48c48ee2a9c5af44df473e3b99b8a941fc4967060b4960864bc97e4f2bf53e7a5c2ec3d47e7bf8345b56a4df5f84d0523c1b6cf9399110e393474b3ece22c4923f531ff12242d5e2b293846a7ed06e3e7f062cb173431a2b680188fb46d2cb74d4a0d9dae59e2be485aabbb54c26406e6e77de3031e049bd8a49139fa62151716a665fb9f1966cf6c57f4185f7cffbbc43341f3b69a3ae0a4dcfd9b37f0035a69ac552830f0ca56069c8f69162280bced2ec30c6789f32cd38d7f97953f0989b65cf90f01206b20b0111a3d22f3d2f85104b03283f4fd7b80e53f20f1c91d5bf3b67aac25c4300b3191c1f5d7bb0fe112deac0f6acbea3b57c20c5d8f0bad48873a7e7347ead5a4d0b73041c86bdcd3b91d6cbe0ebb5824fb90cb4e74f439505074f236679c4ea4015fbdf0c44b4063b62cdced485cbca0eae2404da7158a974b7dc14c5207107d5424de14a35739f68f3f151c6de20d0ad19d06521baf26ab2cb7ff7e8f83d60a9f554367f99fa5c44910b886e1c9c2418a7a4b33f19fff9af4724c7c8251ffc24cc4464b8804b6704bc0572b23498ec92263d37bdb54490f3316087c5b192a20027ad6cf1a2c3fef8043e2847b8734fa8dc91ce992474796e3f71580841379279f8b10ab8e6766196fb5a9b2ff44cabece6930fb9f32e867047313410c13b11a8a788a29ad93a5b9ae1b960a46fd48fe5cdd7168815c67b267065453547cb60db74f37238b2f7f3c78abc249ffe118a1d3e7eb5cdd326ad0a07a50bd24a6be4b5e56fade7fb7c3b515b4d0b16884c9eee7ef9c82f2ea4d89113e950622cee8e63519a899da3ee83bcd369b01b373934bbed73d8f94e3312e72d82d3fb8b8e65b0f5580cffda633467fc3285023159c3ac7273a46275d874b87254df07ea15d0806f4b8312c4e95235cab31e015a3603906c188233db45dea658dcf694f5097a9e26aba8b58e248210fa5e12fa08cbbe0a01afa9b2c36d38d298dd180ee6e358d45397471bc064e2e8e51da189e98bf41cc30b50b0d937e8cbfc5b138dc66143716b27190689efebcaa5676c9eb370465f77803b219b0ee1f65f343d70b01435f9adc46979b121944e13a02cbdd47a9898b26d6cc5294a9358971bad37a6b01d8b2ee251e50b02acbd560bcd4a212124f308d87eca79d13c77b90510675989ffb70a9d5643df2db6067bd4e0fd21d0a40b84177279587777f763bb9e2fc99186402ff1905eb61b6ea3bef862beb10ede1fbca93f5b426f683bb72099ffc61c99d8a7527fe9167b13d786402864d2b4237fa47426f46b6d5e0911de793f73610b46de4e62b8a67aaed298a9a2d5b5c5b7936f8bcc62a8f9d64d8ff1470a386974b35f382f42ad1fb2c9de214b35aa0afcff7806d7601ab9142a0dade5c7a9e6b0c16027c4d0fc413ba5d16f0d4826b3f469afa6e5ce4a19e21d2a2c2c1e3055706d0ce371dee59a06e534887cf5e300bd118b7c5e8eee2a8fd4bf6ca96df566f49049bd25533c8ae08eb2334ba183529c041f3d9b45139173f3ee8b1b8f8633c9cb7caa735805d56b1e3119a97f3ce86ecd8f21256c0a5a54266cc00927c881ac18fef64f25704b3f01b4885a9c4053aec5bfe5be638563267548cacbad2a95c3c48e6a913bd87ec0c489c236214b650a17d27081ae8def0d27c0d6a25553601875192d11c9e3ef2a3273c1f9b079"})
ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f00000024c0)={{0x3, 0x0, 0x80, {0xd000, 0x1000, 0x2}}, "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001700", "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000"})

2.217538586s ago: executing program 5 (id=4229):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)={0x24, 0x14, 0x119, 0x0, 0x0, {0x28}, [@INET_DIAG_REQ_BYTECODE={0xe, 0xfa, "8d747ea4dc9278634a4e"}]}, 0x24}}, 0x0)

1.970153517s ago: executing program 5 (id=4230):
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = gettid()
r1 = syz_open_procfs(r0, &(0x7f00000001c0)='oom_score_adj\x00')
unshare(0x2c020400)
readlinkat(r1, &(0x7f0000000100)='./mnt\x00', &(0x7f0000000540)=""/72, 0x48)

1.708331602s ago: executing program 5 (id=4231):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f5, &(0x7f00000001c0)={'syztnl0\x00', 0x0})

1.468329581s ago: executing program 0 (id=4232):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x0, 0x0, 0x13}]}}, 0x0, 0x26}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f00000000c0)=0x40, 0x4)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000feffffff00000000000004008500000036000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000010400000850000000600000095"], &(0x7f00000001c0)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
splice(r1, &(0x7f0000000300)=0x3, 0xffffffffffffffff, 0x0, 0x7, 0x2)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c0000000206050000000000000000000700000014000780080008400000009808000640200000000500010006000000050005000200000005000400000000000900020073797a310000000010000300686173683a69702c6d6163"], 0x5c}}, 0x20000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xd, 0x4, 0x4, 0xa8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x0, 0x5}, 0x48)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r6, 0x400455c8, 0x2)
ioctl$TIOCSTI(r6, 0x5412, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'ipvlan1\x00'})

0s ago: executing program 5 (id=4233):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$netlink(0x10, 0x3, 0x4)
r3 = syz_open_procfs(0x0, 0x0)
read$FUSE(r3, &(0x7f0000000980)={0x2020}, 0x2020)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
socket$inet6_sctp(0xa, 0x801, 0x84)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0x5)
r5 = dup(0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(r5, 0x8924, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x14, 0x2, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0x10}}, 0x14}}, 0x0)

kernel console output (not intermixed with test programs):

804] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  624.523345][ T5804] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  624.528164][ T5804] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  624.531076][ T5804] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  624.810152][T14288] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3082'.
[  625.843561][T14302] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3084'.
[  626.564208][T14310] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  626.592074][T13695] Bluetooth: hci1: command tx timeout
[  628.059517][T14337] 9pnet_virtio: no channels available for device syz
[  628.263169][T14340] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3091'.
[  628.673744][T13695] Bluetooth: hci1: command tx timeout
[  629.199192][T14272] chnl_net:caif_netlink_parms(): no params data found
[  629.594414][ T3659] bridge_slave_1: left allmulticast mode
[  629.594446][ T3659] bridge_slave_1: left promiscuous mode
[  629.594719][ T3659] bridge0: port 2(bridge_slave_1) entered disabled state
[  629.736805][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  629.736887][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  629.776174][ T3659] bridge_slave_0: left allmulticast mode
[  629.776207][ T3659] bridge_slave_0: left promiscuous mode
[  629.776464][ T3659] bridge0: port 1(bridge_slave_0) entered disabled state
[  630.752980][T13695] Bluetooth: hci1: command tx timeout
[  631.006666][   T38] kauditd_printk_skb: 31 callbacks suppressed
[  631.006688][   T38] audit: type=1326 audit(2000000001.020:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14393 comm="syz.0.3101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  631.041427][   T38] audit: type=1326 audit(2000000001.060:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14393 comm="syz.0.3101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  631.066639][   T38] audit: type=1326 audit(2000000001.060:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14393 comm="syz.0.3101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  631.066821][   T38] audit: type=1326 audit(2000000001.090:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14393 comm="syz.0.3101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  631.066988][   T38] audit: type=1326 audit(2000000001.090:1794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14393 comm="syz.0.3101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  631.068550][   T38] audit: type=1326 audit(2000000001.090:1795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14393 comm="syz.0.3101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  631.075932][   T38] audit: type=1326 audit(2000000001.100:1796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14393 comm="syz.0.3101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  631.082067][   T38] audit: type=1326 audit(2000000001.100:1797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14393 comm="syz.0.3101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  631.082128][   T38] audit: type=1326 audit(2000000001.100:1798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14393 comm="syz.0.3101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  631.082176][   T38] audit: type=1326 audit(2000000001.100:1799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14393 comm="syz.0.3101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  632.831977][T13695] Bluetooth: hci1: command tx timeout
[  633.014385][T14408] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3105'.
[  633.058901][T14409] random: crng reseeded on system resumption
[  633.076373][T14410] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3105'.
[  634.125569][T14420] 9pnet_virtio: no channels available for device syz
[  636.390170][   T38] kauditd_printk_skb: 13 callbacks suppressed
[  636.390191][   T38] audit: type=1326 audit(2000000002.420:1813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14439 comm="syz.2.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d7d94eec9 code=0x7ffc0000
[  636.390501][   T38] audit: type=1326 audit(2000000002.420:1814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14439 comm="syz.2.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d7d94eec9 code=0x7ffc0000
[  636.395696][   T38] audit: type=1326 audit(2000000002.430:1815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14439 comm="syz.2.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f9d7d94eec9 code=0x7ffc0000
[  636.395759][   T38] audit: type=1326 audit(2000000002.430:1816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14439 comm="syz.2.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d7d94eec9 code=0x7ffc0000
[  636.396452][   T38] audit: type=1326 audit(2000000002.430:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14439 comm="syz.2.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f9d7d94eec9 code=0x7ffc0000
[  636.403944][   T38] audit: type=1326 audit(2000000002.440:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14439 comm="syz.2.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d7d94eec9 code=0x7ffc0000
[  636.405371][   T38] audit: type=1326 audit(2000000002.440:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14439 comm="syz.2.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9d7d94eec9 code=0x7ffc0000
[  636.405432][   T38] audit: type=1326 audit(2000000002.440:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14439 comm="syz.2.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d7d94eec9 code=0x7ffc0000
[  636.405554][   T38] audit: type=1326 audit(2000000002.440:1821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14439 comm="syz.2.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d7d94eec9 code=0x7ffc0000
[  636.406175][   T38] audit: type=1326 audit(2000000002.440:1822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14439 comm="syz.2.3113" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9d7d94eec9 code=0x7ffc0000
[  636.668372][ T3659] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  636.742996][ T3659] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  636.888075][ T3659] bond0 (unregistering): Released all slaves
[  637.152181][T14442] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3114'.
[  637.152214][T14442] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3114'.
[  637.208844][T14454] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3117'.
[  637.452818][T14443] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3114'.
[  637.452850][T14443] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3114'.
[  639.108442][T14467] CIFS mount error: No usable UNC path provided in device string!
[  639.108442][T14467] 
[  639.108517][T14467] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  642.049201][T14272] bridge0: port 1(bridge_slave_0) entered blocking state
[  642.049343][T14272] bridge0: port 1(bridge_slave_0) entered disabled state
[  642.049619][T14272] bridge_slave_0: entered allmulticast mode
[  642.119448][T14272] bridge_slave_0: entered promiscuous mode
[  642.138011][T14272] bridge0: port 2(bridge_slave_1) entered blocking state
[  642.138152][T14272] bridge0: port 2(bridge_slave_1) entered disabled state
[  642.138566][T14272] bridge_slave_1: entered allmulticast mode
[  642.489743][T14272] bridge_slave_1: entered promiscuous mode
[  643.257509][ T3659] hsr_slave_0: left promiscuous mode
[  643.286211][T13695] Bluetooth: Unexpected start frame (len 12)
[  643.324498][ T3659] hsr_slave_1: left promiscuous mode
[  643.325806][ T3659] batman_adv: batadv0: Removing interface: batadv_slave_0
[  643.378975][ T3659] batman_adv: batadv0: Removing interface: batadv_slave_1
[  643.871995][T14513] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3132'.
[  644.166801][T14517] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3133'.
[  644.166852][T14517] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3133'.
[  645.803630][T14534] syz2: rxe_newlink: already configured on ipvlan0
[  646.601216][T14523] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  647.613932][ T5804] Bluetooth: hci5: command 0x0406 tx timeout
[  647.966167][ T3659] team0 (unregistering): Port device team_slave_1 removed
[  648.202661][ T3659] team0 (unregistering): Port device team_slave_0 removed
[  649.894342][T14553] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3143'.
[  651.399605][T14272] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  651.461114][T14272] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  651.939757][T14272] team0: Port device team_slave_0 added
[  651.946536][T14272] team0: Port device team_slave_1 added
[  660.044053][T14272] batman_adv: batadv0: Adding interface: batadv_slave_0
[  660.044067][T14272] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  660.044088][T14272] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  660.045850][T14272] batman_adv: batadv0: Adding interface: batadv_slave_1
[  660.045861][T14272] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  660.045880][T14272] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  660.538246][T14595] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3153'.
[  660.836101][T14594] mac80211_hwsim hwsim25 wlan0: entered promiscuous mode
[  660.850554][T14592] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  661.017489][T14272] hsr_slave_0: entered promiscuous mode
[  661.019004][T14272] hsr_slave_1: entered promiscuous mode
[  661.020041][T14272] debugfs: 'hsr0' already exists in 'hsr'
[  661.020066][T14272] Cannot create hsr debugfs directory
[  661.427791][T14620] netlink: 'syz.1.3161': attribute type 1 has an invalid length.
[  662.057567][ T3659] bridge_slave_1: left allmulticast mode
[  662.057600][ T3659] bridge_slave_1: left promiscuous mode
[  662.057871][ T3659] bridge0: port 2(bridge_slave_1) entered disabled state
[  662.167230][ T3659] bridge_slave_0: left promiscuous mode
[  662.167525][ T3659] bridge0: port 1(bridge_slave_0) entered disabled state
[  662.681124][T14667] 9p: Unknown Cache mode or invalid value fscach
[  663.542236][    C0] vkms_vblank_simulate: vblank timer overrun
[  664.583473][    C0] vkms_vblank_simulate: vblank timer overrun
[  666.300797][    C0] vkms_vblank_simulate: vblank timer overrun
[  666.373175][    C0] vkms_vblank_simulate: vblank timer overrun
[  666.914907][T14687] netlink: 'syz.3.3179': attribute type 1 has an invalid length.
[  667.422648][ T3659] bond1 (unregistering): (slave geneve2): Releasing active interface
[  667.422674][ T3659] geneve2 (unregistering): left promiscuous mode
[  668.882781][ T3659] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  668.942813][ T3659] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  668.964677][ T3659] bond0 (unregistering): Released all slaves
[  669.777049][ T3659] bond1 (unregistering): Released all slaves
[  669.838007][T14666] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  670.071469][ T3659] tipc: Left network mode
[  670.555910][T14709] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3183'.
[  670.555960][T14709] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3183'.
[  671.598448][T14699] syzkaller0: entered promiscuous mode
[  671.598479][T14699] syzkaller0: entered allmulticast mode
[  671.826342][T14719] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3188'.
[  671.826371][T14719] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3188'.
[  672.648231][T14735] netlink: 'syz.1.3193': attribute type 1 has an invalid length.
[  676.142615][T14820] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3217'.
[  676.724771][ T5863] libceph: connect (1)[c::]:6789 error -101
[  676.724996][ T5863] libceph: mon0 (1)[c::]:6789 connect error
[  676.725409][ T5863] libceph: connect (1)[c::]:6789 error -101
[  676.725611][ T5863] libceph: mon0 (1)[c::]:6789 connect error
[  676.909078][ T3659] hsr_slave_0: left promiscuous mode
[  676.949240][ T3659] hsr_slave_1: left promiscuous mode
[  676.982356][ T5863] libceph: connect (1)[c::]:6789 error -101
[  676.982598][ T5863] libceph: mon0 (1)[c::]:6789 connect error
[  677.161543][ T3659] veth1_macvtap: left promiscuous mode
[  677.161661][ T3659] veth0_macvtap: left promiscuous mode
[  677.162280][ T3659] veth1_vlan: left promiscuous mode
[  677.169092][ T3659] veth0_vlan: left promiscuous mode
[  677.492318][ T5863] libceph: connect (1)[c::]:6789 error -101
[  677.492559][ T5863] libceph: mon0 (1)[c::]:6789 connect error
[  677.524986][T14838] ceph: No mds server is up or the cluster is laggy
[  677.629375][T14866] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3225'.
[  677.679724][T14870] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3225'.
[  677.833600][T14873] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3230'.
[  680.362723][ T3659] team0 (unregistering): Port device team_slave_1 removed
[  680.612598][ T3659] team0 (unregistering): Port device team_slave_0 removed
[  684.410592][T14937] CIFS mount error: No usable UNC path provided in device string!
[  684.410592][T14937] 
[  684.410669][T14937] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  685.411536][ T5804] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  685.435579][ T5804] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  685.446928][ T5804] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  685.448827][ T5804] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  685.449760][ T5804] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  685.534002][ T3659] IPVS: stop unused estimator thread 0...
[  687.631961][ T5804] Bluetooth: hci3: command tx timeout
[  687.824498][ T5785] libceph: connect (1)[c::]:6789 error -101
[  687.824732][ T5785] libceph: mon0 (1)[c::]:6789 connect error
[  687.832633][ T5785] libceph: connect (1)[c::]:6789 error -101
[  687.832845][ T5785] libceph: mon0 (1)[c::]:6789 connect error
[  687.904218][T14979] ceph: No mds server is up or the cluster is laggy
[  688.001213][    C0] vkms_vblank_simulate: vblank timer overrun
[  688.076345][T14987] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3255'.
[  688.076374][T14987] netlink: 80 bytes leftover after parsing attributes in process `syz.2.3255'.
[  688.403705][T14990] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3249'.
[  688.466509][T14990] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3249'.
[  688.515162][    C0] vkms_vblank_simulate: vblank timer overrun
[  690.562321][ T5804] Bluetooth: hci3: command tx timeout
[  690.563154][    C0] vkms_vblank_simulate: vblank timer overrun
[  690.600423][    C0] vkms_vblank_simulate: vblank timer overrun
[  691.174722][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  691.174799][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  692.066878][T13605] libceph: connect (1)[c::]:6789 error -101
[  692.067212][T13605] libceph: mon0 (1)[c::]:6789 connect error
[  692.092465][T13605] libceph: connect (1)[c::]:6789 error -101
[  692.092694][T13605] libceph: mon0 (1)[c::]:6789 connect error
[  692.203621][T15034] ceph: No mds server is up or the cluster is laggy
[  692.272358][T14943] chnl_net:caif_netlink_parms(): no params data found
[  692.352342][ T5884] libceph: connect (1)[c::]:6789 error -101
[  692.352650][ T5884] libceph: mon0 (1)[c::]:6789 connect error
[  692.436402][    C0] vkms_vblank_simulate: vblank timer overrun
[  692.642683][ T5804] Bluetooth: hci3: command tx timeout
[  693.466214][    C0] vkms_vblank_simulate: vblank timer overrun
[  693.803095][    C0] vkms_vblank_simulate: vblank timer overrun
[  693.916903][   T13] bridge_slave_1: left allmulticast mode
[  693.916933][   T13] bridge_slave_1: left promiscuous mode
[  693.917193][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  693.969525][    C0] vkms_vblank_simulate: vblank timer overrun
[  694.672254][ T5804] Bluetooth: hci3: command tx timeout
[  694.803960][   T13] bridge_slave_0: left allmulticast mode
[  694.804001][   T13] bridge_slave_0: left promiscuous mode
[  694.804283][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  695.252135][T15078] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3278'.
[  695.252201][T15078] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3278'.
[  696.343442][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  696.443232][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  696.514726][   T13] bond0 (unregistering): Released all slaves
[  696.543315][T15097] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3279'.
[  696.617307][T15105] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3279'.
[  696.702308][    C0] vkms_vblank_simulate: vblank timer overrun
[  696.846993][    C0] vkms_vblank_simulate: vblank timer overrun
[  696.888145][ T5885] libceph: connect (1)[c::]:6789 error -101
[  696.888356][ T5885] libceph: mon0 (1)[c::]:6789 connect error
[  697.012752][T15114] ceph: No mds server is up or the cluster is laggy
[  697.045725][T15121] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3286'.
[  697.045756][T15121] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3286'.
[  697.144695][ T5885] libceph: connect (1)[c::]:6789 error -101
[  697.146826][ T5885] libceph: mon0 (1)[c::]:6789 connect error
[  697.218125][    C0] vkms_vblank_simulate: vblank timer overrun
[  697.806101][    C0] vkms_vblank_simulate: vblank timer overrun
[  697.836993][    C0] vkms_vblank_simulate: vblank timer overrun
[  697.959941][T15130] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3289'.
[  697.960532][T15130] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3289'.
[  698.866630][    C0] vkms_vblank_simulate: vblank timer overrun
[  699.002075][    C0] vkms_vblank_simulate: vblank timer overrun
[  699.175750][T15138] net_ratelimit: 393 callbacks suppressed
[  699.175772][T15138] netlink: zone id is out of range
[  699.175782][T15138] netlink: zone id is out of range
[  699.175791][T15138] netlink: zone id is out of range
[  699.175800][T15138] netlink: zone id is out of range
[  699.175808][T15138] netlink: zone id is out of range
[  699.175818][T15138] netlink: set zone limit has 8 unknown bytes
[  700.461654][   T13] hsr_slave_0: left promiscuous mode
[  700.505027][   T13] hsr_slave_1: left promiscuous mode
[  700.505749][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  700.693075][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  700.749647][T15158] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3297'.
[  700.749679][T15158] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3297'.
[  700.749697][T15158] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3297'.
[  701.205485][T15161] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3298'.
[  701.256696][T15162] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3298'.
[  701.606853][ T5912] libceph: connect (1)[c::]:6789 error -101
[  701.607086][ T5912] libceph: mon0 (1)[c::]:6789 connect error
[  701.695560][T15166] ceph: No mds server is up or the cluster is laggy
[  701.762400][   T13] team0 (unregistering): Port device team_slave_1 removed
[  702.014246][   T13] team0 (unregistering): Port device team_slave_0 removed
[  702.713442][T14943] bridge0: port 1(bridge_slave_0) entered blocking state
[  702.714216][T14943] bridge0: port 1(bridge_slave_0) entered disabled state
[  702.723616][T14943] bridge_slave_0: entered allmulticast mode
[  702.728654][T14943] bridge_slave_0: entered promiscuous mode
[  703.026133][T15193] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3307'.
[  703.026183][T15193] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3307'.
[  703.026198][T15193] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3307'.
[  704.091516][T14943] bridge0: port 2(bridge_slave_1) entered blocking state
[  704.091657][T14943] bridge0: port 2(bridge_slave_1) entered disabled state
[  704.107852][T14943] bridge_slave_1: entered allmulticast mode
[  704.150493][T14943] bridge_slave_1: entered promiscuous mode
[  704.304884][ T5912] libceph: connect (1)[c::]:6789 error -101
[  704.305104][ T5912] libceph: mon0 (1)[c::]:6789 connect error
[  704.306904][ T5912] libceph: connect (1)[c::]:6789 error -101
[  704.307116][ T5912] libceph: mon0 (1)[c::]:6789 connect error
[  704.442734][T15202] ceph: No mds server is up or the cluster is laggy
[  704.538045][T14943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  704.578404][T14943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  705.006871][T14943] team0: Port device team_slave_0 added
[  705.123097][T14943] team0: Port device team_slave_1 added
[  707.700580][T14943] batman_adv: batadv0: Adding interface: batadv_slave_0
[  707.700600][T14943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  707.700631][T14943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  707.779134][T14943] batman_adv: batadv0: Adding interface: batadv_slave_1
[  707.779153][T14943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  707.779185][T14943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  707.842171][T15239] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3317'.
[  707.842200][T15239] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3317'.
[  707.842215][T15239] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3317'.
[  708.110807][T15248] 9pnet_virtio: no channels available for device syz
[  708.135149][ T5785] libceph: connect (1)[c::]:6789 error -101
[  708.135372][ T5785] libceph: mon0 (1)[c::]:6789 connect error
[  708.145650][ T5785] libceph: connect (1)[c::]:6789 error -101
[  708.146080][ T5785] libceph: mon0 (1)[c::]:6789 connect error
[  708.233260][T15247] ceph: No mds server is up or the cluster is laggy
[  708.306624][T14943] hsr_slave_0: entered promiscuous mode
[  708.323709][T14943] hsr_slave_1: entered promiscuous mode
[  708.324818][T14943] debugfs: 'hsr0' already exists in 'hsr'
[  708.324850][T14943] Cannot create hsr debugfs directory
[  708.363191][    C1] vkms_vblank_simulate: vblank timer overrun
[  709.912835][    C1] vkms_vblank_simulate: vblank timer overrun
[  710.078971][    C1] vkms_vblank_simulate: vblank timer overrun
[  710.270837][    C1] vkms_vblank_simulate: vblank timer overrun
[  710.612807][T15280] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3329'.
[  710.612838][T15280] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3329'.
[  710.612856][T15280] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3329'.
[  711.193653][    C1] vkms_vblank_simulate: vblank timer overrun
[  712.723756][T15304] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3334'.
[  716.607286][T15351] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3344'.
[  718.260610][T14943] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  718.529731][T14943] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  718.827459][T14943] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  719.121974][T14943] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  719.279853][T15393] random: crng reseeded on system resumption
[  721.370061][T14943] 8021q: adding VLAN 0 to HW filter on device bond0
[  721.528897][T14943] 8021q: adding VLAN 0 to HW filter on device team0
[  721.563007][ T3515] bridge0: port 1(bridge_slave_0) entered blocking state
[  721.563161][ T3515] bridge0: port 1(bridge_slave_0) entered forwarding state
[  721.600465][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  721.612959][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  723.956464][T14943] 8021q: adding VLAN 0 to HW filter on device batadv0
[  729.025785][T14943] veth0_vlan: entered promiscuous mode
[  729.044929][T14943] veth1_vlan: entered promiscuous mode
[  729.149270][T14943] veth0_macvtap: entered promiscuous mode
[  729.162734][T14943] veth1_macvtap: entered promiscuous mode
[  729.195798][T14943] batman_adv: batadv0: Interface activated: batadv_slave_0
[  729.217288][T14943] batman_adv: batadv0: Interface activated: batadv_slave_1
[  729.237361][T13754] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  729.237611][T13754] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  729.237699][T13754] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  729.237783][T13754] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  730.139436][ T3659] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  730.139460][ T3659] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  730.336693][  T151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  730.336718][  T151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  734.581705][T15535] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  737.226651][T13695] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  737.230894][T13695] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  737.251416][T13695] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  737.263936][T13695] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  738.055933][T13695] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  740.090929][   T59] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  740.112792][ T5804] Bluetooth: hci1: command tx timeout
[  740.392414][T15577] 9p: Unknown Cache mode or invalid value fscach
[  742.566231][   T59] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  742.585234][ T5804] Bluetooth: hci1: command tx timeout
[  742.926299][   T59] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  742.945968][T15601] netlink: zone id is out of range
[  742.945987][T15601] netlink: zone id is out of range
[  742.945997][T15601] netlink: zone id is out of range
[  742.946006][T15601] netlink: zone id is out of range
[  742.946014][T15601] netlink: zone id is out of range
[  742.946023][T15601] netlink: zone id is out of range
[  743.236848][   T59] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  744.158295][   T59] bridge_slave_1: left allmulticast mode
[  744.158336][   T59] bridge_slave_1: left promiscuous mode
[  744.158609][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  745.001904][ T5804] Bluetooth: hci1: command tx timeout
[  746.487936][   T59] bridge_slave_0: left promiscuous mode
[  746.488230][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  746.629165][T15629] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  747.071961][ T5804] Bluetooth: hci1: command tx timeout
[  747.455284][T15643] ubi31: attaching mtd0
[  747.455305][T15643] ubi31 error: ubi_attach_mtd_dev: bad VID header (16384) or data offsets (16448)
[  748.931979][T15662] random: crng reseeded on system resumption
[  749.813502][T15645] 9p: Unknown Cache mode or invalid value fscach
[  750.240689][   T59] bridge0 (unregistering): left allmulticast mode
[  752.192245][    C0] vkms_vblank_simulate: vblank timer overrun
[  752.597331][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  752.597386][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  753.442779][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  753.502891][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  753.524545][   T59] bond0 (unregistering): Released all slaves
[  753.678946][    C0] vkms_vblank_simulate: vblank timer overrun
[  753.700808][T15557] chnl_net:caif_netlink_parms(): no params data found
[  754.027340][   T59] : left promiscuous mode
[  754.368335][    C0] vkms_vblank_simulate: vblank timer overrun
[  755.179459][T15710] 9p: Unknown Cache mode or invalid value fscach
[  755.199230][ T5804] Bluetooth: hci2: unexpected event for opcode 0x1005
[  755.892709][T15557] bridge0: port 1(bridge_slave_0) entered blocking state
[  755.892807][T15557] bridge0: port 1(bridge_slave_0) entered disabled state
[  755.893016][T15557] bridge_slave_0: entered allmulticast mode
[  755.984087][T15557] bridge_slave_0: entered promiscuous mode
[  755.987288][T15557] bridge0: port 2(bridge_slave_1) entered blocking state
[  755.987389][T15557] bridge0: port 2(bridge_slave_1) entered disabled state
[  755.987535][T15557] bridge_slave_1: entered allmulticast mode
[  756.030669][T15557] bridge_slave_1: entered promiscuous mode
[  756.405249][T15726] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  757.369736][    C0] vkms_vblank_simulate: vblank timer overrun
[  757.563323][T15557] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  757.658986][T15557] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  757.684804][    C0] vkms_vblank_simulate: vblank timer overrun
[  758.332801][    C0] vkms_vblank_simulate: vblank timer overrun
[  758.484391][T15768] 9pnet_virtio: no channels available for device syz
[  758.749297][T15771] CIFS mount error: No usable UNC path provided in device string!
[  758.749297][T15771] 
[  758.749323][T15771] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  759.114561][    C0] vkms_vblank_simulate: vblank timer overrun
[  759.521860][    C0] vkms_vblank_simulate: vblank timer overrun
[  760.444981][    C0] vkms_vblank_simulate: vblank timer overrun
[  760.531508][T15557] team0: Port device team_slave_0 added
[  760.549006][T15557] team0: Port device team_slave_1 added
[  761.173369][T15797] CIFS mount error: No usable UNC path provided in device string!
[  761.173369][T15797] 
[  761.173443][T15797] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  761.671628][    C0] vkms_vblank_simulate: vblank timer overrun
[  761.778514][T15782] 9p: Unknown Cache mode or invalid value fscach
[  762.655025][T15801] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3465'.
[  762.655057][T15801] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3465'.
[  762.659867][T15802] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3465'.
[  762.659896][T15802] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3465'.
[  762.862987][T15557] batman_adv: batadv0: Adding interface: batadv_slave_0
[  762.863007][T15557] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  762.863039][T15557] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  762.866940][T15557] batman_adv: batadv0: Adding interface: batadv_slave_1
[  762.866957][T15557] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  762.866986][T15557] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  763.138119][    C0] vkms_vblank_simulate: vblank timer overrun
[  763.359814][    C0] vkms_vblank_simulate: vblank timer overrun
[  763.440988][    C0] vkms_vblank_simulate: vblank timer overrun
[  763.510647][    C0] vkms_vblank_simulate: vblank timer overrun
[  767.094049][T15557] hsr_slave_0: entered promiscuous mode
[  767.118519][T15557] hsr_slave_1: entered promiscuous mode
[  767.138094][T15557] debugfs: 'hsr0' already exists in 'hsr'
[  767.138124][T15557] Cannot create hsr debugfs directory
[  767.510462][    C1] vkms_vblank_simulate: vblank timer overrun
[  767.664679][T15842] CIFS mount error: No usable UNC path provided in device string!
[  767.664679][T15842] 
[  767.664764][T15842] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  767.675705][    C1] vkms_vblank_simulate: vblank timer overrun
[  768.070953][    C1] vkms_vblank_simulate: vblank timer overrun
[  768.336807][    C1] vkms_vblank_simulate: vblank timer overrun
[  768.749129][T15844] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3475'.
[  768.749151][T15844] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3475'.
[  768.909015][T15845] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3475'.
[  768.909047][T15845] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3475'.
[  770.196265][   T59] hsr_slave_0: left promiscuous mode
[  770.251887][   T59] hsr_slave_1: left promiscuous mode
[  770.354777][   T59] veth1_macvtap: left promiscuous mode
[  770.354894][   T59] veth0_macvtap: left promiscuous mode
[  770.355173][   T59] veth1_vlan: left promiscuous mode
[  770.355363][   T59] veth0_vlan: left promiscuous mode
[  770.535746][    C1] vkms_vblank_simulate: vblank timer overrun
[  770.634268][    C1] vkms_vblank_simulate: vblank timer overrun
[  770.877053][    C1] vkms_vblank_simulate: vblank timer overrun
[  770.881417][T15879] binder: 15878:15879 ioctl 4018620d 0 returned -22
[  771.039202][    C1] vkms_vblank_simulate: vblank timer overrun
[  771.066089][T15869] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  771.193685][    C1] vkms_vblank_simulate: vblank timer overrun
[  772.020328][    C1] vkms_vblank_simulate: vblank timer overrun
[  772.124207][    C1] vkms_vblank_simulate: vblank timer overrun
[  772.291600][    C1] vkms_vblank_simulate: vblank timer overrun
[  772.393529][    C1] vkms_vblank_simulate: vblank timer overrun
[  772.892531][   T59] team0 (unregistering): Port device team_slave_1 removed
[  773.142575][   T59] team0 (unregistering): Port device team_slave_0 removed
[  775.575682][T15870] mac80211_hwsim hwsim30 wlan0: entered promiscuous mode
[  775.735576][T15873] workqueue: Failed to create a rescuer kthread for wq "bond4": -EINTR
[  775.758731][T15886] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3490'.
[  775.758777][T15886] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3490'.
[  775.759296][T15889] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3490'.
[  775.759318][T15889] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3490'.
[  776.116227][T15932] binder: 15930:15932 ioctl c0306201 0 returned -14
[  776.679766][ T5804] Bluetooth: hci0: unexpected event for opcode 0x1005
[  777.507294][T15968] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  779.372951][T15959] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  779.764842][ T5804] Bluetooth: Unexpected start frame (len 1)
[  779.772489][ T5882] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  780.227183][ T5882] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  780.227211][ T5882] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  780.227226][ T5882] usb 5-1: Product: syz
[  780.227236][ T5882] usb 5-1: Manufacturer: syz
[  780.227247][ T5882] usb 5-1: SerialNumber: syz
[  780.451660][ T5882] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  780.562418][T15502] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  780.808073][T15973] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3516'.
[  780.808500][T15973] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3516'.
[  780.896136][ T3659] Bluetooth: (null): Invalid header checksum
[  780.896323][ T3659] Bluetooth: (null): Invalid header checksum
[  781.011014][  T151] Bluetooth: (null): Invalid header checksum
[  781.032399][ T3659] Bluetooth: (null): Invalid header checksum
[  781.722061][T15502] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  781.722285][T15502] ath9k_htc: Failed to initialize the device
[  781.845450][T15502] usb 5-1: ath9k_htc: USB layer deinitialized
[  782.006951][   T10] usb 5-1: USB disconnect, device number 2
[  782.086419][T16012] netlink: 'syz.1.3521': attribute type 4 has an invalid length.
[  786.788048][T15557] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  786.934466][T15557] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  787.000325][T15557] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  787.078995][T15557] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  787.098702][ T5804] Bluetooth: Unexpected start frame (len 1)
[  788.154323][T16067] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3532'.
[  788.154352][T16067] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3532'.
[  788.661577][T15557] 8021q: adding VLAN 0 to HW filter on device bond0
[  789.240278][T15557] 8021q: adding VLAN 0 to HW filter on device team0
[  789.256058][T13756] bridge0: port 1(bridge_slave_0) entered blocking state
[  789.256367][T13756] bridge0: port 1(bridge_slave_0) entered forwarding state
[  789.283767][T13756] bridge0: port 2(bridge_slave_1) entered blocking state
[  789.283916][T13756] bridge0: port 2(bridge_slave_1) entered forwarding state
[  789.518426][    C0] vkms_vblank_simulate: vblank timer overrun
[  789.899322][T15557] 8021q: adding VLAN 0 to HW filter on device batadv0
[  789.981345][T15557] veth0_vlan: entered promiscuous mode
[  790.003031][T15557] veth1_vlan: entered promiscuous mode
[  790.092882][T15557] veth0_macvtap: entered promiscuous mode
[  790.110133][T15557] veth1_macvtap: entered promiscuous mode
[  790.884286][ T5882] libceph: connect (1)[c::]:6789 error -101
[  790.884517][ T5882] libceph: mon0 (1)[c::]:6789 connect error
[  790.888122][ T5882] libceph: connect (1)[c::]:6789 error -101
[  790.888344][ T5882] libceph: mon0 (1)[c::]:6789 connect error
[  790.951392][T16089] ceph: No mds server is up or the cluster is laggy
[  791.117683][T15557] batman_adv: batadv0: Interface activated: batadv_slave_0
[  791.143331][ T5785] libceph: connect (1)[c::]:6789 error -101
[  791.143557][ T5785] libceph: mon0 (1)[c::]:6789 connect error
[  791.478883][    C0] vkms_vblank_simulate: vblank timer overrun
[  791.576535][T15557] batman_adv: batadv0: Interface activated: batadv_slave_1
[  791.642751][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  791.643619][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  791.645460][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  791.650945][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  791.716706][ T5785] libceph: connect (1)[c::]:6789 error -101
[  791.716949][ T5785] libceph: mon0 (1)[c::]:6789 connect error
[  792.205193][    C0] vkms_vblank_simulate: vblank timer overrun
[  792.639733][    C0] vkms_vblank_simulate: vblank timer overrun
[  794.706159][    C0] vkms_vblank_simulate: vblank timer overrun
[  795.513756][ T5804] Bluetooth: Unexpected start frame (len 1)
[  795.567652][T15502] libceph: connect (1)[c::]:6789 error -101
[  795.567876][T15502] libceph: mon0 (1)[c::]:6789 connect error
[  795.587395][T16158] ceph: No mds server is up or the cluster is laggy
[  797.293539][T13695] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  797.300706][T13695] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  797.311249][T13695] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  797.314837][T13695] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  797.322261][T13695] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  797.495567][    C0] vkms_vblank_simulate: vblank timer overrun
[  798.785132][   T38] kauditd_printk_skb: 13 callbacks suppressed
[  798.785152][   T38] audit: type=1326 audit(2000000065.900:1836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16167 comm="syz.0.3552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  798.785205][   T38] audit: type=1326 audit(2000000065.900:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16167 comm="syz.0.3552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  798.785246][   T38] audit: type=1326 audit(2000000065.910:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16167 comm="syz.0.3552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  798.785278][   T38] audit: type=1326 audit(2000000065.910:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16167 comm="syz.0.3552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  798.785311][   T38] audit: type=1326 audit(2000000065.910:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16167 comm="syz.0.3552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  798.957571][   T38] audit: type=1326 audit(2000000066.070:1841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16167 comm="syz.0.3552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  798.957636][   T38] audit: type=1326 audit(2000000066.070:1842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16167 comm="syz.0.3552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  798.957684][   T38] audit: type=1326 audit(2000000066.070:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16167 comm="syz.0.3552" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2004cfeec9 code=0x7ffc0000
[  799.395630][T13695] Bluetooth: hci4: command tx timeout
[  801.472051][T13695] Bluetooth: hci4: command tx timeout
[  801.844092][  T977] libceph: connect (1)[c::]:6789 error -101
[  801.844247][  T977] libceph: mon0 (1)[c::]:6789 connect error
[  801.845173][  T977] libceph: connect (1)[c::]:6789 error -101
[  801.845313][  T977] libceph: mon0 (1)[c::]:6789 connect error
[  801.885667][T13695] Bluetooth: Unexpected start frame (len 1)
[  801.899387][T16217] ceph: No mds server is up or the cluster is laggy
[  802.701359][    C1] vkms_vblank_simulate: vblank timer overrun
[  803.020745][T13695] Bluetooth: hci0: unexpected event for opcode 0x1005
[  803.220403][    C1] vkms_vblank_simulate: vblank timer overrun
[  803.568504][T13695] Bluetooth: hci4: command tx timeout
[  803.980494][    C1] vkms_vblank_simulate: vblank timer overrun
[  804.174522][    C1] vkms_vblank_simulate: vblank timer overrun
[  804.463861][    C1] vkms_vblank_simulate: vblank timer overrun
[  804.517665][ T3659] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  804.553158][T16246] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3569'.
[  804.553185][T16246] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3569'.
[  804.715854][T16250] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3570'.
[  804.990854][T13695] Bluetooth: Unexpected start frame (len 1)
[  805.000772][T13695] Bluetooth: hci0: unexpected event for opcode 0x1005
[  805.251007][T16259] ubi31: attaching mtd0
[  805.266816][ T3659] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  805.308573][T16259] ubi31: scanning is finished
[  805.308599][T16259] ubi31: empty MTD device detected
[  805.353299][ T5884] libceph: connect (1)[c::]:6789 error -101
[  805.353536][ T5884] libceph: mon0 (1)[c::]:6789 connect error
[  805.357375][ T5884] libceph: connect (1)[c::]:6789 error -101
[  805.357614][ T5884] libceph: mon0 (1)[c::]:6789 connect error
[  805.612573][ T5884] libceph: connect (1)[c::]:6789 error -101
[  805.612802][ T5884] libceph: mon0 (1)[c::]:6789 connect error
[  805.632141][T13695] Bluetooth: hci4: command tx timeout
[  805.876631][    C1] vkms_vblank_simulate: vblank timer overrun
[  805.916274][ T3659] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  806.598687][    C1] vkms_vblank_simulate: vblank timer overrun
[  806.863257][  T977] libceph: connect (1)[c::]:6789 error -101
[  806.864011][  T977] libceph: mon0 (1)[c::]:6789 connect error
[  806.881702][T16261] ceph: No mds server is up or the cluster is laggy
[  806.941281][T16259] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  806.941309][T16259] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  806.941328][T16259] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  806.941345][T16259] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  806.941363][T16259] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  806.941380][T16259] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  806.941399][T16259] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 859667337
[  806.941421][T16259] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  806.945386][T16271] ubi31: background thread "ubi_bgt31d" started, PID 16271
[  807.224320][    C1] vkms_vblank_simulate: vblank timer overrun
[  808.443558][ T3659] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  808.448550][T16290] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3581'.
[  808.448575][T16290] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3581'.
[  808.881519][T16299] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3582'.
[  809.069556][T16177] chnl_net:caif_netlink_parms(): no params data found
[  810.596286][T13695] Bluetooth: hci3: unexpected event for opcode 0x1005
[  812.021870][    C0] vkms_vblank_simulate: vblank timer overrun
[  812.275974][T16319] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3588'.
[  812.621523][ T5804] Bluetooth: hci3: unexpected event for opcode 0x1005
[  813.944638][T16177] bridge0: port 1(bridge_slave_0) entered blocking state
[  813.944852][T16177] bridge0: port 1(bridge_slave_0) entered disabled state
[  813.945192][T16177] bridge_slave_0: entered allmulticast mode
[  813.973616][T16177] bridge_slave_0: entered promiscuous mode
[  813.983128][T16177] bridge0: port 2(bridge_slave_1) entered blocking state
[  813.983311][T16177] bridge0: port 2(bridge_slave_1) entered disabled state
[  813.983768][T16177] bridge_slave_1: entered allmulticast mode
[  813.990348][T16177] bridge_slave_1: entered promiscuous mode
[  814.037682][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  814.037758][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  815.525334][T16355] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3599'.
[  815.812013][T16362] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3601'.
[  816.925239][T16177] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  816.960393][T16177] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  817.013982][T16375] 9pnet_virtio: no channels available for device syz
[  818.142122][ T3659] bridge_slave_1: left allmulticast mode
[  818.142152][ T3659] bridge_slave_1: left promiscuous mode
[  818.142400][ T3659] bridge0: port 2(bridge_slave_1) entered disabled state
[  818.393841][ T3659] bridge_slave_0: left allmulticast mode
[  818.393873][ T3659] bridge_slave_0: left promiscuous mode
[  818.394149][ T3659] bridge0: port 1(bridge_slave_0) entered disabled state
[  818.568172][T16390] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3612'.
[  818.711936][  T977] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  818.872002][  T977] usb 5-1: Using ep0 maxpacket: 8
[  818.874616][  T977] usb 5-1: config 0 has no interfaces?
[  818.874655][  T977] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  818.874680][  T977] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  818.951109][  T977] usb 5-1: config 0 descriptor??
[  819.410874][T16401] ubi: mtd0 is already attached to ubi31
[  822.571630][ T5884] usb 5-1: USB disconnect, device number 3
[  824.304094][T16419] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3618'.
[  824.304133][T16419] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3618'.
[  825.491935][ T5804] Bluetooth: Unexpected start frame (len 12)
[  825.491990][ T5804] Bluetooth: Frame is too long (len 12, expected len 4)
[  826.638847][T16425] CIFS mount error: No usable UNC path provided in device string!
[  826.638847][T16425] 
[  826.638865][T16425] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  826.984557][T16431] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3622'.
[  827.162633][ T3659] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  827.212819][ T3659] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  827.475085][ T3659] bond0 (unregistering): Released all slaves
[  829.514562][ T5804] Bluetooth: Frame is too long (len 12, expected len 4)
[  830.264361][T16452] CIFS mount error: No usable UNC path provided in device string!
[  830.264361][T16452] 
[  830.264383][T16452] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  830.473064][    C0] vkms_vblank_simulate: vblank timer overrun
[  830.775270][    C0] vkms_vblank_simulate: vblank timer overrun
[  830.959551][    C0] vkms_vblank_simulate: vblank timer overrun
[  831.026931][    C0] vkms_vblank_simulate: vblank timer overrun
[  831.056111][T16177] team0: Port device team_slave_0 added
[  831.197655][    C0] vkms_vblank_simulate: vblank timer overrun
[  831.288697][    C0] vkms_vblank_simulate: vblank timer overrun
[  831.387543][T16177] team0: Port device team_slave_1 added
[  832.020390][T16475] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3636'.
[  832.666084][    C0] vkms_vblank_simulate: vblank timer overrun
[  833.075667][ T5804] Bluetooth: Unexpected start frame (len 12)
[  833.075722][ T5804] Bluetooth: Frame is too long (len 12, expected len 4)
[  833.204735][ T3659] hsr_slave_0: left promiscuous mode
[  833.521891][ T3659] hsr_slave_1: left promiscuous mode
[  833.522962][ T3659] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  833.522990][ T3659] batman_adv: batadv0: Removing interface: batadv_slave_0
[  833.916966][    C0] vkms_vblank_simulate: vblank timer overrun
[  834.092511][    C0] vkms_vblank_simulate: vblank timer overrun
[  834.172407][T16485] CIFS mount error: No usable UNC path provided in device string!
[  834.172407][T16485] 
[  834.172445][T16485] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  834.197342][ T3659] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  834.197375][ T3659] batman_adv: batadv0: Removing interface: batadv_slave_1
[  834.239792][T16490] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3642'.
[  834.239828][T16490] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3642'.
[  834.329363][    C0] vkms_vblank_simulate: vblank timer overrun
[  834.705431][ T3659] veth1_macvtap: left promiscuous mode
[  834.705550][ T3659] veth0_macvtap: left promiscuous mode
[  834.705834][ T3659] veth1_vlan: left promiscuous mode
[  834.706027][ T3659] veth0_vlan: left promiscuous mode
[  835.341602][T16505] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3648'.
[  836.150808][ T5804] Bluetooth: Unexpected start frame (len 12)
[  836.221708][T16511] overlayfs: failed to clone upperpath
[  837.353113][T16518] CIFS mount error: No usable UNC path provided in device string!
[  837.353113][T16518] 
[  837.353139][T16518] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  837.465303][    C1] vkms_vblank_simulate: vblank timer overrun
[  837.505006][    C1] vkms_vblank_simulate: vblank timer overrun
[  837.550583][ T5804] Bluetooth: hci0: unexpected event for opcode 0x1005
[  837.743045][    C1] vkms_vblank_simulate: vblank timer overrun
[  837.907432][T16528] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  837.953321][    C1] vkms_vblank_simulate: vblank timer overrun
[  838.166987][    C1] vkms_vblank_simulate: vblank timer overrun
[  838.520903][    C1] vkms_vblank_simulate: vblank timer overrun
[  839.828841][    C1] vkms_vblank_simulate: vblank timer overrun
[  839.889935][    C1] vkms_vblank_simulate: vblank timer overrun
[  840.057497][    C1] vkms_vblank_simulate: vblank timer overrun
[  840.336136][    C1] vkms_vblank_simulate: vblank timer overrun
[  840.419054][    C1] vkms_vblank_simulate: vblank timer overrun
[  840.622886][    C1] vkms_vblank_simulate: vblank timer overrun
[  840.674250][    C1] vkms_vblank_simulate: vblank timer overrun
[  840.875264][    C1] vkms_vblank_simulate: vblank timer overrun
[  840.943579][ T3659] team0 (unregistering): Port device team_slave_1 removed
[  841.155725][ T3659] team0 (unregistering): Port device team_slave_0 removed
[  841.223718][    C1] vkms_vblank_simulate: vblank timer overrun
[  841.278354][    C1] vkms_vblank_simulate: vblank timer overrun
[  841.357520][    C1] vkms_vblank_simulate: vblank timer overrun
[  841.728956][    C1] vkms_vblank_simulate: vblank timer overrun
[  841.889126][    C1] vkms_vblank_simulate: vblank timer overrun
[  841.970166][    C1] vkms_vblank_simulate: vblank timer overrun
[  843.404055][T16177] batman_adv: batadv0: Adding interface: batadv_slave_0
[  843.404075][T16177] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  843.404112][T16177] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  843.672206][T16531] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3657'.
[  843.766293][T16177] batman_adv: batadv0: Adding interface: batadv_slave_1
[  843.766312][T16177] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  843.766344][T16177] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  844.210963][T16543] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3660'.
[  844.693065][T16546] overlayfs: failed to clone upperpath
[  845.599813][T16559] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3666'.
[  845.599847][T16559] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3666'.
[  846.722491][T16177] hsr_slave_0: entered promiscuous mode
[  846.724109][T16177] hsr_slave_1: entered promiscuous mode
[  846.725114][T16177] debugfs: 'hsr0' already exists in 'hsr'
[  846.725140][T16177] Cannot create hsr debugfs directory
[  847.257408][T16574] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  849.731997][T16597] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3673'.
[  851.239749][T16599] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3674'.
[  851.515449][T16605] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3676'.
[  853.939601][ T5804] Bluetooth: hci0: unexpected event for opcode 0x1005
[  854.274522][T16646] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3683'.
[  855.686502][T16655] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  856.329030][T16628] 9pnet_virtio: no channels available for device syz
[  857.869562][T13695] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  857.888519][T13695] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  857.891374][T13695] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  857.908103][T13695] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  857.909928][T13695] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  860.251820][ T5804] Bluetooth: hci1: command tx timeout
[  861.103756][T16699] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3694'.
[  862.281880][ T5804] Bluetooth: hci1: command tx timeout
[  862.347956][T13695] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  862.364024][T13695] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  862.366240][T13695] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  862.368958][T13695] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  862.372522][T13695] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  862.972057][T13695] Bluetooth: hci2: unexpected event for opcode 0x1005
[  864.525374][T13695] Bluetooth: hci6: command tx timeout
[  865.057643][T13695] Bluetooth: hci1: command tx timeout
[  865.920899][T16755] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3706'.
[  866.959659][T13695] Bluetooth: hci6: command tx timeout
[  867.081133][T13695] Bluetooth: hci1: command tx timeout
[  867.564981][T16763] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  867.603739][T16659] chnl_net:caif_netlink_parms(): no params data found
[  868.798878][ T3515] bridge_slave_1: left allmulticast mode
[  868.798910][ T3515] bridge_slave_1: left promiscuous mode
[  868.799177][ T3515] bridge0: port 2(bridge_slave_1) entered disabled state
[  868.958916][ T3515] bridge_slave_0: left allmulticast mode
[  868.958948][ T3515] bridge_slave_0: left promiscuous mode
[  868.959246][ T3515] bridge0: port 1(bridge_slave_0) entered disabled state
[  868.992277][T13695] Bluetooth: hci6: command tx timeout
[  869.305464][T16792] netlink: 'syz.2.3714': attribute type 1 has an invalid length.
[  869.425052][T16799] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3715'.
[  870.320385][T16555] Set syz1 is full, maxelem 65536 reached
[  871.197732][T13695] Bluetooth: hci6: command tx timeout
[  872.102686][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  872.139471][T16829] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  872.165100][T16828] netlink: 'syz.1.3724': attribute type 1 has an invalid length.
[  872.337333][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  872.601044][T16840] netlink: 52 bytes leftover after parsing attributes in process `syz.0.3726'.
[  873.348442][ T3515] bond0 (unregistering): Released all slaves
[  873.558290][T16846] overlayfs: upper fs does not support file handles, falling back to index=off.
[  874.985398][T16856] netlink: 'syz.1.3735': attribute type 1 has an invalid length.
[  875.481130][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  875.481193][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  876.486320][   T38] audit: type=1326 audit(2000000143.600:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16861 comm="syz.1.3738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd96a2aeec9 code=0x7ffc0000
[  876.486376][   T38] audit: type=1326 audit(2000000143.600:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16861 comm="syz.1.3738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd96a2aeec9 code=0x7ffc0000
[  876.486412][   T38] audit: type=1326 audit(2000000143.600:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16861 comm="syz.1.3738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7fd96a2aeec9 code=0x7ffc0000
[  876.486448][   T38] audit: type=1326 audit(2000000143.610:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16861 comm="syz.1.3738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd96a2aeec9 code=0x7ffc0000
[  876.486484][   T38] audit: type=1326 audit(2000000143.610:1848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16861 comm="syz.1.3738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd96a2aeec9 code=0x7ffc0000
[  876.486520][   T38] audit: type=1326 audit(2000000143.610:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16861 comm="syz.1.3738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fd96a2aeec9 code=0x7ffc0000
[  876.486558][   T38] audit: type=1326 audit(2000000143.610:1850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16861 comm="syz.1.3738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd96a2aeec9 code=0x7ffc0000
[  876.486599][   T38] audit: type=1326 audit(2000000143.610:1851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16861 comm="syz.1.3738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd96a2aeec9 code=0x7ffc0000
[  876.486641][   T38] audit: type=1326 audit(2000000143.610:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16861 comm="syz.1.3738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd96a2ad710 code=0x7ffc0000
[  876.486684][   T38] audit: type=1326 audit(2000000143.610:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16861 comm="syz.1.3738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd96a2aeec9 code=0x7ffc0000
[  876.895586][T16866] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3739'.
[  876.895618][T16866] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3739'.
[  876.930093][T16659] bridge0: port 1(bridge_slave_0) entered blocking state
[  876.930250][T16659] bridge0: port 1(bridge_slave_0) entered disabled state
[  876.930504][T16659] bridge_slave_0: entered allmulticast mode
[  876.973361][T16659] bridge_slave_0: entered promiscuous mode
[  876.999728][T16659] bridge0: port 2(bridge_slave_1) entered blocking state
[  877.005575][T16659] bridge0: port 2(bridge_slave_1) entered disabled state
[  877.005887][T16659] bridge_slave_1: entered allmulticast mode
[  877.043970][T16659] bridge_slave_1: entered promiscuous mode
[  877.429213][T16659] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  877.541884][ T3515] hsr_slave_0: left promiscuous mode
[  877.592474][ T3515] hsr_slave_1: left promiscuous mode
[  877.593562][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0
[  877.616693][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1
[  878.643924][ T3515] team0 (unregistering): Port device team_slave_1 removed
[  878.802801][ T3515] team0 (unregistering): Port device team_slave_0 removed
[  879.349485][T16659] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  880.344530][T16888] netlink: 'syz.1.3746': attribute type 1 has an invalid length.
[  880.596039][T16895] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3750'.
[  880.596067][T16895] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3750'.
[  880.820498][T16659] team0: Port device team_slave_0 added
[  881.100886][T16659] team0: Port device team_slave_1 added
[  881.776802][T16906] 9pnet_virtio: no channels available for device syz
[  882.307636][T16659] batman_adv: batadv0: Adding interface: batadv_slave_0
[  882.307656][T16659] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  882.307686][T16659] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  882.310281][T16659] batman_adv: batadv0: Adding interface: batadv_slave_1
[  882.310295][T16659] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  882.310324][T16659] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  882.430571][T16920] 9pnet_fd: Insufficient options for proto=fd
[  882.958573][T16659] hsr_slave_0: entered promiscuous mode
[  882.959644][T16659] hsr_slave_1: entered promiscuous mode
[  882.977555][T16659] debugfs: 'hsr0' already exists in 'hsr'
[  882.977584][T16659] Cannot create hsr debugfs directory
[  882.992253][T16711] chnl_net:caif_netlink_parms(): no params data found
[  884.059482][T16930] netlink: 'syz.1.3759': attribute type 1 has an invalid length.
[  885.472967][ T3515] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  885.996540][T16936] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3761'.
[  885.996572][T16936] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3761'.
[  886.862147][T16952] 9pnet_virtio: no channels available for device syz
[  887.329928][ T3515] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  887.399167][T16711] bridge0: port 1(bridge_slave_0) entered blocking state
[  887.399318][T16711] bridge0: port 1(bridge_slave_0) entered disabled state
[  887.399534][T16711] bridge_slave_0: entered allmulticast mode
[  887.410107][T16711] bridge_slave_0: entered promiscuous mode
[  887.448067][T16711] bridge0: port 2(bridge_slave_1) entered blocking state
[  887.448206][T16711] bridge0: port 2(bridge_slave_1) entered disabled state
[  887.448456][T16711] bridge_slave_1: entered allmulticast mode
[  887.474025][T16711] bridge_slave_1: entered promiscuous mode
[  887.610244][T16961] netlink: 'syz.2.3769': attribute type 1 has an invalid length.
[  888.533857][ T3515] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  888.640110][T16711] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  888.696893][T16711] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  888.963334][T16971] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3772'.
[  888.963364][T16971] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3772'.
[  889.405942][T16987] netlink: 'syz.0.3778': attribute type 1 has an invalid length.
[  889.426651][ T3515] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  889.576792][T16711] team0: Port device team_slave_0 added
[  889.600361][T16711] team0: Port device team_slave_1 added
[  889.842471][T16990] random: crng reseeded on system resumption
[  890.391336][T16999] 9pnet_virtio: no channels available for device syz
[  892.346185][T16711] batman_adv: batadv0: Adding interface: batadv_slave_0
[  892.346204][T16711] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  892.346235][T16711] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  892.361262][T16711] batman_adv: batadv0: Adding interface: batadv_slave_1
[  892.361281][T16711] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  892.361311][T16711] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  894.081571][T16659] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  894.147553][T16711] hsr_slave_0: entered promiscuous mode
[  894.148650][T16711] hsr_slave_1: entered promiscuous mode
[  894.149397][T16711] debugfs: 'hsr0' already exists in 'hsr'
[  894.149419][T16711] Cannot create hsr debugfs directory
[  894.149601][T17007] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3785'.
[  894.149703][T17007] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3785'.
[  894.212543][T16659] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  894.307868][T16659] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  894.353392][T16659] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  894.800433][ T5882] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  896.403477][ T3515] bridge_slave_1: left allmulticast mode
[  896.403507][ T3515] bridge_slave_1: left promiscuous mode
[  896.403762][ T3515] bridge0: port 2(bridge_slave_1) entered disabled state
[  896.851828][ T5882] usb 1-1: Using ep0 maxpacket: 8
[  896.854676][ T5882] usb 1-1: config 0 has no interfaces?
[  896.854716][ T5882] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  896.854742][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  896.890538][ T5882] usb 1-1: config 0 descriptor??
[  897.044142][ T3515] bridge_slave_0: left allmulticast mode
[  897.044176][ T3515] bridge_slave_0: left promiscuous mode
[  897.044436][ T3515] bridge0: port 1(bridge_slave_0) entered disabled state
[  897.100973][  T977] usb 1-1: USB disconnect, device number 3
[  899.324056][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  899.382454][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  899.424920][ T3515] bond0 (unregistering): Released all slaves
[  899.544655][T17040] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3797'.
[  899.544687][T17040] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3797'.
[  899.727562][T17058] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3802'.
[  899.798345][T17061] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3802'.
[  899.994201][T17072] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3806'.
[  901.467348][    C1] vkms_vblank_simulate: vblank timer overrun
[  901.619118][    C1] vkms_vblank_simulate: vblank timer overrun
[  901.678155][T17077] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3809'.
[  901.678189][T17077] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3809'.
[  902.983387][    C1] vkms_vblank_simulate: vblank timer overrun
[  903.259144][    C1] vkms_vblank_simulate: vblank timer overrun
[  903.777242][    C1] vkms_vblank_simulate: vblank timer overrun
[  904.095037][    C1] vkms_vblank_simulate: vblank timer overrun
[  904.229729][T17108] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3816'.
[  904.281262][T17109] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3816'.
[  905.432393][    C1] vkms_vblank_simulate: vblank timer overrun
[  905.607238][ T3515] hsr_slave_0: left promiscuous mode
[  905.662317][ T3515] hsr_slave_1: left promiscuous mode
[  905.663440][ T3515] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  905.663466][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0
[  905.713337][ T3515] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  905.713367][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1
[  905.951396][ T3515] veth1_macvtap: left promiscuous mode
[  905.951507][ T3515] veth0_macvtap: left promiscuous mode
[  905.957301][ T3515] veth1_vlan: left promiscuous mode
[  905.957534][ T3515] veth0_vlan: left promiscuous mode
[  906.679295][T17147] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3826'.
[  906.740377][T17148] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3826'.
[  906.942416][    C1] vkms_vblank_simulate: vblank timer overrun
[  907.045040][    C1] vkms_vblank_simulate: vblank timer overrun
[  907.322057][    C1] vkms_vblank_simulate: vblank timer overrun
[  908.781368][    C1] vkms_vblank_simulate: vblank timer overrun
[  909.343429][ T3515] team0 (unregistering): Port device team_slave_1 removed
[  909.652904][ T3515] team0 (unregistering): Port device team_slave_0 removed
[  910.161918][    C1] vkms_vblank_simulate: vblank timer overrun
[  910.311206][    C1] vkms_vblank_simulate: vblank timer overrun
[  910.546077][    C1] vkms_vblank_simulate: vblank timer overrun
[  910.593025][    C1] vkms_vblank_simulate: vblank timer overrun
[  912.175868][T17124] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3821'.
[  912.175897][T17124] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3821'.
[  912.313066][T16711] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  912.427870][T16711] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  912.884790][T16711] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  912.937546][T16711] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  913.437608][T16659] 8021q: adding VLAN 0 to HW filter on device bond0
[  913.561264][T16659] 8021q: adding VLAN 0 to HW filter on device team0
[  913.680880][  T151] bridge0: port 1(bridge_slave_0) entered blocking state
[  913.691026][  T151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  913.713552][  T151] bridge0: port 2(bridge_slave_1) entered blocking state
[  913.713659][  T151] bridge0: port 2(bridge_slave_1) entered forwarding state
[  913.958430][T16711] 8021q: adding VLAN 0 to HW filter on device bond0
[  914.154871][T16711] 8021q: adding VLAN 0 to HW filter on device team0
[  914.179947][  T151] bridge0: port 1(bridge_slave_0) entered blocking state
[  914.181077][  T151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  914.215851][  T151] bridge0: port 2(bridge_slave_1) entered blocking state
[  914.216077][  T151] bridge0: port 2(bridge_slave_1) entered forwarding state
[  915.414143][T16659] 8021q: adding VLAN 0 to HW filter on device batadv0
[  915.707453][T16659] veth0_vlan: entered promiscuous mode
[  916.144696][T16711] 8021q: adding VLAN 0 to HW filter on device batadv0
[  917.018305][T17239] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  917.163475][ T5804] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  917.176165][ T5804] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  917.177837][ T5804] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  917.188430][ T5804] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  917.190586][ T5804] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  917.689459][T17260] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3846'.
[  917.748286][T17264] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3846'.
[  917.774365][T17251] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3844'.
[  917.774394][T17251] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3844'.
[  918.191936][ T5804] Bluetooth: hci2: unexpected event for opcode 0x1005
[  919.259944][T17292] netlink: 'syz.2.3854': attribute type 1 has an invalid length.
[  919.303120][T16711] veth0_vlan: entered promiscuous mode
[  919.321856][ T5804] Bluetooth: hci3: command tx timeout
[  919.366807][T17292] 8021q: adding VLAN 0 to HW filter on device bond4
[  919.706381][T17292] bond4: entered promiscuous mode
[  919.923183][T17295] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  920.029519][T16711] veth1_vlan: entered promiscuous mode
[  920.667019][T16711] veth0_macvtap: entered promiscuous mode
[  920.889260][T17313] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3858'.
[  920.890077][T17313] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3858'.
[  920.980112][ T3515] bridge_slave_1: left allmulticast mode
[  920.980146][ T3515] bridge_slave_1: left promiscuous mode
[  920.995719][ T3515] bridge0: port 2(bridge_slave_1) entered disabled state
[  921.125031][ T3515] bridge_slave_0: left allmulticast mode
[  921.125064][ T3515] bridge_slave_0: left promiscuous mode
[  921.125327][ T3515] bridge0: port 1(bridge_slave_0) entered disabled state
[  921.386404][T13695] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  921.390236][T13695] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  921.414104][T13695] Bluetooth: hci3: command tx timeout
[  921.426556][T13695] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  921.449376][T17330] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  921.450182][T17330] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  921.772531][T17338] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  921.975239][    C0] vkms_vblank_simulate: vblank timer overrun
[  922.040563][    C0] vkms_vblank_simulate: vblank timer overrun
[  922.125650][    C0] vkms_vblank_simulate: vblank timer overrun
[  922.217687][    C0] vkms_vblank_simulate: vblank timer overrun
[  922.250861][    C0] vkms_vblank_simulate: vblank timer overrun
[  922.325819][    C0] vkms_vblank_simulate: vblank timer overrun
[  922.659546][    C0] vkms_vblank_simulate: vblank timer overrun
[  922.902756][    C0] vkms_vblank_simulate: vblank timer overrun
[  922.973414][    C0] vkms_vblank_simulate: vblank timer overrun
[  923.050424][    C0] vkms_vblank_simulate: vblank timer overrun
[  923.310921][    C0] vkms_vblank_simulate: vblank timer overrun
[  923.471873][T17330] Bluetooth: hci3: command tx timeout
[  923.583362][ T5804] Bluetooth: hci1: command tx timeout
[  924.728099][    C0] vkms_vblank_simulate: vblank timer overrun
[  924.943956][    C0] vkms_vblank_simulate: vblank timer overrun
[  925.008009][    C0] vkms_vblank_simulate: vblank timer overrun
[  925.363552][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  925.443574][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  925.464736][ T3515] bond0 (unregistering): Released all slaves
[  925.561903][ T5804] Bluetooth: hci3: command tx timeout
[  925.641630][ T5804] Bluetooth: hci1: command tx timeout
[  925.728492][    C0] vkms_vblank_simulate: vblank timer overrun
[  925.796544][    C0] vkms_vblank_simulate: vblank timer overrun
[  925.882320][    C0] vkms_vblank_simulate: vblank timer overrun
[  925.937215][T17244] chnl_net:caif_netlink_parms(): no params data found
[  927.712019][ T5804] Bluetooth: hci1: command tx timeout
[  927.728100][ T3515] hsr_slave_0: left promiscuous mode
[  927.768734][ T3515] hsr_slave_1: left promiscuous mode
[  927.769806][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0
[  927.820354][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1
[  927.939681][ T3515] veth0_vlan: left promiscuous mode
[  928.216266][T17402] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  930.302412][ T5804] Bluetooth: hci1: command tx timeout
[  932.574537][T17443] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3894'.
[  933.528843][T17446] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  933.912687][ T3515] team0 (unregistering): Port device team_slave_1 removed
[  934.008279][    C1] vkms_vblank_simulate: vblank timer overrun
[  934.128574][    C1] vkms_vblank_simulate: vblank timer overrun
[  934.192859][ T3515] team0 (unregistering): Port device team_slave_0 removed
[  934.221448][    C1] vkms_vblank_simulate: vblank timer overrun
[  934.287272][    C1] vkms_vblank_simulate: vblank timer overrun
[  934.355227][    C1] vkms_vblank_simulate: vblank timer overrun
[  934.408817][    C1] vkms_vblank_simulate: vblank timer overrun
[  934.929347][    C1] vkms_vblank_simulate: vblank timer overrun
[  935.288497][    C1] vkms_vblank_simulate: vblank timer overrun
[  935.523522][    C1] vkms_vblank_simulate: vblank timer overrun
[  935.827614][    C1] vkms_vblank_simulate: vblank timer overrun
[  935.975907][    C1] vkms_vblank_simulate: vblank timer overrun
[  936.044370][    C1] vkms_vblank_simulate: vblank timer overrun
[  936.224286][    C1] vkms_vblank_simulate: vblank timer overrun
[  936.306944][    C1] vkms_vblank_simulate: vblank timer overrun
[  936.422142][    C1] vkms_vblank_simulate: vblank timer overrun
[  936.541890][    C1] vkms_vblank_simulate: vblank timer overrun
[  936.624377][    C1] vkms_vblank_simulate: vblank timer overrun
[  936.689275][    C1] vkms_vblank_simulate: vblank timer overrun
[  936.926389][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  936.926466][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  936.977035][    C1] vkms_vblank_simulate: vblank timer overrun
[  936.980674][T17473] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3904'.
[  937.074897][    C1] vkms_vblank_simulate: vblank timer overrun
[  937.750074][T17473] bridge_slave_1: left allmulticast mode
[  937.750106][T17473] bridge_slave_1: left promiscuous mode
[  937.767804][T17473] bridge0: port 2(bridge_slave_1) entered disabled state
[  937.809792][T17476] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  937.853341][T17473] bridge_slave_0: left allmulticast mode
[  937.853372][T17473] bridge_slave_0: left promiscuous mode
[  937.853646][T17473] bridge0: port 1(bridge_slave_0) entered disabled state
[  938.266585][T17482] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3907'.
[  938.266620][T17482] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3907'.
[  938.509334][T17244] bridge0: port 1(bridge_slave_0) entered blocking state
[  938.509637][T17244] bridge0: port 1(bridge_slave_0) entered disabled state
[  938.509874][T17244] bridge_slave_0: entered allmulticast mode
[  938.513834][T17244] bridge_slave_0: entered promiscuous mode
[  938.538481][T17244] bridge0: port 2(bridge_slave_1) entered blocking state
[  938.547402][T17244] bridge0: port 2(bridge_slave_1) entered disabled state
[  938.547699][T17244] bridge_slave_1: entered allmulticast mode
[  938.558469][T17244] bridge_slave_1: entered promiscuous mode
[  938.684440][T17497] netlink: 'syz.1.3912': attribute type 1 has an invalid length.
[  938.752477][  T977] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  938.911993][  T977] usb 1-1: Using ep0 maxpacket: 8
[  938.914040][  T977] usb 1-1: config 0 has no interfaces?
[  938.914077][  T977] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  938.914102][  T977] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  938.951549][  T977] usb 1-1: config 0 descriptor??
[  939.170767][T17490] overlayfs: failed to resolve './file1': -2
[  939.198771][T17497] 8021q: adding VLAN 0 to HW filter on device bond1
[  939.301090][T17499] bond1: entered promiscuous mode
[  939.303656][  T977] usb 1-1: USB disconnect, device number 4
[  939.355852][T17502] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3913'.
[  939.521998][T17244] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  939.538380][T17244] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  939.778980][ T5804] Bluetooth: hci2: unexpected event for opcode 0x1005
[  939.974557][T17244] team0: Port device team_slave_0 added
[  940.046755][T17244] team0: Port device team_slave_1 added
[  940.061440][T17516] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  940.519080][T17244] batman_adv: batadv0: Adding interface: batadv_slave_0
[  940.519098][T17244] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  940.519140][T17244] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  940.533603][T17244] batman_adv: batadv0: Adding interface: batadv_slave_1
[  940.533625][T17244] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  940.533659][T17244] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  940.980915][T17244] hsr_slave_0: entered promiscuous mode
[  940.988467][T17244] hsr_slave_1: entered promiscuous mode
[  940.989564][T17244] debugfs: 'hsr0' already exists in 'hsr'
[  940.989591][T17244] Cannot create hsr debugfs directory
[  942.910535][T17328] chnl_net:caif_netlink_parms(): no params data found
[  943.097358][T17548] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  943.525577][T17559] overlayfs: failed to resolve './file1': -2
[  944.634064][ T5804] Bluetooth: hci5: unexpected event for opcode 0x1005
[  945.138026][T17581] 9p: Unknown Cache mode or invalid value fscach
[  945.424536][T17582] bridge_slave_0: default FDB implementation only supports local addresses
[  945.700054][T17328] bridge0: port 1(bridge_slave_0) entered blocking state
[  945.710970][T17328] bridge0: port 1(bridge_slave_0) entered disabled state
[  945.711233][T17328] bridge_slave_0: entered allmulticast mode
[  945.744119][T17328] bridge_slave_0: entered promiscuous mode
[  945.799261][T17328] bridge0: port 2(bridge_slave_1) entered blocking state
[  945.799449][T17328] bridge0: port 2(bridge_slave_1) entered disabled state
[  945.799668][T17328] bridge_slave_1: entered allmulticast mode
[  945.875933][T17328] bridge_slave_1: entered promiscuous mode
[  946.453363][T17328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  946.556201][T17328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  947.191957][T17603] rdma_rxe: rxe_newlink: failed to add ipvlan0
[  947.823000][T17328] team0: Port device team_slave_0 added
[  947.856506][T17328] team0: Port device team_slave_1 added
[  948.272121][  T977] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  948.421884][  T977] usb 1-1: Using ep0 maxpacket: 8
[  948.424872][  T977] usb 1-1: config 0 has no interfaces?
[  948.424910][  T977] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  948.424935][  T977] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  948.468052][  T977] usb 1-1: config 0 descriptor??
[  948.663287][ T3515] bridge_slave_1: left allmulticast mode
[  948.663317][ T3515] bridge_slave_1: left promiscuous mode
[  948.663600][ T3515] bridge0: port 2(bridge_slave_1) entered disabled state
[  948.674523][T17611] overlayfs: failed to resolve './file0': -2
[  948.720681][T15502] usb 1-1: USB disconnect, device number 5
[  948.763256][ T3515] bridge_slave_0: left allmulticast mode
[  948.763280][ T3515] bridge_slave_0: left promiscuous mode
[  948.763495][ T3515] bridge0: port 1(bridge_slave_0) entered disabled state
[  949.627514][T17626] 9p: Unknown Cache mode or invalid value fscach
[  950.742598][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  950.823804][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  950.845320][ T3515] bond0 (unregistering): Released all slaves
[  950.888264][T17328] batman_adv: batadv0: Adding interface: batadv_slave_0
[  950.888282][T17328] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  950.888304][T17328] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  950.962899][T17328] batman_adv: batadv0: Adding interface: batadv_slave_1
[  950.962919][T17328] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  950.962950][T17328] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  951.356144][T17636] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3943'.
[  951.356171][T17636] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3943'.
[  951.524478][T17328] hsr_slave_0: entered promiscuous mode
[  951.552203][T17328] hsr_slave_1: entered promiscuous mode
[  951.576314][T17328] debugfs: 'hsr0' already exists in 'hsr'
[  951.576549][T17328] Cannot create hsr debugfs directory
[  952.607334][ T3515] hsr_slave_0: left promiscuous mode
[  952.661534][T17647] CIFS mount error: No usable UNC path provided in device string!
[  952.661534][T17647] 
[  952.661561][T17647] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  952.693220][ T3515] hsr_slave_1: left promiscuous mode
[  952.694533][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0
[  952.749912][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1
[  953.066470][ T3515] veth0_macvtap: left promiscuous mode
[  953.066870][ T3515] veth1_vlan: left promiscuous mode
[  953.067064][ T3515] veth0_vlan: left promiscuous mode
[  954.515534][T17668] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3949'.
[  954.582747][T17669] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3949'.
[  956.522584][ T3515] team0 (unregistering): Port device team_slave_1 removed
[  956.608909][T17675] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  956.742593][ T3515] team0 (unregistering): Port device team_slave_0 removed
[  959.425778][T17244] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  959.502398][  T977] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  959.664645][  T977] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  959.664698][  T977] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  959.664720][  T977] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  959.672503][T17693] 9p: Unknown Cache mode or invalid value fscach
[  959.726198][  T977] usb 1-1: config 0 descriptor??
[  959.960307][  T977] usbhid 1-1:0.0: can't add hid device: -71
[  959.960444][  T977] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  959.997142][  T977] usb 1-1: USB disconnect, device number 6
[  960.196141][T17244] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  960.303480][T17244] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  960.389844][T17706] netlink: 'syz.2.3956': attribute type 2 has an invalid length.
[  960.389863][T17706] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3956'.
[  960.390259][T17244] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  960.531836][T13605] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  960.681870][T13605] usb 1-1: Using ep0 maxpacket: 32
[  960.685157][T13605] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  960.685208][T13605] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  960.685232][T13605] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  960.746795][T13605] usb 1-1: config 0 descriptor??
[  960.811381][T13605] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  960.884948][T13605] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  961.341301][T13605] usb 1-1: USB disconnect, device number 7
[  961.355068][T13605] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[  962.195197][T17736] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3961'.
[  962.291069][T17739] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3961'.
[  963.352749][T17244] 8021q: adding VLAN 0 to HW filter on device bond0
[  963.476347][T17244] 8021q: adding VLAN 0 to HW filter on device team0
[  963.547730][T13756] bridge0: port 1(bridge_slave_0) entered blocking state
[  963.559004][T13756] bridge0: port 1(bridge_slave_0) entered forwarding state
[  963.718518][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  963.718668][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  964.281642][T17761] 9p: Unknown Cache mode or invalid value fscach
[  964.685242][T17328] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  964.828298][T17328] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  964.943349][T17328] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  965.266679][T17328] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  966.506476][T17795] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3970'.
[  966.513596][T17795] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3970'.
[  966.567021][T17328] 8021q: adding VLAN 0 to HW filter on device bond0
[  966.838070][T17328] 8021q: adding VLAN 0 to HW filter on device team0
[  966.888710][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  966.889341][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  967.018018][T13754] bridge0: port 2(bridge_slave_1) entered blocking state
[  967.022716][T13754] bridge0: port 2(bridge_slave_1) entered forwarding state
[  967.209314][T17244] 8021q: adding VLAN 0 to HW filter on device batadv0
[  967.665495][T17811] CIFS mount error: No usable UNC path provided in device string!
[  967.665495][T17811] 
[  967.665565][T17811] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  968.245436][T17244] veth0_vlan: entered promiscuous mode
[  968.274861][T17244] veth1_vlan: entered promiscuous mode
[  968.322819][T17244] veth0_macvtap: entered promiscuous mode
[  968.328719][T17244] veth1_macvtap: entered promiscuous mode
[  968.355356][T17244] batman_adv: batadv0: Interface activated: batadv_slave_0
[  968.360830][T17244] batman_adv: batadv0: Interface activated: batadv_slave_1
[  968.621080][T13756] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  968.634402][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  968.635662][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  968.641242][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  969.717769][T17328] 8021q: adding VLAN 0 to HW filter on device batadv0
[  969.791092][ T3515] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  969.791111][ T3515] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  970.137333][ T3605] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  970.137356][ T3605] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  971.138814][T17328] veth0_vlan: entered promiscuous mode
[  971.188275][T17328] veth1_vlan: entered promiscuous mode
[  971.253104][T17328] veth0_macvtap: entered promiscuous mode
[  971.260897][T17328] veth1_macvtap: entered promiscuous mode
[  971.307568][T17328] batman_adv: batadv0: Interface activated: batadv_slave_0
[  971.362294][T17328] batman_adv: batadv0: Interface activated: batadv_slave_1
[  971.390918][   T59] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  971.391170][   T59] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  971.391414][   T59] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  971.435481][   T59] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  971.552045][ T5785] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  971.756904][ T5785] usb 1-1: Using ep0 maxpacket: 8
[  971.759452][ T5785] usb 1-1: config 0 has no interfaces?
[  971.759489][ T5785] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  971.759514][ T5785] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  971.794384][ T5785] usb 1-1: config 0 descriptor??
[  972.166151][  T151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  972.166176][  T151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  972.273740][T17849] overlayfs: failed to resolve './file0': -2
[  972.299810][T13756] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  972.299835][T13756] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  972.988049][T15502] usb 1-1: USB disconnect, device number 8
[  975.411145][T17917] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3991'.
[  983.413447][T17330] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  983.437647][T17330] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  983.611940][T17330] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  983.624802][T17330] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  983.625532][T17330] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  983.920392][T17940] netlink: 'syz.0.3994': attribute type 4 has an invalid length.
[  983.920429][T17940] netlink: 152 bytes leftover after parsing attributes in process `syz.0.3994'.
[  984.007630][T17940] : renamed from bond0 (while UP)
[  984.932970][T17959] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4002'.
[  985.895680][ T5804] Bluetooth: hci4: command tx timeout
[  987.393310][    C1] vkms_vblank_simulate: vblank timer overrun
[  987.653355][    C1] vkms_vblank_simulate: vblank timer overrun
[  987.952151][ T5804] Bluetooth: hci4: command tx timeout
[  988.888699][    C1] vkms_vblank_simulate: vblank timer overrun
[  989.519205][T17932] chnl_net:caif_netlink_parms(): no params data found
[  989.625612][    C1] vkms_vblank_simulate: vblank timer overrun
[  989.835036][T18022] netlink: 'syz.1.4016': attribute type 1 has an invalid length.
[  990.032183][ T5804] Bluetooth: hci4: command tx timeout
[  990.224297][T18022] 8021q: adding VLAN 0 to HW filter on device bond2
[  990.298376][T18029] bond2: entered promiscuous mode
[  990.451509][    C1] vkms_vblank_simulate: vblank timer overrun
[  990.579459][ T3515] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  990.931864][T16145] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  991.091516][T16145] usb 1-1: Using ep0 maxpacket: 8
[  991.101306][T16145] usb 1-1: config 0 has no interfaces?
[  991.101353][T16145] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  991.101377][T16145] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  991.245673][T16145] usb 1-1: config 0 descriptor??
[  991.458551][T18036] overlayfs: failed to resolve './file0': -2
[  991.731946][ T5882] usb 1-1: USB disconnect, device number 9
[  991.769896][T18062] random: crng reseeded on system resumption
[  991.866507][ T3515] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  991.916609][T17932] bridge0: port 1(bridge_slave_0) entered blocking state
[  991.916903][T17932] bridge0: port 1(bridge_slave_0) entered disabled state
[  991.917516][T17932] bridge_slave_0: entered allmulticast mode
[  991.946331][T17932] bridge_slave_0: entered promiscuous mode
[  991.951329][T17932] bridge0: port 2(bridge_slave_1) entered blocking state
[  991.970931][T17932] bridge0: port 2(bridge_slave_1) entered disabled state
[  991.971206][T17932] bridge_slave_1: entered allmulticast mode
[  991.993364][T17932] bridge_slave_1: entered promiscuous mode
[  992.112140][ T5804] Bluetooth: hci4: command tx timeout
[  993.891159][ T3515] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  995.499389][T17932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  996.103211][T17932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  996.603511][T18102] netlink: 'syz.3.4032': attribute type 4 has an invalid length.
[  996.722240][T18103] netlink: 'syz.3.4032': attribute type 4 has an invalid length.
[  996.908287][ T3515] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  997.379941][T17932] team0: Port device team_slave_0 added
[  997.418584][T17932] team0: Port device team_slave_1 added
[  997.535274][T18117] gfs2: path_lookup on € returned error -2
[  997.610310][T18116] binder: 18113:18116 ioctl c00c620f 200000000080 returned -22
[  997.998019][T17932] batman_adv: batadv0: Adding interface: batadv_slave_0
[  997.998040][T17932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  997.998068][T17932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  998.110181][T17932] batman_adv: batadv0: Adding interface: batadv_slave_1
[  998.110201][T17932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  998.110240][T17932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  998.359825][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  998.359898][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  998.648447][T18133] random: crng reseeded on system resumption
[  998.664116][  T977] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  998.841803][  T977] usb 6-1: Using ep0 maxpacket: 8
[  998.845915][  T977] usb 6-1: config 0 has no interfaces?
[  998.845955][  T977] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  998.845979][  T977] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  998.897533][  T977] usb 6-1: config 0 descriptor??
[  999.751643][T18128] overlayfs: failed to resolve './file0': -2
[  999.864119][   T10] usb 6-1: USB disconnect, device number 2
[ 1000.037338][T17932] hsr_slave_0: entered promiscuous mode
[ 1000.042177][T17932] hsr_slave_1: entered promiscuous mode
[ 1000.044812][T17932] debugfs: 'hsr0' already exists in 'hsr'
[ 1000.044839][T17932] Cannot create hsr debugfs directory
[ 1001.383865][T18155] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/nullb0": -EINTR
[ 1002.175582][T18171] random: crng reseeded on system resumption
[ 1003.872083][ T5787] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 1004.764991][ T5787] usb 6-1: Using ep0 maxpacket: 8
[ 1004.785665][ T5787] usb 6-1: config 0 has no interfaces?
[ 1004.785706][ T5787] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1004.785740][ T5787] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1004.966201][ T5787] usb 6-1: config 0 descriptor??
[ 1005.192571][T18192] overlayfs: failed to resolve './file1': -2
[ 1005.256243][ T5787] usb 6-1: USB disconnect, device number 3
[ 1005.592277][ T3515] bond1 (unregistering): (slave geneve2): Releasing active interface
[ 1006.437419][T18215] input: syz1 as /devices/virtual/input/input7
[ 1009.492646][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1009.553700][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1009.584855][ T3515] bond0 (unregistering): Released all slaves
[ 1010.384086][ T3515] bond1 (unregistering): Released all slaves
[ 1011.175152][ T3515] bond2 (unregistering): Released all slaves
[ 1012.002690][ T3515] bond3 (unregistering): Released all slaves
[ 1012.067750][T18260] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4069'.
[ 1012.845227][ T3515] bond4 (unregistering): Released all slaves
[ 1012.927631][T18201] ieee80211 phy48: Failed to add default virtual iface
[ 1013.216027][ T3515] : left promiscuous mode
[ 1013.378269][  T977] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 1013.636670][  T977] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1013.636704][  T977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1013.636726][  T977] usb 4-1: Product: syz
[ 1013.636737][  T977] usb 4-1: Manufacturer: syz
[ 1013.636747][  T977] usb 4-1: SerialNumber: syz
[ 1013.753649][  T977] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1013.817245][ T3515] tipc: Left network mode
[ 1013.826906][ T5912] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1015.109007][ T5912] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[ 1015.109156][ T5912] ath9k_htc: Failed to initialize the device
[ 1015.146172][ T5882] usb 4-1: USB disconnect, device number 2
[ 1015.393438][ T5882] usb 4-1: ath9k_htc: USB layer deinitialized
[ 1015.455848][T18284] netlink: 128 bytes leftover after parsing attributes in process `syz.0.4079'.
[ 1018.379387][ T5804] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201'
[ 1018.379429][ T5804] CPU: 1 UID: 0 PID: 5804 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1018.379457][ T5804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1018.379482][ T5804] Workqueue: hci5 hci_rx_work
[ 1018.379597][ T5804] Call Trace:
[ 1018.379610][ T5804]  <TASK>
[ 1018.379621][ T5804]  dump_stack_lvl+0x189/0x250
[ 1018.379654][ T5804]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1018.379682][ T5804]  ? __pfx__printk+0x10/0x10
[ 1018.379715][ T5804]  ? kernfs_path_from_node+0x2c/0x280
[ 1018.379738][ T5804]  ? kernfs_path_from_node+0x243/0x280
[ 1018.379759][ T5804]  ? kernfs_path_from_node+0x2c/0x280
[ 1018.379786][ T5804]  sysfs_create_dir_ns+0x259/0x280
[ 1018.379809][ T5804]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1018.379887][ T5804]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1018.379915][ T5804]  ? rt_spin_unlock+0x161/0x200
[ 1018.379940][ T5804]  kobject_add_internal+0x5a5/0xb50
[ 1018.380032][ T5804]  kobject_add+0x155/0x220
[ 1018.380070][ T5804]  ? __pfx_kobject_add+0x10/0x10
[ 1018.380111][ T5804]  ? get_device_parent+0x370/0x3a0
[ 1018.380152][ T5804]  device_add+0x408/0xb50
[ 1018.380191][ T5804]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1018.380274][ T5804]  le_conn_complete_evt+0xf39/0x1500
[ 1018.380362][ T5804]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1018.380391][ T5804]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1018.380419][ T5804]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1018.380482][ T5804]  ? skb_pull_data+0xfb/0x200
[ 1018.380548][ T5804]  hci_le_conn_complete_evt+0x187/0x450
[ 1018.380584][ T5804]  hci_event_packet+0x78f/0x1200
[ 1018.380653][ T5804]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1018.380683][ T5804]  ? __pfx_hci_event_packet+0x10/0x10
[ 1018.380732][ T5804]  ? hci_send_to_monitor+0xe2/0x570
[ 1018.380764][ T5804]  hci_rx_work+0x46a/0xe80
[ 1018.380810][ T5804]  ? process_scheduled_works+0x9ef/0x17b0
[ 1018.380841][ T5804]  process_scheduled_works+0xade/0x17b0
[ 1018.380905][ T5804]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1018.380954][ T5804]  worker_thread+0x8a0/0xda0
[ 1018.381017][ T5804]  kthread+0x711/0x8a0
[ 1018.381054][ T5804]  ? __pfx_worker_thread+0x10/0x10
[ 1018.381082][ T5804]  ? __pfx_kthread+0x10/0x10
[ 1018.381111][ T5804]  ? rt_spin_unlock+0x150/0x200
[ 1018.381137][ T5804]  ? rt_spin_unlock+0x161/0x200
[ 1018.381155][ T5804]  ? __pfx_kthread+0x10/0x10
[ 1018.381191][ T5804]  ret_from_fork+0x4b9/0x870
[ 1018.381221][ T5804]  ? __pfx_ret_from_fork+0x10/0x10
[ 1018.381258][ T5804]  ? __switch_to_asm+0x39/0x70
[ 1018.381285][ T5804]  ? __switch_to_asm+0x33/0x70
[ 1018.381312][ T5804]  ? __pfx_kthread+0x10/0x10
[ 1018.381344][ T5804]  ret_from_fork_asm+0x1a/0x30
[ 1018.381394][ T5804]  </TASK>
[ 1018.381428][ T5804] kobject: kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1018.381480][ T5804] Bluetooth: hci5: failed to register connection device
[ 1018.521905][ T5787] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[ 1018.721853][ T5787] usb 4-1: Using ep0 maxpacket: 8
[ 1018.724227][ T5787] usb 4-1: config 0 has no interfaces?
[ 1018.724265][ T5787] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1018.724289][ T5787] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1018.745284][ T5787] usb 4-1: config 0 descriptor??
[ 1018.980304][T18324] overlayfs: failed to resolve './file1': -2
[ 1019.026650][ T5787] usb 4-1: USB disconnect, device number 3
[ 1020.731848][ T5912] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 1021.367222][ T5912] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1021.367245][ T5912] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1021.367265][ T5912] usb 4-1: Product: syz
[ 1021.367276][ T5912] usb 4-1: Manufacturer: syz
[ 1021.367287][ T5912] usb 4-1: SerialNumber: syz
[ 1021.430043][ T5912] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1021.623850][ T5863] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1022.236037][ T5882] usb 4-1: USB disconnect, device number 4
[ 1022.512016][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1023.181780][ T5863] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[ 1023.182024][ T5863] ath9k_htc: Failed to initialize the device
[ 1023.260697][ T5882] usb 4-1: ath9k_htc: USB layer deinitialized
[ 1023.343160][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1023.658688][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1023.972633][T17932] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1024.094930][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1024.095538][T17932] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1024.139814][T17932] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1024.294691][T17932] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1024.325783][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1025.093467][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1025.234054][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1025.854610][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1026.085757][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1026.293198][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1026.797539][T17932] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1026.915078][T17932] 8021q: adding VLAN 0 to HW filter on device team0
[ 1027.040529][  T151] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1027.040704][  T151] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1027.075027][  T151] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1027.080880][  T151] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1027.296996][T18424] 9pnet_virtio: no channels available for device syz
[ 1027.941590][ T3515] hsr_slave_0: left promiscuous mode
[ 1027.996283][ T3515] hsr_slave_1: left promiscuous mode
[ 1028.024594][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1028.059782][T17330] block nbd3: Receive control failed (result -32)
[ 1028.333634][T18280] block nbd3: shutting down sockets
[ 1033.751773][ T5882] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1033.961484][ T5882] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1033.961516][ T5882] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1033.961537][ T5882] usb 6-1: Product: syz
[ 1033.961552][ T5882] usb 6-1: Manufacturer: syz
[ 1033.961567][ T5882] usb 6-1: SerialNumber: syz
[ 1034.018433][ T5882] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1034.294966][ T5785] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1035.259829][T18463] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4121'.
[ 1035.259868][T18463] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4121'.
[ 1035.391888][ T5785] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[ 1035.392398][ T5785] ath9k_htc: Failed to initialize the device
[ 1035.442971][ T5785] usb 6-1: ath9k_htc: USB layer deinitialized
[ 1036.523802][ T3515] team0 (unregistering): Port device team_slave_1 removed
[ 1036.630246][ T5804] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1036.644528][ T5804] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1036.646919][ T5804] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1036.649246][ T5804] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1036.650327][ T5804] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1037.155811][ T3515] team0 (unregistering): Port device team_slave_0 removed
[ 1038.098403][   T10] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 1038.251829][   T10] usb 4-1: Using ep0 maxpacket: 16
[ 1038.260520][   T10] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=29.00
[ 1038.260551][   T10] usb 4-1: New USB device strings: Mfr=84, Product=2, SerialNumber=3
[ 1038.260574][   T10] usb 4-1: Product: syz
[ 1038.260589][   T10] usb 4-1: Manufacturer: syz
[ 1038.260604][   T10] usb 4-1: SerialNumber: syz
[ 1038.270305][   T10] usb 4-1: config 0 descriptor??
[ 1038.355459][   T10] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[ 1038.359880][   T10] usb 4-1: Detected FT4233HP
[ 1038.553378][   T10] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1038.556394][   T10] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1038.683270][   T10] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1038.741836][   T10] usb 4-1: USB disconnect, device number 5
[ 1038.785901][   T10] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1038.786894][   T10] ftdi_sio 4-1:0.0: device disconnected
[ 1039.179755][T17330] Bluetooth: hci2: command tx timeout
[ 1041.291869][ T5804] Bluetooth: hci2: command tx timeout
[ 1041.464437][ T5804] Bluetooth: hci3: command 0x0406 tx timeout
[ 1042.053273][T18430] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[ 1042.220715][   T10] usb 6-1: USB disconnect, device number 4
[ 1043.311979][T17330] Bluetooth: hci2: command tx timeout
[ 1045.391875][ T5804] Bluetooth: hci2: command tx timeout
[ 1046.171867][ T5785] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 1046.180566][T18542] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1046.402503][ T5785] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1046.402536][ T5785] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1046.402558][ T5785] usb 1-1: Product: syz
[ 1046.402573][ T5785] usb 1-1: Manufacturer: syz
[ 1046.402588][ T5785] usb 1-1: SerialNumber: syz
[ 1046.495764][ T3515] IPVS: stop unused estimator thread 0...
[ 1046.507474][ T5785] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1046.545421][ T5882] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1046.593366][ T5804] Bluetooth: hci1: command 0x0406 tx timeout
[ 1046.808064][T18550] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4143'.
[ 1046.808105][T18550] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4143'.
[ 1046.894818][T18566] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4145'.
[ 1047.001482][T18564] vlan2: entered promiscuous mode
[ 1047.001589][T18564] hsr_slave_1: entered promiscuous mode
[ 1047.002254][T18564] vlan2: entered allmulticast mode
[ 1047.002272][T18564] hsr_slave_1: entered allmulticast mode
[ 1048.344581][ T5882] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[ 1048.344756][ T5882] ath9k_htc: Failed to initialize the device
[ 1048.371754][ T5787] usb 1-1: USB disconnect, device number 10
[ 1048.410150][ T5787] usb 1-1: ath9k_htc: USB layer deinitialized
[ 1049.729974][T18571] tipc: Started in network mode
[ 1049.729997][T18571] tipc: Node identity 4, cluster identity 4711
[ 1049.730110][T18571] tipc: Node number set to 4
[ 1053.057739][T18593] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4152'.
[ 1053.057777][T18593] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4152'.
[ 1056.123353][T18472] chnl_net:caif_netlink_parms(): no params data found
[ 1060.362233][T18632] CIFS mount error: No usable UNC path provided in device string!
[ 1060.362233][T18632] 
[ 1060.362257][T18632] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1061.461223][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[ 1061.461300][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[ 1065.022343][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1065.458677][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1065.899851][T18665] overlayfs: failed to clone upperpath
[ 1065.931134][T18472] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1065.931227][T18472] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1065.931424][T18472] bridge_slave_0: entered allmulticast mode
[ 1066.052454][T18472] bridge_slave_0: entered promiscuous mode
[ 1066.188281][T18472] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1066.188749][T18472] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1066.188950][T18472] bridge_slave_1: entered allmulticast mode
[ 1066.215233][T18472] bridge_slave_1: entered promiscuous mode
[ 1066.592067][ T5863] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[ 1067.462463][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1067.701962][ T5863] usb 4-1: Using ep0 maxpacket: 32
[ 1067.721157][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1067.775718][ T5863] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 1067.775742][ T5863] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1067.775757][ T5863] usb 4-1: Product: syz
[ 1067.775768][ T5863] usb 4-1: Manufacturer: syz
[ 1067.775778][ T5863] usb 4-1: SerialNumber: syz
[ 1067.835481][ T5863] usb 4-1: config 0 descriptor??
[ 1068.119055][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1068.375700][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1068.802552][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1069.931982][ T5863] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 1070.471984][ T5863] gspca_stk1135: reg_w 0x2 err -71
[ 1070.473157][ T5863] gspca_stk1135: serial bus timeout: status=0x00
[ 1070.473168][ T5863] gspca_stk1135: Sensor write failed
[ 1070.473200][ T5863] gspca_stk1135: serial bus timeout: status=0x00
[ 1070.473212][ T5863] gspca_stk1135: Sensor write failed
[ 1070.473245][ T5863] gspca_stk1135: serial bus timeout: status=0x00
[ 1070.473256][ T5863] gspca_stk1135: Sensor read failed
[ 1070.473291][ T5863] gspca_stk1135: serial bus timeout: status=0x00
[ 1070.473301][ T5863] gspca_stk1135: Sensor read failed
[ 1070.473309][ T5863] gspca_stk1135: Detected sensor type unknown (0x0)
[ 1070.473372][ T5863] gspca_stk1135: serial bus timeout: status=0x00
[ 1070.473383][ T5863] gspca_stk1135: Sensor read failed
[ 1070.473425][ T5863] gspca_stk1135: serial bus timeout: status=0x00
[ 1070.473435][ T5863] gspca_stk1135: Sensor read failed
[ 1070.473472][ T5863] gspca_stk1135: serial bus timeout: status=0x00
[ 1070.473481][ T5863] gspca_stk1135: Sensor write failed
[ 1070.473517][ T5863] gspca_stk1135: serial bus timeout: status=0x00
[ 1070.473527][ T5863] gspca_stk1135: Sensor write failed
[ 1070.473630][ T5863] stk1135 4-1:0.0: probe with driver stk1135 failed with error -71
[ 1070.769725][ T5863] usb 4-1: USB disconnect, device number 6
[ 1071.017777][T18472] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1071.140851][T18472] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1072.972958][ T3515] bridge_slave_1: left allmulticast mode
[ 1072.972989][ T3515] bridge_slave_1: left promiscuous mode
[ 1072.973245][ T3515] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1073.213345][ T3515] bridge_slave_0: left allmulticast mode
[ 1073.213377][ T3515] bridge_slave_0: left promiscuous mode
[ 1073.213684][ T3515] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1074.228373][T18697] 9p: Unknown Cache mode or invalid value fscach
[ 1080.494881][T18731] CIFS mount error: No usable UNC path provided in device string!
[ 1080.494881][T18731] 
[ 1080.494903][T18731] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1081.526321][ T3515] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1081.604633][ T3515] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1081.652818][ T3515] bond0 (unregistering): Released all slaves
[ 1081.727795][T18472] team0: Port device team_slave_0 added
[ 1081.774127][T18472] team0: Port device team_slave_1 added
[ 1082.576707][T18472] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1082.576727][T18472] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1082.576757][T18472] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1082.626108][T18472] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1082.626129][T18472] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1082.626159][T18472] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1083.702003][ T3515] hsr_slave_0: left promiscuous mode
[ 1083.742198][ T3515] hsr_slave_1: left promiscuous mode
[ 1083.743336][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1083.782508][ T3515] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1085.444322][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1085.751752][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1085.860865][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1085.935463][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1086.021579][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1086.080987][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1086.117179][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1086.152854][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1086.257458][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1086.643472][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1087.016086][T18779] CIFS mount error: No usable UNC path provided in device string!
[ 1087.016086][T18779] 
[ 1087.016111][T18779] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1088.000793][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1088.092647][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1088.190393][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1088.753942][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1088.857576][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1089.524052][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1089.820301][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1090.081127][T18633] Bluetooth: (null): Invalid header checksum
[ 1090.097292][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1090.405556][ T3515] team0 (unregistering): Port device team_slave_1 removed
[ 1090.434786][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1091.096593][ T3515] team0 (unregistering): Port device team_slave_0 removed
[ 1091.152760][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1091.441794][T15502] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1091.454875][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1091.626300][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1092.435736][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1092.562155][T15502] usb 6-1: device descriptor read/64, error -71
[ 1093.331877][T15502] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1093.461855][T15502] usb 6-1: device descriptor read/64, error -71
[ 1093.594317][T15502] usb usb6-port1: attempt power cycle
[ 1093.972363][T15502] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1093.992732][T15502] usb 6-1: device descriptor read/8, error -71
[ 1095.985874][ T5804] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1095.989359][ T5804] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1096.012160][ T5804] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1096.016506][ T5804] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1096.018504][ T5804] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1098.115393][T17330] Bluetooth: hci3: command tx timeout
[ 1098.700221][T18472] hsr_slave_0: entered promiscuous mode
[ 1098.701320][T18472] hsr_slave_1: entered promiscuous mode
[ 1098.702189][T18472] debugfs: 'hsr0' already exists in 'hsr'
[ 1098.702210][T18472] Cannot create hsr debugfs directory
[ 1100.240342][T17330] Bluetooth: hci3: command tx timeout
[ 1102.273948][ T5804] Bluetooth: hci3: command tx timeout
[ 1102.960346][T18633] Bluetooth: (null): Invalid header checksum
[ 1103.079288][T18633] Bluetooth: (null): Invalid header checksum
[ 1103.242675][T18633] Bluetooth: (null): Invalid header checksum
[ 1103.974430][T17330]  1024-page vmalloc region starting at 0xffffc9000e104000 allocated at kcov_ioctl+0x58/0x650
[ 1103.974494][T17330] list_del corruption. next->prev should be ffffc9001a01f000, but was 0000000000000000. (next=ffffc9000e104000)
[ 1103.975144][T17330] ------------[ cut here ]------------
[ 1103.975154][T17330] kernel BUG at lib/list_debug.c:67!
[ 1103.975205][T17330] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[ 1103.975231][T17330] CPU: 0 UID: 0 PID: 17330 Comm: kworker/u9:2 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1103.975256][T17330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1103.975270][T17330] Workqueue: hci2 hci_rx_work
[ 1103.975307][T17330] RIP: 0010:__list_del_entry_valid_or_report+0x18a/0x190
[ 1103.975343][T17330] Code: 5c c0 76 fd 43 80 3c 2c 00 74 08 4c 89 ff e8 4d be 96 fd 49 8b 56 08 48 c7 c7 80 53 3f 8b 48 89 de 4c 89 f1 e8 b7 fc 9d fc 90 <0f> 0b cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1103.975362][T17330] RSP: 0018:ffffc90004baf958 EFLAGS: 00010246
[ 1103.975380][T17330] RAX: 000000000000006d RBX: ffffc9001a01f000 RCX: c789c397ff346200
[ 1103.975396][T17330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1103.975409][T17330] RBP: 0000000000100000 R08: 0000000000000000 R09: 0000000000000000
[ 1103.975422][T17330] R10: dffffc0000000000 R11: ffffed101710487b R12: 1ffff92001c20801
[ 1103.975445][T17330] R13: dffffc0000000000 R14: ffffc9000e104000 R15: ffffc9000e104008
[ 1103.975461][T17330] FS:  0000000000000000(0000) GS:ffff888126bcb000(0000) knlGS:0000000000000000
[ 1103.975479][T17330] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1103.975494][T17330] CR2: 00007fdc06406d00 CR3: 0000000079de0000 CR4: 00000000003526f0
[ 1103.975512][T17330] Call Trace:
[ 1103.975520][T17330]  <TASK>
[ 1103.975532][T17330]  kcov_remote_start+0x2b0/0x6f0
[ 1103.975564][T17330]  hci_rx_work+0x130/0xe80
[ 1103.975601][T17330]  ? process_scheduled_works+0x9ef/0x17b0
[ 1103.975628][T17330]  process_scheduled_works+0xade/0x17b0
[ 1103.975670][T17330]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1103.975706][T17330]  worker_thread+0x8a0/0xda0
[ 1103.975735][T17330]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1103.975767][T17330]  ? __kthread_parkme+0x7b/0x200
[ 1103.975800][T17330]  kthread+0x711/0x8a0
[ 1103.975833][T17330]  ? __pfx_worker_thread+0x10/0x10
[ 1103.975860][T17330]  ? __pfx_kthread+0x10/0x10
[ 1103.975889][T17330]  ? rt_spin_unlock+0x150/0x200
[ 1103.975911][T17330]  ? rt_spin_unlock+0x161/0x200
[ 1103.975929][T17330]  ? __pfx_kthread+0x10/0x10
[ 1103.975960][T17330]  ret_from_fork+0x4b9/0x870
[ 1103.975987][T17330]  ? __pfx_ret_from_fork+0x10/0x10
[ 1103.976016][T17330]  ? __switch_to_asm+0x39/0x70
[ 1103.976044][T17330]  ? __switch_to_asm+0x33/0x70
[ 1103.976071][T17330]  ? __pfx_kthread+0x10/0x10
[ 1103.976103][T17330]  ret_from_fork_asm+0x1a/0x30
[ 1103.976141][T17330]  </TASK>
[ 1103.976154][T17330] Modules linked in:
[ 1103.976174][T17330] ---[ end trace 0000000000000000 ]---
[ 1103.976188][T17330] RIP: 0010:__list_del_entry_valid_or_report+0x18a/0x190
[ 1103.976218][T17330] Code: 5c c0 76 fd 43 80 3c 2c 00 74 08 4c 89 ff e8 4d be 96 fd 49 8b 56 08 48 c7 c7 80 53 3f 8b 48 89 de 4c 89 f1 e8 b7 fc 9d fc 90 <0f> 0b cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1103.976232][T17330] RSP: 0018:ffffc90004baf958 EFLAGS: 00010246
[ 1103.976247][T17330] RAX: 000000000000006d RBX: ffffc9001a01f000 RCX: c789c397ff346200
[ 1103.976260][T17330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1103.976270][T17330] RBP: 0000000000100000 R08: 0000000000000000 R09: 0000000000000000
[ 1103.976283][T17330] R10: dffffc0000000000 R11: ffffed101710487b R12: 1ffff92001c20801
[ 1103.976299][T17330] R13: dffffc0000000000 R14: ffffc9000e104000 R15: ffffc9000e104008
[ 1103.976316][T17330] FS:  0000000000000000(0000) GS:ffff888126bcb000(0000) knlGS:0000000000000000
[ 1103.976334][T17330] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1103.976350][T17330] CR2: 00007fdc06406d00 CR3: 0000000079de0000 CR4: 00000000003526f0
[ 1103.976377][T17330] Kernel panic - not syncing: Fatal exception
[ 1103.976744][T17330] Kernel Offset: disabled